Merge pull request #15818 from spencerrlongg/bug/sc-27213

Resolves Validation for Encrypted Numeric and Alpha Custom Fields

Author: snipe

app/Models/CustomFieldset.php

@@ -2,6 +2,8 @@
 
 namespace App\Models;
 
+use App\Rules\AlphaEncrypted;
+use App\Rules\NumericEncrypted;
 use Gate;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
@@ -95,6 +97,19 @@ public function validation_rules()
             array_push($rule, $field->attributes['format']);
             $rules[$field->db_column_name()] = $rule;
 
+
+            // these are to replace the standard 'numeric' and 'alpha' rules if the custom field is also encrypted.
+            // the values need to be decrypted first, because encrypted strings are alphanumeric
+            if ($field->format === 'NUMERIC' && $field->field_encrypted) {
+                $numericKey = array_search('numeric', $rules[$field->db_column_name()]);
+                $rules[$field->db_column_name()][$numericKey] = new NumericEncrypted;
+            }
+
+            if ($field->format === 'ALPHA' && $field->field_encrypted) {
+                $alphaKey = array_search('alpha', $rules[$field->db_column_name()]);
+                $rules[$field->db_column_name()][$alphaKey] = new AlphaEncrypted;
+            }
+
             // add not_array to rules for all fields but checkboxes
             if ($field->element != 'checkbox') {
                 $rules[$field->db_column_name()][] = 'not_array';

app/Rules/AlphaEncrypted.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Support\Facades\Crypt;
+
+class AlphaEncrypted implements ValidationRule
+{
+    /**
+     * Run the validation rule.
+     *
+     * @param  \Closure(string): \Illuminate\Translation\PotentiallyTranslatedString  $fail
+     */
+    public function validate(string $attribute, mixed $value, Closure $fail): void
+    {
+        try {
+            $attributeName = trim(preg_replace('/_+|snipeit|\d+/', ' ', $attribute));
+            $decrypted = Crypt::decrypt($value);
+            if (!ctype_alpha($decrypted) && !is_null($decrypted)) {
+                $fail(trans('validation.alpha', ['attribute' => $attributeName]));
+            }
+        } catch (\Exception $e) {
+            report($e);
+            $fail(trans('general.something_went_wrong'));
+        }
+    }
+}

app/Rules/NumericEncrypted.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Encryption\DecryptException;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Support\Facades\Crypt;
+
+class NumericEncrypted implements ValidationRule
+{
+    /**
+     * Run the validation rule.
+     *
+     * @param  \Closure(string): \Illuminate\Translation\PotentiallyTranslatedString  $fail
+     */
+    public function validate(string $attribute, mixed $value, Closure $fail): void
+    {
+
+        try {
+            $attributeName = trim(preg_replace('/_+|snipeit|\d+/', ' ', $attribute));
+            $decrypted = Crypt::decrypt($value);
+            if (!is_numeric($decrypted) && !is_null($decrypted)) {
+                $fail(trans('validation.numeric', ['attribute' => $attributeName]));
+            }
+        } catch (\Exception $e) {
+            report($e->getMessage());
+            $fail(trans('general.something_went_wrong'));
+        }
+    }
+}