diff --git a/.deploy/docker/entrypoint.sh b/.deploy/docker/entrypoint.sh
index 5060ea9421..bc2ab40661 100755
--- a/.deploy/docker/entrypoint.sh
+++ b/.deploy/docker/entrypoint.sh
@@ -45,6 +45,7 @@ php artisan package:discover
echo "Run various artisan commands..."
php artisan migrate --seed
php artisan firefly:upgrade-database
+php artisan firefly:decrypt-all
php artisan firefly:verify
php artisan passport:install
php artisan cache:clear
diff --git a/app/Console/Commands/DecryptDatabase.php b/app/Console/Commands/DecryptDatabase.php
new file mode 100644
index 0000000000..5c7eb3e519
--- /dev/null
+++ b/app/Console/Commands/DecryptDatabase.php
@@ -0,0 +1,116 @@
+line('Going to decrypt the database.');
+ $tables = [
+ 'accounts' => ['name', 'iban'],
+ 'attachments' => ['filename', 'mime', 'title', 'description'],
+ 'bills' => ['name', 'match'],
+ 'budgets' => ['name'],
+ 'categories' => ['name'],
+ 'piggy_banks' => ['name'],
+ 'preferences' => ['data'],
+ 'tags' => ['tag', 'description'],
+ 'transaction_journals' => ['description'],
+ 'transactions' => ['description'],
+ 'journal_links' => ['comment'],
+ ];
+
+ foreach ($tables as $table => $fields) {
+ if ($this->isDecrypted($table)) {
+ $this->info(sprintf('No decryption required for table "%s".', $table));
+ continue;
+ }
+ foreach ($fields as $field) {
+ $rows = DB::table($table)->get(['id', $field]);
+ foreach ($rows as $row) {
+ $original = $row->$field;
+ if (null === $original) {
+ continue;
+ }
+ $id = $row->id;
+ $value = $this->tryDecrypt($original);
+ if ($value !== $original) {
+ Log::debug(sprintf('Decrypted field "%s" "%s" to "%s" in table "%s" (row #%d)', $field, $original, $value, $table, $id));
+ DB::table($table)->where('id', $id)->update([$field => $value]);
+ }
+ }
+ }
+ $this->line(sprintf('Decrypted the data in table "%s".', $table));
+ // mark as decrypted:
+ $configName = sprintf('is_decrypted_%s', $table);
+ FireflyConfig::set($configName, true);
+
+ }
+ $this->info('Done!');
+
+ return 0;
+ }
+
+ /**
+ * @param string $table
+ *
+ * @return bool
+ */
+ private function isDecrypted(string $table): bool
+ {
+ $configName = sprintf('is_decrypted_%s', $table);
+ $configVar = FireflyConfig::get($configName, false);
+ if (null !== $configVar) {
+ return $configVar->data;
+ }
+
+ return false;
+ }
+
+
+ /**
+ * @param $value
+ *
+ * @return mixed
+ */
+ private function tryDecrypt($value)
+ {
+ try {
+ $value = Crypt::decrypt($value);
+ } catch (DecryptException $e) {
+ //Log::debug(sprintf('Could not decrypt. %s', $e->getMessage()));
+ }
+
+ return $value;
+ }
+}
diff --git a/app/Console/Commands/UseEncryption.php b/app/Console/Commands/UseEncryption.php
deleted file mode 100644
index 3f50aeadd0..0000000000
--- a/app/Console/Commands/UseEncryption.php
+++ /dev/null
@@ -1,94 +0,0 @@
-.
- */
-
-declare(strict_types=1);
-
-namespace FireflyIII\Console\Commands;
-
-use Illuminate\Console\Command;
-use Illuminate\Support\Str;
-
-/**
- * Class UseEncryption.
- * @codeCoverageIgnore
- */
-class UseEncryption extends Command
-{
- /**
- * The console command description.
- *
- * @var string
- */
- protected $description = 'This command will make sure that entries in the database will be encrypted (or not) according to the settings in .env';
- /**
- * The name and signature of the console command.
- *
- * @var string
- */
- protected $signature = 'firefly:use-encryption';
-
- /**
- * Execute the console command.
- */
- public function handle(): int
- {
- if (true === config('firefly.encryption')) {
- $this->info('Firefly III configuration calls for encrypted data.');
- }
- if (false === config('firefly.encryption')) {
- $this->info('Firefly III configuration calls for unencrypted data.');
- }
- $this->handleObjects('Account', 'name', 'encrypted');
- $this->handleObjects('Bill', 'name', 'name_encrypted');
- $this->handleObjects('Bill', 'match', 'match_encrypted');
- $this->handleObjects('Budget', 'name', 'encrypted');
- $this->handleObjects('Category', 'name', 'encrypted');
- $this->handleObjects('PiggyBank', 'name', 'encrypted');
- $this->handleObjects('TransactionJournal', 'description', 'encrypted');
-
- return 0;
- }
-
- /**
- * Run each object and encrypt them (or not).
