Home Explore Help
Register Sign In
chengwenliang
/
newsupernova
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c9405dd336
Branches Tags
newsupernova
/
vendor
/
magento
/
module-encryption-key
/
Setup
/
Patch
/
Data
/
SodiumChachaPatch.php

SodiumChachaPatch.php 4.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Copyright © Magento, Inc. All rights reserved.
    4. 

  4.  * See COPYING.txt for license details.
    5. 

  5.  */
    6. 

  6. declare(strict_types=1);
    7. 

  7. 

  8. namespace Magento\EncryptionKey\Setup\Patch\Data;
    9. 

  9. 

  10. use Magento\Framework\Setup\Patch\DataPatchInterface;
    11. 

  11. use Magento\Framework\App\ObjectManager;
    12. 

  12. 

  13. /**
    14. 

  14.  * Migrate encrypted configuration values to the latest cipher
    15. 

  15.  */
    16. 

  16. class SodiumChachaPatch implements DataPatchInterface
    17. 

  17. {
    18. 

  18.     /**
    19. 

  19.      * @var \Magento\Framework\Config\ScopeInterface
    20. 

  20.      */
    21. 

  21.     private $scope;
    22. 

  22. 

  23.     /**
    24. 

  24.      * @var \Magento\Framework\Setup\ModuleDataSetupInterface
    25. 

  25.      */
    26. 

  26.     private $moduleDataSetup;
    27. 

  27. 

  28.     /**
    29. 

  29.      * @var \Magento\Config\Model\Config\Structure
    30. 

  30.      */
    31. 

  31.     private $structure;
    32. 

  32. 

  33.     /**
    34. 

  34.      * @var \Magento\Framework\Encryption\EncryptorInterface
    35. 

  35.      */
    36. 

  36.     private $encryptor;
    37. 

  37. 

  38.     /**
    39. 

  39.      * @var \Magento\Framework\App\State
    40. 

  40.      */
    41. 

  41.     private $state;
    42. 

  42. 

  43.     /**
    44. 

  44.      * SodiumChachaPatch constructor.
    45. 

  45.      * @param \Magento\Framework\Setup\ModuleDataSetupInterface $moduleDataSetup
    46. 

  46.      * @param \Magento\Config\Model\Config\Structure\Proxy $structure
    47. 

  47.      * @param \Magento\Framework\Encryption\EncryptorInterface $encryptor
    48. 

  48.      * @param \Magento\Framework\App\State $state
    49. 

  49.      * @param \Magento\Framework\Config\ScopeInterface|null $scope
    50. 

  50.      */
    51. 

  51.     public function __construct(
    52. 

  52.         \Magento\Framework\Setup\ModuleDataSetupInterface $moduleDataSetup,
    53. 

  53.         \Magento\Config\Model\Config\Structure\Proxy $structure,
    54. 

  54.         \Magento\Framework\Encryption\EncryptorInterface $encryptor,
    55. 

  55.         \Magento\Framework\App\State $state,
    56. 

  56.         \Magento\Framework\Config\ScopeInterface $scope = null
    57. 

  57.     ) {
    58. 

  58.         $this->moduleDataSetup = $moduleDataSetup;
    59. 

  59.         $this->structure = $structure;
    60. 

  60.         $this->encryptor = $encryptor;
    61. 

  61.         $this->state = $state;
    62. 

  62.         $this->scope = $scope ?? ObjectManager::getInstance()->get(\Magento\Framework\Config\ScopeInterface::class);
    63. 

  63.     }
    64. 

  64. 

  65.     /**
    66. 

  66.      * @inheritdoc
    67. 

  67.      */
    68. 

  68.     public function apply()
    69. 

  69.     {
    70. 

  70.         $this->moduleDataSetup->startSetup();
    71. 

  71. 

  72.         $this->reEncryptSystemConfigurationValues();
    73. 

  73. 

  74.         $this->moduleDataSetup->endSetup();
    75. 

  75.     }
    76. 

