symmetric-encryption 4.1.1 → 4.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/symmetric_encryption/cli.rb +2 -2
- data/lib/symmetric_encryption/encoder.rb +2 -2
- data/lib/symmetric_encryption/generator.rb +4 -4
- data/lib/symmetric_encryption/keystore/aws.rb +2 -1
- data/lib/symmetric_encryption/keystore/environment.rb +1 -1
- data/lib/symmetric_encryption/keystore/file.rb +1 -1
- data/lib/symmetric_encryption/keystore/memory.rb +1 -1
- data/lib/symmetric_encryption/version.rb +1 -1
- metadata +4 -56
- data/test/active_record_test.rb +0 -605
- data/test/cipher_test.rb +0 -216
- data/test/config/database.yml +0 -5
- data/test/config/empty.csv +0 -0
- data/test/config/mongo_mapper.yml +0 -7
- data/test/config/mongoid.yml +0 -9
- data/test/config/symmetric-encryption.yml +0 -144
- data/test/config/test_new.iv +0 -4
- data/test/config/test_new.key +0 -2
- data/test/config/test_secondary_1.iv +0 -1
- data/test/config/test_secondary_1.key +0 -2
- data/test/encoder_test.rb +0 -59
- data/test/header_test.rb +0 -214
- data/test/key_test.rb +0 -81
- data/test/keystore/aws_test.rb +0 -133
- data/test/keystore/environment_test.rb +0 -70
- data/test/keystore/file_test.rb +0 -85
- data/test/keystore/heroku_test.rb +0 -70
- data/test/keystore_test.rb +0 -254
- data/test/mongoid_test.rb +0 -595
- data/test/reader_test.rb +0 -334
- data/test/symmetric_encryption_test.rb +0 -239
- data/test/test_db.sqlite3 +0 -0
- data/test/test_helper.rb +0 -12
- data/test/utils/aws_test.rb +0 -74
- data/test/writer_test.rb +0 -79
data/test/active_record_test.rb
DELETED
@@ -1,605 +0,0 @@
|
|
1
|
-
require_relative 'test_helper'
|
2
|
-
|
3
|
-
ActiveRecord::Base.configurations = YAML.safe_load(ERB.new(IO.read('test/config/database.yml')).result)
|
4
|
-
ActiveRecord::Base.establish_connection(:test)
|
5
|
-
|
6
|
-
# @formatter:off
|
7
|
-
ActiveRecord::Schema.define version: 0 do
|
8
|
-
create_table :users, force: true do |t|
|
9
|
-
t.string :encrypted_bank_account_number
|
10
|
-
t.string :encrypted_social_security_number
|
11
|
-
t.string :encrypted_string_value
|
12
|
-
t.text :encrypted_long_string_value
|
13
|
-
t.text :encrypted_binary_string_value
|
14
|
-
t.text :encrypted_data_yaml
|
15
|
-
t.text :encrypted_data_json
|
16
|
-
t.string :name
|
17
|
-
t.string :encrypted_unsupported_option
|
18
|
-
|
19
|
-
t.string :encrypted_integer_value
|
20
|
-
t.string :encrypted_float_value
|
21
|
-
t.string :encrypted_decimal_value
|
22
|
-
t.string :encrypted_datetime_value
|
23
|
-
t.string :encrypted_time_value
|
24
|
-
t.string :encrypted_date_value
|
25
|
-
t.string :encrypted_true_value
|
26
|
-
t.string :encrypted_false_value
|
27
|
-
|
28
|
-
t.string :encrypted_text
|
29
|
-
t.string :encrypted_number
|
30
|
-
end
|
31
|
-
|
32
|
-
create_table :unique_users, force: true do |t|
|
33
|
-
t.string :encrypted_email
|
34
|
-
t.string :encrypted_username
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
class User < ActiveRecord::Base
|
39
|
-
attr_encrypted :bank_account_number
|
40
|
-
attr_encrypted :social_security_number
|
41
|
-
attr_encrypted :string_value, random_iv: true
|
42
