Skip to content

(Add) Command to re-encrypt encrypted columns #4834

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Roardom wants to merge 1 commit into
base: development
Choose a base branch
from
Draft

(Add) Command to re-encrypt encrypted columns #4834

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
89 changes: 89 additions & 0 deletions app/Console/Commands/ReEncrypt.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
<?php

declare(strict_types=1);

/**
* NOTICE OF LICENSE.
*
* UNIT3D Community Edition is open-sourced software licensed under the GNU Affero General Public License v3.0
* The details is bundled with this project in the file LICENSE.txt.
*
* @project UNIT3D Community Edition
*
* @author Roardom <[email protected]>
* @license https://www.gnu.org/licenses/agpl-3.0.en.html/ GNU Affero General Public License v3.0
*/

namespace App\Console\Commands;

use App\Models\Donation;
use App\Models\Seedbox;
use Exception;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\DB;

class ReEncrypt extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 're-encrypt';

/**
* The console command description.
*
* @var string
*/
protected $description = 'Re-encrypt all encrypted columns. Should be ran after rotating the app key.';

/**
* Execute the console command.
*/
public function handle(): void
{
$models = [
Donation::class => [
'transaction',
],
Seedbox::class => [
'ip',
],
];

foreach ($models as $model => $columns) {
$table = new $model()->getTable();

$this->comment("Re-encrypting {$table}...");

DB::table($table)
->lazyById()
->each(function (object $record) use ($table, $columns): void {
if (!property_exists($record, 'id')) {
throw new Exception("Column 'id' not found on '{$table}' record.");
}

$reEncrypted = [];

foreach ($columns as $column) {
if (!property_exists($record, $column)) {
throw new Exception("Column '{$column}' not found on '{$table}' record.");
}

try {
$reEncrypted[$column] = Crypt::encryptString(Crypt::decryptString($record->$column));
} catch (\Illuminate\Contracts\Encryption\DecryptException) {
}
}

if ($reEncrypted !== []) {
DB::table($table)->where('id', '=', $record->id)->update($reEncrypted);
}
});

$this->comment("Re-encrypted {$table}.");
}
}
}