- *
- * @param string $class
- * @param string $field
- * @param string $indicator
- */
- public function handleObjects(string $class, string $field, string $indicator): void
- {
- $fqn = sprintf('FireflyIII\Models\%s', $class);
- $encrypt = true === config('firefly.encryption') ? 0 : 1;
- /** @noinspection PhpUndefinedMethodInspection */
- $set = $fqn::where($indicator, $encrypt)->withTrashed()->get();
-
- foreach ($set as $entry) {
- $newName = $entry->$field;
- $entry->$field = $newName;
- /** @noinspection PhpUndefinedMethodInspection */
- $entry->save();
- }
-
- /** @noinspection PhpUndefinedMethodInspection */
- $this->line(sprintf('Updated %d %s.', $set->count(), strtolower(Str::plural($class))));
- }
-}
diff --git a/app/Console/Commands/VerifyDatabase.php b/app/Console/Commands/VerifyDatabase.php
index d754f98899..8a2cadf470 100644
--- a/app/Console/Commands/VerifyDatabase.php
+++ b/app/Console/Commands/VerifyDatabase.php
@@ -450,12 +450,6 @@ class VerifyDatabase extends Command
/** @var stdClass $entry */
foreach ($set as $entry) {
$objName = $entry->name;
- try {
- $objName = Crypt::decrypt($objName);
- } catch (DecryptException $e) {
- // it probably was not encrypted.
- Log::debug(sprintf('Not a problem: %s', $e->getMessage()));
- }
// also count the transactions:
$countTransactions = DB::table('budget_transaction')->where('budget_id', $entry->id)->count();
@@ -488,12 +482,6 @@ class VerifyDatabase extends Command
/** @var stdClass $entry */
foreach ($set as $entry) {
$objName = $entry->name;
- try {
- $objName = Crypt::decrypt($objName);
- } catch (DecryptException $e) {
- // it probably was not encrypted.
- Log::debug(sprintf('Not a problem: %s', $e->getMessage()));
- }
// also count the transactions:
$countTransactions = DB::table('category_transaction')->where('category_id', $entry->id)->count();
@@ -627,12 +615,6 @@ class VerifyDatabase extends Command
/** @var stdClass $entry */
foreach ($set as $entry) {
$objName = $entry->name;
- try {
- $objName = Crypt::decrypt($objName);
- } catch (DecryptException $e) {
- // it probably was not encrypted.
- Log::debug(sprintf('Not a problem: %s', $e->getMessage()));
- }
$line = sprintf(
'User #%d (%s) has %s #%d ("%s") which has no transactions.',
diff --git a/app/Export/Entry/Entry.php b/app/Export/Entry/Entry.php
index 9e0064d58e..7f036095d4 100644
--- a/app/Export/Entry/Entry.php
+++ b/app/Export/Entry/Entry.php
@@ -148,14 +148,14 @@ final class Entry
$entry->transaction_type = $transaction->transaction_type_type;
$entry->asset_account_id = (string)$transaction->account_id;
- $entry->asset_account_name = app('steam')->tryDecrypt($transaction->account_name);
+ $entry->asset_account_name = $transaction->account_name;
$entry->asset_account_iban = $transaction->account_iban;
$entry->asset_account_number = $transaction->account_number;
$entry->asset_account_bic = $transaction->account_bic;
$entry->asset_currency_code = $transaction->account_currency_code;
$entry->opposing_account_id = (string)$transaction->opposing_account_id;
- $entry->opposing_account_name = app('steam')->tryDecrypt($transaction->opposing_account_name);
+ $entry->opposing_account_name = $transaction->opposing_account_name;
$entry->opposing_account_iban = $transaction->opposing_account_iban;
$entry->opposing_account_number = $transaction->opposing_account_number;
$entry->opposing_account_bic = $transaction->opposing_account_bic;
@@ -163,23 +163,23 @@ final class Entry
// budget
$entry->budget_id = (string)$transaction->transaction_budget_id;
- $entry->budget_name = app('steam')->tryDecrypt($transaction->transaction_budget_name);
+ $entry->budget_name = $transaction->transaction_budget_name;
if (null === $transaction->transaction_budget_id) {
$entry->budget_id = $transaction->transaction_journal_budget_id;
- $entry->budget_name = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
+ $entry->budget_name = $transaction->transaction_journal_budget_name;
}
// category
$entry->category_id = (string)$transaction->transaction_category_id;
- $entry->category_name = app('steam')->tryDecrypt($transaction->transaction_category_name);
+ $entry->category_name = $transaction->transaction_category_name;
if (null === $transaction->transaction_category_id) {
$entry->category_id = $transaction->transaction_journal_category_id;
- $entry->category_name = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
+ $entry->category_name = $transaction->transaction_journal_category_name;
}
// budget
$entry->bill_id = (string)$transaction->bill_id;
- $entry->bill_name = app('steam')->tryDecrypt($transaction->bill_name);
+ $entry->bill_name = $transaction->bill_name;
$entry->tags = $transaction->tags;
$entry->notes = $transaction->notes;
diff --git a/app/Export/ExpandedProcessor.php b/app/Export/ExpandedProcessor.php
index ba5feceb21..157520116a 100644
--- a/app/Export/ExpandedProcessor.php
+++ b/app/Export/ExpandedProcessor.php
@@ -368,7 +368,7 @@ class ExpandedProcessor implements ProcessorInterface
foreach ($set as $entry) {
$id = (int)$entry->transaction_journal_id;
$result[$id] = $result[$id] ?? [];
- $result[$id][] = Crypt::decrypt($entry->tag);
+ $result[$id][] = $entry->tag;
}
return $result;
diff --git a/app/Helpers/Collector/TransactionCollector.php b/app/Helpers/Collector/TransactionCollector.php
index b1fa3cec9a..e46b63fb4f 100644
--- a/app/Helpers/Collector/TransactionCollector.php
+++ b/app/Helpers/Collector/TransactionCollector.php
@@ -304,26 +304,10 @@ class TransactionCollector implements TransactionCollectorInterface
// run all filters:
$set = $this->filter($set);
- // loop for decryption.
