vault-rails 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/vault/encrypted_model.rb +32 -9
- data/lib/vault/rails/version.rb +1 -1
- data/spec/dummy/app/models/lazy_person.rb +28 -0
- data/spec/dummy/app/models/person.rb +1 -0
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/test.sqlite3 +0 -0
- data/spec/dummy/log/development.log +155 -16738
- data/spec/dummy/log/test.log +13 -572
- data/spec/integration/rails_spec.rb +93 -0
- metadata +5 -3
|
@@ -89,6 +89,99 @@ describe Vault::Rails do
|
|
|
89
89
|
end
|
|
90
90
|
end
|
|
91
91
|
|
|
92
|
+
context "lazy decrypt" do
|
|
93
|
+
before(:all) do
|
|
94
|
+
Vault::Rails.logical.write("transit/keys/dummy_people_ssn")
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
it "encrypts attributes" do
|
|
98
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
99
|
+
expect(person.ssn_encrypted).to be
|
|
100
|
+
expect(person.ssn_encrypted.encoding).to eq(Encoding::UTF_8)
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
it "decrypts attributes" do
|
|
104
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
105
|
+
person.reload
|
|
106
|
+
|
|
107
|
+
expect(person.ssn).to eq("123-45-6789")
|
|
108
|
+
expect(person.ssn.encoding).to eq(Encoding::UTF_8)
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
it "does not decrypt on initialization" do
|
|
112
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
113
|
+
person.reload
|
|
114
|
+
|
|
115
|
+
p2 = LazyPerson.find(person.id)
|
|
116
|
+
|
|
117
|
+
expect(p2.instance_variable_get("@ssn")).to eq(nil)
|
|
118
|
+
expect(p2.ssn).to eq("123-45-6789")
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
it "tracks dirty attributes" do
|
|
122
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
123
|
+
|
|
124
|
+
expect(person.ssn_changed?).to be(false)
|
|
125
|
+
expect(person.ssn_change).to be(nil)
|
|
126
|
+
expect(person.ssn_was).to eq("123-45-6789")
|
|
127
|
+
|
|
128
|
+
person.ssn = "111-11-1111"
|
|
129
|
+
|
|
130
|
+
expect(person.ssn_changed?).to be(true)
|
|
131
|
+
expect(person.ssn_change).to eq(["123-45-6789", "111-11-1111"])
|
|
132
|
+
expect(person.ssn_was).to eq("123-45-6789")
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
it "allows attributes to be unset" do
|
|
136
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
137
|
+
person.update_attributes!(ssn: nil)
|
|
138
|
+
person.reload
|
|
139
|
+
|
|
140
|
+
expect(person.ssn).to be(nil)
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
it "allows saving without validations" do
|
|
144
|
+
person = LazyPerson.new(ssn: "123-456-7890")
|
|
145
|
+
expect(person.save(validate: false)).to be(true)
|
|
146
|
+
expect(person.ssn_encrypted).to match("vault:")
|
|
147
|
+
end
|
|
148
|
+
|
|
149
|
+
it "allows attributes to be unset after reload" do
|
|
150
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
151
|
+
person.reload
|
|
152
|
+
person.update_attributes!(ssn: nil)
|
|
153
|
+
person.reload
|
|
154
|
+
|
|
155
|
+
expect(person.ssn).to be(nil)
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
it "allows attributes to be blank" do
|
|
159
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
160
|
+
person.update_attributes!(ssn: "")
|
|
161
|
+
person.reload
|
|
162
|
+
|
|
163
|
+
expect(person.ssn).to eq("")
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
it "reloads instance variables on reload" do
|
|
167
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
168
|
+
expect(person.instance_variable_get(:@ssn)).to eq("123-45-6789")
|
|
169
|
+
|
|
170
|
+
person.ssn = "111-11-1111"
|
|
171
|
+
person.reload
|
|
172
|
+
|
|
173
|
+
expect(person.ssn).to eq("123-45-6789")
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
it "does not try to encrypt unchanged attributes" do
|
|
177
|
+
person = LazyPerson.create!(ssn: "123-45-6789")
|
|
178
|
+
|
|
179
|
+
expect(Vault::Rails).to_not receive(:encrypt)
|
|
180
|
+
person.name = "Cinderella"
|
|
181
|
+
person.save!
|
|
182
|
+
end
|
|
183
|
+
end
|
|
184
|
+
|
|
92
185
|
context "with custom options" do
|
|
93
186
|
before(:all) do
|
|
94
187
|
Vault::Rails.sys.mount("credit-secrets", :transit)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: vault-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Seth Vargo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-03-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -139,6 +139,7 @@ files:
|
|
|
139
139
|
- lib/vault/rails/serializer.rb
|
|
140
140
|
- lib/vault/rails/version.rb
|
|
141
141
|
- spec/dummy/Rakefile
|
|
142
|
+
- spec/dummy/app/models/lazy_person.rb
|
|
142
143
|
- spec/dummy/app/models/person.rb
|
|
143
144
|
- spec/dummy/bin/bundle
|
|
144
145
|
- spec/dummy/bin/rails
|
|
@@ -198,11 +199,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
198
199
|
version: '0'
|
|
199
200
|
requirements: []
|
|
200
201
|
rubyforge_project:
|
|
201
|
-
rubygems_version: 2.
|
|
202
|
+
rubygems_version: 2.5.1
|
|
202
203
|
signing_key:
|
|
203
204
|
specification_version: 4
|
|
204
205
|
summary: Official Vault plugin for Rails
|
|
205
206
|
test_files:
|
|
207
|
+
- spec/dummy/app/models/lazy_person.rb
|
|
206
208
|
- spec/dummy/app/models/person.rb
|
|
207
209
|
- spec/dummy/bin/bundle
|
|
208
210
|
- spec/dummy/bin/rails
|