super_settings 0.0.0.rc1 → 0.0.1.rc1

data/lib/super_settings/storage/test_storage.rb

@@ -2,11 +2,12 @@
 
 require "json"
 
-# :nocov:
 module SuperSettings
   module Storage
     # Implementation of the SuperSettings::Storage model for running unit tests.
     class TestStorage
+      # :nocov:
+
       include Storage
 
       attr_reader :key, :raw_value, :description, :value_type, :updated_at, :created_at
@@ -127,14 +128,6 @@ module SuperSettings
         !!(defined?(@persisted) && @persisted)
       end
 
-      protected
-
-      def redact_history!
-        self.class.history(key).each do |item|
-          item[:value] = nil
-        end
-      end
-
       private
 
       def set_persisted!
@@ -153,6 +146,6 @@ module SuperSettings
         }
       end
     end
+    # :nocov:
   end
 end
-# :nocov:

data/lib/super_settings/storage.rb

@@ -2,7 +2,7 @@
 
 module SuperSettings
   # Abstraction over how a setting is stored and retrieved from the storage engine. Models
-  # must implement the methods module in this module that raise `NotImplementedError`.
+  # must implement the methods module in this module that raise NotImplementedError.
   module Storage
     class RecordInvalid < StandardError
     end
@@ -14,6 +14,7 @@ module SuperSettings
 
     module ClassMethods
       # Storage classes must implent this method to return all settings included deleted ones.
+      #
       # @return [Array<SuperSetting::Setting::Storage>]
       def all
         # :nocov:
@@ -22,6 +23,7 @@ module SuperSettings
       end
 
       # Return all non-deleted settings.
+      #
       # @return [Array<SuperSetting::Setting::Storage>]
       def active
         all.reject(&:deleted?)
@@ -29,6 +31,7 @@ module SuperSettings
 
       # Storage classes must implement this method to return all settings updates since the
       # specified timestamp.
+      #
       # @return [Array<SuperSetting::Setting::Storage>]
       def updated_since(timestamp)
         # :nocov:
@@ -37,6 +40,7 @@ module SuperSettings
       end
 
       # Storage classes must implement this method to return a settings by it's key.
+      #
       # @return [SuperSetting::Setting::Storage]
       def find_by_key(key)
         # :nocov:
@@ -46,6 +50,7 @@ module SuperSettings
 
       # Storage classes must implement this method to return most recent time that any
       # setting was updated.
+      #
       # @return [Time]
       def last_updated_at
         # :nocov:
@@ -54,18 +59,24 @@ module SuperSettings
       end
 
       # Implementing classes can override this method to setup a thread safe connection within a block.
+      #
+      # @return [void]
       def with_connection(&block)
         yield
       end
 
       # Implementing classes can override this method to wrap an operation in an atomic transaction.
+      #
+      # @return [void]
       def transaction(&block)
         yield
       end
 
-      # @return [Boolean] true if it's safe to load setting asynchronously in a background thread.
+      # Return true if it's safe to load setting asynchronously in a background thread.
+      #
+      # @return [Boolean]
       def load_asynchronous?
-        !!(defined?(@load_asynchronous) && !@load_asynchronous.nil? ? @load_asynchronous : default_load_asynchronous?)
+        !!((defined?(@load_asynchronous) && !@load_asynchronous.nil?) ? @load_asynchronous : default_load_asynchronous?)
       end
 
       # Set to true to force loading setting asynchronously in a background thread.
@@ -80,7 +91,9 @@ module SuperSettings
       end
     end
 
-    # @return [String] the key for the setting
+    # The key for the setting
+    #
+    # @return [String]
     def key
       # :nocov:
       raise NotImplementedError
@@ -88,6 +101,7 @@ module SuperSettings
     end
 
     # Set the key for the setting.
+    #
     # @param val [String]
     # @return [void]
     def key=(val)
@@ -96,7 +110,9 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [String] the raw value for the setting before it is type cast.
+    # The raw value for the setting before it is type cast.
+    #
+    # @return [String]
     def raw_value
       # :nocov:
       raise NotImplementedError
@@ -104,6 +120,7 @@ module SuperSettings
     end
 
     # Set the raw value for the setting.
+    #
     # @param val [String]
     # @return [void]
     def raw_value=(val)
@@ -112,7 +129,9 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [String] the value type for the setting
+    # The value type for the setting.
+    #
+    # @return [String]
     def value_type
       # :nocov:
       raise NotImplementedError
@@ -120,7 +139,8 @@ module SuperSettings
     end
 
