IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Remove Firefly III's ability to encrypt data in the database.

Browse Source
This commit is contained in:
James Cole 2019-01-31 19:56:09 +01:00
parent d56bd85328
commit 4307bf3b83
26 changed files with 166 additions and 742 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.deploy/docker/entrypoint.sh
View File

@ -45,6 +45,7 @@ php artisan package:discover
echo "Run various artisan commands..."
php artisan migrate --seed
php artisan firefly:upgrade-database
php artisan firefly:decrypt-all
php artisan firefly:verify
php artisan passport:install
php artisan cache:clear

116
app/Console/Commands/DecryptDatabase.php Normal file
View File

@ -0,0 +1,116 @@
<?php
namespace FireflyIII\Console\Commands;
use Crypt;
use DB;
use FireflyIII\Support\Facades\FireflyConfig;
use Illuminate\Console\Command;
use Illuminate\Contracts\Encryption\DecryptException;
use Log;
/**
*
* Class DecryptDatabase
*/
class DecryptDatabase extends Command
{
/**
* The console command description.
*
* @var string
*/
protected $description = 'Decrypts the database.';
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'firefly:decrypt-all';
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$this->line('Going to decrypt the database.');
$tables = [
'accounts' => ['name', 'iban'],
'attachments' => ['filename', 'mime', 'title', 'description'],
'bills' => ['name', 'match'],
'budgets' => ['name'],
'categories' => ['name'],
'piggy_banks' => ['name'],
'preferences' => ['data'],
'tags' => ['tag', 'description'],
'transaction_journals' => ['description'],
'transactions' => ['description'],
'journal_links' => ['comment'],
];
foreach ($tables as $table => $fields) {
if ($this->isDecrypted($table)) {
$this->info(sprintf('No decryption required for table "%s".', $table));
continue;
}
foreach ($fields as $field) {
$rows = DB::table($table)->get(['id', $field]);
foreach ($rows as $row) {
$original = $row->$field;
if (null === $original) {
continue;
}
$id = $row->id;
$value = $this->tryDecrypt($original);
if ($value !== $original) {
Log::debug(sprintf('Decrypted field "%s" "%s" to "%s" in table "%s" (row #%d)', $field, $original, $value, $table, $id));
DB::table($table)->where('id', $id)->update([$field => $value]);
}
}
}
$this->line(sprintf('Decrypted the data in table "%s".', $table));
// mark as decrypted:
$configName = sprintf('is_decrypted_%s', $table);
FireflyConfig::set($configName, true);
}
$this->info('Done!');
return 0;
}
/**
* @param string $table
*
* @return bool
*/
private function isDecrypted(string $table): bool
{
$configName = sprintf('is_decrypted_%s', $table);
$configVar = FireflyConfig::get($configName, false);
if (null !== $configVar) {
return $configVar->data;
}
return false;
}
/**
* @param $value
*
* @return mixed
*/
private function tryDecrypt($value)
{
try {
$value = Crypt::decrypt($value);
} catch (DecryptException $e) {
//Log::debug(sprintf('Could not decrypt. %s', $e->getMessage()));
}
return $value;
}
}

