Merged
Conversation
…ittent failures in buildkite [skip ci]
Order is inverted when inlined, which can make things difficult to read. #41659 (comment) In this case it doesn't really matter and I think it's better for `Configurable` to go first, so the change is inverting the previous order deliberately. [skip ci]
Co-authored-by: Rafael Mendonça França <rafaelmfranca@gmail.com>
Co-authored-by: Mark Oleson <fusion2004@hey.com>
These can be configured as +ActiveRecord::Encryption.config+ keys if you want, so you can just use your own ENV vars in a config file if you prefer not to use credentials.
This way users can override them and call #super #41659 (comment)
I don't think this belong to the library yet. It's more like an util class we used for building some mass-encryption tasks in HEY.
Move the Action Text stuff to its own concern in `actiontext`.
Co-authored-by: Connor Shea <connor.james.shea@gmail.com>
This adds a new class `Scheme` that encapsulates the encryption properties for a given attribute. This adds a proper code representation for a domain concept we keep referring to: encryption schemes. It's in charge of processing the user-passed config properties when declaring the attribute, as well as of validating those. This removes the concern of processing properties from `EncryptableRecord` and `EncryptableAttributeType`. It's also nice to have a place to group attribute encryption options, versus passing lists of hashes around. This is in preparation to upcoming changes that will add new config options and support for previous encryption schemes.
This implements several changes to encourage deterministic encryption to
remain unchanged. The main motivation is letting you define unique
indexes on deterministically-encrypted columns:
- By default, deterministic encryption will always use the oldest
encryption scheme to encrypt new data, when there are many.
- You can skip this default behavior and make it always use the current
encryption scheme with:
```ruby
deterministic: { fixed: false } # using this should be a rare need
```
- Deterministic encryption still supports previous encryption schemes
normally. So they will be used to add additional values to queries, for
example.
- You can't rotate deterministic encryption keys anymore. We can add
support for that in the future.
This makes for reasonable defaults:
- People using "deterministic: true" will get unique indexes working out
of the box.
- The system will encourage keeping deterministic encryption stable:
- By always using oldest encryption schemes
- By forbidding configuring multiple keys
But you can still opt-out of the default if you need to.
This enables to disable deterministic encryption by just not setting deterministic_key.
…ogging Provide context when logging unpermitted parameters
This examines all the association branches we are being asked to preload
and will delay loading an association if it's likely that we find a
similar association later and can batch them together.
For example, when loading
Author.preload(:posts, favorite_authors: :posts).first
The preloader now knows to delay loading the top level posts so that it
can load both the top level :posts and the :posts from the favourite
authors associations together.
Co-authored-by: Dinah Shi <dinahshi@github.com>
chore: fix spelling
chore: fix spelling
The return type was changed in the PR #41704 after addition of mode option. The current documentation is misleading since documentation puropose strict_loading! would return boolean whereas it returns the current mode set. I can across this issue while debugging issue: #41827 and thought this should be brought to the attention. PR fixes the issue and would always return boolean based on strict_loading is enabled or disabled. ``` user.strict_loading! # => true user.strict_loading!(false) # => false user.strict_loading!(mode: :n_plus_one_only) # => true ```
chore: fix spelling
chore: fix grammar and spelling
docs: fix grammar and spelling [ci skip]
…t-loading-mode
…loading ActiveRecord#strict_loading! should return boolean instead of current mode set.
Add setting for enumerating column names in SELECT statements
If the test fails the config should be reset as well.
…ivar Convert Template::Types.type_klass to instance ivar
chore: fix case of CSS and JavaScript
Reference: https://buildkite.com/rails/rails/builds/76506#f42a5ab3-1923-4a9f-b843-56c4098b6bef https://buildkite.com/rails/rails/builds/76590#04721d73-9505-4c29-82bf-0a1be1f41649 https://buildkite.com/rails/rails/builds/76556#aa284ad0-0eab-48e9-a50b-60e3b5c7ccac Apparently when loading different fixtures that reference the same table, the files that are loaded last run a `DELETE FROM` statement that removes previous data. Reproduction command using `minitest_bisect`: ``` activerecord $ bin/test -a mysql2 --seed 22031 -n "/^(?:ActiveRecord::Encryption::EncryptableRecordTest#(?:test_when_downcase:_true_it_creates_content_downcased)|ActiveRecord::Encryption::EncryptableFixtureTest#(?:test_fixtures_get_encrypted_automatically))$/" ```
[ci skip]Updated abbreviation for single table inheritance.
Fix test `EncryptableFixtureTest` that fails intermittently
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Other Information