team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

got the code kicked off so we can encrypt SSN(s) in the database

Browse Source
This commit is contained in:
cktricky
2013-11-13 19:51:42 -05:00
parent 4be667b606
commit b605a42812
4 changed files with 21 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/models/user.rb
+2
View File
@@ -24,6 +24,8 @@ class User < ActiveRecord::Base
build_retirement(POPULATE_RETIREMENTS.shuffle.first) build_retirement(POPULATE_RETIREMENTS.shuffle.first)
build_paid_time_off(POPULATE_PAID_TIME_OFF.shuffle.first).schedule.build(POPULATE_SCHEDULE.shuffle.first) build_paid_time_off(POPULATE_PAID_TIME_OFF.shuffle.first).schedule.build(POPULATE_SCHEDULE.shuffle.first)
build_work_info(POPULATE_WORK_INFO.shuffle.first) build_work_info(POPULATE_WORK_INFO.shuffle.first)
# Uncomment below line to use encrypted SSN(s)
#work_info.build_key_management(:iv => SecureRandom.hex(32))
performance.build(POPULATE_PERFORMANCE.shuffle.first) performance.build(POPULATE_PERFORMANCE.shuffle.first)
end end
app/models/work_info.rb
+4 -5
View File
@@ -2,12 +2,12 @@ class WorkInfo < ActiveRecord::Base
attr_accessible :DoB, :SSN, :bonuses, :income, :years_worked attr_accessible :DoB, :SSN, :bonuses, :income, :years_worked
belongs_to :user belongs_to :user
has_one :key_management, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy has_one :key_management, :foreign_key => :user_id, :primary_key => :user_id, :dependent => :destroy
before_save :encrypt_ssn #before_save :encrypt_ssn
# We should probably use this # We should probably use this
def last_four def last_four
"***-**-" << self.SSN[-4,4] "***-**-" << self.decrypt_ssn[-4,4]
end end
def encrypt_ssn def encrypt_ssn
@@ -33,9 +33,8 @@ class WorkInfo < ActiveRecord::Base
end end
def iv def iv
"asdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasdf" raise "No IV for this User" if !(self.key_management.iv)
#self.key_management.iv self.key_management.iv
#raise "No IV for this User" if !(key_management.iv)
end end
def cipher_type def cipher_type
app/views/work_info/index.html.erb
+3
View File
@@ -28,6 +28,9 @@
<td><%= @user.work_info.bonuses %></td> <td><%= @user.work_info.bonuses %></td>
<td><%= @user.work_info.years_worked %></td> <td><%= @user.work_info.years_worked %></td>
<td class="ssn"><%= @user.work_info.SSN %></td> <td class="ssn"><%= @user.work_info.SSN %></td>
<!-- Begin Secure Version>-->
<!--<td class="ssn"><%#= @user.work_info.last_four %></td>-->
<!-- End Secure Version -->
<td><%= @user.work_info.DoB %></td> <td><%= @user.work_info.DoB %></td>
</tr> </tr>
db/seeds.rb
+12 -23
View File
@@ -184,21 +184,6 @@ paid_time_off = [
} }
] ]
key_mgmt = [
{
:user_id => 2,
},
{
:user_id => 3,
},
{
:user_id => 4,
},
{
:user_id => 5,
}
]
performance = [ performance = [
{ {
:user_id => 2, :user_id => 2,
@@ -304,12 +289,6 @@ schedule.each do |event|
sched.save sched.save
end end
key_mgmt.each do |key|
KeyManagement.create(:user_id => key[:user_id], :iv => Digest::SHA2.new.to_s)
end
performance.each do |perf| performance.each do |perf|
p = Performance.new(perf.reject {|k| k == :user_id}) p = Performance.new(perf.reject {|k| k == :user_id})
p.user_id = perf[:user_id] p.user_id = perf[:user_id]
@@ -322,10 +301,20 @@ messages.each do |message|
m.save m.save
end end
work_info.each do |wi| work_info.each do |wi|
info = WorkInfo.new(wi.reject {|k| k == :user_id}) info = WorkInfo.new(wi.reject {|k| k == :user_id } )
info.user_id = wi[:user_id] info.user_id = wi[:user_id]
info.save info.save
end end
=begin
work_info.each do |wi|
list = [:user_id, :SSN]
info = WorkInfo.new(wi.reject {|k| list.include?(k)})
info.user_id = wi[:user_id]
info.build_key_management({:user_id => wi[:user_id], :iv => SecureRandom.hex(32) })
info.SSN = wi[:SSN]
info.save
end
=end