umbrellio-sequel-plugins 0.4.0.121 → 0.4.0.134

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 441b4a06a00be08f3b8019dbed3af3f3f804540af51ceb33b72322428047cfb1
-  data.tar.gz: cf3aa331e6f80510afe733b7f3fcf9b43f76ad253dd6653049d388f6116cd524
+  metadata.gz: 61fbe7c339511660a7a6797732df54b1215d84820ba80d97f434076b329ac2af
+  data.tar.gz: a4802265e7bd4ffe9c21b7eaa9ba7d071bf75b81f09d6198412201882f59ede5
 SHA512:
-  metadata.gz: 4d80895de1d2d82dd3af8f42f7496b900ae4ca21350d686dd28df78e5676e0b1d5935e118ea6d771ba2950021ef77e21277cff2f76e25631e228f78f009bd711
-  data.tar.gz: 9ee64942f741c7dc96bf33a6f360cf9542d2fe2208ffe08f4ca43a2a4a8dadc77a8edb025918f885ce148ac98a91e9b738c9d392245f98b55203949a7f37d857
+  metadata.gz: 9ee225f47d644536885adf0f63569c64e0d079abb22faca00415c663ffdaafaf27679eb63af7206dabb4accdfa87fb025e8cacece1e59feaf8ce8bb96fce9d42
+  data.tar.gz: 4f65c05c159e82e6999e463bd2a5c10e1c37110b43d7cec383416c9d6acd90536777740c4b936186f4deade9ece47ef2542f1de63f0ac4620755682820120577

data/README.md

@@ -13,29 +13,30 @@ gem 'umbrellio-sequel-plugins'
 
 And then execute:
 
-    $ bundle
+$ bundle
 
 # Extensions
 
-- `CurrencyRates`
-- `PGTools`
-- `Slave`
-- `Synchronize`
-- `methods_in_migrations`
-- `deferrable_foreign_keys`
+- [`CurrencyRates`](#CurrencyRates)
+- [`PGTools`](#PGTools)
+- [`Slave`](#Slave)
+- [`Synchronize`](#Synchronize)
+- [`methods_in_migrations`](#methods_in_migrations)
+- [`deferrable_foreign_keys`](#deferrable_foreign_keys)
 
 # Plugins
 
-- `Duplicate`
-- `GetColumnValue`
-- `MoneyAccessors`
-- `StoreAccessors`
-- `Synchronize`
-- `Upsert`
-- `WithLock`
+- [`AttrEncrypted`](#AttrEncrypted)
+- [`Duplicate`](#Duplicate)
+- [`GetColumnValue`](#GetColumnValue)
+- [`MoneyAccessors`](#MoneyAccessors)
+- [`StoreAccessors`](#StoreAccessors)
+- [`Synchronize`](#Synchronize)
+- [`Upsert`](#Upsert)
+- [`WithLock`](#WithLock)
 
