Module: AttrVault::ClassMethods

Defined in:
lib/attr_vault.rb

Instance Method Summary collapse

Instance Method Details

#vault_attr(name, opts = {}) ⇒ Object 



76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/attr_vault.rb', line 76

def vault_attr(name, opts={})
  attr = VaultAttr.new(name, **opts)
  self.vault_attrs << attr

  define_method(name) do
    @vault_dirty_attrs ||= {}
    if @vault_dirty_attrs.has_key? name
      return @vault_dirty_attrs[name]
    end
    # if there is a plaintext source field, use that and ignore
    # the encrypted field
    if !attr.migrate_from_field.nil? && !self[attr.migrate_from_field].nil?
      return self[attr.migrate_from_field]
    end

    keyring = self.class.vault_keys
    key_id = self[self.class.vault_key_field]
    if key_id.nil?
      # if there is no recorded key, this is not an encrypted
      # record so we return nil
      return nil
    end
    record_key = self.class.vault_keys.fetch(key_id)

    encrypted_value = self[attr.encrypted_field]
    # TODO: cache decrypted value
    Cryptor.decrypt(encrypted_value, record_key.value)
  end

  define_method("#{name}=") do |value|
    old_value = self.public_send(name)
    return if value == old_value

    @vault_dirty_attrs ||= {}
    @vault_dirty_attrs[name] = value
    # ensure that Sequel knows that this is in fact dirty and must
    # be updated--otherwise, the object is never saved,
    # #before_save is never called, and we never store the update
    self.modified! attr.encrypted_field
    unless attr.digest_field.nil?
      self.modified! attr.digest_field
    end
  end
end

#vault_attrsObject 



121
122
123
 
# File 'lib/attr_vault.rb', line 121

def vault_attrs
  @vault_attrs ||= []
end

#vault_digests(data) ⇒ Object 



72
73
74
 
# File 'lib/attr_vault.rb', line 72

def vault_digests(data)
  @keyring.digests(data).map { |d| Sequel.blob(d) }
end

#vault_key_fieldObject 



125
126
127
 
# File 'lib/attr_vault.rb', line 125

def vault_key_field
  @key_field
end

#vault_keyring(keyring_data, key_field: :key_id) ⇒ Object 



67
68
69
70
 
# File 'lib/attr_vault.rb', line 67

def vault_keyring(keyring_data, key_field: :key_id)
  @key_field = key_field.to_sym
  @keyring = Keyring.load(keyring_data)
end

#vault_keysObject 



129
130
131
 
# File 'lib/attr_vault.rb', line 129

def vault_keys
  @keyring
end