94
app/Console/Commands/UseEncryption.php
View File

@ -1,94 +0,0 @@
<?php
/**
* UseEncryption.php
* Copyright (c) 2018 thegrumpydictator@gmail.com
*
* This file is part of Firefly III.
*
* Firefly III is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Firefly III is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
*/
declare(strict_types=1);
namespace FireflyIII\Console\Commands;
use Illuminate\Console\Command;
use Illuminate\Support\Str;
/**
* Class UseEncryption.
* @codeCoverageIgnore
*/
class UseEncryption extends Command
{
/**
* The console command description.
*
* @var string
*/
protected $description = 'This command will make sure that entries in the database will be encrypted (or not) according to the settings in .env';
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'firefly:use-encryption';
/**
* Execute the console command.
*/
public function handle(): int
{
if (true === config('firefly.encryption')) {
$this->info('Firefly III configuration calls for encrypted data.');
}
if (false === config('firefly.encryption')) {
$this->info('Firefly III configuration calls for unencrypted data.');
}
$this->handleObjects('Account', 'name', 'encrypted');
$this->handleObjects('Bill', 'name', 'name_encrypted');
$this->handleObjects('Bill', 'match', 'match_encrypted');
$this->handleObjects('Budget', 'name', 'encrypted');
$this->handleObjects('Category', 'name', 'encrypted');
$this->handleObjects('PiggyBank', 'name', 'encrypted');
$this->handleObjects('TransactionJournal', 'description', 'encrypted');
return 0;
}
/**
* Run each object and encrypt them (or not).
*
* @param string $class
* @param string $field
* @param string $indicator
*/
public function handleObjects(string $class, string $field, string $indicator): void
{
$fqn = sprintf('FireflyIII\Models\%s', $class);
$encrypt = true === config('firefly.encryption') ? 0 : 1;
/** @noinspection PhpUndefinedMethodInspection */
$set = $fqn::where($indicator, $encrypt)->withTrashed()->get();
foreach ($set as $entry) {
$newName = $entry->$field;
$entry->$field = $newName;
/** @noinspection PhpUndefinedMethodInspection */
$entry->save();
}
/** @noinspection PhpUndefinedMethodInspection */
$this->line(sprintf('Updated %d %s.', $set->count(), strtolower(Str::plural($class))));
}
}

18
app/Console/Commands/VerifyDatabase.php
View File

@ -450,12 +450,6 @@ class VerifyDatabase extends Command
/** @var stdClass $entry */
foreach ($set as $entry) {
$objName = $entry->name;
try {
$objName = Crypt::decrypt($objName);
} catch (DecryptException $e) {
// it probably was not encrypted.
Log::debug(sprintf('Not a problem: %s', $e->getMessage()));
}
// also count the transactions:
$countTransactions = DB::table('budget_transaction')->where('budget_id', $entry->id)->count();
@ -488,12 +482,6 @@ class VerifyDatabase extends Command
/** @var stdClass $entry */
foreach ($set as $entry) {
$objName = $entry->name;
try {
$objName = Crypt::decrypt($objName);
} catch (DecryptException $e) {
// it probably was not encrypted.
Log::debug(sprintf('Not a problem: %s', $e->getMessage()));
}
// also count the transactions:
$countTransactions = DB::table('category_transaction')->where('category_id', $entry->id)->count();
@ -627,12 +615,6 @@ class VerifyDatabase extends Command
/** @var stdClass $entry */
foreach ($set as $entry) {
$objName = $entry->name;
try {
$objName = Crypt::decrypt($objName);
} catch (DecryptException $e) {
// it probably was not encrypted.
Log::debug(sprintf('Not a problem: %s', $e->getMessage()));
}
$line = sprintf(
'User #%d (%s) has %s #%d ("%s") which has no transactions.',

14
app/Export/Entry/Entry.php
View File

@ -148,14 +148,14 @@ final class Entry
$entry->transaction_type = $transaction->transaction_type_type;
$entry->asset_account_id = (string)$transaction->account_id;
$entry->asset_account_name = app('steam')->tryDecrypt($transaction->account_name);
$entry->asset_account_name = $transaction->account_name;
$entry->asset_account_iban = $transaction->account_iban;
$entry->asset_account_number = $transaction->account_number;
$entry->asset_account_bic = $transaction->account_bic;
$entry->asset_currency_code = $transaction->account_currency_code;
$entry->opposing_account_id = (string)$transaction->opposing_account_id;
$entry->opposing_account_name = app('steam')->tryDecrypt($transaction->opposing_account_name);
$entry->opposing_account_name = $transaction->opposing_account_name;
$entry->opposing_account_iban = $transaction->opposing_account_iban;
$entry->opposing_account_number = $transaction->opposing_account_number;
$entry->opposing_account_bic = $transaction->opposing_account_bic;
@ -163,23 +163,23 @@ final class Entry
// budget
$entry->budget_id = (string)$transaction->transaction_budget_id;
$entry->budget_name = app('steam')->tryDecrypt($transaction->transaction_budget_name);
$entry->budget_name = $transaction->transaction_budget_name;
if (null === $transaction->transaction_budget_id) {
$entry->budget_id = $transaction->transaction_journal_budget_id;
$entry->budget_name = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
$entry->budget_name = $transaction->transaction_journal_budget_name;
}
// category
$entry->category_id = (string)$transaction->transaction_category_id;
$entry->category_name = app('steam')->tryDecrypt($transaction->transaction_category_name);
$entry->category_name = $transaction->transaction_category_name;
if (null === $transaction->transaction_category_id) {
$entry->category_id = $transaction->transaction_journal_category_id;
$entry->category_name = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
$entry->category_name = $transaction->transaction_journal_category_name;
}
// budget
$entry->bill_id = (string)$transaction->bill_id;
$entry->bill_name = app('steam')->tryDecrypt($transaction->bill_name);
$entry->bill_name = $transaction->bill_name;
$entry->tags = $transaction->tags;
$entry->notes = $transaction->notes;

