Module: AttrVault::ClassMethods
- Defined in:
- lib/attr_vault.rb
Instance Method Summary collapse
- #vault_attr(name, opts = {}) ⇒ Object
- #vault_attrs ⇒ Object
- #vault_digests(data) ⇒ Object
- #vault_key_field ⇒ Object
- #vault_keyring(keyring_data, key_field: :key_id) ⇒ Object
- #vault_keys ⇒ Object
Instance Method Details
#vault_attr(name, opts = {}) ⇒ Object
76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'lib/attr_vault.rb', line 76 def vault_attr(name, opts={}) attr = VaultAttr.new(name, **opts) self.vault_attrs << attr define_method(name) do @vault_dirty_attrs ||= {} if @vault_dirty_attrs.has_key? name return @vault_dirty_attrs[name] end # if there is a plaintext source field, use that and ignore # the encrypted field if !attr.migrate_from_field.nil? && !self[attr.migrate_from_field].nil? return self[attr.migrate_from_field] end keyring = self.class.vault_keys key_id = self[self.class.vault_key_field] if key_id.nil? # if there is no recorded key, this is not an encrypted # record so we return nil return nil end record_key = self.class.vault_keys.fetch(key_id) encrypted_value = self[attr.encrypted_field] # TODO: cache decrypted value Cryptor.decrypt(encrypted_value, record_key.value) end define_method("#{name}=") do |value| old_value = self.public_send(name) return if value == old_value @vault_dirty_attrs ||= {} @vault_dirty_attrs[name] = value # ensure that Sequel knows that this is in fact dirty and must # be updated--otherwise, the object is never saved, # #before_save is never called, and we never store the update self.modified! attr.encrypted_field unless attr.digest_field.nil? self.modified! attr.digest_field end end end |
#vault_attrs ⇒ Object
121 122 123 |
# File 'lib/attr_vault.rb', line 121 def vault_attrs @vault_attrs ||= [] end |
#vault_digests(data) ⇒ Object
72 73 74 |
# File 'lib/attr_vault.rb', line 72 def vault_digests(data) @keyring.digests(data).map { |d| Sequel.blob(d) } end |
#vault_key_field ⇒ Object
125 126 127 |
# File 'lib/attr_vault.rb', line 125 def vault_key_field @key_field end |
#vault_keyring(keyring_data, key_field: :key_id) ⇒ Object
67 68 69 70 |
# File 'lib/attr_vault.rb', line 67 def vault_keyring(keyring_data, key_field: :key_id) @key_field = key_field.to_sym @keyring = Keyring.load(keyring_data) end |
#vault_keys ⇒ Object
129 130 131 |
# File 'lib/attr_vault.rb', line 129 def vault_keys @keyring end |