module Mongoid::Kms::ClassMethods
Class methods
Public Instance Methods
decrypt_field(object, field_name, data, encryption_context = nil)
click to toggle source
# File lib/mongoid/kms.rb, line 104 def decrypt_field(object, field_name, data, encryption_context = nil) encryption_context ||= kms_context(object, field_name) Mongoid::Kms.kms.decrypt({ ciphertext_blob: data, encryption_context: encryption_context })[:plaintext] end
encrypt_field(object, field_name, value)
click to toggle source
# File lib/mongoid/kms.rb, line 96 def encrypt_field(object, field_name, value) Mongoid::Kms.kms.encrypt({ key_id: Mongoid::Kms.key, plaintext: value, encryption_context: kms_context(object, field_name) })[:ciphertext_blob] end
get_encrypted_field_name(field_name)
click to toggle source
# File lib/mongoid/kms.rb, line 148 def get_encrypted_field_name(field_name) "kms_secure_#{field_name}" end
inherited(child)
click to toggle source
Calls superclass method
# File lib/mongoid/kms.rb, line 91 def inherited(child) child.kms_field_map = self.kms_field_map.clone super(child) end
kms_context(object, field_name)
click to toggle source
# File lib/mongoid/kms.rb, line 113 def kms_context(object, field_name) kms_context_array(object, field_name).inject({}) do |hash, key| if object.respond_to?(key) value = object.send(key).to_s hash[key] = value if !value.nil? && value != "" else hash[key] = key end hash end end
kms_context_array(object, field_name)
click to toggle source
# File lib/mongoid/kms.rb, line 140 def kms_context_array(object, field_name) kms_field_map[field_name.to_s][:context] || [] end
kms_context_was(object, field_name)
click to toggle source
# File lib/mongoid/kms.rb, line 126 def kms_context_was(object, field_name) kms_context_array(object, field_name).inject({}) do |hash, key| if object.respond_to?("#{key}_was") && object.send("#{key}_changed?") hash[key] = object.send("#{key}_was").to_s elsif object.respond_to?(key) hash[key] = object.send(key).to_s else hash[key] = key end hash end end
kms_type(field_name)
click to toggle source
# File lib/mongoid/kms.rb, line 144 def kms_type(field_name) kms_field_map[field_name.to_s][:type] end
secure_field(field_name, args)
click to toggle source
# File lib/mongoid/kms.rb, line 152 def secure_field(field_name, args) encrypted_field_name = get_encrypted_field_name(field_name) create_dirty_methods field_name, field_name after_validation :set_kms_values kms_field_map[field_name.to_s] = {context: args.delete(:context), type: args[:type]} field encrypted_field_name, type: Mongoid::Kms.bson_class::Binary define_method(field_name) do if instance_variable_defined?("@#{field_name}") instance_variable_get("@#{field_name}") else raw = send("kms_secure_#{field_name}") raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary) if raw.nil? raw else v = self.class.decrypt_field(self, field_name, raw) instance_variable_set("@#{field_name}", v) v end end end define_method("#{field_name}=") do |value| self.send("#{field_name}_will_change!") instance_variable_set("@#{field_name}", value) end end