Sha256: b2cd518907cd81879bab8f71c2c19e6d0e4fd34daed1c63a265416fe2ed63fba
Contents?: true
Size: 1.57 KB
Versions: 1
Compression:
Stored size: 1.57 KB
Contents
require 'spec_helper'
describe Sequel::Plugins::Vault do
let(:db) { Sequel.mock(autoid: 1) }
let(:klass) do
Class.new(Sequel::Model(db[:vm])) do
set_primary_key :id
unrestrict_primary_key
set_columns(%i[id secret secret_digest key_id])
plugin :vault
end
end
let(:dataset) { klass.dataset }
let(:model) { klass.new }
let(:keys) do
['fih3l0Z9e4NBpy5KIj+rmXVexY5O9LspzuqCFyqavjg=',
'woRXJWevRaxZLxgoiEQtCDPBSf9TNg57bki0RUK1U48=']
end
let(:secret) { 'Attack at once.' }
let(:cypher) { klass.encrypt(keys, secret) }
let(:digest) { OpenSSL::HMAC.digest('sha512', keys.last, secret) }
it 'encrypts vault attributes' do
klass.vault_attributes(keys, :secret)
model.secret = secret
expect(model.values[:secret]).not_to eq(secret)
expect(model.secret).to eq(secret)
expect(model.key_id).to eq(2)
end
it 'allows nil value' do
klass.vault_attributes(keys, :secret)
model.secret = nil
expect(model.values[:secret]).to be_nil
expect(model.secret).to be_nil
expect(model.key_id).to be_nil
end
it 'writes a digest of the value' do
klass.vault_attributes(keys, :secret)
model.secret = secret
expect(model.values[:secret_digest]).not_to eq(secret)
expect(model.secret_digest).to eq(digest)
expect(model.key_id).to eq(2)
end
it 'provides a digest lookup' do
klass.dataset = dataset.with_fetch([{ id: 1, secret: cypher, secret_digest: digest }])
klass.vault_attributes(keys, :secret)
lookup = klass.secret_lookup('secret')
expect(lookup.secret).to eq(secret)
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| sequel_vault-0.5.2 | spec/sequel/plugins/vault_spec.rb |