class Chef::EncryptedAttribute::Config

Encrypted attributes configuration options object.

Constants

OPTIONS

Returns configuration options list.

@api private

Public Class Methods

new(config = nil) click to toggle source

Constructs a {Config} object.

@param config [Config, Hash] configuration object to clone.

# File lib/chef/encrypted_attribute/config.rb, line 44
def initialize(config = nil)
  update!(config) unless config.nil?
end

Public Instance Methods

[](key) click to toggle source

Reads a configuration option.

@param key [String, Symbol] configuration option to read. @return [Mixed] configuration value.

# File lib/chef/encrypted_attribute/config.rb, line 166
def [](key)
  key = key.to_sym if key.is_a?(String)
  send(key) if OPTIONS.include?(key)
end
[]=(key, value) click to toggle source

Sets a configuration option.

@param key [String, Symbol] configuration option name to set. @param value [Mixed] configuration value to set. @return [Mixed] configuration value.

# File lib/chef/encrypted_attribute/config.rb, line 176
def []=(key, value)
  key = key.to_sym if key.is_a?(String)
  send(key, value) if OPTIONS.include?(key)
end
keys(arg = nil) click to toggle source

Reads or sets key list.

This contains the raw key list that will be able to read the encrypted attribute.

@param arg [Array<String, OpenSSL::PKey::RSA>] the keys in PEM format. @return [Array<String, OpenSSL::PKey::RSA>] the keys in PEM format

# File lib/chef/encrypted_attribute/config.rb, line 137
def keys(arg = nil)
  set_or_return(
    :keys, arg,
    kind_of: Array, default: [],
    callbacks: config_valid_keys_array_callbacks
  )
end
search_max_rows(arg = nil) click to toggle source

Set the maximum number of rows to be returned by internal search functions.

You must set this value to your maximum number of nodes in your Chef Server. Defaults to `1000`.

@param arg [Integer] maximum rows number. @return [Integer] maximum rows number.

# File lib/chef/encrypted_attribute/config.rb, line 98
def search_max_rows(arg = nil)
  set_or_return(
    :search_max_rows, arg, kind_of: Integer, default: 1000
  )
end
update!(config) click to toggle source

Replaces the current config.

When setting using a {Chef::EncryptedAttribute::Config} class, all the configuration options will be replaced.

When setting using a Hash, only the provided keys will be replaced.

@param config [Config, Hash] the configuration to set. @return [Config] `self`.

# File lib/chef/encrypted_attribute/config.rb, line 154
def update!(config)
  if config.is_a?(self.class)
    update_from_config!(config)
  elsif config.is_a?(Hash)
    update_from_hash!(config)
  end
end
users(arg = nil) click to toggle source

Reads or sets user list.

This contains the user list that will be able to read the encrypted attribute.

@param arg [String, Array<String>] list of users to set. @return [Array<String>] list of users.

# File lib/chef/encrypted_attribute/config.rb, line 122
def users(arg = nil)
  set_or_return(
    :users, arg,
    kind_of: [String, Array], default: [],
    callbacks: config_users_arg_callbacks
  )
end
version(arg = nil) click to toggle source

Reads or sets Encrypted Mash protocol version.

@param arg [String, Fixnum] protocol version to use. Must be a number. @return [Fixnum] protocol version.

# File lib/chef/encrypted_attribute/config.rb, line 52
def version(arg = nil)
  unless arg.nil? || !arg.is_a?(String)
    begin
      arg = Integer(arg)
    rescue ArgumentError
      arg
    end
  end
  set_or_return(:version, arg, kind_of: [Fixnum, String], default: 1)
end

Protected Instance Methods

config_search_array_callbacks() click to toggle source

Returns configuration option callback function for search arrays.

@return [Proc] search arrays checking callback function.

# File lib/chef/encrypted_attribute/config.rb, line 224
def config_search_array_callbacks
  {
    'should be a valid array of search patterns' => lambda do |cs|
      config_valid_search_array?(cs)
    end
  }
end
config_users_arg_callbacks() click to toggle source

Returns configuration option callback function for user lists.

@return [Proc] user lists checking callback function.

# File lib/chef/encrypted_attribute/config.rb, line 248
def config_users_arg_callbacks
  {
    'should be a valid array of search patterns' => lambda do |us|
      config_valid_user_arg?(us)
    end
  }
end
config_valid_key?(k) click to toggle source

Checks if an OpenSSL key is in the correct format.

