-
Notifications
You must be signed in to change notification settings - Fork 988
/
LSActiveRecord.php
447 lines (404 loc) · 17.5 KB
/
LSActiveRecord.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
<?php
/*
* LimeSurvey
* Copyright (C) 2013 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: GNU/GPL License v2 or later, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
* Extensions to the CActiveRecord class
*/
/**
* @method PluginEvent dispatchPluginModelEvent(string $sEventName,CDbCriteria $criteria = null,array $eventParams = array())
*/
class LSActiveRecord extends CActiveRecord
{
public $bEncryption = false;
/**
* Lists the behaviors of this model
*
* Below is a list of all behaviors we register:
* @see CTimestampBehavior
* @see PluginEventBehavior
* @return array
*/
public function behaviors()
{
$aBehaviors = array();
$sCreateFieldName = ($this->hasAttribute('created') ? 'created' : null);
$sUpdateFieldName = ($this->hasAttribute('modified') ? 'modified' : null);
$sDriverName = Yii::app()->db->getDriverName();
if ($sDriverName == 'sqlsrv' || $sDriverName == 'dblib') {
$sTimestampExpression = new CDbExpression('GETDATE()');
} else {
$sTimestampExpression = new CDbExpression('NOW()');
}
$aBehaviors['CTimestampBehavior'] = array(
'class' => 'zii.behaviors.CTimestampBehavior',
'createAttribute' => $sCreateFieldName,
'updateAttribute' => $sUpdateFieldName,
'timestampExpression' => $sTimestampExpression
);
// Some tables might not exist/not be up to date during a database upgrade so in that case disconnect plugin events
if (!Yii::app()->getConfig('Updating')) {
$aBehaviors['PluginEventBehavior'] = array(
'class' => 'application.models.behaviors.PluginEventBehavior'
);
}
return $aBehaviors;
}
/**
* Modified version that default to do the same as the original, but allows via a
* third parameter to retrieve the result as array instead of active records. This
* solves a joining problem. Usage via findAllAsArray method
*
* Performs the actual DB query and populates the AR objects with the query result.
* This method is mainly internally used by other AR query methods.
* @param CDbCriteria $criteria the query criteria
* @param boolean $all whether to return all data
* @param bool $asAR
* @return mixed the AR objects populated with the query result
* @since 1.1.7
*/
protected function query($criteria, $all = false, $asAR = true)
{
if ($asAR === true) {
return parent::query($criteria, $all);
} else {
$this->beforeFind();
$this->applyScopes($criteria);
if (!$all) {
$criteria->limit = 1;
}
$command = $this->getCommandBuilder()->createFindCommand($this->getTableSchema(), $criteria);
//For debug, this command will get you the generated sql:
//echo $command->getText();
return $all ? $command->queryAll() : $command->queryRow();
}
}
/**
* Finds all active records satisfying the specified condition but returns them as array
*
* See {@link find()} for detailed explanation about $condition and $params.
* @param mixed $condition query condition or criteria.
* @param array $params parameters to be bound to an SQL statement.
* @return array list of active records satisfying the specified condition. An empty array is returned if none is found.
*/
public function findAllAsArray($condition = '', $params = array())
{
Yii::trace(get_class($this) . '.findAll()', 'system.db.ar.CActiveRecord');
$criteria = $this->getCommandBuilder()->createCriteria($condition, $params);
return $this->query($criteria, true, false); //Notice the third parameter 'false'
}
/**
* Return the max value for a field
*
* This is a convenience method, that uses the primary key of the model to
* retrieve the highest value.
*
* @param string $field The field that contains the Id, when null primary key is used if it is a single field
* @param boolean $forceRefresh Don't use value from static cache but always requery the database
* @return false|int
* @throws Exception
*/
public function getMaxId($field = null, $forceRefresh = false)
{
static $maxIds = array();
if (is_null($field)) {
$primaryKey = $this->getMetaData()->tableSchema->primaryKey;
if (is_string($primaryKey)) {
$field = $primaryKey;
} else {
// Composite key, throw a warning to the programmer
throw new Exception(sprintf('Table %s has a composite primary key, please explicitly state what field you need the max value for.', $this->tableName()));
}
}
if ($forceRefresh || !array_key_exists($field, $maxIds)) {
$maxId = $this->dbConnection->createCommand()
->select('MAX(' . $this->dbConnection->quoteColumnName($field) . ')')
->from($this->tableName())
->queryScalar();
// Save so we can reuse in the same request
$maxIds[$field] = $maxId;
}
return $maxIds[$field];
}
/**
* Return the min value for a field
*
* This is a convenience method, that uses the primary key of the model to
* retrieve the highest value.