2
app/Export/ExpandedProcessor.php
View File

@ -368,7 +368,7 @@ class ExpandedProcessor implements ProcessorInterface
foreach ($set as $entry) {
$id = (int)$entry->transaction_journal_id;
$result[$id] = $result[$id] ?? [];
$result[$id][] = Crypt::decrypt($entry->tag);
$result[$id][] = $entry->tag;
}
return $result;

20
app/Helpers/Collector/TransactionCollector.php
View File

@ -304,26 +304,10 @@ class TransactionCollector implements TransactionCollectorInterface
// run all filters:
$set = $this->filter($set);
// loop for decryption.
// loop for date.
$set->each(
function (Transaction $transaction) {
$transaction->date = new Carbon($transaction->date);
$transaction->description = app('steam')->decrypt((int)$transaction->encrypted, $transaction->description);
if (null !== $transaction->bill_name) {
$transaction->bill_name = app('steam')->decrypt((int)$transaction->bill_name_encrypted, $transaction->bill_name);
}
$transaction->account_name = app('steam')->tryDecrypt($transaction->account_name);
$transaction->opposing_account_name = app('steam')->tryDecrypt($transaction->opposing_account_name);
$transaction->account_iban = app('steam')->tryDecrypt($transaction->account_iban);
$transaction->opposing_account_iban = app('steam')->tryDecrypt($transaction->opposing_account_iban);
// budget name
$transaction->transaction_journal_budget_name = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
$transaction->transaction_budget_name = app('steam')->tryDecrypt($transaction->transaction_budget_name);
// category name:
$transaction->transaction_journal_category_name = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
$transaction->transaction_category_name = app('steam')->tryDecrypt($transaction->transaction_category_name);
$transaction->date = new Carbon($transaction->date);
}
);

68
app/Models/Account.php
View File

@ -143,49 +143,6 @@ class Account extends Model
return $name;
}
/**
* @param $value
*
* @return string
*
* @throws FireflyException
*/
public function getIbanAttribute($value): string
{
if ('' === (string)$value) {
return '';
}
try {
$result = Crypt::decrypt($value);
} catch (DecryptException $e) {
Log::error($e->getMessage());
Log::error($e->getTraceAsString());
throw new FireflyException('Cannot decrypt value "' . $value . '" for account #' . $this->id);
}
if (null === $result) {
return '';
}
return $result;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getNameAttribute($value): ?string
{
if ($this->encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* Returns the opening balance.
*
@ -237,31 +194,6 @@ class Account extends Model
$query->whereIn('account_types.type', $types);
}
/**
* @param $value
*
* @codeCoverageIgnore
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setIbanAttribute($value): void
{
$this->attributes['iban'] = Crypt::encrypt($value);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setNameAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['encrypted'] = $encrypt;
}
/**
* @codeCoverageIgnore
*

