Make encryption config optional for self hosting users

app/controllers/concerns/store_location.rb

@@ -5,13 +5,21 @@ module StoreLocation
     helper_method :previous_path
     before_action :store_return_to
     after_action :clear_previous_path
+
+    rescue_from ActiveRecord::RecordNotFound, with: :handle_not_found
   end
 
   def previous_path
     session[:return_to] || fallback_path
   end
 
 private
+  def handle_not_found
+    if request.fullpath == session[:return_to]
+      session.delete(:return_to)
+      redirect_to fallback_path
+    end
+  end
 
   def store_return_to
     if params[:return_to].present?

app/models/plaid_item.rb

@@ -1,7 +1,10 @@
 class PlaidItem < ApplicationRecord
   include Plaidable, Syncable
 
-  encrypts :access_token, deterministic: true
+  if Rails.application.credentials.active_record_encryption.present?
+    encrypts :access_token, deterministic: true
+  end
+
   validates :name, :access_token, presence: true
 
   before_destroy :remove_plaid_item

config/application.rb

@@ -30,5 +30,10 @@ class Application < Rails::Application
     config.i18n.fallbacks = true
 
     config.app_mode = (ENV["SELF_HOSTED"] == "true" || ENV["SELF_HOSTING_ENABLED"] == "true" ? "self_hosted" : "managed").inquiry
+
+    # Self hosters can optionally set their own encryption keys if they want to use ActiveRecord encryption.
+    if Rails.application.credentials.active_record_encryption.present?
+      config.active_record.encryption = Rails.application.credentials.active_record_encryption
+    end
   end
 end

config/environments/production.rb

@@ -94,6 +94,4 @@
   # ]
   # Skip DNS rebinding protection for the default health check endpoint.
   # config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
-
-  config.active_record.encryption = Rails.application.credentials.active_record_encryption
 end