Raise an error only when `require_master_key` is specified

To prevent errors from being raise in environments where credentials is unnecessary. Context: https://github.com/rails/rails/issues/31283#issuecomment-348801489 Fixes #31283
author: yuuji.yaginuma <yuuji.yaginuma@gmail.com> 2017-12-05 21:41:19 +0900
committer: yuuji.yaginuma <yuuji.yaginuma@gmail.com> 2017-12-18 08:04:15 +0900
commit: 35373219c91ea8096ef2f8e7f3c62bcd46f436be (patch)
tree: 568eddd5f7ef943f297c8cfe56d1087d371d5122 /activesupport
parent: daf15f58b943d85d8fb726590ae94f77ca0a5d5f (diff)
download: rails-35373219c91ea8096ef2f8e7f3c62bcd46f436be.tar.gz
rails-35373219c91ea8096ef2f8e7f3c62bcd46f436be.tar.bz2
rails-35373219c91ea8096ef2f8e7f3c62bcd46f436be.zip
4 files changed, 23 insertions, 11 deletions
diff --git a/activesupport/lib/active_support/encrypted_configuration.rb b/activesupport/lib/active_support/encrypted_configuration.rb
index c52d3869de..dab953d5d5 100644
--- a/activesupport/lib/active_support/encrypted_configuration.rb
+++ b/activesupport/lib/active_support/encrypted_configuration.rb
@@ -11,8 +11,9 @@ module ActiveSupport
     delegate :[], :fetch, to: :config
     delegate_missing_to :options
 
-    def initialize(config_path:, key_path:, env_key:)
-      super content_path: config_path, key_path: key_path, env_key: env_key
+    def initialize(config_path:, key_path:, env_key:, raise_if_missing_key:)
+      super content_path: config_path, key_path: key_path,
+        env_key: env_key, raise_if_missing_key: raise_if_missing_key
     end
 
     # Allow a config to be started without a file present
diff --git a/activesupport/lib/active_support/encrypted_file.rb b/activesupport/lib/active_support/encrypted_file.rb
index 3d1455fb95..671b6b6a69 100644
--- a/activesupport/lib/active_support/encrypted_file.rb
+++ b/activesupport/lib/active_support/encrypted_file.rb
@@ -26,11 +26,11 @@ module ActiveSupport
     end
 
 
-    attr_reader :content_path, :key_path, :env_key
+    attr_reader :content_path, :key_path, :env_key, :raise_if_missing_key
 
-    def initialize(content_path:, key_path:, env_key:)
+    def initialize(content_path:, key_path:, env_key:, raise_if_missing_key:)
       @content_path, @key_path = Pathname.new(content_path), Pathname.new(key_path)
-      @env_key = env_key
+      @env_key, @raise_if_missing_key = env_key, raise_if_missing_key
     end
 
     def key
@@ -38,7 +38,7 @@ module ActiveSupport
     end
 
     def read
-      if content_path.exist?
+      if !key.nil? && content_path.exist?
         decrypt content_path.binread
       else
         raise MissingContentError, content_path
@@ -93,7 +93,7 @@ module ActiveSupport
       end
 
       def handle_missing_key
-        raise MissingKeyError, key_path: key_path, env_key: env_key
+        raise MissingKeyError, key_path: key_path, env_key: env_key if raise_if_missing_key
       end
   end
 end
diff --git a/activesupport/test/encrypted_configuration_test.rb b/activesupport/test/encrypted_configuration_test.rb
index 0bc915be82..93ccf457de 100644
--- a/activesupport/test/encrypted_configuration_test.rb
+++ b/activesupport/test/encrypted_configuration_test.rb
@@ -10,8 +10,10 @@ class EncryptedConfigurationTest < ActiveSupport::TestCase
     @credentials_key_path = File.join(Dir.tmpdir, "master.key")
     File.write(@credentials_key_path, ActiveSupport::EncryptedConfiguration.generate_key)
 
-    @credentials = ActiveSupport::EncryptedConfiguration.new \
-      config_path: @credentials_config_path, key_path: @credentials_key_path, env_key: "RAILS_MASTER_KEY"
+    @credentials = ActiveSupport::EncryptedConfiguration.new(
+      config_path: @credentials_config_path, key_path: @credentials_key_path,
+      env_key: "RAILS_MASTER_KEY", raise_if_missing_key: true
+    )
   end
 
   teardown do
diff --git a/activesupport/test/encrypted_file_test.rb b/activesupport/test/encrypted_file_test.rb
index 7259726d08..ba3bbef903 100644
--- a/activesupport/test/encrypted_file_test.rb
+++ b/activesupport/test/encrypted_file_test.rb
@@ -12,8 +12,9 @@ class EncryptedFileTest < ActiveSupport::TestCase
     @key_path = File.join(Dir.tmpdir, "content.txt.key")
     File.write(@key_path, ActiveSupport::EncryptedFile.generate_key)
 
-    @encrypted_file = ActiveSupport::EncryptedFile.new \
-      content_path: @content_path, key_path: @key_path, env_key: "CONTENT_KEY"
+    @encrypted_file = ActiveSupport::EncryptedFile.new(
+      content_path: @content_path, key_path: @key_path, env_key: "CONTENT_KEY", raise_if_missing_key: true
+    )
   end
 
   teardown do
@@ -47,4 +48,12 @@ class EncryptedFileTest < ActiveSupport::TestCase
 
     assert_equal "#{@content} and went by the lake", @encrypted_file.read
   end
+
+  test "raise MissingKeyError when key is missing" do
+    assert_raise(ActiveSupport::EncryptedFile::MissingKeyError) do
+      ActiveSupport::EncryptedFile.new(
+        content_path: @content_path, key_path: "", env_key: "", raise_if_missing_key: true
+      ).read
+    end
+  end
 end
author	yuuji.yaginuma <yuuji.yaginuma@gmail.com>	2017-12-05 21:41:19 +0900
committer	yuuji.yaginuma <yuuji.yaginuma@gmail.com>	2017-12-18 08:04:15 +0900
commit	35373219c91ea8096ef2f8e7f3c62bcd46f436be (patch)
tree	568eddd5f7ef943f297c8cfe56d1087d371d5122 /activesupport
parent	daf15f58b943d85d8fb726590ae94f77ca0a5d5f (diff)
download	rails-35373219c91ea8096ef2f8e7f3c62bcd46f436be.tar.gz rails-35373219c91ea8096ef2f8e7f3c62bcd46f436be.tar.bz2 rails-35373219c91ea8096ef2f8e7f3c62bcd46f436be.zip