Class: EventStoreClient::Mapper::Encrypted

Inherits:

Object

• Object
• EventStoreClient::Mapper::Encrypted

Defined in:

lib/event_store_client/mapper/encrypted.rb

Overview

Transforms given event’s data and encrypts/decrypts selected subset of data based on encryption schema stored in the event itself.

Constant Summary

MissingEncryptionKey =

Class.new(StandardError)

Instance Method Summary

• #deserialize(event_or_raw_event, skip_decryption: false) ⇒ Object

  Decrypts the given event’s subset of data.

• #initialize(key_repository, config:, serializer: Serializer::Json) ⇒ Encrypted constructor

  A new instance of Encrypted.

• #serialize(event) ⇒ Hash

Constructor Details

#initialize(key_repository, config:, serializer: Serializer::Json) ⇒ Encrypted

Returns a new instance of Encrypted.

Parameters:

• key_repository (#find, #create, #encrypt, #decrypt) —

  See spec/support/dummy_repository.rb for the example of simple in-memory implementation

• config (EventStoreClient::Config)
• serializer (#serialize, #deserialize) (defaults to: Serializer::Json)

# File 'lib/event_store_client/mapper/encrypted.rb', line 23

def initialize(key_repository, config:, serializer: Serializer::Json)
  @key_repository = key_repository
  @config = config
  @serializer = serializer
end

Instance Method Details

#deserialize(event_or_raw_event, skip_decryption: false) ⇒ Object

Decrypts the given event’s subset of data.

Parameters:

• event_or_raw_event (EventStoreClient::DeserializedEvent, EventStore::Client::Streams::ReadResp::ReadEvent::RecordedEvent, EventStore::Client::PersistentSubscriptions::ReadResp::ReadEvent::RecordedEvent)
• skip_decryption (Boolean) (defaults to: false)

# File 'lib/event_store_client/mapper/encrypted.rb', line 56

def deserialize(event_or_raw_event, skip_decryption: false)
  if skip_decryption
    return Default.new(serializer: serializer, config: config).deserialize(event_or_raw_event)
  end

  event =
    if event_or_raw_event.is_a?(EventStoreClient::DeserializedEvent)
      event_or_raw_event
    else
      Serializer::EventDeserializer.call(
        event_or_raw_event, config: config, serializer: serializer
      )
    end

  decrypted_data =
    EventStoreClient::DataDecryptor.new(
      data: event.data,
      schema: event.custom_metadata['encryption'],
      repository: key_repository
    ).call
  event.class.new(**event.to_h.merge(data: decrypted_data, skip_validation: true))
end

#serialize(event) ⇒ Hash

Parameters:

• event (EventStoreClient::DeserializedEvent)

Returns:

• (Hash)

# File 'lib/event_store_client/mapper/encrypted.rb', line 31

def serialize(event)
  # Links don't need to be encrypted
  return Default.new(serializer: serializer, config: config).serialize(event) if event.link?

  serialized = Serializer::EventSerializer.call(event, serializer: serializer, config: config)
  encryption_schema =
    if event.class.respond_to?(:encryption_schema)
      event.class.encryption_schema
    end

  encryptor = EventStoreClient::DataEncryptor.new(
    data: serialized.data,
    schema: encryption_schema,
    repository: key_repository
  )
  encryptor.call
  serialized.data = encryptor.encrypted_data
  serialized.custom_metadata['encryption'] = encryptor.encryption_metadata
  serialized
end