|
-
attr_encrypted :long_string_value, random_iv: true, compress: true
|
43
|
-
attr_encrypted :binary_string_value, random_iv: true, compress: true
|
44
|
-
attr_encrypted :data_yaml, random_iv: true, compress: true, type: :yaml
|
45
|
-
attr_encrypted :data_json, random_iv: true, compress: true, type: :json
|
46
|
-
|
47
|
-
attr_encrypted :integer_value, type: :integer
|
48
|
-
attr_encrypted :float_value, type: :float
|
49
|
-
attr_encrypted :decimal_value, type: :decimal
|
50
|
-
attr_encrypted :datetime_value, type: :datetime
|
51
|
-
attr_encrypted :time_value, type: :time
|
52
|
-
attr_encrypted :date_value, type: :date
|
53
|
-
attr_encrypted :true_value, type: :boolean
|
54
|
-
attr_encrypted :false_value, type: :boolean
|
55
|
-
|
56
|
-
validates :encrypted_bank_account_number, symmetric_encryption: true
|
57
|
-
validates :encrypted_social_security_number, symmetric_encryption: true
|
58
|
-
|
59
|
-
attr_encrypted :text, type: :string
|
60
|
-
attr_encrypted :number, type: :integer
|
61
|
-
|
62
|
-
validates :text, format: {with: /\A[a-zA-Z ]+\z/, message: 'only allows letters'}, presence: true
|
63
|
-
validates :number, presence: true
|
64
|
-
end
|
65
|
-
|
66
|
-
class UniqueUser < ActiveRecord::Base
|
67
|
-
attr_encrypted :email
|
68
|
-
attr_encrypted :username
|
69
|
-
|
70
|
-
validates_uniqueness_of :encrypted_email, allow_blank: true, if: :encrypted_email_changed?
|
71
|
-
validates_uniqueness_of :encrypted_username, allow_blank: true, if: :encrypted_username_changed?
|
72
|
-
|
73
|
-
validates :username,
|
74
|
-
length: {in: 3..20},
|
75
|
-
format: {with: /\A[\w\-]+\z/},
|
76
|
-
allow_blank: true
|
77
|
-
end
|
78
|
-
# @formatter:on
|
79
|
-
|
80
|
-
#
|
81
|
-
# Unit Test for attr_encrypted extensions in ActiveRecord
|
82
|
-
#
|
83
|
-
class ActiveRecordTest < Minitest::Test
|
84
|
-
describe 'ActiveRecord' do
|
85
|
-
INTEGER_VALUE = 12
|
86
|
-
FLOAT_VALUE = 88.12345
|
87
|
-
DECIMAL_VALUE = BigDecimal('22.51')
|
88
|
-
DATETIME_VALUE = DateTime.new(2001, 11, 26, 20, 55, 54, '-5')
|
89
|
-
TIME_VALUE = Time.new(2013, 1, 1, 22, 30, 0, '-04:00')
|
90
|
-
DATE_VALUE = Date.new(1927, 4, 2)
|
91
|
-
STRING_VALUE = 'A string containing some data to be encrypted with a random initialization vector'.freeze
|
92
|
-
LONG_STRING_VALUE = 'A string containing some data to be encrypted with a random initialization vector and compressed since it takes up so much space in plain text form'.freeze
|
93
|
-
BINARY_STRING_VALUE = "Non-UTF8 Binary \x92 string".force_encoding('BINARY')
|
94
|
-
|
95
|
-
let :bank_account_number do
|
96
|
-
'1234567890'
|
97
|
-
end
|
98
|
-
|
99
|
-
let :bank_account_number_encrypted do
|
100
|
-
'QEVuQwIAL94ArJeFlJrZp6SYsvoOGA=='
|
101
|
-
end
|
102
|
-
|
103
|
-
let :social_security_number do
|
104
|
-
'987654321'
|
105
|
-
end
|
106
|
-
|
107
|
-
let :social_security_number_encrypted do
|
108
|
-
'QEVuQwIAS+8X1NRrqdfEIQyFHVPuVA=='
|
109
|
-
end
|
110
|
-
|
111
|
-
let :person_name do
|
112
|
-
'Joe Bloggs'
|
113
|
-
end
|
114
|
-
|
115
|
-
let :hash_data do
|
116
|
-
{a: 'A', b: 'B'}
|
117
|
-
end
|
118
|
-
|
119
|
-
