relishable 0.7 → 0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/relish/dynamo_helper.rb +14 -22
- data/lib/relish/encryption_helper.rb +26 -17
- data/lib/relish.rb +4 -4
- metadata +2 -2
data/lib/relish/dynamo_helper.rb
CHANGED
@@ -13,11 +13,9 @@ class Relish
|
|
13
13
|
@db ||= Fog::AWS::DynamoDB.new(:aws_access_key_id => @aws_access_key, :aws_secret_access_key => @aws_secret_key)
|
14
14
|
end
|
15
15
|
|
16
|
-
def query_current_version(id)
|
17
|
-
|
18
|
-
|
19
|
-
raise('status: #{response.status}')
|
20
|
-
end
|
16
|
+
def query_current_version(id, *attrs)
|
17
|
+
opts = set_attrs_on_opts(attrs, :ConsistentRead => true, :Limit => 1, :ScanIndexForward => false)
|
18
|
+
response = db.query(@table_name, {:S => id}, opts)
|
21
19
|
if response.body['Count'] == 1
|
22
20
|
response.body['Items'].first
|
23
21
|
end
|
@@ -25,39 +23,33 @@ class Relish
|
|
25
23
|
|
26
24
|
def put_current_version(item)
|
27
25
|
response = db.put_item(@table_name, item, {:Expected => {:id => {:Exists => false}, :version => {:Exists => false}}})
|
28
|
-
if response.status != 200
|
29
|
-
raise('status: #{response.status}')
|
30
|
-
end
|
31
26
|
end
|
32
27
|
|
33
|
-
def get_version(id, version)
|
34
|
-
|
35
|
-
|
36
|
-
raise('status: #{response.status}')
|
37
|
-
end
|
28
|
+
def get_version(id, version, *attrs)
|
29
|
+
opts = set_attrs_on_opts(attrs)
|
30
|
+
response = db.get_item(@table_name, {:HashKeyElement => {:S => id}, :RangeKeyElement => {:N => version}}, opts)
|
38
31
|
response.body['Item']
|
39
32
|
end
|
40
33
|
|
41
34
|
def put_version(id, version, item)
|
42
35
|
response = db.put_item(@table_name, item, {:Expected => {:id => {:Value => {:S => id}}, :version => {:Value => {:N => version}}}})
|
43
|
-
if response.status != 200
|
44
|
-
raise('status: #{response.status}')
|
45
|
-
end
|
46
36
|
end
|
47
37
|
|
48
38
|
def put(item)
|
49
39
|
response = db.put_item(@table_name, item)
|
50
|
-
if response.status != 200
|
51
|
-
raise('status: #{response.status}')
|
52
|
-
end
|
53
40
|
end
|
54
41
|
|
55
42
|
def query(id, consistent, limit)
|
56
43
|
response = db.query(@table_name, {:S => id}, :ConsistentRead => consistent, :Limit => limit, :ScanIndexForward => false)
|
57
|
-
if response.status != 200
|
58
|
-
raise('status: #{response.status}')
|
59
|
-
end
|
60
44
|
response.body['Items']
|
61
45
|
end
|
46
|
+
|
47
|
+
private
|
48
|
+
|
49
|
+
def set_attrs_on_opts(attrs, opts = {})
|
50
|
+
attrs = Array(attrs)
|
51
|
+
opts[:AttributesToGet] = attrs unless attrs.empty?