 # Tools
-- `TimestampMigratorUndoExtension`
+- [`TimestampMigratorUndoExtension`](#TimestampMigratorUndoExtension)
 
 ## CurrencyRates
 
@@ -203,6 +204,40 @@ end
 #   => <Husband @attributes={id:1, wife_id: 1}>
 ```
 
+## AttrEncrypted
+
+Enable: `Sequel::Model.plugin :attr_encrypted`
+
+Plugin for storing encrypted model attributes.
+
+Example:
+
+```ruby
+Sequel.migration do
+  change do
+    alter_table :orders do
+      add_column :encrypted_first_name, :text
+      add_column :encrypted_last_name, :text
+      add_column :encrypted_secret_data, :text
+    end
+  end
+end
+
+class Order < Sequel::Model
+  attr_encrypted :first_name, :last_name, key: Settings.private_key
+  attr_encrypted :secret_data, key: Settings.another_private_key, json: true
+end
+
+Order.create(first_name: "Ivan")
+# => INSERT INTO "orders" ("encrypted_first_name") VALUES ('/sTi9Q==$OTpuMRq5k8R3JayQ$WjSManQGP9UaZ3C40yDjKg==')
+
+order = Order.create(first_name: "Ivan", last_name: "Smith",
+                      secret_data: { "some_key" => "Some Value" })
+order.reload
+order.first_name # => "Ivan"
+order.secret_data # => { "some_key" => "Some Value" }
+```
+
 ## Duplicate
 
 Enable: `Sequel::Model.plugin :duplicate`

data/lib/sequel/plugins/attr_encrypted.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+# Creates encrypted attribute storing
+module Sequel::Plugins::AttrEncrypted
+  SEPARATOR = "$"
+
+  module ClassMethods
+    # Setup attr encrypted
+    #
+    # @param attrs [Array<Symbol>] column names
+    # @param key [String] 32 bytes key
+    # @param json [Boolean] store attribute as json or not
+    # @example
+    #   Sequel.migration do
+    #     change do
+    #       alter_table :orders do
+    #         add_column :encrypted_first_name, :text
+    #         add_column :encrypted_last_name, :text
+    #         add_column :encrypted_secret_data, :text
+    #       end
+    #     end
+    #   end
+    #
+    #   class Order < Sequel::Model
+    #     attr_encrypted :first_name, :last_name, key: Settings.private_key
+    #     attr_encrypted :secret_data, key: Settings.another_private_key, json: true
+    #   end
+
+    #   Order.create(first_name: "Ivan")
+    #   # => INSERT INTO "orders" ("encrypted_first_name")
+    #               VALUES ('/sTi9Q==$OTpuMRq5k8R3JayQ$WjSManQGP9UaZ3C40yDjKg==')
+    #
+    #   order = Order.create(first_name: "Ivan", last_name: "Smith",
+    #                        secret_data: { "some_key" => "Some Value" })
+    #   order.reload
+    #   order.first_name # => "Ivan"
+    #   order.secret_data # => { "some_key" => "Some Value" }
+    def attr_encrypted(*attrs, key:, json: false)
+      include_encrypted_module!
+      attrs.each do |attr|
+        define_encrypted_setter(attr, key, json)
+        define_encrypted_getter(attr, key, json)
+      end
+    end
+
+    private
+
+    def define_encrypted_setter(attr, key, json)
+      @_attr_encrypted_module.module_eval do
+        define_method("#{attr}=") do |value|
+          instance_variable_set("@#{attr}", value)
+
+          send("encrypted_#{attr}=", SimpleCrypt.encrypt(json ? value.to_json : value, key))
+        end
+      end
+    end
+
+    def define_encrypted_getter(attr, key, json)
+      @_attr_encrypted_module.module_eval do
+        define_method(attr.to_s) do
+          instance_variable_get("@#{attr}") || begin
+            decrypted = SimpleCrypt.decrypt(send("encrypted_#{attr}"), key)
+
+            result = json && !decrypted.nil? ? JSON.parse(decrypted) : decrypted
+            instance_variable_set("@#{attr}", result)
+          end
+        end
+      end
+    end
+
+    def include_encrypted_module!
+      return if defined?(@_attr_encrypted_module)
+
+      @_attr_encrypted_module = Module.new
+      prepend @_attr_encrypted_module
+    end
+  end
+end

data/lib/sequel/plugins/attr_encrypted/simple_crypt.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module Sequel::Plugins::AttrEncrypted::SimpleCrypt
+  extend self
+  require "base64"
+
+  SEPARATOR = "$"
+
+  def encrypt(string, key)
+    return unless string.is_a?(String) && !string.empty?
+
+    encryptor = new_cipher(key, &:encrypt)
+    iv = encryptor.random_iv
+
+    encrypted = encryptor.update(string) + encryptor.final
+    dump(encrypted, iv, encryptor.auth_tag)
+  end
+
+  def decrypt(string, key)
+    encrypted, iv, auth_tag = parse(string) if string.is_a?(String)
+    return if [encrypted, iv, auth_tag].any?(&:nil?)
+
+    decryptor = new_cipher(key, &:decrypt)
+    decryptor.iv = iv
+    decryptor.auth_tag = auth_tag
+
+    decryptor.update(encrypted) + decryptor.final
+  end
+
+  private
+
+  def new_cipher(key)
+    result = OpenSSL::Cipher::AES256.new(:gcm)
+    yield(result)
+    result.key = key
+    result
+  end
+
+  def parse(string)
+    string.split(SEPARATOR).map { |x| Base64.strict_decode64(x) }
+  end
+
+  def dump(*values)
+    [*values].map { |x| Base64.strict_encode64(x) }.join(SEPARATOR)
+  end
+end

data/utils/database.rb

@@ -22,6 +22,7 @@ Sequel.extension :pg_array_ops
 Sequel.extension :pg_json_ops
 Sequel.extension :pg_range_ops
 
+Sequel::Model.plugin :attr_encrypted
 Sequel::Model.plugin :duplicate
 Sequel::Model.plugin :get_column_value
 Sequel::Model.plugin :money_accessors

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: umbrellio-sequel-plugins
 version: !ruby/object:Gem::Version
-  version: 0.4.0.121
+  version: 0.4.0.134
 platform: ruby
 authors:
 - nulldef
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-22 00:00:00.000000000 Z
+date: 2020-06-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -190,6 +190,8 @@ files:
 - lib/sequel/extensions/pg_tools.rb
 - lib/sequel/extensions/slave.rb
 - lib/sequel/extensions/synchronize.rb
+- lib/sequel/plugins/attr_encrypted.rb
+- lib/sequel/plugins/attr_encrypted/simple_crypt.rb
 - lib/sequel/plugins/duplicate.rb
 - lib/sequel/plugins/get_column_value.rb
 - lib/sequel/plugins/money_accessors.rb