let :user do
|
120
|
-
User.new(
|
121
|
-
# Encrypted Attribute
|
122
|
-
bank_account_number: bank_account_number,
|
123
|
-
# Encrypted Attribute
|
124
|
-
social_security_number: social_security_number,
|
125
|
-
name: person_name,
|
126
|
-
# data type specific fields
|
127
|
-
string_value: STRING_VALUE,
|
128
|
-
long_string_value: LONG_STRING_VALUE,
|
129
|
-
binary_string_value: BINARY_STRING_VALUE,
|
130
|
-
integer_value: INTEGER_VALUE,
|
131
|
-
float_value: FLOAT_VALUE,
|
132
|
-
decimal_value: DECIMAL_VALUE,
|
133
|
-
datetime_value: DATETIME_VALUE,
|
134
|
-
time_value: TIME_VALUE,
|
135
|
-
date_value: DATE_VALUE,
|
136
|
-
true_value: true,
|
137
|
-
false_value: false,
|
138
|
-
data_yaml: hash_data.dup,
|
139
|
-
data_json: hash_data.dup,
|
140
|
-
text: 'hello',
|
141
|
-
number: '21'
|
142
|
-
)
|
143
|
-
end
|
144
|
-
|
145
|
-
it 'has encrypted methods' do
|
146
|
-
assert_equal true, user.respond_to?(:encrypted_bank_account_number)
|
147
|
-
assert_equal true, user.respond_to?(:bank_account_number)
|
148
|
-
assert_equal true, user.respond_to?(:encrypted_social_security_number)
|
149
|
-
assert_equal true, user.respond_to?(:social_security_number)
|
150
|
-
assert_equal true, user.respond_to?(:data_yaml)
|
151
|
-
assert_equal true, user.respond_to?(:data_json)
|
152
|
-
assert_equal false, user.respond_to?(:encrypted_name)
|
153
|
-
assert_equal true, user.respond_to?(:encrypted_bank_account_number_changed?)
|
154
|
-
assert_equal true, user.respond_to?(:bank_account_number_changed?)
|
155
|
-
end
|
156
|
-
|
157
|
-
it 'has unencrypted values' do
|
158
|
-
assert_equal bank_account_number, user.bank_account_number
|
159
|
-
assert_equal social_security_number, user.social_security_number
|
160
|
-
end
|
161
|
-
|
162
|
-
it 'has encrypted values' do
|
163
|
-
assert_equal bank_account_number_encrypted, user.encrypted_bank_account_number
|
164
|
-
assert_equal social_security_number_encrypted, user.encrypted_social_security_number
|
165
|
-
end
|
166
|
-
|
167
|
-
describe ':random_iv' do
|
168
|
-
it 'false' do
|
169
|
-
user.social_security_number = social_security_number
|
170
|
-
assert first_value = user.social_security_number
|
171
|
-
# Assign the same value
|
172
|
-
user.social_security_number = social_security_number
|
173
|
-
assert_equal first_value, user.social_security_number
|
174
|
-
end
|
175
|
-
|
176
|
-
it 'true' do
|
177
|
-
user.string_value = STRING_VALUE
|
178
|
-
assert first_value = user.encrypted_string_value
|
179
|
-
user.string_value = 'blah'
|
180
|
-
user.string_value = STRING_VALUE
|
181
|
-
refute_equal first_value, user.encrypted_string_value
|
182
|
-
end
|
183
|
-
|
184
|
-
it 'true and compress: true' do
|
185
|
-
user.string_value = STRING_VALUE
|
186
|
-
user.long_string_value = STRING_VALUE
|
187
|
-
|
188
|
-
refute_equal user.encrypted_long_string_value, user.encrypted_string_value
|
189
|
-
end
|
190
|
-
|
191
|
-
describe 'changed?' do
|
192
|
-
it 'true for a new instance' do
|
193
|
-
assert user.string_value_changed?
|
194
|
-
end
|
195
|
-
|
196
|
-
it 'clears after save' do
|
197
|
-
user.save!
