From 3e5b7fa0df877fa2db2179dbf9f6664410edf983 Mon Sep 17 00:00:00 2001
From: Steve Jackson <steve@testdouble.com>
Date: Wed, 21 Aug 2019 16:15:44 -0500
Subject: [PATCH 1/2] Add range to sqlite dependency

---
 attr_encrypted.gemspec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/attr_encrypted.gemspec b/attr_encrypted.gemspec
index 41f96ed9..5eb12e56 100644
--- a/attr_encrypted.gemspec
+++ b/attr_encrypted.gemspec
@@ -50,7 +50,7 @@ Gem::Specification.new do |s|
     s.add_development_dependency('activerecord-jdbcsqlite3-adapter')
     s.add_development_dependency('jdbc-sqlite3', '< 3.8.7') # 3.8.7 is nice and broke
   else
-    s.add_development_dependency('sqlite3')
+    s.add_development_dependency('sqlite3', '~> 1.3.0', '>= 1.3.6')
   end
   s.add_development_dependency('dm-sqlite-adapter')
   s.add_development_dependency('simplecov')

From e1ec453025d6613ac290d228872edd5337dd1c2c Mon Sep 17 00:00:00 2001
From: Steve Jackson <steve@testdouble.com>
Date: Wed, 21 Aug 2019 16:22:58 -0500
Subject: [PATCH 2/2] Filter decrypted attributes

e19445a9ae38ed9a55608d28a80e32126f30efd1 introduced marking
attr_encrypted attributes as virtual attributes to avoid an ActiveRecord
deprecation warning in AR 5.1.  This had the side effect of exposing
the decrypted versions of the attributes in
`ActiveRecord::Base#attributes`.  This is problematic since the method
is leveraged for things like `#as_json` and `respond_with`, meaning a
user could inadvertely expose sensitive info with an action like:

```
  def show
    respond_with @user
  end
```
---
 lib/attr_encrypted/adapters/active_record.rb | 6 ++++++
 test/active_record_test.rb                   | 5 +++++
 2 files changed, 11 insertions(+)

diff --git a/lib/attr_encrypted/adapters/active_record.rb b/lib/attr_encrypted/adapters/active_record.rb
index fca9343e..59ce0f28 100644
--- a/lib/attr_encrypted/adapters/active_record.rb
+++ b/lib/attr_encrypted/adapters/active_record.rb
@@ -43,6 +43,12 @@ def assign_attributes(*args)
             def attributes=(*args)
               perform_attribute_assignment :attributes_without_attr_encrypted=, *args
             end
+
+            alias_method :attributes_without_attr_encrypted, :attributes
+            def attributes
+              encrypted_keys = self.class.encrypted_attributes.keys
+              attributes_without_attr_encrypted.reject { |k, _| encrypted_keys.include?(k.to_sym) }
+            end
           end
         end
 
diff --git a/test/active_record_test.rb b/test/active_record_test.rb
index 8ec31aea..7d0d53f4 100644
--- a/test/active_record_test.rb
+++ b/test/active_record_test.rb
@@ -337,4 +337,9 @@ def test_should_evaluate_proc_based_mode
     refute_equal address.encrypted_zipcode, zipcode
     assert_equal address.zipcode, zipcode
   end
+
+  def test_should_filter_decrypted_attributes
+    @person = Person.new(email: 'test@example.com')
+    refute @person.attributes.keys.include? "email"
+  end
 end