55
66/**
77 * Implements hook_form_alter.
8+ *
9+ * Add a field to the field storage configuration forms to allow setting the encryption state.
810 */
911function field_encrypt_form_alter(&$form, \Drupal\Core\Form\FormStateInterface $form_state, $form_id) {
1012
1113 // If this is the add or edit form for field_storage, we call our function.
12- if ($form_id === 'field_storage_add_form' || $form_id === 'field_storage_config_edit_form') {
14+ if (in_array( $form_id, [ 'field_storage_add_form', 'field_storage_config_edit_form']) ) {
1315
1416 // Check permissions
1517 $user = \Drupal::currentUser();
1618
1719 if ($user->hasPermission('administer field encryption')) {
1820 /**
19- * @var \Drupal\field\Entity\FieldStorageConfig
21+ * @var $field \Drupal\field\Entity\FieldStorageConfig
2022 */
2123 $field = $form_state->getFormObject()->getEntity();
2224
@@ -34,63 +36,74 @@ function field_encrypt_form_alter(&$form, \Drupal\Core\Form\FormStateInterface $
3436 }
3537}
3638
39+ /**
40+ * Update the field storage configuration to set the encryption state.
41+ *
42+ * @param $entity_type
43+ * @param \Drupal\field\Entity\FieldStorageConfig $fieldStorageConfig
44+ * @param $form
45+ * @param \Drupal\Core\Form\FormStateInterface $form_state
46+ */
3747function field_encrypt_form_field_add_form_builder($entity_type, \Drupal\field\Entity\FieldStorageConfig $fieldStorageConfig, &$form, \Drupal\Core\Form\FormStateInterface $form_state) {
3848
39- // If the form has the value, we set it.
40- if ($form_state->getValue('encrypt')) {
41- $fieldStorageConfig->setThirdPartySetting('field_encrypt', 'encrypt', $form_state->getValue('encrypt'));
42-
43- // TODO: We need to process the field to either batch encrypt or batch decrypt if the setting was changed.
49+ $form_encryption = $form_state->getValue('encrypt');
50+ $original_encryption = $fieldStorageConfig->getThirdPartySetting('field_encrypt', 'encrypt');
4451
52+ // If the form has the value, we set it.
53+ if ($form_encryption === 1) {
54+ $fieldStorageConfig->setThirdPartySetting('field_encrypt', 'encrypt', $form_encryption);
4555 }
4656 else {
4757 // If there is no value, remove.
4858 $fieldStorageConfig->unsetThirdPartySetting('field_encrypt', 'encrypt');
4959 }
60+
61+ if ($original_encryption !== $fieldStorageConfig->getThirdPartySetting('field_encrypt', 'encrypt')) {
62+ // We need to process the field to either encrypt or decrypt the stored fields if the setting was changed.
63+ $field_name = $fieldStorageConfig->get('field_name');
64+ $field_entity_type = $fieldStorageConfig->get('entity_type');
65+
66+ /**
67+ * @var $field_encrypt_process_entities \Drupal\field_encrypt\FieldEncryptProcessEntities
68+ */
69+ $field_encrypt_process_entities = \Drupal::service('field_encrypt.process_entities');
70+ if ($form_encryption === 1) {
71+ $field_encrypt_process_entities->encrypt_stored_field($field_entity_type, $field_name);
72+ }
73+ elseif ($form_encryption === 0) {
74+ $field_encrypt_process_entities->decrypt_stored_field($field_entity_type, $field_name);
75+ }
76+ }
5077}
5178
79+ /**
80+ * Encrypt fields before they are saved.
81+ *
82+ * @param \Drupal\Core\Entity\EntityInterface $entity
83+ */
5284function field_encrypt_entity_presave(\Drupal\Core\Entity\EntityInterface $entity) {
53- field_encrypt_process_encrypted_fields($entity, 'encrypt');
85+ if (!($entity instanceof Drupal\Core\Entity\ContentEntityInterface)) {return;}
86+ /**
87+ * @var $field_encrypt_process_entities \Drupal\field_encrypt\FieldEncryptProcessEntities
88+ */
89+ $field_encrypt_process_entities = \Drupal::service('field_encrypt.process_entities');
90+ $field_encrypt_process_entities->encrypt_entity($entity);
5491}
5592
93+ /**
94+ * Decrypt fields before they are rendered.
95+ *
96+ * @param $entities
97+ * @param $entity_type
98+ */
5699function field_encrypt_entity_load($entities, $entity_type) {
57- foreach($entities as &$entity) {
58- field_encrypt_process_encrypted_fields($entity, 'decrypt');
59- }
60- }
61-
62- function field_encrypt_process_encrypted_fields(\Drupal\Core\Entity\EntityInterface $entity, $op = 'encrypt') {
63- // Make sure we can get field definitions.
64- if (!is_callable([$entity, 'getFieldDefinitions'])){return;}
65- if (!is_callable([$entity, 'getFields'])){return;}
66- //$entity->getFieldDefinitions();
67- $entity->getFields();
68-
69- foreach($entity->getFieldDefinitions() as $name => $definition) {
70- if (!is_callable([$definition, 'get'])){continue;}
71-
72- $storage = $definition->get('fieldStorage');
73- if (is_null($storage)) {continue;}
74-
75- $encrypted = $storage->getThirdPartySetting('field_encrypt', 'encrypt', FALSE);
76-
77- if ($encrypted) {
78- // Load the encyption service.
79- // @var \Drupal\encrypt\EncryptService
80- $encryption_service = Drupal::service('encryption');
100+ /**
101+ * @var $field_encrypt_process_entities \Drupal\field_encrypt\FieldEncryptProcessEntities
102+ */
103+ $field_encrypt_process_entities = \Drupal::service('field_encrypt.process_entities');
81104
82- if ($op === 'encrypt') {
83- $replacement = $encryption_service->encrypt($entity->get($name)->value);
84- }
85- elseif ($op === 'decrypt') {
86- $replacement = $encryption_service->decrypt($entity->get($name)->value);
87- }
88-
89- // TODO: This code only works for basic fields. It does not correctly work for fields like the body which have markup in them.
90- $entity->set($name, $replacement, FALSE);
91-
92- }
105+ foreach($entities as &$entity) {
106+ if (!($entity instanceof Drupal\Core\Entity\ContentEntityInterface)) {continue;}
107+ $field_encrypt_process_entities->decrypt_entity($entity);
93108 }
94109}
95-
96-
0 commit comments