diff options
author | Robert Newson <rnewson@apache.org> | 2020-11-04 15:39:09 +0000 |
---|---|---|
committer | Robert Newson <rnewson@apache.org> | 2020-11-06 18:10:51 +0000 |
commit | 475ff60c3f66bfedda63c5d55946c241edb48082 (patch) | |
tree | cce7a9cb88a0f6a4e18c81cc1ab6f068e17ae81b | |
parent | 32dba5863edba786309bd1757906937f13006d14 (diff) | |
download | couchdb-475ff60c3f66bfedda63c5d55946c241edb48082.tar.gz |
Add an "encryption" object to db infoaegis_db_info
The encryption object contains a boolean "enabled"
property. Additional properties might be added by the key manager
which will appear in the "key_manager" sub-object.
-rw-r--r-- | src/aegis/src/aegis.erl | 11 | ||||
-rw-r--r-- | src/aegis/src/aegis_key_manager.erl | 8 | ||||
-rw-r--r-- | src/aegis/test/aegis_server_test.erl | 7 | ||||
-rw-r--r-- | src/fabric/src/fabric2_fdb.erl | 4 |
4 files changed, 29 insertions, 1 deletions
diff --git a/src/aegis/src/aegis.erl b/src/aegis/src/aegis.erl index e8a0b4bfb..d3f7f9676 100644 --- a/src/aegis/src/aegis.erl +++ b/src/aegis/src/aegis.erl @@ -20,6 +20,7 @@ -export([ init_db/2, open_db/1, + get_db_info/1, decrypt/2, decrypt/3, @@ -39,6 +40,16 @@ open_db(#{} = Db) -> }. +get_db_info(#{is_encrypted := IsEncrypted} = Db) -> + KeyManagerInfo = case erlang:function_exported(?AEGIS_KEY_MANAGER, get_db_info, 1) of + true -> + ?AEGIS_KEY_MANAGER:get_db_info(Db); + false -> + [] + end, + [{enabled, IsEncrypted}, {key_manager, {KeyManagerInfo}}]. + + encrypt(#{} = _Db, _Key, <<>>) -> <<>>; diff --git a/src/aegis/src/aegis_key_manager.erl b/src/aegis/src/aegis_key_manager.erl index aa9e3429a..4426c4f10 100644 --- a/src/aegis/src/aegis_key_manager.erl +++ b/src/aegis/src/aegis_key_manager.erl @@ -20,3 +20,11 @@ -callback open_db(Db :: #{}) -> {ok, binary()} | false. + + +-callback get_db_info(Db :: #{}) -> list(). + + +-optional_callbacks([ + get_db_info/1 +]). diff --git a/src/aegis/test/aegis_server_test.erl b/src/aegis/test/aegis_server_test.erl index 0f96798b7..ff16475b4 100644 --- a/src/aegis/test/aegis_server_test.erl +++ b/src/aegis/test/aegis_server_test.erl @@ -35,6 +35,8 @@ basic_test_() -> {timeout, ?TIMEOUT, fun test_init_db/0}}, {"open_db returns true when encryption enabled", {timeout, ?TIMEOUT, fun test_open_db/0}}, + {"get_db_info returns encryption enabled true", + {timeout, ?TIMEOUT, fun test_get_db_info/0}}, {"init_db caches key", {timeout, ?TIMEOUT, fun test_init_db_cache/0}}, {"open_db caches key", @@ -70,6 +72,11 @@ test_open_db() -> ?assertEqual(1, meck:num_calls(?AEGIS_KEY_MANAGER, open_db, 1)). +test_get_db_info() -> + ?assertEqual([{enabled,true},{key_manager,{[]}}], + aegis:get_db_info(#{is_encrypted => true})). + + test_init_db_cache() -> ?assertEqual(0, meck:num_calls(?AEGIS_KEY_MANAGER, init_db, 2)), diff --git a/src/fabric/src/fabric2_fdb.erl b/src/fabric/src/fabric2_fdb.erl index 36fa451ab..aa2badee9 100644 --- a/src/fabric/src/fabric2_fdb.erl +++ b/src/fabric/src/fabric2_fdb.erl @@ -495,7 +495,9 @@ get_info(#{} = Db) -> tx := Tx, db_prefix := DbPrefix } = ensure_current(Db), - get_info_wait(get_info_future(Tx, DbPrefix)). + DbInfo = get_info_wait(get_info_future(Tx, DbPrefix)), + AegisProps = aegis:get_db_info(Db), + [{encryption, {AegisProps}} | DbInfo]. get_info_future(Tx, DbPrefix) -> |