From b605a42812eba6ce87b94b9bb82d4b76dd0330f6 Mon Sep 17 00:00:00 2001
From: cktricky <ken.johnson@nvisiumsecurity.com>
Date: Wed, 13 Nov 2013 19:51:42 -0500
Subject: [PATCH] got the code kicked off so we can encrypt SSN(s) in the
 database

---
 app/models/user.rb                 |  2 ++
 app/models/work_info.rb            |  9 ++++----
 app/views/work_info/index.html.erb |  3 +++
 db/seeds.rb                        | 35 ++++++++++--------------------
 4 files changed, 21 insertions(+), 28 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index d84909c..b0204b9 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -24,6 +24,8 @@ class User < ActiveRecord::Base
     build_retirement(POPULATE_RETIREMENTS.shuffle.first)
     build_paid_time_off(POPULATE_PAID_TIME_OFF.shuffle.first).schedule.build(POPULATE_SCHEDULE.shuffle.first)
     build_work_info(POPULATE_WORK_INFO.shuffle.first)
+    # Uncomment below line to use encrypted SSN(s)
+    #work_info.build_key_management(:iv => SecureRandom.hex(32))
     performance.build(POPULATE_PERFORMANCE.shuffle.first)
   end
   
diff --git a/app/models/work_info.rb b/app/models/work_info.rb
index f1fb5fd..c8e30d8 100644
--- a/app/models/work_info.rb
+++ b/app/models/work_info.rb
@@ -2,12 +2,12 @@ class WorkInfo < ActiveRecord::Base
   attr_accessible :DoB, :SSN, :bonuses, :income, :years_worked
   belongs_to :user
   has_one :key_management, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy
-  before_save :encrypt_ssn
+  #before_save :encrypt_ssn
  
   
   # We should probably use this
   def last_four
-    "***-**-" << self.SSN[-4,4]
+     "***-**-" << self.decrypt_ssn[-4,4]
   end
   
   def encrypt_ssn
@@ -33,9 +33,8 @@ class WorkInfo < ActiveRecord::Base
   end
   
   def iv
-    "asdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdf"
-    #self.key_management.iv
-    #raise "No IV for this User" if !(key_management.iv)
+    raise "No IV for this User" if !(self.key_management.iv)
+    self.key_management.iv
   end
   
   def cipher_type
diff --git a/app/views/work_info/index.html.erb b/app/views/work_info/index.html.erb
index 1b429b5..96fb928 100644
--- a/app/views/work_info/index.html.erb
+++ b/app/views/work_info/index.html.erb
@@ -28,6 +28,9 @@
 		                <td><%= @user.work_info.bonuses %></td>
 		                <td><%= @user.work_info.years_worked %></td>
 						<td class="ssn"><%= @user.work_info.SSN %></td>
+						<!-- Begin Secure Version>-->
+						<!--<td class="ssn"><%#= @user.work_info.last_four %></td>-->
+						<!-- End Secure Version -->
 						<td><%= @user.work_info.DoB %></td>
 		              </tr>
 		           
diff --git a/db/seeds.rb b/db/seeds.rb
index 8583174..7a46893 100755
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -184,21 +184,6 @@ paid_time_off = [
     }   
   ]
   
-  key_mgmt = [
-    {
-      :user_id => 2,
-    },
-    {
-      :user_id => 3,
-    },
-    {
-      :user_id => 4,
-    },
-    {
-      :user_id => 5,    
-    }   
-  ]
-  
   performance = [
     {
       :user_id => 2,
@@ -304,12 +289,6 @@ schedule.each do |event|
   sched.save
 end
 
-key_mgmt.each do |key|
-  KeyManagement.create(:user_id => key[:user_id], :iv => Digest::SHA2.new.to_s)
-end
-
-
-
 performance.each do |perf|
   p = Performance.new(perf.reject {|k| k == :user_id})
   p.user_id = perf[:user_id]
@@ -322,10 +301,20 @@ messages.each do |message|
   m.save
 end
 
-
 work_info.each do |wi|
-  info = WorkInfo.new(wi.reject {|k| k == :user_id})
+  info = WorkInfo.new(wi.reject {|k| k == :user_id } )
   info.user_id = wi[:user_id]
   info.save
 end
 
+
+=begin
+work_info.each do |wi|
+  list = [:user_id, :SSN]
+  info = WorkInfo.new(wi.reject {|k| list.include?(k)})
+  info.user_id = wi[:user_id]
+  info.build_key_management({:user_id => wi[:user_id], :iv => SecureRandom.hex(32) })
+  info.SSN = wi[:SSN]
+  info.save
+end
+=end