Merge pull request #78 from FundingCircle/bug_with_vault_load_all_and…

…_in_memory Fixes bug with memory decryption not handing blank values
FundingCircle · May 16, 2019 · 659ec59 · 659ec59
2 parents 0ffd1ae + 2d40b4e
commit 659ec59
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/lib/vault/rails.rb b/lib/vault/rails.rb
@@ -220,7 +220,7 @@ def memory_batch_encrypt(path, key, plaintexts, _client)
       def memory_decrypt(path, key, ciphertext, _client, convergent)
         log_warning(DEV_WARNING) if self.in_memory_warnings_enabled?
 
-        return nil if ciphertext.nil?
+        return ciphertext if ciphertext.blank?
 
         cipher = OpenSSL::Cipher::AES.new(128, :CBC)
         cipher.decrypt

diff --git a/spec/integration/rails_spec.rb b/spec/integration/rails_spec.rb
@@ -518,6 +518,20 @@
         expect(first_person.email_encrypted).not_to eq(second_person.email_encrypted)
       end
     end
+
+    context '.vault_load_all' do
+      it 'works with records with nil and blank values' do
+        first_person = LazyPerson.create!(passport_number: nil)
+        second_person = LazyPerson.create!(passport_number: '')
+
+        first_person.reload
+        second_person.reload
+
+        LazyPerson.vault_load_all(:passport_number, [first_person, second_person])
+        expect(first_person.passport_number).to eq(nil)
+        expect(second_person.passport_number).to eq('')
+      end
+    end
   end
 
   context 'uniqueness validation' do