mournful_settings 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +52 -9
- data/lib/mournful_settings/setting.rb +7 -0
- data/lib/mournful_settings/version.rb +5 -1
- data/test/dummy/db/test.sqlite3.db +0 -0
- data/test/dummy/test/setting_test.rb +32 -1
- metadata +1 -1
data/README.rdoc
CHANGED
@@ -50,22 +50,28 @@ To use a stored setting, use the 'for' class method:
|
|
50
50
|
|
51
51
|
== Encryption
|
52
52
|
|
53
|
-
By default mournful settings
|
54
|
-
|
53
|
+
By default mournful settings are encrypted. You can choose not to encrypt a
|
54
|
+
setting, by setting :encrypted => false.
|
55
55
|
|
56
|
-
|
56
|
+
Setting.create(
|
57
|
+
:name => 'pi',
|
58
|
+
:value => '3.14159',
|
59
|
+
:value_type => 'number',
|
60
|
+
:encrypted => false
|
61
|
+
)
|
57
62
|
|
58
|
-
|
59
|
-
an initializer, like this:
|
63
|
+
Out of the box, encryption uses a blowfish cipher, and a generic key string.
|
60
64
|
|
61
|
-
|
65
|
+
=== Set key and cipher
|
62
66
|
|
63
|
-
|
67
|
+
If you wish to use your own encryption key, you can define the key like this:
|
64
68
|
|
65
|
-
|
69
|
+
MournfulSettings::Setting::Cipher.key = 'your key'
|
70
|
+
|
71
|
+
Mournful settings uses Ruby's OpenSSL::Cipher. If you wish to change
|
66
72
|
the cipher from blowfish, you can alter it like this:
|
67
73
|
|
68
|
-
Setting::Cipher.config = 'aes-128-cbc'
|
74
|
+
MournfulSettings::Setting::Cipher.config = 'aes-128-cbc'
|
69
75
|
|
70
76
|
To see a list of the available options use:
|
71
77
|
|
@@ -73,6 +79,43 @@ To see a list of the available options use:
|
|
73
79
|
|
74
80
|
See: http://ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/Cipher.html
|
75
81
|
|
82
|
+
=== Where to set the cipher within your app
|
83
|
+
|
84
|
+
If you use a setting in an initializer you need to ensure that your cipher
|
85
|
+
configuration is set before the setting is used. This means you either need
|
86
|
+
to order your initializers putting your mournful_settings initializer first or
|
87
|
+
define the cipher settings in a before_initialize block defined in
|
88
|
+
config/application:
|
89
|
+
|
90
|
+
module YourRailsApp
|
91
|
+
class Application < Rails::Application
|
92
|
+
|
93
|
+
.....
|
94
|
+
|
95
|
+
config.before_initialize do
|
96
|
+
MournfulSettings::Setting::Cipher.key = 'your key'
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
101
|
+
See: http://guides.rubyonrails.org/configuring.html#initialization-events
|
102
|
+
|
103
|
+
=== Changing key and/or cipher
|
104
|
+
|
105
|
+
If you change the cipher configuration, existing encrypted settings will break.
|
106
|
+
Therefore, to make the change after you have started using encrypted settings,
|
107
|
+
you must decrypt your settings, make the change and then re-encrypt the settings
|
108
|
+
again. To ease this task, use the Setting.recrypt_all method:
|
109
|
+
|
110
|
+
Setting.recrypt_all { Setting::Cipher.key = 'your key' }
|
111
|
+
|
112
|
+
So the process would be:
|
113
|
+
|
114
|
+
- Stop the server
|
115
|
+
- Run the recrypt task
|
116
|
+
- Add/Update the configuration code in the app
|
117
|
+
- Start the server
|
118
|
+
|
76
119
|
== Integration with ActiveAdmin
|
77
120
|
|
78
121
|
Mournful settings contains a ActiveAdmin register file, that allow settings to
|
@@ -38,6 +38,13 @@ module MournfulSettings
|
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
|
+
def self.recrypt_all &do_while_unencrypted
|
42
|
+
encrypted = where(:encrypted => true)
|
43
|
+
encrypted.each {|s| s.encrypted = false; s.save}
|
44
|
+
do_while_unencrypted.call if do_while_unencrypted
|
45
|
+
encrypted.each {|s| s.encrypted = true; s.save}
|
46
|
+
end
|
47
|
+
|
41
48
|
private
|
42
49
|
def encrypt(text)
|
43
50
|
add_separators Base64.encode64 Cipher.encrypt text.to_s
|
@@ -1,10 +1,14 @@
|
|
1
1
|
module MournfulSettings
|
2
|
-
VERSION = "0.0.
|
2
|
+
VERSION = "0.0.4"
|
3
3
|
end
|
4
4
|
|
5
5
|
# History
|
6
6
|
# =======
|
7
7
|
#
|
8
|
+
# 0.0.4: Changing cipher configuration
|
9
|
+
# ------------------------------------
|
10
|
+
# Adds facility to allow cipher to be changed with existing live data
|
11
|
+
#
|
8
12
|
# 0.0.3: Encrypted by default
|
9
13
|
# ---------------------------
|
10
14
|
# Modifies model and active admin registration file to make encrypting settings
|
Binary file
|
@@ -29,7 +29,7 @@ class SettingTest < Test::Unit::TestCase
|
|
29
29
|
end
|
30
30
|
|
31
31
|
def test_encrypted_value
|
32
|
-
assert_kind_of(String, encrypted_setting.value)
|
32
|
+
assert_kind_of(String, encrypted_setting.reload.value)
|
33
33
|
assert_equal(@value, encrypted_setting.value)
|
34
34
|
end
|
35
35
|
|
@@ -92,6 +92,37 @@ class SettingTest < Test::Unit::TestCase
|
|
92
92
|
end
|
93
93
|
end
|
94
94
|
|
95
|
+
def test_changing_cipher
|
96
|
+
cipher = 'bf-cbc'
|
97
|
+
assert_not_equal(cipher, Setting::Cipher.config)
|
98
|
+
test_encrypted_value
|
99
|
+
Setting::Cipher.config = cipher
|
100
|
+
assert_equal(cipher, Setting::Cipher.config)
|
101
|
+
assert_raise OpenSSL::Cipher::CipherError do
|
102
|
+
test_encrypted_value
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
def test_changing_key
|
107
|
+
key = 'Some new key'
|
108
|
+
assert_not_equal(key, Setting::Cipher.key)
|
109
|
+
test_encrypted_value
|
110
|
+
Setting::Cipher.key = key
|
111
|
+
assert_equal(key, Setting::Cipher.key)
|
112
|
+
assert_raise OpenSSL::Cipher::CipherError do
|
113
|
+
test_encrypted_value
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
def test_recrypt_all
|
118
|
+
key = 'Some new key'
|
119
|
+
assert_not_equal(key, Setting::Cipher.key)
|
120
|
+
test_encrypted_value
|
121
|
+
Setting.recrypt_all { Setting::Cipher.key = key }
|
122
|
+
assert_equal(key, Setting::Cipher.key)
|
123
|
+
test_encrypted_value
|
124
|
+
end
|
125
|
+
|
95
126
|
private
|
96
127
|
def text_setting
|
97
128
|
@text_setting ||= Setting.create(:name => 'text_setting', :value => 'foo', :value_type => 'text', :encrypted => false)
|