Module: Mongoid::Kms

Extended by:

ActiveSupport::Concern

Defined in:

lib/mongoid/kms.rb,
lib/mongoid/kms/mock.rb,
lib/mongoid/kms/version.rb

Defined Under Namespace

Modules: ClassMethods, Errors Classes: Rot13

Constant Summary

VERSION =

"0.2.41"

Class Method Summary

• .binary_factory(data) ⇒ Object
• .bson_class ⇒ Object
• .configuration ⇒ Object
• .configure(args) ⇒ Object
• .key ⇒ Object
• .kms ⇒ Object
• .region ⇒ Object

Instance Method Summary

• #kms_context_value_changed?(field_name) ⇒ Boolean
• #set_kms_values ⇒ Object

  Instance methods.

Class Method Details

.binary_factory(data) ⇒ Object

# File 'lib/mongoid/kms.rb', line 51

def binary_factory(data)
  if defined? Moped::BSON
    Moped::BSON::Binary.new(:generic, data)
  elsif defined? BSON
    BSON::Binary.new(data)
  end
end

.bson_class ⇒ Object

# File 'lib/mongoid/kms.rb', line 43

def bson_class
  if defined? Moped::BSON
    Moped::BSON
  elsif defined? BSON
    BSON
  end
end

.configuration ⇒ Object

# File 'lib/mongoid/kms.rb', line 27

def configuration
  @configuration || {}
end

.configure(args) ⇒ Object

# File 'lib/mongoid/kms.rb', line 19

def configure(args)
  if args[:region] && args[:region] != "" && args[:key] && args[:key] != ""
    @configuration = args
  else
    raise Errors::ConfigurationError.new("Region and KMS id key are required.")
  end
end

.key ⇒ Object

# File 'lib/mongoid/kms.rb', line 39

def key
  configuration[:key]
end

.kms ⇒ Object

# File 'lib/mongoid/kms.rb', line 31

def kms
  @kms ||= Aws::KMS::Client.new(region: self.region)
end

.region ⇒ Object

# File 'lib/mongoid/kms.rb', line 35

def region
  configuration[:region]
end

Instance Method Details

#kms_context_value_changed?(field_name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/mongoid/kms.rb', line 85

def kms_context_value_changed?(field_name)
  self.class.kms_context_array(self, field_name).find { |f| self.respond_to?(f) && self.respond_to?("#{f}_changed?") && self.send("#{f}_changed?") }
end

#set_kms_values ⇒ Object

Instance methods

# File 'lib/mongoid/kms.rb', line 61

def set_kms_values
  self.class.kms_field_map.each do |field_name, settings|
    if self.new_record? || # always run new records through this
        changed_attributes.keys.include?(field_name.to_sym) || # this is a hack to get around Mongoid's weakass dirty hack
        kms_context_value_changed?(field_name) # checks if any of the context fields have changed
      encrypted_field_name = self.class.get_encrypted_field_name(field_name)

      if !instance_variable_defined?("@#{field_name}") && kms_context_value_changed?(field_name)
        raw = self.send(encrypted_field_name)
        raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary)
        value = self.class.decrypt_field(self, field_name, raw, self.class.kms_context_was(self, field_name))
      else
        value = send("#{field_name}")
      end

      if value.nil? || value == ""
        self.send("#{encrypted_field_name}=", nil)
      else
        self.send("#{encrypted_field_name}=", Mongoid::Kms.binary_factory(self.class.encrypt_field(self, field_name, value)))
      end
    end
  end
end