     # Set the value type for the setting.
-    # @param val [String] one of string, integer, float, boolean, datetime, array, or secret
+    #
+    # @param val [String] one of string, integer, float, boolean, datetime, or array
     # @return [void]
     def value_type=(val)
       # :nocov:
@@ -128,7 +148,8 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [String] the description for the setting
+    # The description for the setting.
+    # @return [String]
     def description
       # :nocov:
       raise NotImplementedError
@@ -136,6 +157,7 @@ module SuperSettings
     end
 
     # Set the description for the setting.
+
     # @param val [String]
     # @return [void]
     def description=(val)
@@ -144,7 +166,9 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [Boolean] true if the setting marked as deleted
+    # Return true if the setting marked as deleted.
+    #
+    # @return [Boolean]
     def deleted?
       # :nocov:
       raise NotImplementedError
@@ -153,6 +177,7 @@ module SuperSettings
 
     # Set the deleted flag for the setting. Settings should not actually be deleted since
     # the record is needed to keep the local cache up to date.
+    #
     # @param val [Boolean]
     # @return [void]
     def deleted=(val)
@@ -161,7 +186,9 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [Time] the time the setting was last updated
+    # Return the time the setting was last updated
+    #
+    # @return [Time]
     def updated_at
       # :nocov:
       raise NotImplementedError
@@ -169,6 +196,7 @@ module SuperSettings
     end
 
     # Set the last updated time for the setting.
+    #
     # @param val [Time]
     # @return [void]
     def updated_at=(val)
@@ -177,7 +205,9 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [Time] the time the setting was created
+    # Return the time the setting was created.
+    #
+    # @return [Time]
     def created_at
       # :nocov:
       raise NotImplementedError
@@ -185,6 +215,7 @@ module SuperSettings
     end
 
     # Set the created time for the setting.
+    #
     # @param val [Time]
     # @return [void]
     def created_at=(val)
@@ -195,6 +226,7 @@ module SuperSettings
 
     # Return array of history items reflecting changes made to the setting over time. Items
     # should be returned in reverse chronological order so that the most recent changes are first.
+    #
     # @return [Array<SuperSettings::History>]
     def history(limit: nil, offset: 0)
       # :nocov:
@@ -202,7 +234,9 @@ module SuperSettings
       # :nocov:
     end
 
-    # Create a history item for the setting
+    # Create a history item for the setting.
+    #
+    # @return [void]
     def create_history(changed_by:, created_at:, value: nil, deleted: false)
       # :nocov:
       raise NotImplementedError
@@ -210,6 +244,7 @@ module SuperSettings
     end
 
     # Persist the record to storage.
+    #
     # @return [void]
     def save!
       # :nocov:
@@ -217,7 +252,8 @@ module SuperSettings
       # :nocov:
     end
 
-    # @return [Boolean] true if the record has been stored.
+    # Return true if the record has been stored.
+    # @return [Boolean]
     def persisted?
       # :nocov:
       raise NotImplementedError
@@ -227,17 +263,6 @@ module SuperSettings
     def ==(other)
       other.is_a?(self.class) && other.key == key
     end
-
-    protected
-
-    # Remove the value stored on history records if the setting is changed to a secret since
-    # these are not stored encrypted in the database. Implementing classes must redefine this
-    # method.
-    def redact_history!
-      # :nocov:
-      raise NotImplementedError
-      # :nocov:
-    end
   end
 end
 

data/lib/super_settings.rb

@@ -1,14 +1,11 @@
 # frozen_string_literal: true
 
-require "secret_keys"
-
 require_relative "super_settings/application"
 require_relative "super_settings/coerce"
 require_relative "super_settings/configuration"
 require_relative "super_settings/local_cache"
-require_relative "super_settings/encryption"
 require_relative "super_settings/rest_api"
-require_relative "super_settings/rack_middleware"
+require_relative "super_settings/rack_application"
 require_relative "super_settings/controller_actions"
 require_relative "super_settings/attributes"
 require_relative "super_settings/setting"
@@ -65,6 +62,15 @@ module SuperSettings
       Coerce.boolean(val.nil? ? default : val)
     end
 