+ // loop for date.
$set->each(
function (Transaction $transaction) {
- $transaction->date = new Carbon($transaction->date);
- $transaction->description = app('steam')->decrypt((int)$transaction->encrypted, $transaction->description);
-
- if (null !== $transaction->bill_name) {
- $transaction->bill_name = app('steam')->decrypt((int)$transaction->bill_name_encrypted, $transaction->bill_name);
- }
- $transaction->account_name = app('steam')->tryDecrypt($transaction->account_name);
- $transaction->opposing_account_name = app('steam')->tryDecrypt($transaction->opposing_account_name);
- $transaction->account_iban = app('steam')->tryDecrypt($transaction->account_iban);
- $transaction->opposing_account_iban = app('steam')->tryDecrypt($transaction->opposing_account_iban);
-
- // budget name
- $transaction->transaction_journal_budget_name = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
- $transaction->transaction_budget_name = app('steam')->tryDecrypt($transaction->transaction_budget_name);
- // category name:
- $transaction->transaction_journal_category_name = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
- $transaction->transaction_category_name = app('steam')->tryDecrypt($transaction->transaction_category_name);
+ $transaction->date = new Carbon($transaction->date);
}
);
diff --git a/app/Models/Account.php b/app/Models/Account.php
index c5e01d1346..125b4da2e6 100644
--- a/app/Models/Account.php
+++ b/app/Models/Account.php
@@ -143,49 +143,6 @@ class Account extends Model
return $name;
}
- /**
- * @param $value
- *
- * @return string
- *
- * @throws FireflyException
- */
- public function getIbanAttribute($value): string
- {
- if ('' === (string)$value) {
- return '';
- }
- try {
- $result = Crypt::decrypt($value);
- } catch (DecryptException $e) {
- Log::error($e->getMessage());
- Log::error($e->getTraceAsString());
- throw new FireflyException('Cannot decrypt value "' . $value . '" for account #' . $this->id);
- }
- if (null === $result) {
- return '';
- }
-
- return $result;
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getNameAttribute($value): ?string
- {
- if ($this->encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
/**
* Returns the opening balance.
*
@@ -237,31 +194,6 @@ class Account extends Model
$query->whereIn('account_types.type', $types);
}
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setIbanAttribute($value): void
- {
- $this->attributes['iban'] = Crypt::encrypt($value);
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setNameAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['encrypted'] = $encrypt;
- }
-
/**
* @codeCoverageIgnore
*
diff --git a/app/Models/Attachment.php b/app/Models/Attachment.php
index 8c700089e7..fa59a669cc 100644
--- a/app/Models/Attachment.php
+++ b/app/Models/Attachment.php
@@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
-use Crypt;
use FireflyIII\User;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
@@ -115,70 +114,6 @@ class Attachment extends Model
return sprintf('at-%s.data', (string)$this->id);
}
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @return null|string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getDescriptionAttribute($value): ?string
- {
- if (null === $value || '' === $value) {
- return null;
- }
-
- return Crypt::decrypt($value);
- }
-
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @return null|string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getFilenameAttribute($value): ?string
- {
- if (null === $value || '' === $value) {
- return null;
- }
-
- return Crypt::decrypt($value);
- }
-
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @return null|string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getMimeAttribute($value): ?string
- {
- if (null === $value || '' === $value) {
- return null;
- }
-
- return Crypt::decrypt($value);
- }
-
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @return null|string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getTitleAttribute($value): ?string
- {
- if (null === $value || '' === $value) {
- return null;
- }
-
- return Crypt::decrypt($value);
- }
-
/**
* @codeCoverageIgnore
* Get all of the notes.
