From 0727632b7876797fcea76c5b938688194bb81206 Mon Sep 17 00:00:00 2001
From: Zee Spencer <50284+zspencer@users.noreply.github.com>
Date: Thu, 2 Mar 2023 12:31:37 -0800
Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=94=90=20`Marketplace`:=20Encrypt=20d?=
 =?UTF-8?q?elivery=20addresses!?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- https://github.com/zinc-collective/convene/issues/1136
- https://github.com/zinc-collective/convene/issues/831

So, I totally didn't think about how delivery addresses are PII and
probably should not be stored in plaintext! Womp. Womp. Womp.

Now they ain't!

We'll want to delete the `release:after_build` bits after a prod deploy.
---
 app/furniture/marketplace/order.rb                          | 2 +-
 ...0302202459_marketplace_encrypt_order_delivery_address.rb | 6 ++++++
 db/schema.rb                                                | 5 +++--
 lib/tasks/release.rake                                      | 6 ++++++
 4 files changed, 16 insertions(+), 3 deletions(-)
 create mode 100644 db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb

diff --git a/app/furniture/marketplace/order.rb b/app/furniture/marketplace/order.rb
index 7f0ebf648..c1ef11048 100644
--- a/app/furniture/marketplace/order.rb
+++ b/app/furniture/marketplace/order.rb
@@ -11,7 +11,7 @@ class Order < Record
     has_many :ordered_products, inverse_of: :order, foreign_key: :cart_id
     has_many :products, through: :ordered_products, inverse_of: :orders
 
-    attribute :delivery_address, :string
+    has_encrypted :delivery_address
 
     enum status: {
       pre_checkout: "pre_checkout",
diff --git a/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb b/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb
new file mode 100644
index 000000000..01fd09238
--- /dev/null
+++ b/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb
@@ -0,0 +1,6 @@
+class MarketplaceEncryptOrderDeliveryAddress < ActiveRecord::Migration[7.0]
+  def change
+    rename_column :marketplace_orders, :delivery_address, :deprecated_delivery_address
+    add_column :marketplace_orders, :delivery_address_ciphertext, :text
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index d3cb5edea..2bf74e2cc 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.0].define(version: 2023_03_02_024315) do
+ActiveRecord::Schema[7.0].define(version: 2023_03_02_202459) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "pgcrypto"
   enable_extension "plpgsql"
@@ -134,8 +134,9 @@
     t.uuid "shopper_id"
     t.string "status", default: "pre_checkout", null: false
     t.string "stripe_session_id"
-    t.string "delivery_address"
+    t.string "deprecated_delivery_address"
     t.string "contact_email"
+    t.text "delivery_address_ciphertext"
     t.index ["marketplace_id"], name: "index_marketplace_orders_on_marketplace_id"
     t.index ["shopper_id"], name: "index_marketplace_orders_on_shopper_id"
   end
diff --git a/lib/tasks/release.rake b/lib/tasks/release.rake
index ece31e431..d7e183b3b 100644
--- a/lib/tasks/release.rake
+++ b/lib/tasks/release.rake
@@ -3,6 +3,12 @@
 namespace :release do
   desc "Ensures any post-release / pre-deploy behavior has occurred"
   task after_build: [:environment, "db:prepare"] do
+    # @todo Delete after running in prod
+    Marketplace::Order.all.find_each do |order|
+      next unless order.deprecated_delivery_address.present?
+
+      order.update(delivery_address: order.deprecated_delivery_address, deprecated_delivery_address: nil)
+    end
     SystemTestSpace.prepare
   end
 end

From 2fdd8a3c9cf92d3090e44acbc9363b6057f64d78 Mon Sep 17 00:00:00 2001
From: Zee Spencer <50284+zspencer@users.noreply.github.com>
Date: Fri, 3 Mar 2023 12:12:54 -0800
Subject: [PATCH 2/2] `Marketplace`: Use `Lockbox.migrate` for safety

@KellyAH found Lockbox's guide to migrating data: https://github.com/zinc-collective/convene/pull/1169/files#r1124067175

And it's way better!
---
 app/furniture/marketplace/cart.rb                          | 2 ++
 app/furniture/marketplace/order.rb                         | 2 +-
 ...302202459_marketplace_encrypt_order_delivery_address.rb | 1 -
 db/schema.rb                                               | 2 +-
 lib/tasks/release.rake                                     | 7 +------
 5 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/app/furniture/marketplace/cart.rb b/app/furniture/marketplace/cart.rb
index 2f974594a..53c4a5700 100644
--- a/app/furniture/marketplace/cart.rb
+++ b/app/furniture/marketplace/cart.rb
@@ -15,6 +15,8 @@ class Cart < Record
     has_many :cart_products, dependent: :destroy, inverse_of: :cart
     has_many :products, through: :cart_products, inverse_of: :carts
 
+    has_encrypted :delivery_address, migrating: true
+
     enum status: {
       pre_checkout: "pre_checkout",
       paid: "paid"
diff --git a/app/furniture/marketplace/order.rb b/app/furniture/marketplace/order.rb
index c1ef11048..4787acd38 100644
--- a/app/furniture/marketplace/order.rb
+++ b/app/furniture/marketplace/order.rb
@@ -11,7 +11,7 @@ class Order < Record
     has_many :ordered_products, inverse_of: :order, foreign_key: :cart_id
     has_many :products, through: :ordered_products, inverse_of: :orders
 
-    has_encrypted :delivery_address
+    has_encrypted :delivery_address, migrating: true
 
     enum status: {
       pre_checkout: "pre_checkout",
diff --git a/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb b/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb
index 01fd09238..6353d1803 100644
--- a/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb
+++ b/db/migrate/20230302202459_marketplace_encrypt_order_delivery_address.rb
@@ -1,6 +1,5 @@
 class MarketplaceEncryptOrderDeliveryAddress < ActiveRecord::Migration[7.0]
   def change
-    rename_column :marketplace_orders, :delivery_address, :deprecated_delivery_address
     add_column :marketplace_orders, :delivery_address_ciphertext, :text
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index 2bf74e2cc..6f0ba1687 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -134,7 +134,7 @@
     t.uuid "shopper_id"
     t.string "status", default: "pre_checkout", null: false
     t.string "stripe_session_id"
-    t.string "deprecated_delivery_address"
+    t.string "delivery_address"
     t.string "contact_email"
     t.text "delivery_address_ciphertext"
     t.index ["marketplace_id"], name: "index_marketplace_orders_on_marketplace_id"
diff --git a/lib/tasks/release.rake b/lib/tasks/release.rake
index d7e183b3b..7f0a5e004 100644
--- a/lib/tasks/release.rake
+++ b/lib/tasks/release.rake
@@ -3,12 +3,7 @@
 namespace :release do
   desc "Ensures any post-release / pre-deploy behavior has occurred"
   task after_build: [:environment, "db:prepare"] do
-    # @todo Delete after running in prod
-    Marketplace::Order.all.find_each do |order|
-      next unless order.deprecated_delivery_address.present?
-
-      order.update(delivery_address: order.deprecated_delivery_address, deprecated_delivery_address: nil)
-    end
+    Lockbox.migrate(Marketplace::Order)
     SystemTestSpace.prepare
   end
 end