+    # Return true if a setting cast as a boolean evaluates to false.
+    #
+    # @param key [String, Symbol]
+    # @param default [Boolean] value to return if the setting value is nil
+    # @return [Boolean]
+    def disabled?(key, default = true)
+      !enabled?(key, !default)
+    end
+
     # Get a setting value cast to a Time.
     #
     # @param key [String, Symbol]
@@ -91,13 +97,15 @@ module SuperSettings
     # store into a structured data store. It uses a delimiter to define how keys are nested which
     # defaults to a dot.
     #
-    # If, for example, you have three keys in you settings "A.B1.C1 = 1", "A.B1.C2 = 2", and "A.B2.C3 = 3", the
+    # If, for example, you have three keys in you settings +A.B1.C1 = 1+, +A.B1.C2 = 2+, and +A.B2.C3 = 3+, the
     # nested structure will be:
     #
-    # `{"A" => {"B1" => {"C1" => 1, "C2" => 2}, "B2" => {"C3" => 3}}}`
+    # +{"A" => {"B1" => {"C1" => 1, "C2" => 2}, "B2" => {"C3" => 3}}}+
+    #
+    # This whole hash would be returned if you called +hash+ without any key. If you called it with the
+    # key "A.B1", it would return
     #
-    # This whole hash would be returned if you called `hash` without any key. If you called it with the
-    # key "A.B1", it would return `{"C1" => 1, "C2" => 2}`.
+    # +{"C1" => 1, "C2" => 2}+
     #
     # @param key [String, Symbol] the prefix patter to fetch keys for; default to returning all settings
     # @param default [Hash] value to return if the setting value is nil
@@ -146,6 +154,8 @@ module SuperSettings
     end
 
     # Load the settings from the database into the in memory cache.
+    #
+    # @return [void]
     def load_settings
       local_cache.load_settings
       local_cache.wait_for_load
@@ -153,6 +163,8 @@ module SuperSettings
     end
 
     # Force refresh the settings in the in memory cache to be in sync with the database.
+    #
+    # @return [void]
     def refresh_settings
       local_cache.refresh
       nil
@@ -160,6 +172,8 @@ module SuperSettings
 
     # Reset the in memory cache. The cache will be automatically reloaded the next time
     # you access a setting.
+    #
+    # @return [void]
     def clear_cache
       local_cache.reset
       nil
@@ -176,7 +190,8 @@ module SuperSettings
     # object. You should use this method to configure the gem from an Rails initializer since
     # it will handle ensuring all the appropriate frameworks are loaded first.
     #
-    # yieldparam config [SuperSettings::Configuration]
+    # @yieldparam config [SuperSettings::Configuration]
+    # @return [void]
     def configure(&block)
       Configuration.instance.defer(&block)
       unless defined?(Rails::Engine)
@@ -188,21 +203,19 @@ module SuperSettings
     # This setting aids in performance since it throttles the number of times the database is queried
     # for changes. However, changes made to the settings in the databae will take up to the number of
     # seconds in the refresh interval to be updated in the cache.
+    #
+    # @return [void]
     def refresh_interval=(value)
       local_cache.refresh_interval = value
     end
 
-    # Set the secret used to encrypt secret settings in the database.
-    #
-    # If you need to roll your secret, you can pass in an array of values. The first one
-    # specified will be used to encrypt values, but all of the keys will be tried when
-    # decrypting a value already stored in the database.
-    #
-    # @param value [String, Array]
-    def secret=(value)
-      Encryption.secret = value
-      load_settings if loaded?
-    end
+    # URL for authenticating access to the application. This would normally be some kind of
+    # login page. Browsers will be redirected here if they are denied access to the web UI.
+    attr_accessor :authentication_url
+
+    # Javascript to inject into the settings application HTML page. This can be used, for example,
+    # to set authorization credentials stored client side to access the settings API.
+    attr_accessor :web_ui_javascript
 
     private
 

data/super_settings.gemspec

@@ -16,10 +16,10 @@ Gem::Specification.new do |spec|
     Gemfile
     Gemfile.lock
     Rakefile
+    assets/
     bin/
     gemfiles/
     spec/
-    web_ui.png
   ]
   spec.files = Dir.chdir(File.expand_path("..", __FILE__)) do
     `git ls-files -z`.split("\x0").reject { |f| ignore_files.any? { |path| f.start_with?(path) } }
@@ -27,8 +27,6 @@ Gem::Specification.new do |spec|
 
