Module: AttrVault::ClassMethods

Defined in:
lib/attr_vault.rb

Instance Method Summary collapse

Instance Method Details

#vault_attr(name, opts = {}) ⇒ Object 



71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/attr_vault.rb', line 71

def vault_attr(name, opts={})
  attr = VaultAttr.new(name, opts)
  self.vault_attrs << attr

  define_method(name) do
    # if there is a plaintext source field, use that and ignore
    # the encrypted field
    if !attr.plaintext_source_field.nil? && !self[attr.plaintext_source_field].nil?
      return self[attr.plaintext_source_field]
    end

    keyring = self.class.vault_keys
    key_id = self[self.class.vault_key_field]
    if key_id.nil?
      # if there is no recorded key, this is not an encrypted
      # record so we return nil
      return nil
    end
    record_key = self.class.vault_keys.fetch(key_id)

    encrypted_value = self[attr.encrypted_field]
    hmac =  self[attr.hmac_field]
    # TODO: cache decrypted value
    Cryptor.decrypt(encrypted_value, hmac, record_key.value)
  end

  define_method("#{name}=") do |value|
    @vault_dirty_attrs ||= {}
    @vault_dirty_attrs[name] = value
    # ensure that Sequel knows that this is in fact dirty and must
    # be updated--otherwise, the object is never saved,
    # #before_save is never called, and we never store the update
    self.modified! attr.encrypted_field
    self.modified! attr.hmac_field
  end
end

#vault_attrsObject 



108
109
110
 
# File 'lib/attr_vault.rb', line 108

def vault_attrs
  @vault_attrs ||= []
end

#vault_key_fieldObject 



112
113
114
 
# File 'lib/attr_vault.rb', line 112

def vault_key_field
  @key_field
end

#vault_keyring(keyring_data, key_field: :key_id) ⇒ Object 



66
67
68
69
 
# File 'lib/attr_vault.rb', line 66

def vault_keyring(keyring_data, key_field: :key_id)
  @key_field = key_field.to_sym
  @keyring = Keyring.load(keyring_data)
end

#vault_keysObject 



116
117
118
 
# File 'lib/attr_vault.rb', line 116

def vault_keys
  @keyring
end