module AttrKeyring::InstanceMethods

Private Instance Methods

attr_decrypt_column(attribute) click to toggle source
# File lib/attr_keyring.rb, line 89
        def attr_decrypt_column(attribute)
  cache_name = :"@#{attribute}"
  if instance_variable_defined?(cache_name)
    return instance_variable_get(cache_name)
  end

  encrypted_value = public_send("encrypted_#{attribute}")

  return unless encrypted_value

  decrypted_value = self.class.keyring.decrypt(
    encrypted_value,
    public_send(self.class.keyring_column_name)
  )

  instance_variable_set(cache_name, decrypted_value)
end
attr_encrypt_column(attribute, value) click to toggle source
# File lib/attr_keyring.rb, line 71
        def attr_encrypt_column(attribute, value)
  clear_decrypted_column_cache(attribute)
  return reset_encrypted_column(attribute) unless encryptable_value?(value)

  value = value.to_s

  previous_keyring_id = public_send(self.class.keyring_column_name)
  encrypted_value, keyring_id, digest =
    self.class.keyring.encrypt(value, previous_keyring_id)

  public_send("#{self.class.keyring_column_name}=", keyring_id)
  public_send("encrypted_#{attribute}=", encrypted_value)

  return unless respond_to?("#{attribute}_digest=")

  public_send("#{attribute}_digest=", digest)
end
clear_decrypted_column_cache(attribute) click to toggle source
# File lib/attr_keyring.rb, line 107
        def clear_decrypted_column_cache(attribute)
  cache_name = :"@#{attribute}"

  return unless instance_variable_defined?(cache_name)

  remove_instance_variable(cache_name)
end
encryptable_value?(value) click to toggle source
# File lib/attr_keyring.rb, line 144
        def encryptable_value?(value)
  return false if value.nil?
  return false if value.is_a?(String) && value.empty?

  true
end
migrate_to_latest_encryption_key() click to toggle source
# File lib/attr_keyring.rb, line 123
        def migrate_to_latest_encryption_key
  return unless self.class.keyring.current_key

  keyring_id = self.class.keyring.current_key.id

  self.class.encrypted_attributes.each do |attribute|
    value = public_send(attribute)
    next unless encryptable_value?(value)

    encrypted_value, _, digest = self.class.keyring.encrypt(value)

    public_send("encrypted_#{attribute}=", encrypted_value)

    if respond_to?("#{attribute}_digest")
      public_send("#{attribute}_digest=", digest)
    end
  end

  public_send("#{self.class.keyring_column_name}=", keyring_id)
end
reset_encrypted_column(attribute) click to toggle source
# File lib/attr_keyring.rb, line 115
        def reset_encrypted_column(attribute)
  public_send("encrypted_#{attribute}=", nil)
  if respond_to?("#{attribute}_digest=")
    public_send("#{attribute}_digest=", nil)
  end
  nil
end