123456789_123456789_123456789_123456789_123456789_

Class: ActiveSupport::EncryptedConfiguration

Relationships & Source Files
Namespace Children
Exceptions:
Super Chains via Extension / Inclusion / Inheritance
Class Chain:
Instance Chain:
Inherits: ActiveSupport::EncryptedFile
Defined in: activesupport/lib/active_support/encrypted_configuration.rb

Overview

Encrypted Configuration

Provides convenience methods on top of EncryptedFile to access values stored as encrypted YAML.

Values can be accessed via ::Hash methods, such as fetch and dig, or via dynamic accessor methods, similar to OrderedOptions.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config[:some_secret]
# => 123
my_config.some_secret
# => 123
my_config.dig(:some_namespace, :another_secret)
# => 456
my_config.some_namespace.another_secret
# => 456
my_config.fetch(:foo)
# => KeyError
my_config.foo!
# => KeyError

Constant Summary

EncryptedFile - Inherited

CIPHER

Class Method Summary

Instance Attribute Summary

EncryptedFile - Inherited

#content_path, #env_key,
#key

Returns the encryption key, first trying the environment variable specified by env_key, then trying the key file specified by key_path.

#key?

Returns truthy if #key is truthy.

#key_path, #raise_if_missing_key

Instance Method Summary

EncryptedFile - Inherited

Constructor Details

.new(config_path:, key_path:, env_key:, raise_if_missing_key:) ⇒ EncryptedConfiguration

[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 54

def initialize(config_path:, key_path:, env_key:, raise_if_missing_key:)
  super content_path: config_path, key_path: key_path,
    env_key: env_key, raise_if_missing_key: raise_if_missing_key
  @config = nil
  @options = nil
end

Instance Method Details

#config

Returns the decrypted content as a ::Hash with symbolized keys.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config.config
# => { some_secret: 123, some_namespace: { another_secret: 789 } }
[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 85

def config
  @config ||= deep_symbolize_keys(deserialize(read))
end

#deep_symbolize_keys(hash) (private)

[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 94

def deep_symbolize_keys(hash)
  hash.deep_transform_keys do |key|
    key.to_sym
  rescue NoMethodError
    raise InvalidKeyError.new(content_path, key)
  end
end

#deep_transform(hash) (private)

[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 102

def deep_transform(hash)
  return hash unless hash.is_a?(Hash)

  h = ActiveSupport::OrderedOptions.new
  hash.each do |k, v|
    h[k] = deep_transform(v)
  end
  h
end

#deserialize(content) (private)

[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 116

def deserialize(content)
  config = YAML.respond_to?(:unsafe_load) ?
    YAML.unsafe_load(content, filename: content_path) :
    YAML.load(content, filename: content_path)

  config.presence || {}
rescue Psych::SyntaxError
  raise InvalidContentError.new(content_path)
end

#inspect

This method is for internal use only.
[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 89

def inspect # :nodoc:
  "#<#{self.class.name}:#{'%#016x' % (object_id << 1)}>"
end

#options (private)

[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 112

def options
  @options ||= deep_transform(config)
end

#read

Reads the file and returns the decrypted content. See EncryptedFile#read.

[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 62

def read
  super
rescue ActiveSupport::EncryptedFile::MissingContentError
  # Allow a config to be started without a file present
  ""
end

#validate!

This method is for internal use only.
[ GitHub ]

  
# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 69

def validate! # :nodoc:
  deserialize(read).each_key do |key|
    key.to_sym
  rescue NoMethodError
    raise InvalidKeyError.new(content_path, key)
  end
end