lib/lockbox/model.rb in lockbox-0.4.0 vs lib/lockbox/model.rb in lockbox-0.4.1
- old
+ new
@@ -221,10 +221,24 @@
nil
end
send("lockbox_direct_#{name}=", message)
+ # warn every time, as this should be addressed
+ # maybe throw an error in the future
+ if !options[:migrating]
+ if activerecord
+ if self.class.columns_hash.key?(name.to_s)
+ warn "[lockbox] WARNING: Unencrypted column with same name: #{name}. Set `ignored_columns` or remove it to protect the data."
+ end
+ else
+ if self.class.fields.key?(name.to_s)
+ warn "[lockbox] WARNING: Unencrypted field with same name: #{name}. Remove it to protect the data."
+ end
+ end
+ end
+
super(message)
end
# separate method for setting directly
# used to skip blind indexes for key rotation
@@ -268,11 +282,11 @@
# for fixtures
define_singleton_method encrypt_method_name do |message, **opts|
table = activerecord ? table_name : collection_name.to_s
unless message.nil?
- # TODO use attribute type class in 0.4.0
+ # TODO use attribute type class in 0.5.0
case options[:type]
when :boolean
message = ActiveRecord::Type::Boolean.new.serialize(message)
message = nil if message == "" # for Active Record < 5.2
message = message ? "t" : "f" unless message.nil?
@@ -322,10 +336,10 @@
table = activerecord ? table_name : collection_name.to_s
Lockbox::Utils.build_box(opts[:context], options, table, encrypted_attribute).decrypt(ciphertext)
end
unless message.nil?
- # TODO use attribute type class in 0.4.0
+ # TODO use attribute type class in 0.5.0
case options[:type]
when :boolean
message = message == "t"
when :date
message = ActiveRecord::Type::Date.new.deserialize(message)