116
app/Models/Attachment.php
View File

@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
use Crypt;
use FireflyIII\User;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
@ -115,70 +114,6 @@ class Attachment extends Model
return sprintf('at-%s.data', (string)$this->id);
}
/**
* @param $value
*
* @codeCoverageIgnore
* @return null|string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getDescriptionAttribute($value): ?string
{
if (null === $value || '' === $value) {
return null;
}
return Crypt::decrypt($value);
}
/**
* @param $value
*
* @codeCoverageIgnore
* @return null|string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getFilenameAttribute($value): ?string
{
if (null === $value || '' === $value) {
return null;
}
return Crypt::decrypt($value);
}
/**
* @param $value
*
* @codeCoverageIgnore
* @return null|string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getMimeAttribute($value): ?string
{
if (null === $value || '' === $value) {
return null;
}
return Crypt::decrypt($value);
}
/**
* @param $value
*
* @codeCoverageIgnore
* @return null|string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getTitleAttribute($value): ?string
{
if (null === $value || '' === $value) {
return null;
}
return Crypt::decrypt($value);
}
/**
* @codeCoverageIgnore
* Get all of the notes.
@ -188,57 +123,6 @@ class Attachment extends Model
return $this->morphMany(Note::class, 'noteable');
}
/**
* @codeCoverageIgnore
*
* @param string|null $value
*/
public function setDescriptionAttribute(string $value = null): void
{
if (null !== $value) {
$this->attributes['description'] = Crypt::encrypt($value);
}
}
/**
* @codeCoverageIgnore
*
* @param string $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setFilenameAttribute(string $value): void
{
$this->attributes['filename'] = Crypt::encrypt($value);
}
/**
* @codeCoverageIgnore
*
* @param string $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setMimeAttribute(string $value): void
{
$this->attributes['mime'] = Crypt::encrypt($value);
}
/**
* @codeCoverageIgnore
*
* @param string $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setTitleAttribute(string $value = null): void
{
if (null !== $value) {
$this->attributes['title'] = Crypt::encrypt($value);
}
}
/**
* @codeCoverageIgnore
* @return BelongsTo

63
app/Models/Bill.php
View File

@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
use Crypt;
use FireflyIII\User;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
@ -80,7 +79,7 @@ class Bill extends Model
/** @var array Fields that can be filled */
protected $fillable
= ['name', 'match', 'amount_min', 'match_encrypted', 'name_encrypted', 'user_id', 'amount_max', 'date', 'repeat_freq', 'skip',
= ['name', 'match', 'amount_min', 'user_id', 'amount_max', 'date', 'repeat_freq', 'skip',
'automatch', 'active', 'transaction_currency_id'];
/** @var array Hidden from view */
protected $hidden = ['amount_min_encrypted', 'amount_max_encrypted', 'name_encrypted', 'match_encrypted'];
@ -117,40 +116,6 @@ class Bill extends Model
return $this->morphMany(Attachment::class, 'attachable');
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getMatchAttribute($value): string
{
if (1 === (int)$this->match_encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getNameAttribute($value): ?string
{
if (1 === (int)$this->name_encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @codeCoverageIgnore
* Get all of the notes.
@ -180,32 +145,6 @@ class Bill extends Model
$this->attributes['amount_min'] = (string)$value;
}
/**
* @param $value
*
* @codeCoverageIgnore
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setMatchAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['match'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['match_encrypted'] = $encrypt;
}
/**
* @param $value
*
* @codeCoverageIgnore
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setNameAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['name_encrypted'] = $encrypt;
}
/**
* @codeCoverageIgnore
* @return BelongsTo

32
app/Models/Budget.php
View File

@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
use Crypt;
use FireflyIII\User;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
@ -101,37 +100,6 @@ class Budget extends Model
return $this->hasMany(BudgetLimit::class);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getNameAttribute($value): ?string
{
if ($this->encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setNameAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['encrypted'] = $encrypt;
}
/**
* @codeCoverageIgnore
* @return BelongsToMany

31
app/Models/Category.php
View File

@ -88,37 +88,6 @@ class Category extends Model
throw new NotFoundHttpException;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getNameAttribute($value): ?string
{
if ($this->encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setNameAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['encrypted'] = $encrypt;
}
/**
* @codeCoverageIgnore
* @return BelongsToMany

32
app/Models/PiggyBank.php
View File

@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
use Crypt;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
@ -104,23 +103,6 @@ class PiggyBank extends Model
return $this->belongsTo(Account::class);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getNameAttribute($value): ?string
{
if ($this->encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @codeCoverageIgnore
* Get all of the piggy bank's notes.
@ -148,20 +130,6 @@ class PiggyBank extends Model
return $this->hasMany(PiggyBankRepetition::class);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setNameAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['encrypted'] = $encrypt;
}
/**
* @codeCoverageIgnore
*

