diff options
author | Kasper Timm Hansen <kaspth@gmail.com> | 2018-09-24 14:07:32 +0200 |
---|---|---|
committer | Kasper Timm Hansen <kaspth@gmail.com> | 2019-01-14 20:13:00 +0100 |
commit | 37c948ce6715df8ecbcda2b64a1e6eee9c5d6bb6 (patch) | |
tree | 82478e0ca821b42b3cdc63d22a50da70f4ba4473 /railties/lib/rails/commands/credentials/credentials_command.rb | |
parent | 3631d7eee4bd034f2eefe1b9892d5fcd565579ac (diff) | |
download | rails-37c948ce6715df8ecbcda2b64a1e6eee9c5d6bb6.tar.gz rails-37c948ce6715df8ecbcda2b64a1e6eee9c5d6bb6.tar.bz2 rails-37c948ce6715df8ecbcda2b64a1e6eee9c5d6bb6.zip |
Restructure credentials after environment overrides.
Follow up to: e0d3313
- Revert renames from `encrypted` and `encrypted_file` back to `credentials`.
They might be using our Encrypted* generators but from that level of abstraction
they're still about credentials.
- Same vein: extract a `credentials` method for the `encrypted` local variable. But
don't call it `encrypted` just because it uses that under the hood. It's about
capturing the credentials. It's also useful in `change_credentials_in_system_editor`.
- Remove lots of needless argument passing. We've abstracted content_path and key_path
into methods for a reason, so they should be used. Also spares a conspicuous rename
of content_path into file_path in other methods.
- Reorders private methods so they're grouped into: command building blocks, option
parsers, and the generators.
- Extracts commonality in the credentials application tests. A tad unsure about this.
But I do like that we go with key, content thus matching the command and remove the
yield which isn't really needed.
- Moves test/credentials_test.rb to beneath the test/application directory. It's a
Rails application test, so it should be in there.
- Uses `root.join` — a neat trick gleaned from the tests! — and composes the configuration
private methods such that the building block is below the callers.
Diffstat (limited to 'railties/lib/rails/commands/credentials/credentials_command.rb')
-rw-r--r-- | railties/lib/rails/commands/credentials/credentials_command.rb | 56 |
1 files changed, 28 insertions, 28 deletions
diff --git a/railties/lib/rails/commands/credentials/credentials_command.rb b/railties/lib/rails/commands/credentials/credentials_command.rb index 4b30d208e0..852cd401d7 100644 --- a/railties/lib/rails/commands/credentials/credentials_command.rb +++ b/railties/lib/rails/commands/credentials/credentials_command.rb @@ -24,13 +24,11 @@ module Rails ensure_editor_available(command: "bin/rails credentials:edit") || (return) - encrypted = Rails.application.encrypted(content_path, key_path: key_path) - - ensure_encryption_key_has_been_added(key_path) if encrypted.key.nil? - ensure_encrypted_file_has_been_added(content_path, key_path) + ensure_encryption_key_has_been_added if credentials.key.nil? + ensure_credentials_have_been_added catch_editing_exceptions do - change_encrypted_file_in_system_editor(content_path, key_path) + change_credentials_in_system_editor end say "File encrypted and saved." @@ -41,36 +39,46 @@ module Rails def show require_application_and_environment! - encrypted = Rails.application.encrypted(content_path, key_path: key_path) - - say encrypted.read.presence || missing_encrypted_message(key: encrypted.key, key_path: key_path, file_path: content_path) + say credentials.read.presence || missing_credentials_message end private - def content_path - options[:environment] ? "config/credentials/#{options[:environment]}.yml.enc" : "config/credentials.yml.enc" - end - - def key_path - options[:environment] ? "config/credentials/#{options[:environment]}.key" : "config/master.key" + def credentials + Rails.application.encrypted(content_path, key_path: key_path) end - - def ensure_encryption_key_has_been_added(key_path) + def ensure_encryption_key_has_been_added encryption_key_file_generator.add_key_file(key_path) encryption_key_file_generator.ignore_key_file(key_path) end - def ensure_encrypted_file_has_been_added(file_path, key_path) - encrypted_file_generator.add_encrypted_file_silently(file_path, key_path) + def ensure_credentials_have_been_added + encrypted_file_generator.add_encrypted_file_silently(content_path, key_path) end - def change_encrypted_file_in_system_editor(file_path, key_path) - Rails.application.encrypted(file_path, key_path: key_path).change do |tmp_path| + def change_credentials_in_system_editor + credentials.change do |tmp_path| system("#{ENV["EDITOR"]} #{tmp_path}") end end + def missing_credentials_message + if credentials.key.nil? + "Missing '#{key_path}' to decrypt credentials. See `rails credentials:help`" + else + "File '#{content_path}' does not exist. Use `rails credentials:edit` to change that." + end + end + + + def content_path + options[:environment] ? "config/credentials/#{options[:environment]}.yml.enc" : "config/credentials.yml.enc" + end + + def key_path + options[:environment] ? "config/credentials/#{options[:environment]}.key" : "config/master.key" + end + def encryption_key_file_generator require "rails/generators" @@ -85,14 +93,6 @@ module Rails Rails::Generators::EncryptedFileGenerator.new end - - def missing_encrypted_message(key:, key_path:, file_path:) - if key.nil? - "Missing '#{key_path}' to decrypt credentials. See `rails credentials:help`" - else - "File '#{file_path}' does not exist. Use `rails credentials:edit` to change that." - end - end end end end |