module Mongoid::Kms
Constants
- VERSION
Public Class Methods
binary_factory(data)
click to toggle source
# File lib/mongoid/kms.rb, line 51 def binary_factory(data) if defined? Moped::BSON Moped::BSON::Binary.new(:generic, data) elsif defined? BSON BSON::Binary.new(data) end end
bson_class()
click to toggle source
# File lib/mongoid/kms.rb, line 43 def bson_class if defined? Moped::BSON Moped::BSON elsif defined? BSON BSON end end
configuration()
click to toggle source
# File lib/mongoid/kms.rb, line 27 def configuration @configuration || {} end
configure(args)
click to toggle source
# File lib/mongoid/kms.rb, line 19 def configure(args) if args[:region] && args[:region] != "" && args[:key] && args[:key] != "" @configuration = args else raise Errors::ConfigurationError.new("Region and KMS id key are required.") end end
key()
click to toggle source
# File lib/mongoid/kms.rb, line 39 def key configuration[:key] end
kms()
click to toggle source
# File lib/mongoid/kms.rb, line 31 def kms @kms ||= Aws::KMS::Client.new(region: self.region) end
region()
click to toggle source
# File lib/mongoid/kms.rb, line 35 def region configuration[:region] end
Public Instance Methods
kms_context_value_changed?(field_name)
click to toggle source
# File lib/mongoid/kms.rb, line 85 def kms_context_value_changed?(field_name) self.class.kms_context_array(self, field_name).find { |f| self.respond_to?(f) && self.respond_to?("#{f}_changed?") && self.send("#{f}_changed?") } end
set_kms_values()
click to toggle source
Instance methods
# File lib/mongoid/kms.rb, line 61 def set_kms_values self.class.kms_field_map.each do |field_name, settings| if self.new_record? || # always run new records through this changed_attributes.keys.include?(field_name.to_sym) || # this is a hack to get around Mongoid's weakass dirty hack kms_context_value_changed?(field_name) # checks if any of the context fields have changed encrypted_field_name = self.class.get_encrypted_field_name(field_name) if !instance_variable_defined?("@#{field_name}") && kms_context_value_changed?(field_name) raw = self.send(encrypted_field_name) raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary) value = self.class.decrypt_field(self, field_name, raw, self.class.kms_context_was(self, field_name)) else value = send("#{field_name}") end if value.nil? || value == "" self.send("#{encrypted_field_name}=", nil) else self.send("#{encrypted_field_name}=", Mongoid::Kms.binary_factory(self.class.encrypt_field(self, field_name, value))) end end end end