49
app/Models/Preference.php
View File

@ -54,6 +54,7 @@ class Preference extends Model
= [
'created_at' => 'datetime',
'updated_at' => 'datetime',
'data' => 'array',
];
/** @var array Fields that can be filled */
@ -81,54 +82,6 @@ class Preference extends Model
throw new NotFoundHttpException;
}
/**
* @param $value
*
* @return mixed
*
* @throws FireflyException
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
*/
public function getDataAttribute($value)
{
$result = null;
try {
$data = Crypt::decrypt($value);
} catch (DecryptException $e) {
Log::error(sprintf('Could not decrypt preference: %s', $e->getMessage()), ['id' => $this->id, 'name' => $this->name, 'data' => $value]);
throw new FireflyException(
sprintf('Could not decrypt preference #%d. If this error persists, please run "php artisan cache:clear" on the command line.', $this->id)
);
}
$serialized = true;
try {
unserialize($data, ['allowed_classes' => false]);
} /** @noinspection BadExceptionsProcessingInspection */ catch (Exception $e) {
$serialized = false;
}
if (!$serialized) {
$result = json_decode($data, true);
}
if ($serialized) {
Log::error(sprintf('Preference #%d ("%s") was stored as serialised object. It will be deleted and recreated.', $this->id, $this->name));
}
return $result;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setDataAttribute($value): void
{
$this->attributes['data'] = Crypt::encrypt(json_encode($value));
}
/**
* @codeCoverageIgnore
* @return BelongsTo

57
app/Models/Tag.php
View File

@ -93,63 +93,6 @@ class Tag extends Model
throw new NotFoundHttpException;
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getDescriptionAttribute($value): ?string
{
if (null === $value) {
return $value;
}
return Crypt::decrypt($value);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getTagAttribute($value): ?string
{
if (null === $value) {
return null;
}
return Crypt::decrypt($value);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setDescriptionAttribute($value): void
{
$this->attributes['description'] = Crypt::encrypt($value);
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setTagAttribute($value): void
{
$this->attributes['tag'] = Crypt::encrypt($value);
}
/**
* @codeCoverageIgnore

32
app/Models/TransactionJournal.php
View File

@ -196,24 +196,6 @@ class TransactionJournal extends Model
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return string|null
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function getDescriptionAttribute($value): ?string
{
if ($this->encrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @codeCoverageIgnore
* @return bool
*/
public function isDeposit(): bool
@ -324,20 +306,6 @@ class TransactionJournal extends Model
}
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setDescriptionAttribute($value): void
{
$encrypt = config('firefly.encryption');
$this->attributes['description'] = $encrypt ? Crypt::encrypt($value) : $value;
$this->attributes['encrypted'] = $encrypt;
}
/**
* @codeCoverageIgnore
* @return HasMany

33
app/Models/TransactionJournalLink.php
View File

@ -93,22 +93,6 @@ class TransactionJournalLink extends Model
return $this->belongsTo(TransactionJournal::class, 'destination_id');
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @return null|string
*/
public function getCommentAttribute($value): ?string
{
if (null !== $value) {
return app('steam')->tryDecrypt($value);
}
return null;
}
/**
* @codeCoverageIgnore
* @return BelongsTo
@ -127,23 +111,6 @@ class TransactionJournalLink extends Model
return $this->morphMany(Note::class, 'noteable');
}
/**
* @codeCoverageIgnore
*
* @param $value
*
* @throws \Illuminate\Contracts\Encryption\EncryptException
*/
public function setCommentAttribute($value): void
{
if (null !== $value && \strlen($value) > 0) {
$this->attributes['comment'] = Crypt::encrypt($value);
return;
}
$this->attributes['comment'] = null;
}
/**
* @codeCoverageIgnore
* @return BelongsTo

1
app/Support/Facades/Steam.php
View File

@ -39,7 +39,6 @@ use Illuminate\Support\Facades\Facade;
* @method string negative(string $amount)
* @method string|null opposite(string $amount = null)
* @method int phpBytes(string $string)
* @method tryDecrypt($value)
* @method string positive(string $amount)
*
* @codeCoverageIgnore