*
* @param string $field The field that contains the Id, when null primary key is used if it is a single field
* @param boolean $forceRefresh Don't use value from static cache but always requery the database
* @return false|int
* @throws Exception
*/
public function getMinId($field = null, $forceRefresh = false)
{
static $minIds = array();
if (is_null($field)) {
$primaryKey = $this->getMetaData()->tableSchema->primaryKey;
if (is_string($primaryKey)) {
$field = $primaryKey;
} else {
// Composite key, throw a warning to the programmer
throw new Exception(sprintf('Table %s has a composite primary key, please explicitly state what field you need the min value for.', $this->tableName()));
}
}
if ($forceRefresh || !array_key_exists($field, $minIds)) {
$minId = $this->dbConnection->createCommand()
->select('MIN(' . $this->dbConnection->quoteColumnName($field) . ')')
->from($this->tableName())
->queryScalar();
// Save so we can reuse in the same request
$minIds[$field] = $minId;
}
return $minIds[$field];
}
/**
* @todo This should also be moved to the behavior at some point.
* This method overrides the parent in order to raise PluginEvents for Bulk delete operations.
*
* Filter Criteria are wrapped into a CDBCriteria instance so we have a single instance responsible for holding the filter criteria
* to be passed to the PluginEvent,
* this also enables us to pass the fully configured CDBCriteria instead of the original Parameters.
*
* See {@link find()} for detailed explanation about $condition and $params.
* @param array $attributes list of attribute values (indexed by attribute names) that the active records should match.
* An attribute value can be an array which will be used to generate an IN condition.
* @param string $condition query condition or criteria.
* @param array $params parameters to be bound to an SQL statement.
* @return integer number of rows affected by the execution.
*/
public function deleteAllByAttributes($attributes, $condition = '', $params = array())
{
$builder = $this->getCommandBuilder();
$table = $this->getTableSchema();
$criteria = $builder->createColumnCriteria($table, $attributes, $condition, $params);
$modelEventName = get_class($this);
$eventParams = array();
if (is_subclass_of($this, 'Dynamic')) {
/** @scrutinizer ignore-call since we test if exist by subclass */
$eventParams['dynamicId'] = $this->getDynamicId();
$modelEventName = get_parent_class($this);
}
$this->dispatchPluginModelEvent('before' . $modelEventName . 'DeleteMany', $criteria, $eventParams);
$this->dispatchPluginModelEvent('beforeModelDeleteMany', $criteria, $eventParams);
return parent::deleteAllByAttributes(array(), $criteria, array());
}
/**
* Overriding of Yii's findByAttributes method to provide encrypted attribute value search
* @param array $attributes list of attribute values (indexed by attribute names) that the active records should match.
* An attribute value can be an array which will be used to generate an IN condition.
* @param mixed $condition query condition or criteria.
* @param array $params parameters to be bound to an SQL statement.
* @return static|null the record found. Null if none is found.
*/
public function findByAttributes($attributes, $condition = '', $params = array())
{
$attributes = $this->encryptAttributeValues($attributes);
return parent::findByAttributes($attributes, $condition, $params);
}
/**
* Overriding of Yii's findAllByAttributes method to provide encrypted attribute value search
* @param array $attributes list of attribute values (indexed by attribute names) that the active records should match.
* An attribute value can be an array which will be used to generate an IN condition.
* @param mixed $condition query condition or criteria.
* @param array $params parameters to be bound to an SQL statement.
* @return static[] the records found. An empty array is returned if none is found.
*/
public function findAllByAttributes($attributes, $condition = '', $params = array())
{
$attributes = $this->encryptAttributeValues($attributes);
return parent::findAllByAttributes($attributes, $condition, $params);
}
/**
* @param int $iSurveyId
* @param string $sClassName
* @return array
* TODO: Should be split into seperate functions in the appropiate model or helper class
*/
public function getAllEncryptedAttributes($iSurveyId = 0, $sClassName)
{
$aAttributes = array();
if ($sClassName == 'ParticipantAttribute') {
// participants attributes
$aAttributes[] = 'value';
} elseif ($sClassName == 'Participant') {
// participants
$aTokenAttributes = Participant::getParticipantsEncryptionOptions();
if ($aTokenAttributes['enabled'] = 'Y') {
foreach ($aTokenAttributes['columns'] as $attribute => $oColumn) {
if ($oColumn == 'Y') {
$aAttributes[] = $attribute;
}
}
}
} elseif ($iSurveyId > 0 && ($sClassName == 'TokenDynamic' || $sClassName == 'Token_' . $iSurveyId || $sClassName == 'Token')) {
//core token attributes
$oSurvey = Survey::model()->findByPk($iSurveyId);
$aTokenAttributes = $oSurvey->getTokenEncryptionOptions();
if ($aTokenAttributes['enabled'] = 'Y') {
foreach ($aTokenAttributes['columns'] as $attribute => $oColumn) {
if ($oColumn == 'Y') {
$aAttributes[] = $attribute;
}
}
}
// custom token attributes
$aCustomAttributes = $oSurvey->tokenAttributes;
foreach ($aCustomAttributes as $attribute => $value) {
if ($value['encrypted'] == 'Y') {
$aAttributes[] = $attribute;
}
}
} elseif ($sClassName == 'SurveyDynamic' || $sClassName == 'Response_' . $iSurveyId) {
// response attributes
$aAttributes = Response::getEncryptedAttributes($iSurveyId);
}
return $aAttributes;
}
/**
* Attribute values are encrypted ( if needed )to be used for searching purposes
* @param array $attributes list of attribute values (indexed by attribute names) that the active records should match.