|
198
|
-
refute user.string_value_changed?
|
199
|
-
end
|
200
|
-
|
201
|
-
it 'does not change when equal' do
|
202
|
-
user.save!
|
203
|
-
before = user.encrypted_string_value
|
204
|
-
user.string_value = STRING_VALUE
|
205
|
-
refute user.string_value_changed?
|
206
|
-
assert_equal before, user.encrypted_string_value
|
207
|
-
end
|
208
|
-
end
|
209
|
-
end
|
210
|
-
|
211
|
-
describe 'attribute=' do
|
212
|
-
it 'handles nil' do
|
213
|
-
user.string_value = nil
|
214
|
-
assert_nil user.string_value
|
215
|
-
assert_nil user.encrypted_string_value
|
216
|
-
user.save!
|
217
|
-
user.reload
|
218
|
-
assert_nil user.string_value
|
219
|
-
assert_nil user.encrypted_string_value
|
220
|
-
end
|
221
|
-
|
222
|
-
it 'handles empty string' do
|
223
|
-
user.string_value = ''
|
224
|
-
assert_equal '', user.string_value
|
225
|
-
assert_equal '', user.encrypted_string_value
|
226
|
-
user.save!
|
227
|
-
user.reload
|
228
|
-
assert_equal '', user.string_value
|
229
|
-
assert_equal '', user.encrypted_string_value
|
230
|
-
end
|
231
|
-
|
232
|
-
it 'encrypt' do
|
233
|
-
user = User.new
|
234
|
-
user.bank_account_number = bank_account_number
|
235
|
-
assert_equal bank_account_number, user.bank_account_number
|
236
|
-
assert_equal bank_account_number_encrypted, user.encrypted_bank_account_number
|
237
|
-
end
|
238
|
-
|
239
|
-
it 'all paths it lead to the same result' do
|
240
|
-
assert_equal bank_account_number_encrypted, (user.encrypted_social_security_number = bank_account_number_encrypted)
|
241
|
-
assert_equal bank_account_number, user.social_security_number
|
242
|
-
assert_equal bank_account_number_encrypted, user.encrypted_social_security_number
|
243
|
-
end
|
244
|
-
|
245
|
-
it 'all paths it lead to the same result 2' do
|
246
|
-
assert_equal bank_account_number, (user.social_security_number = bank_account_number)
|
247
|
-
assert_equal bank_account_number_encrypted, user.encrypted_social_security_number
|
248
|
-
assert_equal bank_account_number, user.social_security_number
|
249
|
-
end
|
250
|
-
|
251
|
-
it 'all paths it lead to the same result, check uninitialized' do
|
252
|
-
user = User.new
|
253
|
-
assert_nil user.social_security_number
|
254
|
-
assert_equal bank_account_number, (user.social_security_number = bank_account_number)
|
255
|
-
assert_equal bank_account_number, user.social_security_number
|
256
|
-
assert_equal bank_account_number_encrypted, user.encrypted_social_security_number
|
257
|
-
|
258
|
-
user.social_security_number = nil
|
259
|
-
assert_nil user.social_security_number
|
260
|
-
assert_nil user.encrypted_social_security_number
|
261
|
-
end
|
262
|
-
end
|
263
|
-
|
264
|
-
describe '.new' do
|
265
|
-
it 'allows unencrypted values to be passed to the constructor' do
|
266
|
-
user = User.new(bank_account_number: bank_account_number, social_security_number: social_security_number)
|
267
|
-
assert_equal bank_account_number, user.bank_account_number
|
268
|
-
assert_equal social_security_number, user.social_security_number
|
269
|
-
assert_equal bank_account_number_encrypted, user.encrypted_bank_account_number
|
270
|
-
assert_equal social_security_number_encrypted, user.encrypted_social_security_number
|
271
|
-
end
|
272
|
-
end
|
273
|
-
|
274
|
-
describe '.encrypted_attributes' do
|
275
|
-
it 'returns encrypted attributes for the class' do
|
276
|
-
expect = {social_security_number: :encrypted_social_security_number, bank_account_number: :encrypted_bank_account_number}
|
277
|
-
result = User.encrypted_attributes
|
278
|
-
expect.each_pair { |k, _v| assert_equal expect[k], result[k] }
|
279
|
-
end
|
280
|
-
end
|
281
|
-
|
282
|
-
describe '.encrypted_keys' do
|
283
|
-
it 'return encrypted keys for the class' do
|
284
|
-
expect = %i[social_security_number bank_account_number]
