update subdocument encryption example

Author: wheresvic

README.md

@@ -164,47 +164,46 @@ const decrypted = fieldEncryption.decrypt(encrypted, 'secret')); // decrypted =
 
 Note that while this plugin is designed to encrypt only top level fields, nested fields can be easily encrypted by creating a mongoose schema for the nested objects and adding the plugin to them.
 
-See comment for discussion: [https://github.com/wheresvic/mongoose-field-encryption/issues/34#issuecomment-577383776](https://github.com/wheresvic/mongoose-field-encryption/issues/34#issuecomment-577383776)
+See comment for discussion: [https://github.com/wheresvic/mongoose-field-encryption/issues/34#issuecomment-577383776](https://github.com/wheresvic/mongoose-field-encryption/issues/34#issuecomment-577383776). 
 
-Example
+_Please also note that this example is provided as a best-effort basis and this plugin does not take responsibility for what quirks mongoose might bring if you use this feature._
+
+See relevant test in `test/test-db.js`:
 
 ```js
-const mongoose = require('mongoose');
-const mongooseFieldEncryption = require("mongoose-field-encryption").fieldEncryption;
+// subdocument encryption
 
-const CredentialSchema = new mongoose.Schema({
-    type: {
-        required: true,
-        type: String,
-    },
-    value: {
-        required: true,
-        type: String,
-    },
+const UserExtraSchema = new mongoose.Schema({
+  city: { type: String },
+  country: { type: String },
+  address: { type: String },
+  postalCode: { type: String },
 });
 
-CredentialSchema.plugin(mongooseFieldEncryption, {
-    fields: ["value"],
-    secret: process.env.MONGOOSE_ENCRYPTION_KEY,
+UserExtraSchema.plugin(fieldEncryptionPlugin, {
+  fields: ["address"],
+  secret: "icanhazcheeseburger",
+  saltGenerator: (secret) => secret.slice(0, 16),
 });
 
-const accountSchema = new mongoose.Schema({
-    provider: {
-        type: String,
-        required: true,
-        lowercase: true,
-        trim: true,
-    },
-    credentials: [CredentialSchema],
-    owner: {
-        required: true,
-        type: mongoose.Schema.Types.ObjectId,
-        ref: 'User',
-    },
+const UserSchema = new mongoose.Schema(
+  {
+    name: { type: String, required: true },
+    surname: { type: String, required: true },
+    email: { type: String, required: true },
+    extra: UserExtraSchema,
+  },
+  { collection: "users" }
+);
+
+UserSchema.plugin(fieldEncryptionPlugin, {
+  fields: ["name", "surname"],
+  secret: "icanhazcheeseburger",
+  saltGenerator: (secret) => secret.slice(0, 16),
 });
 
-module.exports = mongoose.model('Account', accountSchema);
-``` 
+const UserModel = mongoose.model("User", UserSchema);
+```
 
 ## Development
 
@@ -235,6 +234,10 @@ Feel free to make changes to the default docker configuration as required.
 
 ## Changelog
 
+### 4.0.2
+
+- Update documentation for subdocument encryption
+
 ### 4.0.1
 
 - Update documentation to add nested field encryption example

test/test-db.js

@@ -16,7 +16,13 @@ describe("mongoose-field-encryption plugin db", function () {
 
   before(function (done) {
     mongoose
-      .connect(uri, { useNewUrlParser: true, promiseLibrary: Promise, autoIndex: false, useUnifiedTopology: true })
+      .connect(uri, {
+        useNewUrlParser: true,
+        promiseLibrary: Promise,
+        autoIndex: false,
+        useUnifiedTopology: true,
+        keepAlive: 1,
+      })
       .then(function () {
         done();
       });
@@ -203,6 +209,72 @@ describe("mongoose-field-encryption plugin db", function () {
     runTests(NestedFieldEncryptionCustomSalt, getSut, expectEncryptionValues, expectDecryptionValues);
   });
 
+  describe("subdocument encryption", function () {
+    it("should encrypt and decrypt subdocuments", function (done) {
+      const UserExtraSchema = new mongoose.Schema({
+        city: { type: String },
+        country: { type: String },
+        address: { type: String },
+        postalCode: { type: String },
+      });
+
+      UserExtraSchema.plugin(fieldEncryptionPlugin, {
+        fields: ["address"],
+        secret: "icanhazcheeseburger",
+        saltGenerator: (secret) => secret.slice(0, 16),
+      });
+
+      const UserSchema = new mongoose.Schema(
+        {
+          name: { type: String, required: true },
+          surname: { type: String, required: true },
+          email: { type: String, required: true },
+          extra: UserExtraSchema,
+        },
+        { collection: "users" }
+      );
+
+      UserSchema.plugin(fieldEncryptionPlugin, {
+        fields: ["name", "surname"],
+        secret: "icanhazcheeseburger",
+        saltGenerator: (secret) => secret.slice(0, 16),
+      });
+
+      const UserModel = mongoose.model("User", UserSchema);
+
+      // given
+      const sut = new UserModel({
+        name: "snoop",
+        surname: "dawg",
+        email: "snoop.dawg@dadadadada.com",
+        extra: {
+          city: "cali",
+          country: "usa",
+          address: "bowchickabowwow",
+          postalCode: "90210",
+        },
+      });
+
+      // when
+      sut
+        .save()
+        .then(() => {
+          // then
+          expect(sut.name).to.equal("31393663303733396265616337353364:5b8c2d2160c935152c7dd6bf6a31f894");
+          expect(sut.extra.address).to.equal("31393663303733396265616337353364:b9610446ddefafef177ffe0cdfec2d2d");
+
+          return UserModel.findById(sut._id);
+        })
+        .then((found) => {
+          expect(found.name).to.equal("snoop");
+          expect(found.extra.address).to.equal("bowchickabowwow");
+        })
+        .finally(() => {
+          done();
+        });
+    });
+  });
+
   function runTests(MongooseModel, getSut, expectEncryptionValues, expectDecryptionValues) {
     it("should encrypt fields on save and decrypt fields on findById", function () {
       // given