* An attribute value can be an array which will be used to generate an IN condition.
* @return array attributes array with encrypted atrribute values is returned
*/
public function encryptAttributeValues($attributes = null, $bEncryptedOnly = false, $bReplaceValues = true)
{
// load sodium library
$sodium = Yii::app()->sodium;
if (method_exists($this, 'getSurveyId')) {
$iSurveyId = $this->getSurveyId();
} else {
$iSurveyId = 0;
}
$class = get_class($this);
$encryptedAttributes = $this->getAllEncryptedAttributes($iSurveyId, $class);
foreach ($attributes as $key => $attribute) {
if (in_array($key, $encryptedAttributes)) {
if ($bReplaceValues) {
$attributes[$key] = $sodium->encrypt($attributes[$key]);
}
} else {
if ($bEncryptedOnly) {
unset($attributes[$key]);
}
}
}
return $attributes;
}
/**
* Decrypt values from database
* @param string $sValueSingle String value which needs to be decrypted
*/
public function decrypt($value = '')
{
// if $sValueSingle is provided, it would decrypt
if (!empty($value)) {
// load sodium library
$sodium = Yii::app()->sodium;
return $sodium->decrypt($value);
} else {
// decrypt attributes
$this->decryptEncryptAttributes('decrypt');
return $this;
}
}
/**
* Decrypt single value
* @param string $value String value which needs to be decrypted
*/
public static function decryptSingle($value = '')
{
// if $value is provided, it would decrypt
if (!empty($value)) {
// load sodium library
$sodium = Yii::app()->sodium;
return $sodium->decrypt($value);
}
}
/**
* Enrypt single value
* @param string $value String value which needs to be encrypted
*/
public static function encryptSingle($value = '')
{
// if $value is provided, it would decrypt
if (!empty($value)) {
// load sodium library
$sodium = Yii::app()->sodium;
return $sodium->encrypt($value);
}
}
/**
* Encrypt values
*/
public function encrypt()
{
// encrypt attributes
$this->decryptEncryptAttributes('encrypt');
return $this;
}
/**
* Encrypt values before saving to the database
*/
public function encryptSave($runValidation = false)
{
// run validation on attribute values before encryption take place, it is impossible to validate encrypted values
if ($runValidation) {
if (!$this->validate()) {
return false;
}
}
// encrypt attributes
$this->decryptEncryptAttributes('encrypt');
// call save() method without validation, validation is already done ( if needed )
return $this->save(false);
}
/**
* Encrypt/decrypt values
*/
public function decryptEncryptAttributes($action = 'decrypt')
{
// load sodium library
$sodium = Yii::app()->sodium;
$class = get_class($this);
if ($class === 'ParticipantAttribute') {
$aParticipantAttributes = CHtml::listData(ParticipantAttributeName::model()->findAll(array("select" => "attribute_id", "condition" => "encrypted = 'Y' and core_attribute <> 'Y'")), 'attribute_id', '');
foreach ($aParticipantAttributes as $attribute => $value) {
if (array_key_exists($this->attribute_id, $aParticipantAttributes)) {
$this->value = $sodium->$action($this->value);
}
}
} else {
$attributes = $this->encryptAttributeValues($this->attributes, true, false);
foreach ($attributes as $key => $attribute) {
$this->$key = $sodium->$action($attribute);
}
}
}
/**
* Function to show encryption symbol in gridview attribute header if value ois encrypted
* @param int $surveyId
* @param string $className
* @param string $attributeName
* @return string
* @throws CException
*/
public function setEncryptedAttributeLabel(int $surveyId = 0, string $className, string $attributeName)
{
$encryptedAttributes = $this->getAllEncryptedAttributes($surveyId, $className);
$encryptionNotice = gT("This field is encrypted and can only be searched by exact match. Please enter the exact value you are looking for.");
if (isset($encryptedAttributes)) {
if (in_array($attributeName, $encryptedAttributes)) {
return ' <span data-toggle="tooltip" title="' . $encryptionNotice . '" class="fa fa-key text-success"></span>';
}
}
}
}