|
285
|
-
result = User.encrypted_keys
|
286
|
-
expect.each { |val| assert result.include?(val) }
|
287
|
-
|
288
|
-
# Also check encrypted_attribute?
|
289
|
-
expect.each { |val| assert User.encrypted_attribute?(val) }
|
290
|
-
end
|
291
|
-
end
|
292
|
-
|
293
|
-
describe '.encrypted_columns' do
|
294
|
-
it 'return encrypted columns for the class' do
|
295
|
-
expect = %i[encrypted_social_security_number encrypted_bank_account_number]
|
296
|
-
result = User.encrypted_columns
|
297
|
-
expect.each { |val| assert result.include?(val) }
|
298
|
-
|
299
|
-
# Also check encrypted_column?
|
300
|
-
expect.each { |val| assert User.encrypted_column?(val) }
|
301
|
-
end
|
302
|
-
end
|
303
|
-
|
304
|
-
describe '#valid?' do
|
305
|
-
before do
|
306
|
-
assert user.valid?
|
307
|
-
end
|
308
|
-
|
309
|
-
it 'fails invalid data' do
|
310
|
-
user.encrypted_bank_account_number = '123'
|
311
|
-
assert_equal false, user.valid?
|
312
|
-
assert_equal ['must be a value encrypted using SymmetricEncryption.encrypt'], user.errors[:encrypted_bank_account_number]
|
313
|
-
end
|
314
|
-
|
315
|
-
it 'passes encrypted data' do
|
316
|
-
user.encrypted_bank_account_number = SymmetricEncryption.encrypt('123')
|
317
|
-
assert user.valid?
|
318
|
-
end
|
319
|
-
|
320
|
-
it 'passes valid data' do
|
321
|
-
user.bank_account_number = '123'
|
322
|
-
assert user.valid?
|
323
|
-
end
|
324
|
-
|
325
|
-
it 'passes nil encrypted data' do
|
326
|
-
user.encrypted_bank_account_number = nil
|
327
|
-
assert user.valid?
|
328
|
-
end
|
329
|
-
|
330
|
-
it 'passes empty string encrypted data' do
|
331
|
-
user.encrypted_bank_account_number = ''
|
332
|
-
assert user.valid?
|
333
|
-
end
|
334
|
-
|
335
|
-
it 'passes nil data' do
|
336
|
-
user.bank_account_number = nil
|
337
|
-
assert user.valid?
|
338
|
-
end
|
339
|
-
|
340
|
-
it 'passes empty string data' do
|
341
|
-
user.bank_account_number = ''
|
342
|
-
assert user.valid?
|
343
|
-
end
|
344
|
-
|
345
|
-
it 'validate un-encrypted string data' do
|
346
|
-
assert user.valid?
|
347
|
-
user.text = '123'
|
348
|
-
assert_equal false, user.valid?
|
349
|
-
assert_equal ['only allows letters'], user.errors[:text]
|
350
|
-
user.text = nil
|
351
|
-
assert_equal false, user.valid?
|
352
|
-
assert_equal ['only allows letters', "can't be blank"], user.errors[:text]
|
353
|
-
user.text = ''
|
354
|
-
assert_equal false, user.valid?
|
355
|
-
assert_equal ['only allows letters', "can't be blank"], user.errors[:text]
|
356
|
-
end
|
357
|
-
|
358
|
-
it 'validate un-encrypted integer data with coercion' do
|
359
|
-
assert user.valid?
|
360
|
-
user.number = '123'
|
361
|
-
assert user.valid?
|
362
|
-
assert_equal 123, user.number
|
363
|
-
assert user.valid?
|
364
|
-
user.number = ''
|
365
|
-
assert_equal false, user.valid?
