defrex/django-encrypted-fields

fields.py

oditorium opened this issue · 1 comments

oditorium commented

I think in fields.py you want it to say

self._crypter = keyczar.Crypter.Read(keyname)

otherwise this does not make sense

def crypter(self):
    return self._crypter
shanecav84 commented

return self._crypter really refers to self._crypter = self._crypter_klass(self.keydir) which then refers to self._crypter_klass = kwargs.pop('crypter_klass', KeyczarWrapper) which is what is referring to self.crypter = keyczar.Crypter.Read(keyname)

Going to try and explain that more clearly: return self._crypter is returning a crypter class that could be either a custom class given as a kwarg or defaulting to KeyczarWrapper. KeyczarWrapper specifically defines its crypter as Google's keyczar but a custom class could define its own crypter.

The EncryptedFieldMixin takes whichever crypter it's given, whether custom or default, and assigns it as a "private" instance variable, specifically self._crypter_klass.

self._crypter is another private class variable that instantiates the assigned self._crypter_klass with a filesystem location (self.keydir) for the encryption key.

def crypter(self) simply returns the assigned self._crypter, seemingly to explicitly define the crypter syntatically with parentheses, reflecting that self._crypter is an instantiated object belonging to the mixin with its own methods, hence self.crypter().decrypt(value)

All in all, this makes sense to me because self.crypter in KeyczarWrapper is not a "private" class variable and therefore should not have an underscore. self._crypter in EncryptedFieldMixin should have an underscore because it's only used within that class and is not intended to be used as an public attribute of the mixin.

tl;dr: self._crypter is a private instance variable of EncryptedFieldsMixin. self.crypter (without the underscore) is a public instance variable of KeyczarWrapper.

Note: I did not write any of the code under discussion. I have been job hunting and trying to explain helps keep me sharp for whatever might come up. Apologies for the verbosity. Happy to hear why I'm wrong, also.

  • 👍1