@@ -188,57 +123,6 @@ class Attachment extends Model
return $this->morphMany(Note::class, 'noteable');
}
- /**
- * @codeCoverageIgnore
- *
- * @param string|null $value
- */
- public function setDescriptionAttribute(string $value = null): void
- {
- if (null !== $value) {
- $this->attributes['description'] = Crypt::encrypt($value);
- }
-
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param string $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setFilenameAttribute(string $value): void
- {
- $this->attributes['filename'] = Crypt::encrypt($value);
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param string $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setMimeAttribute(string $value): void
- {
- $this->attributes['mime'] = Crypt::encrypt($value);
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param string $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setTitleAttribute(string $value = null): void
- {
- if (null !== $value) {
- $this->attributes['title'] = Crypt::encrypt($value);
- }
- }
-
/**
* @codeCoverageIgnore
* @return BelongsTo
diff --git a/app/Models/Bill.php b/app/Models/Bill.php
index 610d2695ce..d1ed5548bf 100644
--- a/app/Models/Bill.php
+++ b/app/Models/Bill.php
@@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
-use Crypt;
use FireflyIII\User;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
@@ -80,7 +79,7 @@ class Bill extends Model
/** @var array Fields that can be filled */
protected $fillable
- = ['name', 'match', 'amount_min', 'match_encrypted', 'name_encrypted', 'user_id', 'amount_max', 'date', 'repeat_freq', 'skip',
+ = ['name', 'match', 'amount_min', 'user_id', 'amount_max', 'date', 'repeat_freq', 'skip',
'automatch', 'active', 'transaction_currency_id'];
/** @var array Hidden from view */
protected $hidden = ['amount_min_encrypted', 'amount_max_encrypted', 'name_encrypted', 'match_encrypted'];
@@ -117,40 +116,6 @@ class Bill extends Model
return $this->morphMany(Attachment::class, 'attachable');
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getMatchAttribute($value): string
- {
- if (1 === (int)$this->match_encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getNameAttribute($value): ?string
- {
- if (1 === (int)$this->name_encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
/**
* @codeCoverageIgnore
* Get all of the notes.
@@ -180,32 +145,6 @@ class Bill extends Model
$this->attributes['amount_min'] = (string)$value;
}
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setMatchAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['match'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['match_encrypted'] = $encrypt;
- }
-
- /**
- * @param $value
- *
- * @codeCoverageIgnore
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setNameAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['name_encrypted'] = $encrypt;
- }
-
/**
* @codeCoverageIgnore
* @return BelongsTo
diff --git a/app/Models/Budget.php b/app/Models/Budget.php
index d353074508..9c7893d3a1 100644
--- a/app/Models/Budget.php
+++ b/app/Models/Budget.php
@@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
-use Crypt;
use FireflyIII\User;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
@@ -101,37 +100,6 @@ class Budget extends Model
return $this->hasMany(BudgetLimit::class);
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getNameAttribute($value): ?string
- {
- if ($this->encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setNameAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['encrypted'] = $encrypt;
- }
-
/**
* @codeCoverageIgnore
* @return BelongsToMany
diff --git a/app/Models/Category.php b/app/Models/Category.php
index 3af40d24e1..b7d92b4313 100644
--- a/app/Models/Category.php
+++ b/app/Models/Category.php
@@ -88,37 +88,6 @@ class Category extends Model
throw new NotFoundHttpException;
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getNameAttribute($value): ?string
- {
- if ($this->encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setNameAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['encrypted'] = $encrypt;
- }
-
/**
* @codeCoverageIgnore
* @return BelongsToMany
diff --git a/app/Models/PiggyBank.php b/app/Models/PiggyBank.php
index 289e7f79b3..2763b21ceb 100644
--- a/app/Models/PiggyBank.php
+++ b/app/Models/PiggyBank.php
@@ -23,7 +23,6 @@ declare(strict_types=1);
namespace FireflyIII\Models;
use Carbon\Carbon;
-use Crypt;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -104,23 +103,6 @@ class PiggyBank extends Model
return $this->belongsTo(Account::class);
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getNameAttribute($value): ?string
- {
- if ($this->encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
/**
* @codeCoverageIgnore
* Get all of the piggy bank's notes.