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "secret_keys", ">= 1.0"
-
   spec.add_development_dependency "bundler"
 
   spec.required_ruby_version = ">= 2.5"

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: super_settings
 version: !ruby/object:Gem::Version
-  version: 0.0.0.rc1
+  version: 0.0.1.rc1
 platform: ruby
 authors:
 - Brian Durand
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-03-24 00:00:00.000000000 Z
+date: 2023-05-26 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: secret_keys
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -71,11 +57,10 @@ files:
 - lib/super_settings/coerce.rb
 - lib/super_settings/configuration.rb
 - lib/super_settings/controller_actions.rb
-- lib/super_settings/encryption.rb
 - lib/super_settings/engine.rb
 - lib/super_settings/history_item.rb
 - lib/super_settings/local_cache.rb
-- lib/super_settings/rack_middleware.rb
+- lib/super_settings/rack_application.rb
 - lib/super_settings/rest_api.rb
 - lib/super_settings/setting.rb
 - lib/super_settings/storage.rb
@@ -84,7 +69,6 @@ files:
 - lib/super_settings/storage/redis_storage.rb
 - lib/super_settings/storage/test_storage.rb
 - lib/super_settings/version.rb
-- lib/tasks/super_settings.rake
 - super_settings.gemspec
 homepage: https://github.com/bdurand/super_settings
 licenses:
@@ -105,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.1
 requirements: []
-rubygems_version: 3.2.23
+rubygems_version: 3.4.5
 signing_key: 
 specification_version: 4
 summary: Fast access runtime settings for a Rails application with an included UI

data/lib/super_settings/encryption.rb

@@ -1,76 +0,0 @@
-# frozen_string_literal: true
-
-module SuperSettings
-  module Encryption
-    SALT = "0c54a781"
-    private_constant :SALT
-
-    # Error thrown when the secret is invalid
-    class InvalidSecretError < StandardError
-      def initialize
-        super("Cannot decrypt. Invalid secret provided.")
-      end
-    end
-
-    class << self
-      # Set the secret key used for encrypting secret values. If this is not set,
-      # the value will be loaded from the `SUPER_SETTINGS_SECRET` environment
-      # variable. If that value is not set, arguments will not be encrypted.
-      #
-      # You can set multiple secrets by passing an array if you need to roll your secrets.
-      # The left most value in the array will be used as the encryption secret, but
-      # all the values will be tried when decrypting. That way if you have existing keys
-      # that were encrypted with a different secret, you can still make it available
-      # when decrypting. If you are using the environment variable, separate the keys
-      # with spaces.
-      #
-      # @param value [String] One or more secrets to use for encrypting arguments.
-      # @return [void]
-      def secret=(value)
-        @encryptors = make_encryptors(value)
-      end
-
-      # Encrypt a value for use with secret settings.
-      # @api private
-      def encrypt(value)
-        return nil if Coerce.blank?(value)
-        encryptor = encryptors.first
-        return value if encryptor.nil?
-        encryptor.encrypt(value)
-      end
-
-      # Decrypt a value for use with secret settings.
-      # @api private
-      def decrypt(value)
-        return nil if Coerce.blank?(value)
-        return value if encryptors.empty? || encryptors == [nil]
-        encryptors.each do |encryptor|
-          begin
-            return encryptor.decrypt(value) if encryptor
-          rescue OpenSSL::Cipher::CipherError
-            # Not the right key, try the next one
-          end
-        end
-        raise InvalidSecretError
-      end
-
-      # @return [Boolean] true if the value is encrypted in the storage engine.
-      def encrypted?(value)
-        SecretKeys::Encryptor.encrypted?(value)
-      end
-
-      private
-
-      def encryptors
-        if !defined?(@encryptors) || @encryptors.empty?
-          @encryptors = make_encryptors(ENV["SUPER_SETTINGS_SECRET"].to_s.split)
-        end
-        @encryptors
-      end
-
-      def make_encryptors(secrets)
-        Array(secrets).map { |val| val.nil? ? nil : SecretKeys::Encryptor.from_password(val, SALT) }
-      end
-    end
-  end
-end

data/lib/tasks/super_settings.rake

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-namespace :super_settings do
-  desc "Encrypt settings marked as secret" do
-    SuperSettings::Setting.where(value_type: "secret").each do |setting|
-      setting.raw_value_will_change! if setting.value
-    end
-  end
-end