fix(migration): prevent encrypting already encrypted values
This commit is contained in:
parent
d4bf4027c1
commit
ac3e908c04
|
@ -34,6 +34,13 @@ class V06 extends Migration
|
|||
break;
|
||||
case Database::SYSTEM_COLLECTION_KEYS:
|
||||
if ($document->getAttribute('secret', null)) {
|
||||
$json = \json_decode($document->getAttribute('secret'));
|
||||
if ($json->{'data'} || $json->{'method'} || $json->{'iv'} || $json->{'tag'} || $json->{'version'})
|
||||
{
|
||||
Console::log('Secret already encrypted. Skipped: ' . $document->getId());
|
||||
break;
|
||||
}
|
||||
|
||||
$key = App::getEnv('_APP_OPENSSL_KEY_V1');
|
||||
$iv = OpenSSL::randomPseudoBytes(OpenSSL::cipherIVLength(OpenSSL::CIPHER_AES_128_GCM));
|
||||
$tag = null;
|
||||
|
|
|
@ -52,5 +52,8 @@ class MigrationV06Test extends TestCase
|
|||
$this->assertObjectHasAttribute('iv', $encrypted);
|
||||
$this->assertObjectHasAttribute('tag', $encrypted);
|
||||
$this->assertObjectHasAttribute('version', $encrypted);
|
||||
|
||||
$document = $method->invokeArgs($v06, [$document]);
|
||||
$this->assertEquals($document->getAttribute('secret', null), json_encode($encrypted));
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue