Module: Sequel::Plugins::ColumnEncryption::DatasetMethods

Defined in:

lib/sequel/plugins/column_encryption.rb

Instance Method Summary

• #needing_reencryption ⇒ Object

  Filter the dataset to exclude rows where all encrypted columns are already encrypted with the current key and format.

• #with_encrypted_value(column, value) ⇒ Object

  Filter the dataset to only match rows where the column contains an encrypted version of value.

Instance Method Details

#needing_reencryption ⇒ Object

Filter the dataset to exclude rows where all encrypted columns are already encrypted with the current key and format.

# File 'lib/sequel/plugins/column_encryption.rb', line 738

def needing_reencryption
  incorrect_column_prefixes = model.send(:column_encryption_metadata).map do |column, metadata|
    prefix = metadata.key_searcher.call
    (Sequel[column] < prefix) | (Sequel[column] > prefix + 'B')
  end

  where(Sequel.|(*incorrect_column_prefixes))
end

#with_encrypted_value(column, value) ⇒ Object

Filter the dataset to only match rows where the column contains an encrypted version of value. Only works on searchable encrypted columns.

# File 'lib/sequel/plugins/column_encryption.rb', line 725

def with_encrypted_value(column, value)
  metadata = model.send(:column_encryption_metadata)[column]
  
  unless metadata && metadata.data_searcher
    raise Error, "lookup for encrypted column #{column.inspect} is not supported"
  end

  prefixes = metadata.data_searcher.call(value)
  where(Sequel.|(*prefixes.map{|v| Sequel.like(column, "#{escape_like(v)}%")}))
end