From c7c7e9eb9624993775e20ad3f68eb0b2ce9c75c3 Mon Sep 17 00:00:00 2001
From: James Doyle <james2doyle@gmail.com>
Date: Thu, 29 Jul 2021 16:36:17 -0700
Subject: [PATCH] Added: support for encrypting the note field

---
 composer.json                |  5 ++++-
 config/model-notes.php       |  1 +
 src/EncryptNoteCast.php      | 27 +++++++++++++++++++++++++++
 src/Note.php                 |  1 +
 tests/NoteEncryptionTest.php | 32 ++++++++++++++++++++++++++++++++
 tests/NoteTest.php           |  4 ++++
 tests/TestCase.php           |  2 ++
 7 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 src/EncryptNoteCast.php
 create mode 100644 tests/NoteEncryptionTest.php

diff --git a/composer.json b/composer.json
index 74e3011..28b7fa7 100644
--- a/composer.json
+++ b/composer.json
@@ -4,7 +4,10 @@
     "keywords": [
         "EngineDigital",
         "laravel",
-        "model-notes"
+        "tenant",
+        "multi-tenancy",
+        "encryption",
+        "notes"
     ],
     "homepage": "https://github.com/enginedigital/model-notes",
     "license": "MIT",
diff --git a/config/model-notes.php b/config/model-notes.php
index a820096..5030f33 100644
--- a/config/model-notes.php
+++ b/config/model-notes.php
@@ -10,6 +10,7 @@
         'json',
     ],
     'model_primary_key_attribute' => 'model_id',
+    'encrypt_notes' => false,
     'tenant_model' => null, // App\Models\Company::class
     'tenant_resolver' => null, // a class that uses `__invoke` to get the id of the current tenant
 ];
diff --git a/src/EncryptNoteCast.php b/src/EncryptNoteCast.php
new file mode 100644
index 0000000..4058b1a
--- /dev/null
+++ b/src/EncryptNoteCast.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace EngineDigital\Note;
+
+use Illuminate\Contracts\Database\Eloquent\CastsAttributes;
+use Illuminate\Support\Facades\Crypt;
+
+class EncryptNoteCast implements CastsAttributes
+{
+    public function get($model, string $key, $value, array $attributes): string
+    {
+        $enabled = config('model-notes.encrypt_notes');
+
+        try {
+            return $enabled ? Crypt::decryptString($value) : $value;
+        } catch (DecryptException $e) {
+            throw $e;
+        }
+    }
+
+    public function set($model, string $key, $value, array $attributes): string
+    {
+        $enabled = config('model-notes.encrypt_notes');
+
+        return $enabled ? Crypt::encryptString($value) : $value;
+    }
+}
diff --git a/src/Note.php b/src/Note.php
index da00c1e..128035f 100644
--- a/src/Note.php
+++ b/src/Note.php
@@ -23,6 +23,7 @@ class Note extends Model
     // protected $guarded = [];
 
     protected $casts = [
+        'note' => EncryptNoteCast::class,
         'created_at' => 'datetime',
         'updated_at' => 'datetime',
     ];
diff --git a/tests/NoteEncryptionTest.php b/tests/NoteEncryptionTest.php
new file mode 100644
index 0000000..c320396
--- /dev/null
+++ b/tests/NoteEncryptionTest.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace EngineDigital\Note\Tests;
+
+use EngineDigital\Note\Note;
+
+class NoteEncryptionTest extends TestCase
+{
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        config()->set('model-notes.encrypt_notes', true);
+
+        $createNotes = require __DIR__ . '/../database/migrations/create_model_notes_table.php.stub';
+        $createNotes->up();
+    }
+
+    /** @test */
+    public function notes_can_be_encrypted()
+    {
+        $content = 'Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.';
+        $note = Note::create([
+            'note' => $content,
+            'model_type' => Note::class,
+            'model_id' => 1,
+        ]);
+
+        $this->assertNotEquals($content, $note->getAttributes()['note']);
+        $this->assertEquals($content, $note->note);
+    }
+}
diff --git a/tests/NoteTest.php b/tests/NoteTest.php
index d11633b..3135fdc 100644
--- a/tests/NoteTest.php
+++ b/tests/NoteTest.php
@@ -27,6 +27,8 @@ public function notes_can_be_created()
 
         $this->assertTrue($note->exists());
         $this->assertEquals(config('model-notes.note_default_type'), $note->fresh()->type);
+        // check that the raw value matches - which is not the case when using encryption
+        $this->assertEquals($note->note, $note->getAttributes()['note']);
     }
 
     /** @test */
@@ -60,6 +62,8 @@ public function notes_can_stringified()
         ]);
 
         $this->assertEquals($expected, (string)$note);
+        // check that the raw value matches - which is not the case when using encryption
+        $this->assertEquals($expected, $note->getAttributes()['note']);
     }
 
     /** @test */
diff --git a/tests/TestCase.php b/tests/TestCase.php
index af4e2b3..66adfd9 100644
--- a/tests/TestCase.php
+++ b/tests/TestCase.php
@@ -32,6 +32,8 @@ protected function getPackageProviders($app)
     public function getEnvironmentSetUp($app)
     {
         config()->set('database.default', 'testing');
+        // used for testing encryption
+        config()->set('app.key', 'base64:UmEsQyuFBEwGbpbSdfICjV3v4DGtSjMElnikafE7c9k=');
 
         // $migration = require __DIR__ . '/../database/migrations/create_model_notes_table.php.stub';
         // $migration->up();