61 lines
2.3 KiB
PHP
61 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace Appwrite\Migration\Version;
|
|
|
|
|
|
use Utopia\App;
|
|
use Utopia\CLI\Console;
|
|
use Appwrite\Database\Database;
|
|
use Appwrite\Database\Document;
|
|
use Appwrite\Migration\Migration;
|
|
use Appwrite\OpenSSL\OpenSSL;
|
|
|
|
class V06 extends Migration
|
|
{
|
|
public function execute(): void
|
|
{
|
|
$project = $this->project;
|
|
Console::log('Migrating project: ' . $project->getAttribute('name') . ' (' . $project->getId() . ')');
|
|
|
|
$this->projectDB->disableFilters();
|
|
$this->forEachDocument([$this, 'fixDocument']);
|
|
$this->projectDB->enableFilters();
|
|
}
|
|
|
|
protected function fixDocument(Document $document)
|
|
{
|
|
switch ($document->getAttribute('$collection')) {
|
|
case Database::SYSTEM_COLLECTION_USERS:
|
|
if ($document->getAttribute('password-update', null)) {
|
|
$document
|
|
->setAttribute('passwordUpdate', $document->getAttribute('password-update', $document->getAttribute('passwordUpdate', '')))
|
|
->removeAttribute('password-update');
|
|
}
|
|
break;
|
|
case Database::SYSTEM_COLLECTION_KEYS:
|
|
if ($document->getAttribute('secret', null)) {
|
|
$json = \json_decode($document->getAttribute('secret'));
|
|
if ($json->{'data'} || $json->{'method'} || $json->{'iv'} || $json->{'tag'} || $json->{'version'})
|
|
{
|
|
Console::log('Secret already encrypted. Skipped: ' . $document->getId());
|
|
break;
|
|
}
|
|
|
|
$key = App::getEnv('_APP_OPENSSL_KEY_V1');
|
|
$iv = OpenSSL::randomPseudoBytes(OpenSSL::cipherIVLength(OpenSSL::CIPHER_AES_128_GCM));
|
|
$tag = null;
|
|
|
|
$document->setAttribute('secret', json_encode([
|
|
'data' => OpenSSL::encrypt($document->getAttribute('secret'), OpenSSL::CIPHER_AES_128_GCM, $key, 0, $iv, $tag),
|
|
'method' => OpenSSL::CIPHER_AES_128_GCM,
|
|
'iv' => bin2hex($iv),
|
|
'tag' => bin2hex($tag),
|
|
'version' => '1',
|
|
]));
|
|
}
|
|
break;
|
|
}
|
|
return $document;
|
|
}
|
|
}
|