123456789_123456789_123456789_123456789_123456789_

Class: ActiveSupport::EncryptedConfiguration

Relationships & Source Files
Namespace Children
Exceptions:
InvalidContentError, InvalidKeyError
Super Chains via Extension / Inclusion / Inheritance
Class Chain:
self, EncryptedFile
Instance Chain:
self, EncryptedFile
Inherits: ActiveSupport::EncryptedFile
Defined in: activesupport/lib/active_support/encrypted_configuration.rb

Overview

Encrypted Configuration

Provides convenience methods on top of EncryptedFile to access values stored as encrypted YAML.

Values can be accessed via ::Hash methods, such as fetch and dig, or via dynamic accessor methods, similar to OrderedOptions.

my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config[:some_secret]
# => 123
my_config.some_secret
# => 123
my_config.dig(:some_namespace, :another_secret)
# => 456
my_config.some_namespace.another_secret
# => 456
my_config.fetch(:foo)
# => KeyError
my_config.foo!
# => KeyError

Constant Summary

EncryptedFile - Inherited

CIPHER

Class Method Summary

EncryptedFile - Inherited

.generate_key, .new, .expected_key_length

Instance Attribute Summary

EncryptedFile - Inherited

#content_path, #env_key,
#key

Returns the encryption key, first trying the environment variable specified by env_key, then trying the key file specified by key_path.
#key?

Returns truthy if #key is truthy.
#key_path, #raise_if_missing_key

Instance Method Summary

EncryptedFile - Inherited

#change,
#read

Reads the file and returns the decrypted content.
#write, #check_key_length, #decrypt, #encrypt, #encryptor, #handle_missing_key, #read_env_key, #read_key_file, #writing

Constructor Details

.new(config_path:, key_path:, env_key:, raise_if_missing_key:) ⇒ EncryptedConfiguration

[ GitHub ] 

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 54



def initialize(config_path:, key_path:, env_key:, raise_if_missing_key:)
  super content_path: config_path, key_path: key_path,
    env_key: env_key, raise_if_missing_key: raise_if_missing_key
  @config = nil
  @options = nil
end


  







Instance Method Details



  

    #config  
  



  

    

Returns the decrypted content as a ::Hash with symbolized keys.



my_config = ActiveSupport::EncryptedConfiguration.new(...)
my_config.read # => "some_secret: 123\nsome_namespace:\n  another_secret: 456"

my_config.config
# => { some_secret: 123, some_namespace: { another_secret: 789 } }


  



  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 85



def config
  @config ||= deep_symbolize_keys(deserialize(read))
end


  








  

    #deep_symbolize_keys(hash)   (private)
  

  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 94



def deep_symbolize_keys(hash)
  hash.deep_transform_keys do |key|
    key.to_sym
  rescue NoMethodError
    raise InvalidKeyError.new(content_path, key)
  end
end


  








  

    #deep_transform(hash)   (private)
  

  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 102



def deep_transform(hash)
  return hash unless hash.is_a?(Hash)

  h = ActiveSupport::OrderedOptions.new
  hash.each do |k, v|
    h[k] = deep_transform(v)
  end
  h
end


  








  

    #deserialize(content)   (private)
  

  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 116



def deserialize(content)
  config = YAML.respond_to?(:unsafe_load) ?
    YAML.unsafe_load(content, filename: content_path) :
    YAML.load(content, filename: content_path)

  config.presence || {}
rescue Psych::SyntaxError
  raise InvalidContentError.new(content_path)
end


  








  

    #inspect  
  

  

    This method is for internal use only.
  

  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 89



def inspect # :nodoc:
  "#<#{self.class.name}:#{'%#016x' % (object_id << 1)}>"
end


  








  

    #options   (private)
  

  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 112



def options
  @options ||= deep_transform(config)
end


  








  

    #read  
  



  

    

Reads the file and returns the decrypted content. See EncryptedFile#read.


  



  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 62



def read
  super
rescue ActiveSupport::EncryptedFile::MissingContentError
  # Allow a config to be started without a file present
  ""
end


  








  

    #validate!  
  

  

    This method is for internal use only.
  

  [ GitHub ]


  

  


# File 'activesupport/lib/active_support/encrypted_configuration.rb', line 69



def validate! # :nodoc:
  deserialize(read).each_key do |key|
    key.to_sym
  rescue NoMethodError
    raise InvalidKeyError.new(content_path, key)
  end
end