@@ -148,20 +130,6 @@ class PiggyBank extends Model
return $this->hasMany(PiggyBankRepetition::class);
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setNameAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['name'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['encrypted'] = $encrypt;
- }
-
/**
* @codeCoverageIgnore
*
diff --git a/app/Models/Preference.php b/app/Models/Preference.php
index f52cf40f66..071800e3dd 100644
--- a/app/Models/Preference.php
+++ b/app/Models/Preference.php
@@ -54,6 +54,7 @@ class Preference extends Model
= [
'created_at' => 'datetime',
'updated_at' => 'datetime',
+ 'data' => 'array',
];
/** @var array Fields that can be filled */
@@ -81,54 +82,6 @@ class Preference extends Model
throw new NotFoundHttpException;
}
-
- /**
- * @param $value
- *
- * @return mixed
- *
- * @throws FireflyException
- * @SuppressWarnings(PHPMD.CyclomaticComplexity)
- */
- public function getDataAttribute($value)
- {
- $result = null;
- try {
- $data = Crypt::decrypt($value);
- } catch (DecryptException $e) {
- Log::error(sprintf('Could not decrypt preference: %s', $e->getMessage()), ['id' => $this->id, 'name' => $this->name, 'data' => $value]);
- throw new FireflyException(
- sprintf('Could not decrypt preference #%d. If this error persists, please run "php artisan cache:clear" on the command line.', $this->id)
- );
- }
- $serialized = true;
- try {
- unserialize($data, ['allowed_classes' => false]);
- } /** @noinspection BadExceptionsProcessingInspection */ catch (Exception $e) {
- $serialized = false;
- }
- if (!$serialized) {
- $result = json_decode($data, true);
- }
- if ($serialized) {
- Log::error(sprintf('Preference #%d ("%s") was stored as serialised object. It will be deleted and recreated.', $this->id, $this->name));
- }
-
- return $result;
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setDataAttribute($value): void
- {
- $this->attributes['data'] = Crypt::encrypt(json_encode($value));
- }
-
/**
* @codeCoverageIgnore
* @return BelongsTo
diff --git a/app/Models/Tag.php b/app/Models/Tag.php
index 81da7a97b3..53405628f5 100644
--- a/app/Models/Tag.php
+++ b/app/Models/Tag.php
@@ -93,63 +93,6 @@ class Tag extends Model
throw new NotFoundHttpException;
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getDescriptionAttribute($value): ?string
- {
- if (null === $value) {
- return $value;
- }
-
- return Crypt::decrypt($value);
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getTagAttribute($value): ?string
- {
- if (null === $value) {
- return null;
- }
-
- return Crypt::decrypt($value);
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setDescriptionAttribute($value): void
- {
- $this->attributes['description'] = Crypt::encrypt($value);
- }
-
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setTagAttribute($value): void
- {
- $this->attributes['tag'] = Crypt::encrypt($value);
- }
/**
* @codeCoverageIgnore
diff --git a/app/Models/TransactionJournal.php b/app/Models/TransactionJournal.php
index b43ebfdff6..1cba19f5ed 100644
--- a/app/Models/TransactionJournal.php
+++ b/app/Models/TransactionJournal.php
@@ -196,24 +196,6 @@ class TransactionJournal extends Model
}
/**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return string|null
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function getDescriptionAttribute($value): ?string
- {
- if ($this->encrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
- /**
- * @codeCoverageIgnore
* @return bool
*/
public function isDeposit(): bool
@@ -324,20 +306,6 @@ class TransactionJournal extends Model
}
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setDescriptionAttribute($value): void
- {
- $encrypt = config('firefly.encryption');
- $this->attributes['description'] = $encrypt ? Crypt::encrypt($value) : $value;
- $this->attributes['encrypted'] = $encrypt;
- }
-
/**
* @codeCoverageIgnore
* @return HasMany
diff --git a/app/Models/TransactionJournalLink.php b/app/Models/TransactionJournalLink.php
index 8107ce07a0..bedf702a47 100644
--- a/app/Models/TransactionJournalLink.php
+++ b/app/Models/TransactionJournalLink.php
@@ -93,22 +93,6 @@ class TransactionJournalLink extends Model
return $this->belongsTo(TransactionJournal::class, 'destination_id');
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @return null|string
- */
- public function getCommentAttribute($value): ?string
- {
- if (null !== $value) {
- return app('steam')->tryDecrypt($value);
- }
-
- return null;
- }
-
/**
* @codeCoverageIgnore
* @return BelongsTo
@@ -127,23 +111,6 @@ class TransactionJournalLink extends Model
return $this->morphMany(Note::class, 'noteable');
}
- /**
- * @codeCoverageIgnore
- *
- * @param $value
- *
- * @throws \Illuminate\Contracts\Encryption\EncryptException
- */
- public function setCommentAttribute($value): void
- {
- if (null !== $value && \strlen($value) > 0) {
- $this->attributes['comment'] = Crypt::encrypt($value);
-
- return;
- }
- $this->attributes['comment'] = null;
