Module: Vault::Rails

Extended by:
Configurable
Defined in:
lib/vault/rails.rb,
lib/vault/rails/errors.rb,
lib/vault/rails/version.rb,
lib/vault/rails/serializer.rb,
lib/vault/rails/configurable.rb

Defined Under Namespace

Modules: Configurable, JSONSerializer Classes: UnknownSerializerError, ValidationFailedError, VaultRailsError

Constant Summary collapse

SERIALIZERS =

The list of serializers.

Returns:

  • (Hash<Symbol, Module>)
{
  json: Vault::Rails::JSONSerializer,
}.freeze
VERSION =
"0.1.2"

Class Method Summary collapse

Methods included from Configurable

application, application=, enabled=, enabled?

Class Method Details

.clientVault::Client

API client object based off the configured options in Configurable.

Returns:

  • (Vault::Client)

27
28
29
30
31
32
# File 'lib/vault/rails.rb', line 27

def self.client
  if !defined?(@client) || !@client.same_options?(options)
    @client = Vault::Client.new(options)
  end
  return @client
end

.decrypt(path, key, ciphertext, client = self.client) ⇒ String

Decrypt the given ciphertext data using the provided mount and key.

Parameters:

  • path (String)

    the mount point

  • key (String)

    the key to decrypt at

  • ciphertext (String)

    the ciphertext to decrypt

  • client (Vault::Client) (defaults to: self.client)

    the Vault client to use

Returns:

  • (String)

    the decrypted plaintext text


89
90
91
92
93
94
95
96
97
98
99
100
101
# File 'lib/vault/rails.rb', line 89

def self.decrypt(path, key, ciphertext, client = self.client)
  if ciphertext.blank?
    return ciphertext
  end

  path = path.to_s if !path.is_a?(String)
  key  = key.to_s if !key.is_a?(String)

  if self.enabled?
    return self.vault_decrypt(path, key, ciphertext, client)
  end
  return self.memory_decrypt(path, key, ciphertext, client)
end

.encrypt(path, key, plaintext, client = self.client) ⇒ String

Encrypt the given plaintext data using the provided mount and key.

Parameters:

  • path (String)

    the mount point

  • key (String)

    the key to encrypt at

  • plaintext (String)

    the plaintext to encrypt

  • client (Vault::Client) (defaults to: self.client)

    the Vault client to use

Returns:

  • (String)

    the encrypted cipher text


62
63
64
65
66
67
68
69
70
71
72
73
74
# File 'lib/vault/rails.rb', line 62

def self.encrypt(path, key, plaintext, client = self.client)
  if plaintext.blank?
    return plaintext
  end

  path = path.to_s if !path.is_a?(String)
  key  = key.to_s if !key.is_a?(String)

  if self.enabled?
    return self.vault_encrypt(path, key, plaintext, client)
  end
  return self.memory_encrypt(path, key, plaintext, client)
end

.method_missing(m, *args, &block) ⇒ Object

Delegate all methods to the client object, essentially making the module object behave like a Client.


36
37
38
39
40
41
42
# File 'lib/vault/rails.rb', line 36

def self.method_missing(m, *args, &block)
  if client.respond_to?(m)
    client.public_send(m, *args, &block)
  else
    super
  end
end

.respond_to_missing?(m, include_private = false) ⇒ Boolean

Delegating `respond_to` to the Client.

Returns:

  • (Boolean)

45
46
47
# File 'lib/vault/rails.rb', line 45

def self.respond_to_missing?(m, include_private = false)
  client.respond_to?(m) || super
end

.serializer_for(key) ⇒ ~Serializer

Get the serializer that corresponds to the given key. If the key does not correspond to a known serializer, an exception will be raised.

Parameters:

  • key (#to_sym)

    the name of the serializer

Returns:

  • (~Serializer)

110
111
112
113
114
115
116
117
118
# File 'lib/vault/rails.rb', line 110

def self.serializer_for(key)
  key = key.to_sym if !key.is_a?(Symbol)

  if serializer = SERIALIZERS[key]
    return serializer
  else
    raise Vault::Rails::UnknownSerializerError.new(key)
  end
end