Module: AttrKeyring::ActiveRecord::ClassMethods

Defined in:

lib/attr_keyring/active_record.rb

Instance Method Summary

• #attr_encrypt(*attributes) ⇒ Object
• #attr_keyring(keyring, encryptor: Encryptor::AES128CBC) ⇒ Object
• #define_attr_encrypt_reader(attribute) ⇒ Object
• #define_attr_encrypt_writer(attribute) ⇒ Object

Instance Method Details

#attr_encrypt(*attributes) ⇒ Object

# File 'lib/attr_keyring/active_record.rb', line 8

def attr_encrypt(*attributes)
  keyring_attrs.push(*attributes)

  attributes.each do |attribute|
    define_attr_encrypt_writer(attribute)
    define_attr_encrypt_reader(attribute)
  end
end

#attr_keyring(keyring, encryptor: Encryptor::AES128CBC) ⇒ Object

# File 'lib/attr_keyring/active_record.rb', line 4

def attr_keyring(keyring, encryptor: Encryptor::AES128CBC)
  self.keyring = Keyring.new(keyring, encryptor)
end

#define_attr_encrypt_reader(attribute) ⇒ Object

# File 'lib/attr_keyring/active_record.rb', line 31

def define_attr_encrypt_reader(attribute)
  define_method(attribute) do
    encrypted_value = public_send("encrypted_#{attribute}")

    return unless encrypted_value

    keyring_id = public_send(keyring_column_name)
    keyring.decrypt(encrypted_value, keyring_id)
  end
end

#define_attr_encrypt_writer(attribute) ⇒ Object

# File 'lib/attr_keyring/active_record.rb', line 17

def define_attr_encrypt_writer(attribute)
  define_method("#{attribute}=") do |value|
    return attr_reset_column(attribute) if value.nil?

    stored_keyring_id = public_send(keyring_column_name)
    keyring_id = stored_keyring_id || keyring.current_key&.id
    encrypted_value = keyring.encrypt(value, keyring_id)

    public_send("#{keyring_column_name}=", keyring_id) unless stored_keyring_id
    public_send("encrypted_#{attribute}=", encrypted_value)
    attr_encrypt_digest(attribute, value)
  end
end