9
app/Support/Http/Controllers/AugumentData.php
View File

@ -107,9 +107,6 @@ trait AugumentData
$categoryName = $transaction->transaction_journal_category_name;
$categoryId = (int)$transaction->transaction_journal_category_id;
}
if (0 !== $categoryId) {
$categoryName = app('steam')->tryDecrypt($categoryName);
}
// if not set, set to zero:
if (!isset($sum[$categoryId][$currencyId])) {
@ -559,9 +556,6 @@ trait AugumentData
$budgetName = $transaction->transaction_journal_budget_name;
$budgetId = (int)$transaction->transaction_journal_budget_id;
}
if (0 !== $budgetId) {
$budgetName = app('steam')->tryDecrypt($budgetName);
}
// if not set, set to zero:
if (!isset($sum[$budgetId][$currencyId])) {
@ -627,9 +621,6 @@ trait AugumentData
$categoryName = $transaction->transaction_journal_category_name;
$categoryId = (int)$transaction->transaction_journal_category_id;
}
if (0 !== $categoryId) {
$categoryName = app('steam')->tryDecrypt($categoryName);
}
// if not set, set to zero:
if (!isset($sum[$categoryId][$currencyId])) {

14
app/Support/Search/Modifier.php
View File

@ -63,12 +63,12 @@ class Modifier
$res = true;
switch ($modifier['type']) {
case 'source':
$name = app('steam')->tryDecrypt($transaction->account_name);
$name = $transaction->account_name;
$res = self::stringCompare($name, $modifier['value']);
Log::debug(sprintf('Source is %s? %s', $modifier['value'], var_export($res, true)));
break;
case 'destination':
$name = app('steam')->tryDecrypt($transaction->opposing_account_name);
$name = $transaction->opposing_account_name;
$res = self::stringCompare($name, $modifier['value']);
Log::debug(sprintf('Destination is %s? %s', $modifier['value'], var_export($res, true)));
break;
@ -81,7 +81,7 @@ class Modifier
Log::debug(sprintf('Budget is %s? %s', $modifier['value'], var_export($res, true)));
break;
case 'bill':
$name = app('steam')->tryDecrypt($transaction->bill_name);
$name = $transaction->bill_name;
$res = self::stringCompare($name, $modifier['value']);
Log::debug(sprintf('Bill is %s? %s', $modifier['value'], var_export($res, true)));
break;
@ -171,11 +171,11 @@ class Modifier
{
$journalBudget = '';
if (null !== $transaction->transaction_journal_budget_name) {
$journalBudget = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
$journalBudget = $transaction->transaction_journal_budget_name;
}
$transactionBudget = '';
if (null !== $transaction->transaction_budget_name) {
$journalBudget = app('steam')->tryDecrypt($transaction->transaction_budget_name);
$journalBudget = $transaction->transaction_budget_name;
}
return self::stringCompare($journalBudget, $search) || self::stringCompare($transactionBudget, $search);
@ -191,11 +191,11 @@ class Modifier
{
$journalCategory = '';
if (null !== $transaction->transaction_journal_category_name) {
$journalCategory = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
$journalCategory = $transaction->transaction_journal_category_name;
}
$transactionCategory = '';
if (null !== $transaction->transaction_category_name) {
$journalCategory = app('steam')->tryDecrypt($transaction->transaction_category_name);
$journalCategory = $transaction->transaction_category_name;
}
return self::stringCompare($journalCategory, $search) || self::stringCompare($transactionCategory, $search);

31
app/Support/Steam.php
View File

@ -377,22 +377,6 @@ class Steam
return trim($string);
}
/**
* @param int $isEncrypted
* @param $value
*
* @return string
* @throws \Illuminate\Contracts\Encryption\DecryptException
*/
public function decrypt(int $isEncrypted, string $value): string
{
if (1 === $isEncrypted) {
return Crypt::decrypt($value);
}
return $value;
}
/**
* @param array $accounts
*
@ -490,19 +474,4 @@ class Steam
return $amount;
}
/**
* @param $value
*
* @return mixed
*/
public function tryDecrypt($value)
{
try {
$value = Crypt::decrypt($value);
} catch (DecryptException $e) {
// do not care.
}
return $value;
}
}

