Encyption casting with encrypts before serialize

A demonstration of how we can simplify encryption serialization and deserialization if we call `encrypts` before `serialize`.
djmb · Aug 19, 2024 · 83c7b4f · 83c7b4f
1 parent 475cfa2
commit 83c7b4f
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 38 deletions.
diff --git a/activerecord/lib/active_record/encryption/encrypted_attribute_type.rb b/activerecord/lib/active_record/encryption/encrypted_attribute_type.rb
@@ -33,7 +33,7 @@ def cast(value)
  end
 
  def deserialize(value)
- cast_type.deserialize decrypt(value)
+ decrypt(cast_type.deserialize(value))
  end
 
  def serialize(value)
@@ -81,7 +81,7 @@ def previous_type?
  @previous_type
  end
 
- def decrypt_as_text(value)
+ def decrypt(value)
  with_context do
  unless value.nil?
  if @default && @default == value
@@ -99,10 +99,6 @@ def decrypt_as_text(value)
  end
  end
 
- def decrypt(value)
- text_to_database_type decrypt_as_text(database_type_to_text(value))
- end
-
  def try_to_deserialize_with_previous_encrypted_types(value)
  previous_types.each.with_index do |type, index|
  break type.deserialize(value)
@@ -128,12 +124,11 @@ def serialize_with_oldest(value)
  end
 
  def serialize_with_current(value)
- casted_value = cast_type.serialize(value)
- casted_value = casted_value&.downcase if downcase?
- encrypt(casted_value.to_s) unless casted_value.nil?
+ value = value&.downcase if downcase?
+ cast_type.serialize(encrypt(value.to_s)) unless value.nil?
  end
 
- def encrypt_as_text(value)
+ def encrypt(value)
  with_context do
  if encryptor.binary? && !cast_type.binary?
  raise Errors::Encoding, "Binary encoded data can only be stored in binary columns"
@@ -143,10 +138,6 @@ def encrypt_as_text(value)
  end
  end
 
- def encrypt(value)
- text_to_database_type encrypt_as_text(value)
- end
-
  def encryptor
  ActiveRecord::Encryption.encryptor
  end
@@ -162,26 +153,6 @@ def decryption_options
  def clean_text_scheme
  @clean_text_scheme ||= ActiveRecord::Encryption::Scheme.new(downcase: downcase?, encryptor: ActiveRecord::Encryption::NullEncryptor.new)
  end
-
- def text_to_database_type(value)
- if value && cast_type.binary?
- ActiveModel::Type::Binary::Data.new(value)
- else
- value
- end
- end
-
- def database_type_to_text(value)
- if value && cast_type.binary?
- if cast_type.is_a?(ActiveRecord::Type::Serialized)
- cast_type.subtype.deserialize(value)
- else
- cast_type.deserialize(value)
- end
- else
- value
- end
- end
  end
  end
 end
diff --git a/activerecord/test/models/book_encrypted.rb b/activerecord/test/models/book_encrypted.rb
@@ -53,8 +53,8 @@ class EncryptedBookWithBinary < ActiveRecord::Base
 class EncryptedBookWithSerializedBinary < ActiveRecord::Base
  self.table_name = "encrypted_books"
 
- serialize :logo, coder: JSON
  encrypts :logo
+ serialize :logo, coder: JSON
 end
 
 class EncryptedBookWithCustomCompressor < ActiveRecord::Base

diff --git a/activerecord/test/models/traffic_light_encrypted.rb b/activerecord/test/models/traffic_light_encrypted.rb
@@ -3,11 +3,19 @@
 
 require "models/traffic_light"
 
-class EncryptedTrafficLight < TrafficLight
+class EncryptedTrafficLight < ActiveRecord::Base
+ self.table_name = "traffic_lights"
+
  encrypts :state
+ serialize :state, type: Array
+ serialize :long_state, type: Array
 end
 
-class EncryptedTrafficLightWithStoreState < TrafficLight
- store :state, accessors: %i[ color ], coder: ActiveRecord::Coders::JSON
+class EncryptedTrafficLightWithStoreState < ActiveRecord::Base
+ self.table_name = "traffic_lights"
+
  encrypts :state
+ serialize :state, type: Array
+ serialize :long_state, type: Array
+ store :state, accessors: %i[ color ], coder: ActiveRecord::Coders::JSON
 end