View Issue Details

IDProjectCategoryView StatusLast Update
14795Development Tokenspublic2019-07-15 11:41
ReporterDenisChenu Assigned Tocdorin  
PrioritynoneSeverityminor 
Status assignedResolutionreopened 
Product Version4.0.0dev 
Target VersionFixed in Version 
Summary14795: Extend Token Response etc … to automatically encryt/decrypt
Description

Looking at https://bugs.limesurvey.org/view.php?id=14794
I think it's really better if we encrypt/decrypt automatically use model()->save/model()->find etc …

Steps To Reproduce

And idea can be

LSactiverecord->isEncrypted() {
return false;
}

Add in LSactiveRecord 2 function atahced to afterFind event and beforeSave event
This 2 function encryot/decrypt if needed (if $this->isEncrypted return true).

Additional Information

Adding a parent function is better to check the "Model name" here : https://github.com/LimeSurvey/LimeSurvey/blob/2c957295dfb14c11ce4c33fd2ebe8f0354c7c5b9/application/models/LSActiveRecord.php#L316

Maybe we can too add a model->getEncryptedAttribute to put in eachy model the needed part : https://github.com/LimeSurvey/LimeSurvey/blob/2c957295dfb14c11ce4c33fd2ebe8f0354c7c5b9/application/models/LSActiveRecord.php#L342

To add automatically the functions needed :

    public function init()
    {
        $this->attachEventHandler("onBeforeSave", array($this, 'encryptData'));
        $this->attachEventHandler("onAfterSave", array($this, 'resetEncryptData'));
        $this->attachEventHandler("onAfterFind", array($this, 'decryotData'));
    }

Allow us to have clean function name and add it only if needed …

TagsNo tags attached.

Relationships

related to 14794 closeddominikvitt Bug reports Token are not set to "sended" after email sent 
related to 14797 closeddominikvitt Bug reports Unable to send email to valid address 
related to 14796 closeddominikvitt Bug reports Unable to browse response 
related to 14798 closeddominikvitt Bug reports Someone register in a Survey with token (+encrypt) : no way to check DB 

Activities

DenisChenu

DenisChenu

2019-04-24 10:49

developer   ~51561

Last edited: 2019-04-24 10:49

View 2 revisions

onAfterSave need to reset data :

$oToken->save();
echo $oToken->token.' saved with success';

for example

Ifyou're OK : i can make a pull request before merging

dominikvitt

dominikvitt

2019-04-24 11:24

developer   ~51562

No, current design is very good, because it doesn't rely on events, but is called only when needed.
Design is much cleaner this way.

DenisChenu

DenisChenu

2019-04-24 12:26

developer   ~51564

I don't understand ?

Using an automatic system seems better in my opinion. See the previous issue for example.

For the on demand : if you use save : you broke the DB (have a 500 error …)

A,nd for event : it's the Yii event : they always happen.

I don't understand your «on demand» : it's needed : it must be by default …

DenisChenu

DenisChenu

2019-04-24 12:37

developer   ~51566

A way top BROKE db (with debug=2 : throw error 500)
Using remote control API to create a participant
https://github.com/LimeSurvey/LimeSurvey/blob/2c957295dfb14c11ce4c33fd2ebe8f0354c7c5b9/application/helpers/remotecontrol/remotecontrol_handle.php#L1775

2 solution:
Update ->save to encryptSave EVERYWHERE …

or ->save() use ->encryptSave() (by default, bnut can be disable)

Really mire clean if save use encryptSave … Same fpor findByPk or findByAttributes etc …

ollehar

ollehar

2019-04-24 13:07

administrator   ~51567

Yes, ->save() will be replaced by ->encrypt()->save() everywhere. Easy change, no? Great that you report any place Dominik forgot!

DenisChenu

DenisChenu

2019-04-24 13:16

developer   ~51568

@ollehar : Then : why not extend ->save (or add a beforeSave function) to encrypt by default.

I really undestand wht NOT extend save function ?

DenisChenu

DenisChenu

2019-04-24 14:39

developer   ~51572

Already have 3 issue (and one potential after 14797 was fixed) : i really think it must be done by defaut (if survey is 'crypted' active for token) directly in the 2 models

I didn't check Response currently , only token …

Issue History

Date Modified Username Field Change
2019-04-24 10:47 DenisChenu New Issue
2019-04-24 10:47 DenisChenu Status new => assigned
2019-04-24 10:47 DenisChenu Assigned To => dominikvitt
2019-04-24 10:49 DenisChenu Note Added: 51561
2019-04-24 10:49 DenisChenu Note Edited: 51561 View Revisions
2019-04-24 10:51 DenisChenu Relationship added related to 14794
2019-04-24 11:24 dominikvitt Status assigned => resolved
2019-04-24 11:24 dominikvitt Resolution open => no change required
2019-04-24 11:24 dominikvitt Note Added: 51562
2019-04-24 12:26 DenisChenu Status resolved => feedback
2019-04-24 12:26 DenisChenu Resolution no change required => reopened
2019-04-24 12:26 DenisChenu Note Added: 51564
2019-04-24 12:37 DenisChenu Note Added: 51566
2019-04-24 12:37 DenisChenu Status feedback => assigned
2019-04-24 13:07 ollehar Note Added: 51567
2019-04-24 13:16 DenisChenu Note Added: 51568
2019-04-24 14:27 DenisChenu Relationship added related to 14797
2019-04-24 14:27 DenisChenu Relationship added related to 14796
2019-04-24 14:38 DenisChenu Relationship added related to 14798
2019-04-24 14:39 DenisChenu Note Added: 51572
2019-07-15 11:41 dominikvitt Assigned To dominikvitt => cdorin