firefly-iii/app/Console/Commands/DecryptDatabase.php

225 lines
6.3 KiB
PHP
Raw Normal View History

<?php
2019-02-09 03:36:59 -06:00
/**
* DecryptDatabase.php
2020-01-23 13:35:02 -06:00
* Copyright (c) 2020 james@firefly-iii.org
2019-02-09 03:36:59 -06:00
*
* This file is part of Firefly III (https://github.com/firefly-iii).
2019-02-09 03:36:59 -06:00
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
2019-02-09 03:36:59 -06:00
*
* This program is distributed in the hope that it will be useful,
2019-02-09 03:36:59 -06:00
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
2019-02-09 03:36:59 -06:00
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
2019-02-09 03:36:59 -06:00
*/
declare(strict_types=1);
namespace FireflyIII\Console\Commands;
use Crypt;
use DB;
2019-03-05 09:55:03 -06:00
use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Models\Preference;
use Illuminate\Console\Command;
use Illuminate\Contracts\Encryption\DecryptException;
2020-03-25 00:58:39 -05:00
use JsonException;
use Log;
2020-10-18 01:25:56 -05:00
use stdClass;
/**
* Class DecryptDatabase
*/
class DecryptDatabase extends Command
{
/**
* The console command description.
*
* @var string
*/
protected $description = 'Decrypts the database.';
/**
* The name and signature of the console command.
*
* @var string
*/
2019-06-10 13:14:00 -05:00
protected $signature = 'firefly-iii:decrypt-all';
/**
* Execute the console command.
*
* @return int
*/
2019-06-10 13:14:00 -05:00
public function handle(): int
{
$this->line('Going to decrypt the database.');
$tables = [
'accounts' => ['name', 'iban'],
'attachments' => ['filename', 'mime', 'title', 'description'],
'bills' => ['name', 'match'],
'budgets' => ['name'],
'categories' => ['name'],
'piggy_banks' => ['name'],
'preferences' => ['data'],
'tags' => ['tag', 'description'],
'transaction_journals' => ['description'],
'transactions' => ['description'],
'journal_links' => ['comment'],
];
2020-10-18 01:25:56 -05:00
/**
* @var string $table
* @var array $fields
*/
foreach ($tables as $table => $fields) {
2020-10-18 01:25:56 -05:00
$this->decryptTable($table, $fields);
}
$this->info('Done!');
2020-03-21 09:43:41 -05:00
return 0;
}
2021-03-21 03:15:40 -05:00
/**
* @param string $table
* @param array $fields
*/
private function decryptTable(string $table, array $fields): void
{
if ($this->isDecrypted($table)) {
$this->info(sprintf('No decryption required for table "%s".', $table));
return;
}
foreach ($fields as $field) {
$this->decryptField($table, $field);
}
$this->line(sprintf('Decrypted the data in table "%s".', $table));
// mark as decrypted:
$configName = sprintf('is_decrypted_%s', $table);
app('fireflyconfig')->set($configName, true);
}
/**
* @param string $table
*
* @return bool
*/
private function isDecrypted(string $table): bool
{
$configName = sprintf('is_decrypted_%s', $table);
2020-10-18 01:25:56 -05:00
$configVar = null;
try {
$configVar = app('fireflyconfig')->get($configName, false);
} catch (FireflyException $e) {
Log::error($e->getMessage());
}
if (null !== $configVar) {
2022-03-29 07:56:27 -05:00
return (bool) $configVar->data;
}
return false;
}
2020-10-18 01:25:56 -05:00
/**
* @param string $table
* @param string $field
*/
private function decryptField(string $table, string $field): void
{
$rows = DB::table($table)->get(['id', $field]);
/** @var stdClass $row */
foreach ($rows as $row) {
$this->decryptRow($table, $field, $row);
}
}
/**
* @param string $table
* @param string $field
* @param stdClass $row
*/
private function decryptRow(string $table, string $field, stdClass $row): void
{
$original = $row->$field;
if (null === $original) {
return;
}
2022-03-29 07:56:27 -05:00
$id = (int) $row->id;
2020-10-18 01:25:56 -05:00
$value = '';
try {
$value = $this->tryDecrypt($original);
} catch (FireflyException $e) {
$message = sprintf('Could not decrypt field "%s" in row #%d of table "%s": %s', $field, $id, $table, $e->getMessage());
$this->error($message);
Log::error($message);
Log::error($e->getTraceAsString());
}
// A separate routine for preferences table:
if ('preferences' === $table) {
$this->decryptPreferencesRow($id, $value);
2021-03-21 03:15:40 -05:00
2020-10-18 01:25:56 -05:00
return;
}
if ($value !== $original) {
DB::table($table)->where('id', $id)->update([$field => $value]);
}
}
2021-03-21 03:15:40 -05:00
/**
* Tries to decrypt data. Will only throw an exception when the MAC is invalid.
*
2021-04-26 23:42:07 -05:00
* @param mixed $value
2021-03-21 03:15:40 -05:00
*
* @return string
* @throws FireflyException
*/
private function tryDecrypt($value)
{
try {
$value = Crypt::decrypt($value);
} catch (DecryptException $e) {
if ('The MAC is invalid.' === $e->getMessage()) {
2021-04-07 00:28:43 -05:00
throw new FireflyException($e->getMessage(), 0, $e);
2021-03-21 03:15:40 -05:00
}
}
return $value;
}
2020-10-18 01:25:56 -05:00
/**
* @param int $id
* @param string $value
*/
private function decryptPreferencesRow(int $id, string $value): void
{
// try to json_decrypt the value.
try {
$newValue = json_decode($value, true, 512, JSON_THROW_ON_ERROR) ?? $value;
} catch (JsonException $e) {
2020-10-25 00:35:58 -05:00
$message = sprintf('Could not JSON decode preference row #%d: %s. This does not have to be a problem.', $id, $e->getMessage());
2020-10-18 01:25:56 -05:00
$this->error($message);
2020-10-25 00:35:58 -05:00
Log::warning($message);
Log::warning($value);
Log::warning($e->getTraceAsString());
2021-03-21 03:15:40 -05:00
2020-10-18 01:25:56 -05:00
return;
}
/** @var Preference $object */
2022-03-29 07:56:27 -05:00
$object = Preference::find((int) $id);
2020-10-18 01:25:56 -05:00
if (null !== $object) {
$object->data = $newValue;
$object->save();
}
}
}