Move forced encoding on deterministic encryption to the default encryptor
This commit is contained in:
parent
a8a54a1821
commit
35e88cd6d9
@ -1,3 +1,9 @@
|
||||
* Move the forcing of clear text encoding to the `ActiveRecord::Encryption::Encryptor`.
|
||||
|
||||
Fixes #42699.
|
||||
|
||||
*J Smith*
|
||||
|
||||
* `partial_inserts` is now disabled by default in new apps.
|
||||
|
||||
This will be the default for new apps in Rails 7. To opt in:
|
||||
|
@ -31,8 +31,6 @@ def deserialize(value)
|
||||
end
|
||||
|
||||
def serialize(value)
|
||||
value = force_encoding_if_needed(value)
|
||||
|
||||
if serialize_with_oldest?
|
||||
serialize_with_oldest(value)
|
||||
else
|
||||
@ -51,18 +49,6 @@ def previous_types # :nodoc:
|
||||
end
|
||||
|
||||
private
|
||||
def force_encoding_if_needed(value)
|
||||
if deterministic? && forced_encoding_for_deterministic_encryption && value && value.encoding != forced_encoding_for_deterministic_encryption
|
||||
value.encode(forced_encoding_for_deterministic_encryption, invalid: :replace, undef: :replace)
|
||||
else
|
||||
value
|
||||
end
|
||||
end
|
||||
|
||||
def forced_encoding_for_deterministic_encryption
|
||||
ActiveRecord::Encryption.config.forced_encoding_for_deterministic_encryption
|
||||
end
|
||||
|
||||
def previous_schemes_including_clean_text
|
||||
previous_schemes.including((clean_text_scheme if support_unencrypted_data?)).compact
|
||||
end
|
||||
|
@ -32,6 +32,8 @@ class Encryptor
|
||||
# +Cipher+-specific options that will be passed to the Cipher configured in
|
||||
# +ActiveRecord::Encryption.cipher+
|
||||
def encrypt(clear_text, key_provider: default_key_provider, cipher_options: {})
|
||||
clear_text = force_encoding_if_needed(clear_text) if cipher_options[:deterministic]
|
||||
|
||||
validate_payload_type(clear_text)
|
||||
serialize_message build_encrypted_message(clear_text, key_provider: key_provider, cipher_options: cipher_options)
|
||||
end
|
||||
@ -136,6 +138,18 @@ def uncompress(data)
|
||||
uncompressed_data.force_encoding(data.encoding)
|
||||
end
|
||||
end
|
||||
|
||||
def force_encoding_if_needed(value)
|
||||
if forced_encoding_for_deterministic_encryption && value && value.encoding != forced_encoding_for_deterministic_encryption
|
||||
value.encode(forced_encoding_for_deterministic_encryption, invalid: :replace, undef: :replace)
|
||||
else
|
||||
value
|
||||
end
|
||||
end
|
||||
|
||||
def forced_encoding_for_deterministic_encryption
|
||||
ActiveRecord::Encryption.config.forced_encoding_for_deterministic_encryption
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user