- }
-
/**
* @codeCoverageIgnore
* @return BelongsTo
diff --git a/app/Support/Facades/Steam.php b/app/Support/Facades/Steam.php
index d30951d449..e598027bf5 100644
--- a/app/Support/Facades/Steam.php
+++ b/app/Support/Facades/Steam.php
@@ -39,7 +39,6 @@ use Illuminate\Support\Facades\Facade;
* @method string negative(string $amount)
* @method string|null opposite(string $amount = null)
* @method int phpBytes(string $string)
- * @method tryDecrypt($value)
* @method string positive(string $amount)
*
* @codeCoverageIgnore
diff --git a/app/Support/Http/Controllers/AugumentData.php b/app/Support/Http/Controllers/AugumentData.php
index 2cbf4a19cd..4fd45db2fb 100644
--- a/app/Support/Http/Controllers/AugumentData.php
+++ b/app/Support/Http/Controllers/AugumentData.php
@@ -107,9 +107,6 @@ trait AugumentData
$categoryName = $transaction->transaction_journal_category_name;
$categoryId = (int)$transaction->transaction_journal_category_id;
}
- if (0 !== $categoryId) {
- $categoryName = app('steam')->tryDecrypt($categoryName);
- }
// if not set, set to zero:
if (!isset($sum[$categoryId][$currencyId])) {
@@ -559,9 +556,6 @@ trait AugumentData
$budgetName = $transaction->transaction_journal_budget_name;
$budgetId = (int)$transaction->transaction_journal_budget_id;
}
- if (0 !== $budgetId) {
- $budgetName = app('steam')->tryDecrypt($budgetName);
- }
// if not set, set to zero:
if (!isset($sum[$budgetId][$currencyId])) {
@@ -627,9 +621,6 @@ trait AugumentData
$categoryName = $transaction->transaction_journal_category_name;
$categoryId = (int)$transaction->transaction_journal_category_id;
}
- if (0 !== $categoryId) {
- $categoryName = app('steam')->tryDecrypt($categoryName);
- }
// if not set, set to zero:
if (!isset($sum[$categoryId][$currencyId])) {
diff --git a/app/Support/Search/Modifier.php b/app/Support/Search/Modifier.php
index bb2979a658..076d19a9e0 100644
--- a/app/Support/Search/Modifier.php
+++ b/app/Support/Search/Modifier.php
@@ -63,12 +63,12 @@ class Modifier
$res = true;
switch ($modifier['type']) {
case 'source':
- $name = app('steam')->tryDecrypt($transaction->account_name);
+ $name = $transaction->account_name;
$res = self::stringCompare($name, $modifier['value']);
Log::debug(sprintf('Source is %s? %s', $modifier['value'], var_export($res, true)));
break;
case 'destination':
- $name = app('steam')->tryDecrypt($transaction->opposing_account_name);
+ $name = $transaction->opposing_account_name;
$res = self::stringCompare($name, $modifier['value']);
Log::debug(sprintf('Destination is %s? %s', $modifier['value'], var_export($res, true)));
break;
@@ -81,7 +81,7 @@ class Modifier
Log::debug(sprintf('Budget is %s? %s', $modifier['value'], var_export($res, true)));
break;
case 'bill':
- $name = app('steam')->tryDecrypt($transaction->bill_name);
+ $name = $transaction->bill_name;
$res = self::stringCompare($name, $modifier['value']);
Log::debug(sprintf('Bill is %s? %s', $modifier['value'], var_export($res, true)));
break;
@@ -171,11 +171,11 @@ class Modifier
{
$journalBudget = '';
if (null !== $transaction->transaction_journal_budget_name) {
- $journalBudget = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
+ $journalBudget = $transaction->transaction_journal_budget_name;
}
$transactionBudget = '';
if (null !== $transaction->transaction_budget_name) {
- $journalBudget = app('steam')->tryDecrypt($transaction->transaction_budget_name);
+ $journalBudget = $transaction->transaction_budget_name;
}
return self::stringCompare($journalBudget, $search) || self::stringCompare($transactionBudget, $search);
@@ -191,11 +191,11 @@ class Modifier
{
$journalCategory = '';
if (null !== $transaction->transaction_journal_category_name) {
- $journalCategory = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
+ $journalCategory = $transaction->transaction_journal_category_name;
}
$transactionCategory = '';
if (null !== $transaction->transaction_category_name) {
- $journalCategory = app('steam')->tryDecrypt($transaction->transaction_category_name);
+ $journalCategory = $transaction->transaction_category_name;
}
return self::stringCompare($journalCategory, $search) || self::stringCompare($transactionCategory, $search);
diff --git a/app/Support/Steam.php b/app/Support/Steam.php
index beab2ebab1..73362b1f50 100644
--- a/app/Support/Steam.php
+++ b/app/Support/Steam.php
@@ -377,22 +377,6 @@ class Steam
return trim($string);
}
- /**
- * @param int $isEncrypted
- * @param $value
- *
- * @return string
- * @throws \Illuminate\Contracts\Encryption\DecryptException
- */
- public function decrypt(int $isEncrypted, string $value): string
- {
- if (1 === $isEncrypted) {
- return Crypt::decrypt($value);
- }
-
- return $value;
- }
-
/**
* @param array $accounts
*
@@ -490,19 +474,4 @@ class Steam
return $amount;
}
- /**
- * @param $value
- *
- * @return mixed
- */
- public function tryDecrypt($value)
- {
- try {
- $value = Crypt::decrypt($value);
- } catch (DecryptException $e) {
- // do not care.
