Module: Familia::Features::EncryptedFields::ModelClassMethods

Defined in:

lib/familia/features/encrypted_fields.rb

Instance Method Summary

• #encrypted_field(name, aad_fields: []) ⇒ Object

  Define an encrypted field that transparently encrypts/decrypts values.

• #encrypted_field?(field_name) ⇒ Boolean

  Check if a field is encrypted.

• #encrypted_fields ⇒ Array<Symbol>

  Returns list of encrypted field names defined on this class.

• #encryption_info ⇒ Hash

  Get encryption algorithm information.

Instance Method Details

#encrypted_field(name, aad_fields: []) ⇒ Object

Define an encrypted field that transparently encrypts/decrypts values

Encrypted fields are stored as JSON objects containing the encrypted ciphertext along with cryptographic metadata. Values are automatically encrypted on assignment and decrypted on access.

Examples:

Basic encrypted field

class Vault < Familia::Horreum
  feature :encrypted_fields
  encrypted_field :secret_key
end

Encrypted field with additional authentication

class Document < Familia::Horreum
  feature :encrypted_fields
  field :doc_id, :owner_id
  encrypted_field :content, aad_fields: [:doc_id, :owner_id]
end

Parameters:

• name (Symbol) —

  Field name

• aad_fields (Array<Symbol>) (defaults to: []) —

  Additional fields to include in authentication

• kwargs (Hash) —

  Additional field options

# File 'lib/familia/features/encrypted_fields.rb', line 296

def encrypted_field(name, aad_fields: [], **)
  @encrypted_fields ||= []
  @encrypted_fields << name unless @encrypted_fields.include?(name)

  require_relative 'encrypted_fields/encrypted_field_type'

  field_type = EncryptedFieldType.new(name, aad_fields: aad_fields, **)
  register_field_type(field_type)
end

#encrypted_field?(field_name) ⇒ Boolean

Check if a field is encrypted

Parameters:

• field_name (Symbol) —

  The field name to check

Returns:

• (Boolean) —

  true if field is encrypted, false otherwise

# File 'lib/familia/features/encrypted_fields.rb', line 319

def encrypted_field?(field_name)
  encrypted_fields.include?(field_name.to_sym)
end

#encrypted_fields ⇒ Array<Symbol>

Returns list of encrypted field names defined on this class

Returns:

• (Array<Symbol>) —

  Array of encrypted field names

# File 'lib/familia/features/encrypted_fields.rb', line 310

def encrypted_fields
  @encrypted_fields || []
end

#encryption_info ⇒ Hash

Get encryption algorithm information

Returns:

• (Hash) —

  Hash containing encryption algorithm details

# File 'lib/familia/features/encrypted_fields.rb', line 327

def encryption_info
  provider = Familia::Encryption.current_provider
  {
    algorithm: provider.algorithm_name,
    key_size: provider.key_size,
    nonce_size: provider.nonce_size,
    tag_size: provider.tag_size,
  }
end