frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

Automatically expand encrypted arguments to support querying both encrypted and unencrypted data

Active Record Encryption supports querying the db using deterministic attributes. For example:

Contact.find_by(email_address: "jorge@hey.com")

The value “jorge@hey.com” will get encrypted automatically to perform the query. But there is a problem while the data is being encrypted. This won’t work. During that time, you need these queries to be:

Contact.find_by(email_address: [ "jorge@hey.com", "<encrypted jorge@hey.com>" ])

This patches ActiveRecord to support this automatically. It addresses both:

+ActiveRecord::Base+ relies on +ActiveRecord::Relation+ (+ActiveRecord::QueryMethods+) but it does some prepared statements caching. That’s why we need to intercept +ActiveRecord::Base+ as soon as it’s invoked (so that the proper prepared statement is cached).

When modifying this file run performance tests in test/performance/extended_deterministic_queries_performance_test.rb to

make sure performance overhead is acceptable.

We will extend this to support previous “encryption context” versions in future iterations

@TODO Experimental. Support for every kind of query is pending @TODO It should not patch anything if not needed (no previous schemes or no support for previous encryption schemes)

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

frozen_string_literal: true

Constants

ORIGINAL_ATTRIBUTE_PREFIX = "original_"

MigrationProxy = Struct.new(:name, :version, :filename, :scope) do def initialize(name, version, filename, scope) super @migration = nil end def basename File.basename(filename) end delegate :migrate, :announce, :write, :disable_ddl_transaction, to: :migration private def migration @migration ||= load_migration end def load_migration Object.send(:remove_const, name) rescue nil load(File.expand_path(filename)) name.constantize.new(name, version) end end

Point = Struct.new(:x, :y)

Attributes

[RW] query_transformers
[RW] application_record_class
[RW] maintain_test_schema
[RW] index_nested_attribute_errors
[RW] async_query_executor
[RW] reading_role
[RW] writing_role
[R] default_timezone
[RW] legacy_connection_handling
[RW] schema_cache_ignored_tables
[RW] lazily_load_schema_cache
Show files where this module is defined (282 files)
Register or log in to add new notes.
April 3, 2009
13 thanks

The docs are in AR::Base

The docs you’re looking for are in ActiveRecord::Base