- }
-
- return $value;
- }
}
diff --git a/app/Support/Twig/Extension/Transaction.php b/app/Support/Twig/Extension/Transaction.php
index 88aac67bcd..5ce96139e8 100644
--- a/app/Support/Twig/Extension/Transaction.php
+++ b/app/Support/Twig/Extension/Transaction.php
@@ -131,13 +131,13 @@ class Transaction extends Twig_Extension
$txt = '';
// journal has a budget:
if (null !== $transaction->transaction_journal_budget_id) {
- $name = app('steam')->tryDecrypt($transaction->transaction_journal_budget_name);
+ $name = $transaction->transaction_journal_budget_name;
$txt = sprintf('%s', route('budgets.show', [$transaction->transaction_journal_budget_id]), $name, $name);
}
// transaction has a budget
if (null !== $transaction->transaction_budget_id && '' === $txt) {
- $name = app('steam')->tryDecrypt($transaction->transaction_budget_name);
+ $name = $transaction->transaction_budget_name;
$txt = sprintf('%s', route('budgets.show', [$transaction->transaction_budget_id]), $name, $name);
}
@@ -169,13 +169,13 @@ class Transaction extends Twig_Extension
$txt = '';
// journal has a category:
if (null !== $transaction->transaction_journal_category_id) {
- $name = app('steam')->tryDecrypt($transaction->transaction_journal_category_name);
+ $name = $transaction->transaction_journal_category_name;
$txt = sprintf('%s', route('categories.show', [$transaction->transaction_journal_category_id]), $name, $name);
}
// transaction has a category:
if (null !== $transaction->transaction_category_id && '' === $txt) {
- $name = app('steam')->tryDecrypt($transaction->transaction_category_name);
+ $name = $transaction->transaction_category_name;
$txt = sprintf('%s', route('categories.show', [$transaction->transaction_category_id]), $name, $name);
}
@@ -224,7 +224,7 @@ class Transaction extends Twig_Extension
return '—';
}
- $name = app('steam')->tryDecrypt($transaction->account_name);
+ $name = $transaction->account_name;
$iban = $transaction->account_iban;
$transactionId = (int)$transaction->account_id;
$type = $transaction->account_type;
@@ -255,7 +255,7 @@ class Transaction extends Twig_Extension
return '';
}
- $name = app('steam')->tryDecrypt($other->name);
+ $name = $other->name;
$transactionId = $other->account_id;
$type = $other->type;
}
@@ -384,7 +384,7 @@ class Transaction extends Twig_Extension
}
// if the amount is negative, assume that the current account (the one in $transaction) is indeed the source account.
- $name = app('steam')->tryDecrypt($transaction->account_name);
+ $name = $transaction->account_name;
$transactionId = (int)$transaction->account_id;
$type = $transaction->account_type;
$iban = $transaction->account_iban;
@@ -408,7 +408,7 @@ class Transaction extends Twig_Extension
->leftJoin('accounts', 'accounts.id', '=', 'transactions.account_id')
->leftJoin('account_types', 'account_types.id', '=', 'accounts.account_type_id')
->first(['transactions.account_id', 'accounts.encrypted', 'accounts.name', 'account_types.type']);
- $name = app('steam')->tryDecrypt($other->name);
+ $name = $other->name;
$transactionId = $other->account_id;
$type = $other->type;
}
diff --git a/app/Validation/FireflyValidator.php b/app/Validation/FireflyValidator.php
index 0d90a18d1e..66a9e571fe 100644
--- a/app/Validation/FireflyValidator.php
+++ b/app/Validation/FireflyValidator.php
@@ -467,7 +467,6 @@ class FireflyValidator extends Validator
*/
public function validateUniqueObjectForUser($attribute, $value, $parameters): bool
{
- $value = $this->tryDecrypt($value);
[$table, $field] = $parameters;
$exclude = (int)($parameters[2] ?? 0.0);
@@ -486,7 +485,7 @@ class FireflyValidator extends Validator
->where('id', '!=', $exclude)->get([$field]);
foreach ($set as $entry) {
- $fieldValue = $this->tryDecrypt($entry->$field);
+ $fieldValue = $entry->$field;
if ($fieldValue === $value) {
return false;
@@ -518,7 +517,7 @@ class FireflyValidator extends Validator
/** @var PiggyBank $entry */
foreach ($set as $entry) {
- $fieldValue = $this->tryDecrypt($entry->name);
+ $fieldValue = $entry->name;
if ($fieldValue === $value) {
return false;
}
@@ -527,22 +526,6 @@ class FireflyValidator extends Validator
return true;
}
- /**
- * @param $value
- *
- * @return mixed
- */
- private function tryDecrypt($value)
- {
- try {
- $value = Crypt::decrypt($value);
- } catch (DecryptException $e) {
- //Log::debug(sprintf('Could not decrypt. %s', $e->getMessage()));
- }
-
- return $value;
- }
-
/**
* @return bool
*/
@@ -554,7 +537,7 @@ class FireflyValidator extends Validator
$user = User::find($this->data['user_id']);
$type = AccountType::find($this->data['account_type_id'])->first();
- $value = $this->tryDecrypt($this->data['name']);
+ $value = $this->data['name'];
