Fix exception in attr reader without selecting encrypted column

When using AR's .select to retrieve a subset of columns for a model, calling the encrypted attribute reader results in an exception: ActiveModel::MissingAttributeError: missing attribute: encrypted_street gems/activerecord-5.1.5/lib/active_record/attribute_methods/read.rb:71:in `block in _read_attribute' gems/activerecord-5.1.5/lib/active_record/attribute_set.rb:45:in `block in fetch_value' gems/activerecord-5.1.5/lib/active_record/attribute.rb:219:in `value' gems/activerecord-5.1.5/lib/active_record/attribute_set.rb:45:in `fetch_value' gems/activerecord-5.1.5/lib/active_record/attribute_methods/read.rb:71:in `_read_attribute' gems/activerecord-5.1.5/lib/active_record/attribute_methods/read.rb:36:in `__temp__56e636279707475646f5374727565647' lib/attr_encrypted.rb:161:in `block (2 levels) in attr_encrypted' The virtual attribute `email` is defined in the test, but the reader tries to access the encrypted column which wasn't selected. This is a problem when rendering a model `#to_json` with the default serialiser, as it tries to read all defined columns. Allow the reader to return nil in the case when the encrypted attribute column isn't available.
attr-encrypted · Feb 20, 2018 · 707e6f1 · 707e6f1
1 parent 55839af
commit 707e6f1
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 3 deletions.
diff --git a/lib/attr_encrypted.rb b/lib/attr_encrypted.rb
@@ -158,12 +158,11 @@ def attr_encrypted(*attributes)
       end
 
       define_method(attribute) do
-        instance_variable_get("@#{attribute}") || instance_variable_set("@#{attribute}", decrypt(attribute, send(encrypted_attribute_name)))
+        read_encrypted_attribute(attribute)
       end
 
       define_method("#{attribute}=") do |value|
-        send("#{encrypted_attribute_name}=", encrypt(attribute, value))
-        instance_variable_set("@#{attribute}", value)
+        write_encrypted_attribute(attribute, value)
       end
 
       define_method("#{attribute}?") do
@@ -395,6 +394,17 @@ def evaluate_attr_encrypted_option(option)
         end
       end
 
+      def read_encrypted_attribute(attribute)
+        encrypted_attribute_name = encrypted_attributes[attribute.to_sym][:attribute]
+        instance_variable_get("@#{attribute}") || instance_variable_set("@#{attribute}", decrypt(attribute, send(encrypted_attribute_name)))
+      end
+
+      def write_encrypted_attribute(attribute, value)
+        encrypted_attribute_name = encrypted_attributes[attribute.to_sym][:attribute]
+        send("#{encrypted_attribute_name}=", encrypt(attribute, value))
+        instance_variable_set("@#{attribute}", value)
+      end
+
       def load_iv_for_attribute(attribute, options)
         encrypted_attribute_name = options[:attribute]
         encode_iv = options[:encode_iv]

diff --git a/lib/attr_encrypted/adapters/active_record.rb b/lib/attr_encrypted/adapters/active_record.rb
@@ -4,6 +4,7 @@ module Adapters
       module ActiveRecord
         def self.extended(base) # :nodoc:
           base.class_eval do
+            include InstanceMethods
 
             # https://github.com/attr-encrypted/attr_encrypted/issues/68
             alias_method :reload_without_attr_encrypted, :reload
@@ -130,6 +131,19 @@ def method_missing_with_attr_encrypted(method, *args, &block)
             end
             method_missing_without_attr_encrypted(method, *args, &block)
           end
+
+          module InstanceMethods
+            def read_encrypted_attribute(attribute)
+              encrypted_attribute_name = encrypted_attributes[attribute.to_sym][:attribute].to_s
+
+              # If the class does have the encrypted attribute, but this record doesn't (partial SELECT),
+              # return early as fetching the encrypted attribute will fail
+              return if self.class.column_names.include?(encrypted_attribute_name) &&
+                !attributes.include?(encrypted_attribute_name)
+
+              super
+            end
+          end
       end
     end
   end

diff --git a/test/active_record_test.rb b/test/active_record_test.rb
@@ -335,4 +335,9 @@ def test_should_evaluate_proc_based_mode
     refute_equal address.encrypted_zipcode, zipcode
     assert_equal address.zipcode, zipcode
   end
+
+  def test_should_read_attribute_without_encrypted_column_present
+    address = Address.create!(street: '123 Elm')
+    assert_nil Address.where(id: address.id).select(:id).first.street
+  end
 end