Merge pull request #15818 from spencerrlongg/bug/sc-27213

Resolves Validation for Encrypted Numeric and Alpha Custom Fields
2025-03-05 20:52:15 -08:00 · 2024-11-21 19:25:27 +00:00 · 2024-11-21 19:25:27 +00:00 · b7aedb7dcb
parent 8b38dc83f6 22602c7997
commit b7aedb7dcb
3 changed files with 75 additions and 0 deletions
--- a/app/Models/CustomFieldset.php
+++ b/app/Models/CustomFieldset.php
@ -2,6 +2,8 @@

 namespace App\Models;

+use App\Rules\AlphaEncrypted;
+use App\Rules\NumericEncrypted;
 use Gate;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
@ -95,6 +97,19 @@ class CustomFieldset extends Model
            array_push($rule, $field->attributes['format']);
            $rules[$field->db_column_name()] = $rule;

+
+            // these are to replace the standard 'numeric' and 'alpha' rules if the custom field is also encrypted.
+            // the values need to be decrypted first, because encrypted strings are alphanumeric
+            if ($field->format === 'NUMERIC' && $field->field_encrypted) {
+                $numericKey = array_search('numeric', $rules[$field->db_column_name()]);
+                $rules[$field->db_column_name()][$numericKey] = new NumericEncrypted;
+            }
+
+            if ($field->format === 'ALPHA' && $field->field_encrypted) {
+                $alphaKey = array_search('alpha', $rules[$field->db_column_name()]);
+                $rules[$field->db_column_name()][$alphaKey] = new AlphaEncrypted;
+            }
+
            // add not_array to rules for all fields but checkboxes
            if ($field->element != 'checkbox') {
                $rules[$field->db_column_name()][] = 'not_array';
--- a/app/Rules/AlphaEncrypted.php
+++ b/app/Rules/AlphaEncrypted.php
@ -0,0 +1,29 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Support\Facades\Crypt;
+
+class AlphaEncrypted implements ValidationRule
+{
+    /**
+     * Run the validation rule.
+     *
+     * @param  \Closure(string): \Illuminate\Translation\PotentiallyTranslatedString  $fail
+     */
+    public function validate(string $attribute, mixed $value, Closure $fail): void
+    {
+        try {
+            $attributeName = trim(preg_replace('/_+|snipeit|\d+/', ' ', $attribute));
+            $decrypted = Crypt::decrypt($value);
+            if (!ctype_alpha($decrypted) && !is_null($decrypted)) {
+                $fail(trans('validation.alpha', ['attribute' => $attributeName]));
+            }
+        } catch (\Exception $e) {
+            report($e);
+            $fail(trans('general.something_went_wrong'));
+        }
+    }
+}
--- a/app/Rules/NumericEncrypted.php
+++ b/app/Rules/NumericEncrypted.php
@ -0,0 +1,31 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Encryption\DecryptException;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Support\Facades\Crypt;
+
+class NumericEncrypted implements ValidationRule
+{
+    /**
+     * Run the validation rule.
+     *
+     * @param  \Closure(string): \Illuminate\Translation\PotentiallyTranslatedString  $fail
+     */
+    public function validate(string $attribute, mixed $value, Closure $fail): void
+    {
+
+        try {
+            $attributeName = trim(preg_replace('/_+|snipeit|\d+/', ' ', $attribute));
+            $decrypted = Crypt::decrypt($value);
+            if (!is_numeric($decrypted) && !is_null($decrypted)) {
+                $fail(trans('validation.numeric', ['attribute' => $attributeName]));
+            }
+        } catch (\Exception $e) {
+            report($e->getMessage());
+            $fail(trans('general.something_went_wrong'));
+        }
+    }
+}