$set = $user->accounts()->where('account_type_id', $type->id)->get();
/** @var Account $entry */
@@ -579,7 +562,7 @@ class FireflyValidator extends Validator
$type = $existingAccount->accountType;
$ignore = $existingAccount->id;
- $value = $this->tryDecrypt($value);
+ $value = $value;
/** @var Collection $set */
$set = auth()->user()->accounts()->where('account_type_id', $type->id)->where('id', '!=', $ignore)->get();
@@ -603,7 +586,6 @@ class FireflyValidator extends Validator
{
$type = AccountType::find($this->data['account_type_id'])->first();
$ignore = (int)($parameters[0] ?? 0.0);
- $value = $this->tryDecrypt($value);
/** @var Collection $set */
$set = auth()->user()->accounts()->where('account_type_id', $type->id)->where('id', '!=', $ignore)->get();
diff --git a/composer.json b/composer.json
index 0032818b0a..c2c83fb78a 100644
--- a/composer.json
+++ b/composer.json
@@ -133,6 +133,7 @@
],
"post-update-cmd": [
"@php artisan firefly:upgrade-database",
+ "@php artisan firefly:decrypt-all",
"@php artisan firefly:verify",
"@php artisan firefly:instructions update",
"@php artisan passport:install"
diff --git a/config/upgrade.php b/config/upgrade.php
index ea56f43e47..03a7782640 100644
--- a/config/upgrade.php
+++ b/config/upgrade.php
@@ -25,23 +25,25 @@ return [
'text' => [
'upgrade' =>
[
- '4.3' => 'Make sure you run the migrations and clear your cache. If you need more help, please check Github or the Firefly III website.',
- '4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
- '4.6.4' => 'This version of Firefly III requires PHP7.1.',
- '4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
- '4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
- '4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
- '4.7.7' => 'This version of Firefly III requires PHP7.2.',
+ '4.3' => 'Make sure you run the migrations and clear your cache. If you need more help, please check Github or the Firefly III website.',
+ '4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
+ '4.6.4' => 'This version of Firefly III requires PHP7.1.',
+ '4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
+ '4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
+ '4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
+ '4.7.7' => 'This version of Firefly III requires PHP7.2.',
+ '4.7.10' => 'Firefly III no longer encrypts database values. To protect your data, make sure you use TDE or FDE. Read more: https://bit.ly/FF3-encryption',
],
'install' =>
[
- '4.3' => 'Welcome to Firefly! Make sure you follow the installation guide. If you need more help, please check Github or the Firefly III website. The installation guide has a FAQ which you should check out as well.',
- '4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
- '4.6.4' => 'This version of Firefly III requires PHP7.1.',
- '4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
- '4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
- '4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
- '4.7.7' => 'This version of Firefly III requires PHP7.2.',
+ '4.3' => 'Welcome to Firefly! Make sure you follow the installation guide. If you need more help, please check Github or the Firefly III website. The installation guide has a FAQ which you should check out as well.',
+ '4.6.3' => 'This will be the last version to require PHP7.0. Future versions will require PHP7.1 minimum.',
+ '4.6.4' => 'This version of Firefly III requires PHP7.1.',
+ '4.7.3' => 'This version of Firefly III handles bills differently. See http://bit.ly/FF3-new-bills for more information.',
+ '4.7.4' => 'This version of Firefly III has a new import routine. See http://bit.ly/FF3-new-import for more information.',
+ '4.7.6' => 'This will be the last version to require PHP7.1. Future versions will require PHP7.2 minimum.',
+ '4.7.7' => 'This version of Firefly III requires PHP7.2.',
+ '4.7.10' => 'Firefly III no longer encrypts database values. To protect your data, make sure you use TDE or FDE. Read more: https://bit.ly/FF3-encryption',
],
],
];
diff --git a/tests/Unit/Helpers/Attachments/AttachmentHelperTest.php b/tests/Unit/Helpers/Attachments/AttachmentHelperTest.php
index f6e3d86e47..63acc2c209 100644
--- a/tests/Unit/Helpers/Attachments/AttachmentHelperTest.php
+++ b/tests/Unit/Helpers/Attachments/AttachmentHelperTest.php
@@ -114,7 +114,7 @@ class AttachmentHelperTest extends TestCase
public function testSaveAttachmentFromApi(): void
{
// mock calls:
- Crypt::shouldReceive('encrypt')->times(6)->andReturn('Some encrypted content');
+ Crypt::shouldReceive('encrypt')->times(1)->andReturn('Some encrypted content');
Storage::fake('upload');
$path = public_path('apple-touch-icon.png');