16
app/Support/Twig/Extension/Transaction.php
View File

@ -131,13 +131,13 @@ class Transaction extends Twig_Extension
$txt = '';
// journal has a budget:
if (null !== $transaction->transaction_journal_budget_id) {
$name = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
$name = $transaction->transaction_journal_budget_name;
$txt = sprintf('<a href="%s" title="%s">%s</a>', route('budgets.show', [$transaction->transaction_journal_budget_id]), $name, $name);
}
// transaction has a budget
if (null !== $transaction->transaction_budget_id && '' === $txt) {
$name = app('steam')->tryDecrypt($transaction->transaction_budget_name);
$name = $transaction->transaction_budget_name;
$txt = sprintf('<a href="%s" title="%s">%s</a>', route('budgets.show', [$transaction->transaction_budget_id]), $name, $name);
}
@ -169,13 +169,13 @@ class Transaction extends Twig_Extension
$txt = '';
// journal has a category:
if (null !== $transaction->transaction_journal_category_id) {
$name = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
$name = $transaction->transaction_journal_category_name;
$txt = sprintf('<a href="%s" title="%s">%s</a>', route('categories.show', [$transaction->transaction_journal_category_id]), $name, $name);
}
// transaction has a category:
if (null !== $transaction->transaction_category_id && '' === $txt) {
$name = app('steam')->tryDecrypt($transaction->transaction_category_name);
$name = $transaction->transaction_category_name;
$txt = sprintf('<a href="%s" title="%s">%s</a>', route('categories.show', [$transaction->transaction_category_id]), $name, $name);
}
@ -224,7 +224,7 @@ class Transaction extends Twig_Extension
return '&mdash;';
}
$name = app('steam')->tryDecrypt($transaction->account_name);
$name = $transaction->account_name;
$iban = $transaction->account_iban;
$transactionId = (int)$transaction->account_id;
$type = $transaction->account_type;
@ -255,7 +255,7 @@ class Transaction extends Twig_Extension
return '';
}
$name = app('steam')->tryDecrypt($other->name);
$name = $other->name;
$transactionId = $other->account_id;
$type = $other->type;
}
@ -384,7 +384,7 @@ class Transaction extends Twig_Extension
}
// if the amount is negative, assume that the current account (the one in $transaction) is indeed the source account.
$name = app('steam')->tryDecrypt($transaction->account_name);
$name = $transaction->account_name;
$transactionId = (int)$transaction->account_id;
$type = $transaction->account_type;
$iban = $transaction->account_iban;
@ -408,7 +408,7 @@ class Transaction extends Twig_Extension
->leftJoin('accounts', 'accounts.id', '=', 'transactions.account_id')
->leftJoin('account_types', 'account_types.id', '=', 'accounts.account_type_id')
->first(['transactions.account_id', 'accounts.encrypted', 'accounts.name', 'account_types.type']);
$name = app('steam')->tryDecrypt($other->name);
$name = $other->name;
$transactionId = $other->account_id;
$type = $other->type;
}