|
52
|
+
opts
|
53
|
+
end
|
62
54
|
end
|
63
55
|
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
require "relish/release"
|
1
2
|
require "fernet"
|
2
3
|
require "openssl"
|
3
4
|
|
@@ -11,41 +12,49 @@ class Relish
|
|
11
12
|
@secrets = secrets
|
12
13
|
end
|
13
14
|
|
15
|
+
def encrypt_env(env)
|
16
|
+
encrypt_key_with_secret("env", env, hmac_secrets.first)
|
17
|
+
end
|
18
|
+
|
19
|
+
def decrypt_env(encrypted_token)
|
20
|
+
try_decrypt_with_index(encrypted_token)[0]
|
21
|
+
end
|
22
|
+
|
23
|
+
def upgrade_env_encryption(encrypted_token)
|
24
|
+
if encrypted_token.nil? || encrypted_token == ""
|
25
|
+
return false, encrypted_token
|
26
|
+
end
|
27
|
+
env, i = try_decrypt_with_index(encrypted_token)
|
28
|
+
i == 0 ? [false, encrypted_token] : [true, encrypt_env(env)]
|
29
|
+
end
|
30
|
+
|
31
|
+
protected
|
32
|
+
|
14
33
|
def hmac_secrets
|
15
34
|
@hmac_secrets ||= @secrets.map do |secret|
|
16
35
|
OpenSSL::HMAC.hexdigest('sha256', @static_secret, secret)
|
17
36
|
end
|
18
37
|
end
|
19
38
|
|
20
|
-
def
|
21
|
-
encrypt_key_with_secret("env", env, hmac_secrets.first)
|
22
|
-
end
|
23
|
-
|
24
|
-
def decrypt_env(encrypted_token)
|
39
|
+
def try_decrypt_with_index(encrypted_token)
|
25
40
|
hmac_secrets.each_with_index do |secret, i|
|
26
|
-
success, env =
|
41
|
+
success, env = try_decrypt_key(secret, encrypted_token, "env")
|
27
42
|
if success
|
28
|
-
return env
|
43
|
+
return env, i
|
29
44
|
end
|
30
45
|
end
|
31
46
|
raise RelishDecryptionFailed
|
32
47
|
end
|
33
48
|
|
34
|
-
def
|
35
|
-
decrypt_key(secret, encrypted_token, hash_key)
|
36
|
-
rescue OpenSSL::Cipher::CipherError => e
|
37
|
-
return false, {}
|
38
|
-
end
|
39
|
-
|
40
|
-
protected
|
41
|
-
|
42
|
-
def decrypt_key(secret, encrypted_token, hash_key)
|
49
|
+
def try_decrypt_key(secret, encrypted_token, hash_key)
|
43
50
|
verifier = Fernet.verifier(secret, encrypted_token)
|
44
51
|
verifier.enforce_ttl = false
|
45
52
|
unless verifier.valid?
|
46
|
-
return false,
|
53
|
+
return false, nil
|
47
54
|
end
|
48
55
|
[true, verifier.data[hash_key]]
|
56
|
+
rescue OpenSSL::Cipher::CipherError => e
|
57
|
+
return false, nil
|
49
58
|
end
|
50
59
|
|
51
60
|
def encrypt_key_with_secret(hash_key, value, secret)
|
data/lib/relish.rb
CHANGED
@@ -38,8 +38,8 @@ class Relish
|
|
38
38
|
release
|
39
39
|
end
|
40
40
|
|
41
|
-
def current(id)
|
42
|
-
item = @db.query_current_version(id)
|
41
|
+
def current(id, *attrs)
|
42
|
+
item = @db.query_current_version(id, *attrs)
|
43
43
|
unless item.nil?
|
44
44
|
release = Release.new
|
45
45
|
release.item = item
|
@@ -47,8 +47,8 @@ class Relish
|
|
47
47
|
end
|
48
48
|
end
|
49
49
|
|
50
|
-
def read(id, version)
|
51
|
-
item = @db.get_version(id, version)
|
50
|
+
def read(id, version, *attrs)
|
51
|
+
item = @db.get_version(id, version, *attrs)
|
52
52
|
unless item.nil?
|
53
53
|
release = Release.new
|
54
54
|
release.item = item
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: relishable
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: '0.
|
4
|
+
version: '0.8'
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-10-
|
13
|
+
date: 2012-10-11 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: fog
|