Skip to content

Commit 8e196bb

Browse files
cassiascheffernwjsmith
authored and
byroot
committed
Avoid dynamic encrypting in generated fixtures
Instead of encrypting attributes dynamically in generated fixtures, generate the encrypted string once and store it in a fixture. Provide a comment indicating how to regenerate the encrypted string if needed. Co-authored-by: Nate Smith <[email protected]>
1 parent 160288b commit 8e196bb

File tree

3 files changed

+13
-2
lines changed

3 files changed

+13
-2
lines changed

railties/CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,11 @@
1+
* Generate static BCrypt password digests in fixtures instead of dynamic ERB expressions.
2+
3+
Previously, fixtures with password digest attributes used `<%= BCrypt::Password.create("secret") %>`,
4+
which regenerated the hash on each test run. Now generates a static hash with a comment
5+
showing how to recreate it.
6+
7+
*Nate Smith*, *Cassia Scheffer*
8+
19
* Broaden the `.gitignore` entry when adding a credentials key to ignore all key files.
210

311
*Greg Molnar*

railties/lib/rails/generators/test_unit/model/templates/fixtures.yml.tt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
<%= name %>:
55
<% attributes.each do |attribute| -%>
66
<%- if attribute.password_digest? -%>
7-
password_digest: <%%= BCrypt::Password.create("secret") %>
7+
password_digest: <%= BCrypt::Password.create("secret") %> # Generated with BCrypt::Password.create("secret")
88
<%- elsif attribute.reference? -%>
99
<%= yaml_key_value(attribute.column_name.delete_suffix("_id"), attribute.default || name) %>
1010
<%- elsif !attribute.virtual? -%>

railties/test/generators/scaffold_generator_test.rb

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
require "plugin_helpers"
44
require "generators/generators_test_helper"
55
require "rails/generators/rails/scaffold/scaffold_generator"
6+
require "bcrypt"
67

78
class ScaffoldGeneratorTest < Rails::Generators::TestCase
89
include PluginHelpers
@@ -564,7 +565,9 @@ def test_scaffold_generator_password_digest
564565
end
565566

566567
assert_file "test/fixtures/users.yml" do |content|
567-
assert_match(/password_digest: <%= BCrypt::Password.create\("secret"\) %>/, content)
568+
assert_match(/password_digest: (.+)$/, content)
569+
digest = content.match(/password_digest: ([^#\s]+)/)[1].strip
570+
assert BCrypt::Password.new(digest) == "secret"
568571
end
569572
end
570573

0 commit comments

Comments
 (0)