|
366
|
-
assert_equal '', user.number
|
367
|
-
assert_equal ["can't be blank"], user.errors[:number]
|
368
|
-
user.number = nil
|
369
|
-
assert_nil user.number
|
370
|
-
assert_nil user.encrypted_number
|
371
|
-
assert_equal false, user.valid?
|
372
|
-
assert_equal ["can't be blank"], user.errors[:number]
|
373
|
-
end
|
374
|
-
end
|
375
|
-
|
376
|
-
describe 'with saved user' do
|
377
|
-
before do
|
378
|
-
user.save!
|
379
|
-
end
|
380
|
-
|
381
|
-
after do
|
382
|
-
user&.destroy
|
383
|
-
end
|
384
|
-
|
385
|
-
it 'return correct data type before save' do
|
386
|
-
u = User.new(integer_value: '5')
|
387
|
-
assert_equal 5, u.integer_value
|
388
|
-
assert u.integer_value.is_a?(Integer)
|
389
|
-
end
|
390
|
-
|
391
|
-
it 'handle gsub! for non-encrypted_field' do
|
392
|
-
user.name.tr!('a', 'v')
|
393
|
-
new_name = person_name.tr('a', 'v')
|
394
|
-
assert_equal new_name, user.name
|
395
|
-
user.reload
|
396
|
-
assert_equal new_name, user.name
|
397
|
-
end
|
398
|
-
|
399
|
-
it 'prevent gsub! on non-encrypted value of encrypted_field' do
|
400
|
-
# can't modify frozen String
|
401
|
-
assert_raises RuntimeError do
|
402
|
-
user.bank_account_number.tr!('5', '4')
|
403
|
-
end
|
404
|
-
end
|
405
|
-
|
406
|
-
describe '#reload' do
|
407
|
-
it 'reverts changes' do
|
408
|
-
new_bank_account_number = '444444444'
|
409
|
-
user.bank_account_number = new_bank_account_number
|
410
|
-
assert_equal new_bank_account_number, user.bank_account_number
|
411
|
-
|
412
|
-
# Reload User model from the database
|
413
|
-
user.reload
|
414
|
-
assert_equal bank_account_number_encrypted, user.encrypted_bank_account_number
|
415
|
-
assert_equal bank_account_number, user.bank_account_number
|
416
|
-
end
|
417
|
-
|
418
|
-
it 'reverts changes to encrypted field' do
|
419
|
-
new_bank_account_number = '111111111'
|
420
|
-
new_encrypted_bank_account_number = SymmetricEncryption.encrypt(new_bank_account_number)
|
421
|
-
user.encrypted_bank_account_number = new_encrypted_bank_account_number
|
422
|
-
assert_equal new_encrypted_bank_account_number, user.encrypted_bank_account_number
|
423
|
-
assert_equal new_bank_account_number, user.bank_account_number
|
424
|
-
|
425
|
-
# Reload User model from the database
|
426
|
-
user.reload
|
427
|
-
assert_equal bank_account_number_encrypted, user.encrypted_bank_account_number
|
428
|
-
assert_equal bank_account_number, user.bank_account_number
|
429
|
-
end
|
430
|
-
end
|
431
|
-
|
432
|
-
describe 'data types' do
|
433
|
-
before do
|
434
|
-
@user_clone = User.find(user.id)
|
435
|
-
end
|
436
|
-
|
437
|
-
[
|
438
|
-
# @formatter:off
|
439
|
-
{attribute: :integer_value, klass: Integer, value: INTEGER_VALUE, new_value: 98},
|
440
|
-
{attribute: :float_value, klass: Float, value: FLOAT_VALUE, new_value: 45.4321},
|
441
|
-
{attribute: :decimal_value, klass: BigDecimal, value: DECIMAL_VALUE, new_value: BigDecimal('99.95'), coercible: '22.51'},
|
442
|
-
