spikex
commented
13 years ago I'm on the fence about an additional flag. On the one hand, I like the clean it just works aspect. On the other, it does as, you say, muddy the semantics.
Closed jmileham closed 10 years ago
spikex
commented
13 years ago I'm on the fence about an additional flag. On the one hand, I like the clean it just works aspect. On the other, it does as, you say, muddy the semantics.
Hi Spike,
Wondered if you'd be interested in this patch. It allows decryption of symmetrically encrypted columns even when
:symmetric => :never, and decryption of asymmetrically-encrypted columns even when:symmetric => :always, which allows developers to change their implementation against a live database without having to get their hands dirty.I understand that it muddies the semantics of
:alwaysand:neverfor the purposes of decryption, but it does uphold the guarantee that any subsequent encryption will follow the expected semantics (and tellingly didn't require modification of any existing tests to implement). The patch enables behavior that previously would've resulted in somewhat mysterious errors, e.g. this trace from a decrypt of a model that was switched to symmetric encryption:Perhaps a flag (maybe
:enable_migration) to allow the developer to opt into the modified semantics would be a good addition if a change like this makes you nervous, or perhaps that's too much.Or perhaps you just want to keep it simple and not go there at all. Anyway, great plugin.
Thanks, -john