1 | <?php |
||||||
2 | |||||||
3 | /** |
||||||
4 | * DecryptDatabase.php |
||||||
5 | * Copyright (c) 2019 [email protected] |
||||||
6 | * |
||||||
7 | * This file is part of Firefly III. |
||||||
8 | * |
||||||
9 | * Firefly III is free software: you can redistribute it and/or modify |
||||||
10 | * it under the terms of the GNU General Public License as published by |
||||||
11 | * the Free Software Foundation, either version 3 of the License, or |
||||||
12 | * (at your option) any later version. |
||||||
13 | * |
||||||
14 | * Firefly III is distributed in the hope that it will be useful, |
||||||
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
17 | * GNU General Public License for more details. |
||||||
18 | * |
||||||
19 | * You should have received a copy of the GNU General Public License |
||||||
20 | * along with Firefly III. If not, see <http://www.gnu.org/licenses/>. |
||||||
21 | */ |
||||||
22 | |||||||
23 | declare(strict_types=1); |
||||||
24 | |||||||
25 | namespace FireflyIII\Console\Commands; |
||||||
26 | |||||||
27 | use Crypt; |
||||||
28 | use DB; |
||||||
29 | use FireflyIII\Exceptions\FireflyException; |
||||||
30 | use FireflyIII\Models\Preference; |
||||||
31 | use FireflyIII\Support\Facades\FireflyConfig; |
||||||
32 | use Illuminate\Console\Command; |
||||||
33 | use Illuminate\Contracts\Encryption\DecryptException; |
||||||
34 | use Log; |
||||||
35 | |||||||
36 | /** |
||||||
37 | * |
||||||
38 | * Class DecryptDatabase |
||||||
39 | */ |
||||||
40 | class DecryptDatabase extends Command |
||||||
41 | { |
||||||
42 | /** |
||||||
43 | * The console command description. |
||||||
44 | * |
||||||
45 | * @var string |
||||||
46 | */ |
||||||
47 | protected $description = 'Decrypts the database.'; |
||||||
48 | /** |
||||||
49 | * The name and signature of the console command. |
||||||
50 | * |
||||||
51 | * @var string |
||||||
52 | */ |
||||||
53 | protected $signature = 'firefly:decrypt-all'; |
||||||
54 | |||||||
55 | /** |
||||||
56 | * Execute the console command. |
||||||
57 | * |
||||||
58 | * @return mixed |
||||||
59 | */ |
||||||
60 | public function handle() |
||||||
61 | { |
||||||
62 | $this->line('Going to decrypt the database.'); |
||||||
63 | $tables = [ |
||||||
64 | 'accounts' => ['name', 'iban'], |
||||||
65 | 'attachments' => ['filename', 'mime', 'title', 'description'], |
||||||
66 | 'bills' => ['name', 'match'], |
||||||
67 | 'budgets' => ['name'], |
||||||
68 | 'categories' => ['name'], |
||||||
69 | 'piggy_banks' => ['name'], |
||||||
70 | 'preferences' => ['data'], |
||||||
71 | 'tags' => ['tag', 'description'], |
||||||
72 | 'transaction_journals' => ['description'], |
||||||
73 | 'transactions' => ['description'], |
||||||
74 | 'journal_links' => ['comment'], |
||||||
75 | ]; |
||||||
76 | |||||||
77 | foreach ($tables as $table => $fields) { |
||||||
78 | if ($this->isDecrypted($table)) { |
||||||
79 | $this->info(sprintf('No decryption required for table "%s".', $table)); |
||||||
80 | continue; |
||||||
81 | } |
||||||
82 | foreach ($fields as $field) { |
||||||
83 | $rows = DB::table($table)->get(['id', $field]); |
||||||
84 | foreach ($rows as $row) { |
||||||
85 | $original = $row->$field; |
||||||
86 | if (null === $original) { |
||||||
87 | continue; |
||||||
88 | } |
||||||
89 | $id = $row->id; |
||||||
90 | $value = $this->tryDecrypt($original); |
||||||
91 | |||||||
92 | // A separate routine for preferences: |
||||||
93 | if ('preferences' === $table) { |
||||||
94 | // try to json_decrypt the value. |
||||||
95 | $value = json_decode($value, true) ?? $value; |
||||||
96 | Log::debug(sprintf('Decrypted field "%s" "%s" to "%s" in table "%s" (row #%d)', $field, $original, print_r($value, true), $table, $id)); |
||||||
97 | |||||||
98 | /** @var Preference $object */ |
||||||
99 | $object = Preference::find((int)$id); |
||||||
100 | if (null !== $object) { |
||||||
101 | $object->data = $value; |
||||||
102 | $object->save(); |
||||||
103 | } |
||||||
104 | continue; |
||||||
105 | } |
||||||
106 | |||||||
107 | if ($value !== $original) { |
||||||
108 | Log::debug(sprintf('Decrypted field "%s" "%s" to "%s" in table "%s" (row #%d)', $field, $original, $value, $table, $id)); |
||||||
109 | DB::table($table)->where('id', $id)->update([$field => $value]); |
||||||
110 | } |
||||||
111 | } |
||||||
112 | } |
||||||
113 | $this->line(sprintf('Decrypted the data in table "%s".', $table)); |
||||||
114 | // mark as decrypted: |
||||||
115 | $configName = sprintf('is_decrypted_%s', $table); |
||||||
116 | FireflyConfig::set($configName, true); |
||||||
0 ignored issues
–
show
Bug
Best Practice
introduced
by
Loading history...
|
|||||||
117 | |||||||
118 | } |
||||||
119 | $this->info('Done!'); |
||||||
120 | |||||||
121 | return 0; |
||||||
122 | } |
||||||
123 | |||||||
124 | /** |
||||||
125 | * @param string $table |
||||||
126 | * |
||||||
127 | * @return bool |
||||||
128 | */ |
||||||
129 | private function isDecrypted(string $table): bool |
||||||
130 | { |
||||||
131 | $configName = sprintf('is_decrypted_%s', $table); |
||||||
132 | $configVar = FireflyConfig::get($configName, false); |
||||||
0 ignored issues
–
show
The method
FireflyIII\Support\Facades\FireflyConfig::get() is not static, but was called statically.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
133 | if (null !== $configVar) { |
||||||
134 | return (bool)$configVar->data; |
||||||
135 | } |
||||||
136 | |||||||
137 | return false; |
||||||
138 | } |
||||||
139 | |||||||
140 | |||||||
141 | /** |
||||||
142 | * @param $value |
||||||
143 | * |
||||||
144 | * @return mixed |
||||||
145 | */ |
||||||
146 | private function tryDecrypt($value) |
||||||
147 | { |
||||||
148 | try { |
||||||
149 | $value = Crypt::decrypt($value); |
||||||
150 | } catch (DecryptException $e) { |
||||||
151 | if ('The MAC is invalid.' === $e->getMessage()) { |
||||||
152 | throw new FireflyException($e->getMessage()); |
||||||
153 | } |
||||||
154 | Log::debug(sprintf('Could not decrypt. %s', $e->getMessage())); |
||||||
155 | } |
||||||
156 | |||||||
157 | return $value; |
||||||
158 | } |
||||||
159 | } |
||||||
160 |