  76. 

  77.     /**
    78. 

  78.      * @inheritdoc
    79. 

  79.      */
    80. 

  80.     public static function getDependencies()
    81. 

  81.     {
    82. 

  82.         return [];
    83. 

  83.     }
    84. 

  84. 

  85.     /**
    86. 

  86.      * @inheritdoc
    87. 

  87.      */
    88. 

  88.     public function getAliases()
    89. 

  89.     {
    90. 

  90.         return [];
    91. 

  91.     }
    92. 

  92. 

  93.     /**
    94. 

  94.      * Re encrypt sensitive data in the system configuration
    95. 

  95.      */
    96. 

  96.     private function reEncryptSystemConfigurationValues()
    97. 

  97.     {
    98. 

  98.         $table = $this->moduleDataSetup->getTable('core_config_data');
    99. 

  99.         $hasEncryptedData = $this->moduleDataSetup->getConnection()->fetchOne(
    100. 

  100.             $this->moduleDataSetup->getConnection()
    101. 

  101.                 ->select()
    102. 

  102.                 ->from($table, [new \Zend_Db_Expr('count(value)')])
    103. 

  103.                 ->where('value LIKE ?', '0:2%')
    104. 

  104.         );
    105. 

  105.         if ($hasEncryptedData !== '0') {
    106. 

  106.             $currentScope = $this->scope->getCurrentScope();
    107. 

  107.             $structure = $this->structure;
    108. 

  108.             $paths = $this->state->emulateAreaCode(
    109. 

  109.                 \Magento\Framework\App\Area::AREA_ADMINHTML,
    110. 

  110.                 function () use ($structure) {
    111. 

  111.                     $this->scope->setCurrentScope(\Magento\Framework\App\Area::AREA_ADMINHTML);
    112. 

  112.                     /** Returns list of structure paths to be re encrypted */
    113. 

  113.                     $paths = $structure->getFieldPathsByAttribute(
    114. 

  114.                         'backend_model',
    115. 

  115.                         \Magento\Config\Model\Config\Backend\Encrypted::class
    116. 

  116.                     );
    117. 

  117.                     /** Returns list of mapping between configPath => [structurePaths] */
    118. 

  118.                     $mappedPaths = $structure->getFieldPaths();
    119. 

  119.                     foreach ($mappedPaths as $mappedPath => $data) {
    120. 

  120.                         foreach ($data as $structurePath) {
    121. 

  121.                             if ($structurePath !== $mappedPath && $key = array_search($structurePath, $paths)) {
    122. 

  122.                                 $paths[$key] = $mappedPath;
    123. 

  123.                             }
    124. 

  124.                         }
    125. 

  125.                     }
    126. 

  126. 

  127.                     return array_unique($paths);
    128. 

  128.                 }
    129. 

  129.             );
    130. 

  130.             $this->scope->setCurrentScope($currentScope);
    131. 

  131.             // walk through found data and re-encrypt it
    132. 

  132.             if ($paths) {
    133. 

  133.                 $values = $this->moduleDataSetup->getConnection()->fetchPairs(
    134. 

  134.                     $this->moduleDataSetup->getConnection()
    135. 

  135.                         ->select()
    136. 

  136.                         ->from($table, ['config_id', 'value'])
    137. 

  137.                         ->where('path IN (?)', $paths)
    138. 

  138.                         ->where('value NOT LIKE ?', '')
    139. 

  139.                 );
    140. 

  140.                 foreach ($values as $configId => $value) {
    141. 

  141.                     $this->moduleDataSetup->getConnection()->update(
    142. 

  142.                         $table,
    143. 

  143.                         ['value' => $this->encryptor->encrypt($this->encryptor->decrypt($value))],
    144. 

  144.                         ['config_id = ?' => (int)$configId]
    145. 

  145.                     );
    146. 

  146.                 }
    147. 

  147.             }
    148. 

  148.         }
    149. 

  149.     }
    150. 

  150. }
    151.