class ActiveRecord::Encryption::Config
Container of configuration options
Attributes
add_to_filter_parameters[RW]
compressor[RW]
deterministic_key[RW]
encrypt_fixtures[RW]
excluded_from_filter_parameters[RW]
extend_queries[RW]
forced_encoding_for_deterministic_encryption[RW]
hash_digest_class[RW]
key_derivation_salt[RW]
previous_schemes[RW]
primary_key[RW]
store_key_references[RW]
support_unencrypted_data[RW]
validate_column_size[RW]
Public Class Methods
new()
click to toggle source
# File lib/active_record/encryption/config.rb, line 14 def initialize set_defaults end
Public Instance Methods
previous=(previous_schemes_properties)
click to toggle source
Configure previous encryption schemes.
config.active_record.encryption.previous = [ { key_provider: MyOldKeyProvider.new } ]
# File lib/active_record/encryption/config.rb, line 21 def previous=(previous_schemes_properties) previous_schemes_properties.each do |properties| add_previous_scheme(**properties) end end
support_sha1_for_non_deterministic_encryption=(value)
click to toggle source
# File lib/active_record/encryption/config.rb, line 27 def support_sha1_for_non_deterministic_encryption=(value) if value && has_primary_key? sha1_key_generator = ActiveRecord::Encryption::KeyGenerator.new(hash_digest_class: OpenSSL::Digest::SHA1) sha1_key_provider = ActiveRecord::Encryption::DerivedSecretKeyProvider.new(primary_key, key_generator: sha1_key_generator) add_previous_scheme key_provider: sha1_key_provider end end
Private Instance Methods
add_previous_scheme(**properties)
click to toggle source
# File lib/active_record/encryption/config.rb, line 65 def add_previous_scheme(**properties) previous_schemes << ActiveRecord::Encryption::Scheme.new(**properties) end
set_defaults()
click to toggle source
# File lib/active_record/encryption/config.rb, line 49 def set_defaults self.store_key_references = false self.support_unencrypted_data = false self.encrypt_fixtures = false self.validate_column_size = true self.add_to_filter_parameters = true self.excluded_from_filter_parameters = [] self.previous_schemes = [] self.forced_encoding_for_deterministic_encryption = Encoding::UTF_8 self.hash_digest_class = OpenSSL::Digest::SHA1 self.compressor = Zlib # TODO: Setting to false for now as the implementation is a bit experimental self.extend_queries = false end