26
app/Validation/FireflyValidator.php
View File

@ -467,7 +467,6 @@ class FireflyValidator extends Validator
*/
public function validateUniqueObjectForUser($attribute, $value, $parameters): bool
{
$value = $this->tryDecrypt($value);
[$table, $field] = $parameters;
$exclude = (int)($parameters[2] ?? 0.0);
@ -486,7 +485,7 @@ class FireflyValidator extends Validator
->where('id', '!=', $exclude)->get([$field]);
foreach ($set as $entry) {
$fieldValue = $this->tryDecrypt($entry->$field);
$fieldValue = $entry->$field;
if ($fieldValue === $value) {
return false;
@ -518,7 +517,7 @@ class FireflyValidator extends Validator
/** @var PiggyBank $entry */
foreach ($set as $entry) {
$fieldValue = $this->tryDecrypt($entry->name);
$fieldValue = $entry->name;
if ($fieldValue === $value) {
return false;
}
@ -527,22 +526,6 @@ class FireflyValidator extends Validator
return true;
}
/**
* @param $value
*
* @return mixed
*/
private function tryDecrypt($value)
{
try {
$value = Crypt::decrypt($value);
} catch (DecryptException $e) {
//Log::debug(sprintf('Could not decrypt. %s', $e->getMessage()));
}
return $value;
}
/**
* @return bool
*/
@ -554,7 +537,7 @@ class FireflyValidator extends Validator
$user = User::find($this->data['user_id']);
$type = AccountType::find($this->data['account_type_id'])->first();
$value = $this->tryDecrypt($this->data['name']);
$value = $this->data['name'];
$set = $user->accounts()->where('account_type_id', $type->id)->get();
/** @var Account $entry */
@ -579,7 +562,7 @@ class FireflyValidator extends Validator
$type = $existingAccount->accountType;
$ignore = $existingAccount->id;
$value = $this->tryDecrypt($value);
$value = $value;
/** @var Collection $set */
$set = auth()->user()->accounts()->where('account_type_id', $type->id)->where('id', '!=', $ignore)->get();
@ -603,7 +586,6 @@ class FireflyValidator extends Validator
{
$type = AccountType::find($this->data['account_type_id'])->first();
$ignore = (int)($parameters[0] ?? 0.0);
$value = $this->tryDecrypt($value);
/** @var Collection $set */
$set = auth()->user()->accounts()->where('account_type_id', $type->id)->where('id', '!=', $ignore)->get();

1
composer.json
View File

@ -133,6 +133,7 @@
],
"post-update-cmd": [
"@php artisan firefly:upgrade-database",
"@php artisan firefly:decrypt-all",
"@php artisan firefly:verify",
"@php artisan firefly:instructions update",
"@php artisan passport:install"

30
config/upgrade.php
View File

@ -25,23 +25,25 @@ return [
'text' => [
'upgrade' =>
[
'4.3' => 'Make sure you run the migrations and clear your cache. If you need more help, please check Github or the Firefly III website.',
'4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
'4.6.4' => 'This version of Firefly III requires PHP7.1.',
'4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
'4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
'4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
'4.7.7' => 'This version of Firefly III requires PHP7.2.',
'4.3' => 'Make sure you run the migrations and clear your cache. If you need more help, please check Github or the Firefly III website.',
'4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
'4.6.4' => 'This version of Firefly III requires PHP7.1.',
'4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
'4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
'4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
'4.7.7' => 'This version of Firefly III requires PHP7.2.',
'4.7.10' => 'Firefly III no longer encrypts database values. To protect your data, make sure you use TDE or FDE. Read more: https://bit.ly/FF3-encryption',
],
'install' =>
[
'4.3' => 'Welcome to Firefly! Make sure you follow the installation guide. If you need more help, please check Github or the Firefly III website. The installation guide has a FAQ which you should check out as well.',
'4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
'4.6.4' => 'This version of Firefly III requires PHP7.1.',
'4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
'4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
'4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
'4.7.7' => 'This version of Firefly III requires PHP7.2.',
'4.3' => 'Welcome to Firefly! Make sure you follow the installation guide. If you need more help, please check Github or the Firefly III website. The installation guide has a FAQ which you should check out as well.',
'4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
'4.6.4' => 'This version of Firefly III requires PHP7.1.',
'4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
'4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
'4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
'4.7.7' => 'This version of Firefly III requires PHP7.2.',
'4.7.10' => 'Firefly III no longer encrypts database values. To protect your data, make sure you use TDE or FDE. Read more: https://bit.ly/FF3-encryption',
],
],
];

2
tests/Unit/Helpers/Attachments/AttachmentHelperTest.php
View File

@ -114,7 +114,7 @@ class AttachmentHelperTest extends TestCase
public function testSaveAttachmentFromApi(): void
{
// mock calls:
Crypt::shouldReceive('encrypt')->times(6)->andReturn('Some encrypted content');
Crypt::shouldReceive('encrypt')->times(1)->andReturn('Some encrypted content');
Storage::fake('upload');
$path = public_path('apple-touch-icon.png');