Exception when encrypting JSON Field about doctrineencryptbundle HOT 8 OPEN

Hello Michael, did you have any progress on this? What kind of change do you think would need to be made? I could try to make a PR if you have some general direction.

from doctrineencryptbundle.

For anyone else who's interested, I had a solid look into this. All the events that doctrine fires are before the field is transformed from an object (or array) into a string. Therefore there's really no way this code can hook into the persistence process to encrypt the string after conversion. Thanks Doctrine 🙄

from doctrineencryptbundle.

Does this mean that there won't be a fix/workaround for this problem?

from doctrineencryptbundle.

I'd rather the maintainer respond to your question @McCrafterIV , but from where I sit, it doesn't seem possible. You could, as I have, roll your own custom doctrine type that does the same thing that the listener does. Call it 'encrypted_json' or some such

from doctrineencryptbundle.

Any update regarding this issue?

from doctrineencryptbundle.

If it helps you, I can confirm that making this change constitutes a significant deviation from this project's implementation. You might consider using this package instead? https://github.com/brighte-capital/doctrine-encrypted-json, though the README isn't really up-to-date

from doctrineencryptbundle.

Otherwise, you just have to give the type text to your field (let's imagine foo) and in the methods getFoo(), implement the decoding of your json and in setFoo($foo), implement the encoding in json. No ? With json_decode() and json_encode().

Or, instead of JSON, use the serialize and unserialize methods directly on the array in the getter & setter methods.

EDIT: Ah heck, I just took the time to test what I said, and since it's the getters and setters that are called for encryption and decryption the problem is the same.

So we have to implement serialization and unserialization in other methods if we want use the encryption.

from doctrineencryptbundle.

Here is an example of how to implement the encryption of an array (or others, DateTime for exemple, juste adapt to your needs) field in the database:

<?php

namespace App\Entity;

use Ambta\DoctrineEncryptBundle\Configuration\Encrypted;
use App\Repository\FooRepository;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Table(name="app_foo")
 * @ORM\Entity(repositoryClass=FooRepository::class)
 */
class Foo {
    /**
     * @var int|null $id
     * @ORM\Id
     * @ORM\GeneratedValue
     * @ORM\Column(name="id", type="integer")
     *
     * @note `null` by default to avoid the type error before the persistence of the entity.
     */
    private ?int $id = null;

    /**
     * @var string $array
     *
     * @ORM\Column(name="array", type="text", nullable=false)
     * @Encrypted
     */
    private string $array;

    // -------------------- Magic method -------------------- \\

    /**
     * Foo constructor
     */
    public function __construct(array $array = []) {
        $this->array = serialize($array);
    }

    // -------------------- Public methods -------------------- \\

    /**
     * @return array
     */
    public function getUnserializedArray(): array {
        return unserialize($this->array);
    }

    /**
     * @param array $array
     * @return Foo
     */
    public function setUserializedArray(array $array): self {
        $this->setArray(serialize($array));

        return $this;
    }

    /**
     * @param array $add
     * @return Foo
     */
    public function addToArray(array $add): self {
        $array = $this->getUnserializedarray();
        $array[] = $add;

        $this->setArray(serialize($array));

        return $this;
    }
    
    /**
     * @param int $key - An integer or a string depending on your table and your needs.
     * @return Foo
     */
    public function removeFromArray(int $key): self {
        $array = $this->getUnserializedarray();
        if (array_key_exists($key, $array)) {
            unset($array[$key]);

            $this->setArray(serialize($array));
        }
        
        return $this;
    }

    // -------------------- Getters / Setters -------------------- \\

    /**
     * @return int|null
     */
    public function getId(): ?int {
        return $this->id;
    }

    /**
     * @return string
     */
    public function getArray(): string {
        return $this->array;
    }

    /**
     * @param string $array
     * @return Foo
     */
    public function setArray(string $array): self {
        $this->array = $array;

        return $this;
    }
}

Then document the class well to remind yourself or explain to other developers these specificities.

PS: To encrypt a date for example, use a string field (or text depending on the length of the hash), in this field, put the formatted date, for example: $date->format(DateTimeInterface::W3C); and to retrieve the object: return new DateTime($this->date);

NOTE:

To do all this, we could also try to use text fields to save our data for encrypted/decrypted and use non-persisted fields with an ORM Subscriber on this entity to listen for events: prePersist, preUpdate, preFlush, postLoad or whatever you need.

See the Doctrine events: here

If you have problems with this, you can configure the priority to make sure your events are triggered before or after the encryption/decryption events. Have a look at the documentation: here.

from doctrineencryptbundle.