{attribute: :datetime_value, klass: DateTime, value: DATETIME_VALUE, new_value: DateTime.new(1998, 10, 21, 8, 33, 28, '+5'), coercible: DATETIME_VALUE.to_time},
|
443
|
-
{attribute: :time_value, klass: Time, value: TIME_VALUE, new_value: Time.new(2000, 1, 1, 22, 30, 0, '-04:00')},
|
444
|
-
{attribute: :date_value, klass: Date, value: DATE_VALUE, new_value: Date.new(2027, 4, 2), coercible: DATE_VALUE.to_time},
|
445
|
-
{attribute: :true_value, klass: TrueClass, value: true, new_value: false},
|
446
|
-
{attribute: :false_value, klass: FalseClass, value: false, new_value: true},
|
447
|
-
{attribute: :string_value, klass: String, value: STRING_VALUE, new_value: 'Hello World'},
|
448
|
-
{attribute: :long_string_value, klass: String, value: LONG_STRING_VALUE, new_value: 'A Really long Hello World'},
|
449
|
-
{attribute: :binary_string_value, klass: String, value: BINARY_STRING_VALUE, new_value: "A new Non-UTF8 Binary \x92 string".force_encoding('BINARY')},
|
450
|
-
# @formatter:on
|
451
|
-
].each do |value_test|
|
452
|
-
describe "#{value_test[:klass]} values" do
|
453
|
-
before do
|
454
|
-
@attribute = value_test[:attribute]
|
455
|
-
@klass = value_test[:klass]
|
456
|
-
@value = value_test[:value]
|
457
|
-
@coercible = value_test[:coercible] || @value.to_s
|
458
|
-
@new_value = value_test[:new_value]
|
459
|
-
end
|
460
|
-
|
461
|
-
it 'return correct data type' do
|
462
|
-
val = @user_clone.send(@attribute)
|
463
|
-
# Need to dup since minitest attempts to modify the decrypted value which is frozen
|
464
|
-
val = val.dup if val.duplicable?
|
465
|
-
assert_equal @value, val, @user_clone.attributes.ai
|
466
|
-
assert user.send(@attribute).is_a?(@klass)
|
467
|
-
end
|
468
|
-
|
469
|
-
it 'coerce data type before save' do
|
470
|
-
u = User.new(@attribute => @value)
|
471
|
-
assert_equal @value, u.send(@attribute)
|
472
|
-
assert u.send(@attribute).is_a?(@klass), "Value supposed to be coerced into #{@klass}, but is #{u.send(@attribute).class.name}"
|
473
|
-
end
|
474
|
-
|
475
|
-
it 'permit replacing value with nil' do
|
476
|
-
@user_clone.send("#{@attribute}=".to_sym, nil)
|
477
|
-
@user_clone.save!
|
478
|
-
|
479
|
-
user.reload
|
480
|
-
assert_nil user.send(@attribute)
|
481
|
-
assert_nil user.send("encrypted_#{@attribute}".to_sym)
|
482
|
-
end
|
483
|
-
|
484
|
-
it 'permit replacing value with an empty string' do
|
485
|
-
@user_clone.send("#{@attribute}=".to_sym, '')
|
486
|
-
@user_clone.save!
|
487
|
-
|
488
|
-
user.reload
|
489
|
-
assert_equal '', user.send(@attribute)
|
490
|
-
assert_equal '', user.send("encrypted_#{@attribute}".to_sym)
|
491
|
-
end
|
492
|
-
|
493
|
-
it 'permit replacing value' do
|
494
|
-
@user_clone.send("#{@attribute}=".to_sym, @new_value)
|
495
|
-
@user_clone.save!
|
496
|
-
|
497
|
-
user.reload
|
498
|
-
val = user.send(@attribute)
|
499
|
-
# Need to dup since minitest attempts to modify the decrypted value which is frozen
|
500
|
-
val = val.dup if val.duplicable?
