You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The problem with #110 happens for a fields becoming unencrypted ("extracted"):
It reads such fields from ciphertext just ok
After filed is read, it still not exists in cleartext in Mongo, because nothing was updated yet (so far so good...)
Upon save() the field will be eliminated from ciphertext (ok, we need that...)
When user calls save(), this field is not marked as modified. Because of that, mongoose doesn't bother to set this field (which is still not exists in cleartext in Mongo). This result in a data loss.
This PR ensures that all "extracted" fields are marked as modified upon encryption, so Mongoose will sure set it in cleartext.
Hi, me again!
I've got the situation again, when encrypted fields have to be changed, and it required a workaround. So maybe we can consider this feature again?
A thought about nested fields support:
The source of the problem, in my opinion, is the complexity of the support for nested fields config. Sure, it's convenient, but it's sooo complicated when you think about reliable algorithms to support that, given that there is a second way to configure nested encryption: the nested Schema definitions. It seems pretty complicated to get these two features work without conflicts.
I think these PRs solve it in coerce way, but it always be a source of ambiguity for users.
A thought about this update:
This PR seem to be working fine, but I have no time to do rigorous testing. Maybe I'm chicken, but it's kinda scary to push it silently too users - what if there is a problem?
On the other hand, right now the library will just drop data when fields reconfigured, so it's not like current state is safe too.
So, I see two options:
Fix documentation, explicitly warn about the problem with reconfiguring. Then, from this PR, create a feature branch or alpha version of some kind for testing.
Merge this PR and hope it's fine.
Seem to me as a hard choice, but again, maybe I'm too alert or something. Seem to be working fine...
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR is a fork of #110
There is 2 more commits added:
The problem with #110 happens for a fields becoming unencrypted ("extracted"):
This PR ensures that all "extracted" fields are marked as modified upon encryption, so Mongoose will sure set it in cleartext.