Only checks that has a public key. It may lack private key.

@param k [String, OpenSSL::PKey::RSA] key to check. @return [Boolean] `true` if the public key is correct.

# File lib/chef/encrypted_attribute/config.rb, line 262
def config_valid_key?(k)
  rsa_k =
    case k
    when OpenSSL::PKey::RSA then k
    when String
      begin
        OpenSSL::PKey::RSA.new(k)
      rescue OpenSSL::PKey::RSAError, TypeError
        nil
      end
    end
  return false if rsa_k.nil?
  rsa_k.public?
end
config_valid_keys_array?(k_ary) click to toggle source

Checks if an OpenSSL key array is in the correct format.

Only checks that the keys have a public key. They may lack private key.

@param k_ary [Array<String, OpenSSL::PKey::RSA>] array of keys to check. @return [Boolean] `true` if the public keys are all correct.

# File lib/chef/encrypted_attribute/config.rb, line 283
def config_valid_keys_array?(k_ary)
  k_ary.each do |k|
    return false unless config_valid_key?(k)
  end
  true
end
config_valid_keys_array_callbacks() click to toggle source

Returns configuration option callback function for public keys.

@return [Proc] public keys checking callback function.

# File lib/chef/encrypted_attribute/config.rb, line 293
def config_valid_keys_array_callbacks
  {
    'should be a valid array of keys' => lambda do |keys|
      config_valid_keys_array?(keys)
    end
  }
end
config_valid_search_array?(s_ary) click to toggle source

Checks a search query array list.

@param s_ary [Array<String>] search query array. @return [Boolean] `true` if the search query list is in the correct

format.
# File lib/chef/encrypted_attribute/config.rb, line 214
def config_valid_search_array?(s_ary)
  s_ary.each do |s|
    return false unless s.is_a?(String)
  end
  true
end
config_valid_user_arg?(users) click to toggle source

Checks a user list option value.

@param users [Array<String>, '*'] user list to check. @return [Boolean] `true` if the user list is in the correct

format.
# File lib/chef/encrypted_attribute/config.rb, line 237
def config_valid_user_arg?(users)
  return users == '*' if users.is_a?(String)
  users.each do |u|
    return false unless u.is_a?(String) && u.match(/^[a-z0-9\-_]+$/)
  end
  true
end
dup_object(o) click to toggle source

Duplicates an object avoiding Ruby exceptions if not supported.

@param o [Object] object to duplicate. @return [Object] duplicated object.

# File lib/chef/encrypted_attribute/config.rb, line 187
def dup_object(o)
  o.dup
rescue TypeError
  o
end
set_or_return_search_array(name, arg = nil) click to toggle source

Creates getter and setter method for **search array** configuration options.

This configuration options contains an array of search queries.

@param name [Symbol] configuration option name. @param arg [Array<String>, String] configuration option value to set. @return [Array<String>] configuration option value.

# File lib/chef/encrypted_attribute/config.rb, line 201
def set_or_return_search_array(name, arg = nil)
  arg = [arg] unless arg.nil? || !arg.is_a?(String)
  set_or_return(
    name, arg,
    kind_of: Array, default: [], callbacks: config_search_array_callbacks
  )
end
update_from_config!(config) click to toggle source

Copies a configuration. All the current configuration options will be replaced.

Called by {#update_from!} for {Config} objects.

@param config [Config] configuration options to copy.

# File lib/chef/encrypted_attribute/config.rb, line 307
def update_from_config!(config)
  OPTIONS.each do |attr|
    value = dup_object(config.send(attr))
    instance_variable_set("@#{attr}", value)
  end
end
update_from_hash!(config) click to toggle source

Copies a configuration option. Only the provided Hash keys will be replaced, the others will be preserved.

Called by {#update_from!} for Hash objects.

@param config [Hash] configuration options to copy.

# File lib/chef/encrypted_attribute/config.rb, line 320
def update_from_hash!(config)
  config.each do |attr, value|
    attr = attr.to_sym if attr.is_a?(String)
    if OPTIONS.include?(attr)
      value = dup_object(value)
      send(attr, value)
    else
      Chef::Log.warn(
        "#{self.class}: configuration method not found: "\
        "#{attr.to_s.inspect}."
      )
    end
  end
end