|
501
|
-
assert_equal @new_value, val
|
502
|
-
end
|
503
|
-
end
|
504
|
-
end
|
505
|
-
|
506
|
-
describe 'JSON Serialization' do
|
507
|
-
let :hash_data do
|
508
|
-
{'a' => 'A', 'b' => 'B'}
|
509
|
-
end
|
510
|
-
|
511
|
-
it 'return correct data type' do
|
512
|
-
assert_equal hash_data, @user_clone.data_json
|
513
|
-
assert user.clone.data_json.is_a?(Hash)
|
514
|
-
end
|
515
|
-
|
516
|
-
it 'not coerce data type (leaves as hash) before save' do
|
517
|
-
u = User.new(data_json: hash_data)
|
518
|
-
assert_equal hash_data, u.data_json
|
519
|
-
assert u.data_json.is_a?(Hash)
|
520
|
-
end
|
521
|
-
|
522
|
-
it 'permit replacing value with nil' do
|
523
|
-
@user_clone.data_json = nil
|
524
|
-
@user_clone.save!
|
525
|
-
|
526
|
-
user.reload
|
527
|
-
assert_nil user.data_json
|
528
|
-
assert_nil user.encrypted_data_json
|
529
|
-
end
|
530
|
-
|
531
|
-
it 'permit replacing value' do
|
532
|
-
new_value = hash_data.clone
|
533
|
-
new_value['c'] = 'C'
|
534
|
-
@user_clone.data_json = new_value
|
535
|
-
@user_clone.save!
|
536
|
-
|
537
|
-
user.reload
|
538
|
-
assert_equal new_value, user.data_json
|
539
|
-
end
|
540
|
-
end
|
541
|
-
|
542
|
-
describe 'YAML Serialization' do
|
543
|
-
it 'return correct data type' do
|
544
|
-
assert_equal hash_data, @user_clone.data_yaml
|
545
|
-
assert user.clone.data_yaml.is_a?(Hash)
|
546
|
-
end
|
547
|
-
|
548
|
-
it 'not coerce data type (leaves as hash) before save' do
|
549
|
-
u = User.new(data_yaml: hash_data)
|
550
|
-
assert_equal hash_data, u.data_yaml
|
551
|
-
assert u.data_yaml.is_a?(Hash)
|
552
|
-
end
|
553
|
-
|
554
|
-
it 'permit replacing value with nil' do
|
555
|
-
@user_clone.data_yaml = nil
|
556
|
-
@user_clone.save!
|
557
|
-
|
558
|
-
user.reload
|
559
|
-
assert_nil user.data_yaml
|
560
|
-
assert_nil user.encrypted_data_yaml
|
561
|
-
end
|
562
|
-
|
563
|
-
it 'permit replacing value' do
|
564
|
-
new_value = hash_data.clone
|
565
|
-
new_value[:c] = 'C'
|
566
|
-
@user_clone.data_yaml = new_value
|
567
|
-
@user_clone.save!
|
568
|
-
|
569
|
-
user.reload
|
570
|
-
assert_equal new_value, user.data_yaml
|
571
|
-
end
|
572
|
-
end
|
573
|
-
end
|
574
|
-
|
575
|
-
describe 'changed?' do
|
576
|
-
it 'return false if it was not changed' do
|
577
|
-
assert_equal false, user.encrypted_bank_account_number_changed?
|
578
|
-
assert_equal false, user.bank_account_number_changed?
|
579
|
-
end
|
580
|
-
|
581
|
-
it 'return true if it was changed' do
|
582
|
-
user.bank_account_number = '15424623'
|
583
|
-
assert user.encrypted_bank_account_number_changed?
|
584
|
-
assert user.bank_account_number_changed?
|
585
|
-
end
|
586
|
-
end
|
587
|
-
end
|
588
|
-
|
589
|
-
describe 'uniqueness' do
|
590
|
-
before do
|
591
|
-
UniqueUser.destroy_all
|
592
|
-
@email = 'whatever@not-unique.com'
|
593
|
-
@username = 'gibby007'
|
594
|
-
user = UniqueUser.create!(email: @email)
|
595
|
-
@email_user = UniqueUser.create!(username: @username)
|
596
|
-
end
|
597
|
-
|
598
|
-
it 'does not allow duplicate values' do
|
599
|
-
duplicate = UniqueUser.new(email: @email)
|
600
|
-
assert_equal false, duplicate.valid?
|
601
|
-
assert_equal 'has already been taken', duplicate.errors.messages[:encrypted_email].first
|
602
|
-
end
|
603
|
-
end
|
604
|
-
end
|
605
|
-
end
|