Skip to content

Instantly share code, notes, and snippets.

@mlambie
Created October 28, 2009 14:58
Show Gist options
  • Save mlambie/220522 to your computer and use it in GitHub Desktop.
Save mlambie/220522 to your computer and use it in GitHub Desktop.
Updating an encrypted attribute to an empty string doesn't actually update the attribute
>> c = Factory(:credit_card)
=> #<CreditCard id: 2, first_name: "Royce", last_name: "Ritchie", number: "4ioaILZVhGjVtdV7yJXBUFl8o6c2LeqPQAkRPSnUHl4=\n", month: 10, year: 2010, scheme: "visa", start_month: nil, start_year: nil, issue_number: nil, created_at: "2009-10-28 14:31:10", updated_at: "2009-10-28 14:31:10", friendly_name: nil, token: "f55440238e4dda3298ee9c625c00494ba6608000">
>> c.number.decrypt(PASSWORD)
=> "4242424242424242"
>> c.number = '4242424242424241'
=> "4242424242424241"
>> c.save
=> false
>> c.number.decrypt(PASSWORD)
=> "4242424242424241"
>> c.errors.full_messages
=> ["Number is not a valid credit card number"]
>> c.number = '4242424242424242'
=> "4242424242424242"
>> c.save
=> true
>> c.number = ''
=> ""
>> c.save
=> true
>> c.number.decrypt(PASSWORD)
=> "4242424242424242"
Line 29 of lib/strongbox/lock.rb, in the "encrypt" method:
if !plaintext.blank?
Is there a reason why updating existing attributes with empty strings is not allowed?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment