Tadah
/
ciphersweet-for-laravel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Tadah:9193ff649a5355f2334ecb3f2d7eefa75721d467
Branches Tags
Tadah:master
..
compare: Tadah:cff6336828e82b0d2278718ee57af4befaae93a9
Branches Tags
Tadah:master

No commits in common. "9193ff649a5355f2334ecb3f2d7eefa75721d467" and "cff6336828e82b0d2278718ee57af4befaae93a9" have entirely different histories.
9193ff649a ... cff6336828

13 changed files with 576 additions and 1533 deletions
Show Stats Expand all files Collapse all files

2
composer.json
View File

@ -20,7 +20,7 @@
} }
}, },
"require": { "require": {
"php": "^7.2.5|^8.0", "php": "^7.2.5",
"illuminate/config": "^7.0|^8.0", "illuminate/config": "^7.0|^8.0",
"illuminate/support": "^7.0|^8.0", "illuminate/support": "^7.0|^8.0",
"illuminate/database": "^7.0|^8.0", "illuminate/database": "^7.0|^8.0",

1635
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

54
phpunit.xml
View File

@ -1,22 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd" backupGlobals="false" backupStaticAttributes="false" bootstrap="vendor/autoload.php" colors="true" convertErrorsToExceptions="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" processIsolation="false" stopOnFailure="false"> <phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
<coverage processUncoveredFiles="true"> xsi:noNamespaceSchemaLocation="./vendor/phpunit/phpunit/phpunit.xsd"
<include> backupGlobals="false"
<directory suffix=".php">./src</directory> backupStaticAttributes="false"
</include> bootstrap="vendor/autoload.php"
</coverage> colors="true"
<testsuites> convertErrorsToExceptions="true"
<testsuite name="Unit"> convertNoticesToExceptions="true"
<directory suffix="Test.php">./tests/Unit</directory> convertWarningsToExceptions="true"
</testsuite> processIsolation="false"
</testsuites> stopOnFailure="false">
<php> <testsuites>
<server name="APP_ENV" value="testing"/> <testsuite name="Unit">
<server name="BCRYPT_ROUNDS" value="4"/> <directory suffix="Test.php">./tests/Unit</directory>
<server name="CACHE_DRIVER" value="array"/> </testsuite>
<server name="MAIL_DRIVER" value="array"/>
<server name="QUEUE_CONNECTION" value="sync"/> <testsuite name="Feature">
<server name="SESSION_DRIVER" value="file"/> <directory suffix="Test.php">./tests/Feature</directory>
<server name="DB_CONNECTION" value="testing"/> </testsuite>
</php> </testsuites>
<filter>
<whitelist processUncoveredFilesFromWhitelist="true">
<directory suffix=".php">./src</directory>
</whitelist>
</filter>
<php>
<server name="APP_ENV" value="testing"/>
<server name="BCRYPT_ROUNDS" value="4"/>
<server name="CACHE_DRIVER" value="array"/>
<server name="MAIL_DRIVER" value="array"/>
<server name="QUEUE_CONNECTION" value="sync"/>
<server name="SESSION_DRIVER" value="file"/>
<server name="DB_CONNECTION" value="testing"/>
</php>
</phpunit> </phpunit>

39
readme.md
View File

@ -1,14 +1,12 @@
# CipherSweet for Laravel # CipherSweet for Laravel
A Laravel implementation of [Paragon Initiative Enterprises CipherSweet](https://ciphersweet.paragonie.com) searchable A Laravel implementation of [Paragon Initiative Enterprises CipherSweet](https://ciphersweet.paragonie.com) searchable field level encryption.
field level encryption.
Make sure you have some basic understanding of CipherSweet before continuing. Make sure you have some basic understanding of CipherSweet before continuing.
## Installation ## Installation
Install the package using composer: Install the package using composer:
``` ```
composer require bjorn-voesten/ciphersweet-for-laravel composer require bjorn-voesten/ciphersweet-for-laravel
``` ```
@ -18,13 +16,10 @@ The package will then automatically register itself.
#### Encryption key #### Encryption key
In your `.env` file you should add: In your `.env` file you should add:
```dotenv ```dotenv
CIPHERSWEET_KEY= CIPHERSWEET_KEY=
``` ```
And then generate an encryption key: And then generate an encryption key:
``` ```
php artisan ciphersweet:key php artisan ciphersweet:key
``` ```
@ -32,7 +27,6 @@ php artisan ciphersweet:key
#### Config file #### Config file
Publish the config file: Publish the config file:
``` ```
php artisan vendor:publish --tag=ciphersweet-config php artisan vendor:publish --tag=ciphersweet-config
``` ```
@ -43,7 +37,6 @@ php artisan vendor:publish --tag=ciphersweet-config
Add the `BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption` trait to your model <br> Add the `BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption` trait to your model <br>
and add the `BjornVoesten\CipherSweet\Casts\Encrypted` cast to the attributes you want to encrypt. and add the `BjornVoesten\CipherSweet\Casts\Encrypted` cast to the attributes you want to encrypt.
```php ```php
<?php <?php
@ -106,42 +99,29 @@ class User extends Model
Attributes will be automatically encrypted and decrypted when filling and retrieving attribute values. Attributes will be automatically encrypted and decrypted when filling and retrieving attribute values.
**Note** Because the package uses Laravel casts it is not possible to combine the `Encrypted` cast and **Note** Because the package uses Laravel casts it is not possible to combine the `Encrypted` cast and accessors/mutators.
accessors/mutators.
### Searching ### Searching
**Note** When searching with the `equal to` operator models will be returned when the value is found in one of all **Note** When searching with the `equal to` operator models will be returned when the value is found in one of all available or defined indexes. When searching with the `not equal to` operator all models where the value is not found in any of the available or the defined indexes are returned.
available or defined indexes. When searching with the `not equal to` operator all models where the value is not found in
any of the available or the defined indexes are returned.
**Note** **Note**
Because of the limited search possibilities in CipherSweet only the `=` and `!=` operators are available when searching Because of the limited search possibilities in CipherSweet only the `=` and `!=` operators are available when searching encrypted attributes.
encrypted attributes.
<br/> #### `whereEncrypted`
#### `whereEncrypted`, `orWhereEncrypted`
```php ```php
User::query() User::query()
->whereEncrypted('social_security_number', '=', '123-456-789') ->whereEncrypted('social_security_number', '=', '123-456-789')
->orWhereEncrypted('social_security_number', '=', '123-456-789')
->get(); ->get();
``` ```
<br/> #### `orWhereEncrypted`
#### `whereInEncrypted`, `orWhereInEncrypted`
```php ```php
User::query() User::query()
->whereInEncrypted('social_security_number', [ ->whereEncrypted('social_security_number', '=', '123-456-789')
'123-456-789', ->orWhereEncrypted('social_security_number', '=', '456-123-789')
])
->orWhereInEncrypted('social_security_number', [
'456-123-789',
])
->get(); ->get();
``` ```
@ -151,8 +131,7 @@ Please see [contributing.md](contributing.md) for details and a todolist.
## Security ## Security
If you discover any security related issues, please email [security@bjornvoesten.com](mailto:security@bjornvoesten.com) If you discover any security related issues, please email [security@bjornvoesten.com](mailto:security@bjornvoesten.com) instead of using the issue tracker.
instead of using the issue tracker.
## Testing ## Testing

4
src/Casts/Encrypted.php
View File

@ -13,10 +13,10 @@ class Encrypted implements CastsAttributes
* @param string $key * @param string $key
* @param mixed $value * @param mixed $value
* @param array $attributes * @param array $attributes
* @return string|null * @return string
* @throws \Exception * @throws \Exception
*/ */
public function get($model, string $key, $value, array $attributes): ?string public function get($model, string $key, $value, array $attributes)
{ {
return $model->decrypt($key); return $model->decrypt($key);
} }

36
src/CipherSweetService.php
View File

@ -108,23 +108,23 @@ class CipherSweetService
$field = new EncryptedField( $field = new EncryptedField(
$this->engine, $this->engine,
$table = $model->getTable(), $table = $model->getTable(),
$attribute->column $attribute->column,
); );
// Map and add the indexes to the encrypted // Map and add the indexes to the encrypted
// field instance. // field instance.
collect($attribute->indexes) collect($attribute->indexes)
->map(static function (Index $index) { ->map(function (Index $index) {
return new BlindIndex( return $index = new BlindIndex(
$index->column, $index->column,
$index->transformers, $index->transformers,
$index->bits, $index->bits,
$index->fast $index->fast,
); );
}) })
->each(static function ($index) use ($field) { ->each(
return $field->addBlindIndex($index); fn($index) => $field->addBlindIndex($index)
}); );
return $field; return $field;
} }
@ -134,24 +134,18 @@ class CipherSweetService
* *
* @param \Illuminate\Database\Eloquent\Model|\BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption $model * @param \Illuminate\Database\Eloquent\Model|\BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption $model
* @param string $attribute * @param string $attribute
* @param string|int|boolean|null $value * @param string|int|boolean $value
* @return array * @return array
* @throws \ParagonIE\CipherSweet\Exception\BlindIndexNameCollisionException * @throws \ParagonIE\CipherSweet\Exception\BlindIndexNameCollisionException
* @throws \ParagonIE\CipherSweet\Exception\BlindIndexNotFoundException * @throws \ParagonIE\CipherSweet\Exception\BlindIndexNotFoundException
* @throws \ParagonIE\CipherSweet\Exception\CryptoOperationException * @throws \ParagonIE\CipherSweet\Exception\CryptoOperationException
* @throws \SodiumException * @throws \SodiumException
*/ */
public function encrypt(Model $model, string $attribute, $value): array public function encrypt(Model $model, string $attribute, $value)
{ {
$field = $this->field($model, $attribute); return $this
->field($model, $attribute)
if (is_null($value)) { ->prepareForStorage($value);
return [null, array_map(static function () {
return null;
}, $field->getAllBlindIndexes(''))];
}
return $field->prepareForStorage($value);
} }
/** /**
@ -164,12 +158,8 @@ class CipherSweetService
* @throws \ParagonIE\CipherSweet\Exception\BlindIndexNameCollisionException * @throws \ParagonIE\CipherSweet\Exception\BlindIndexNameCollisionException
* @throws \ParagonIE\CipherSweet\Exception\CryptoOperationException * @throws \ParagonIE\CipherSweet\Exception\CryptoOperationException
*/ */
public function decrypt(Model $model, string $attribute, $value): ?string public function decrypt(Model $model, string $attribute, $value)
{ {
if (is_null($value)) {
return null;
}
return $this return $this
->field($model, $attribute) ->field($model, $attribute)
->decryptValue($value); ->decryptValue($value);

2
src/CipherSweetServiceProvider.php
View File

@ -36,7 +36,7 @@ class CipherSweetServiceProvider extends ServiceProvider
{ {
// Config // Config
$this->publishes([ $this->publishes([
__DIR__ . '/../config/ciphersweet.php' => config_path('ciphersweet.php') __DIR__ . '/../config/ciphersweet.php',
], 'ciphersweet-config'); ], 'ciphersweet-config');
$this->mergeConfigFrom( $this->mergeConfigFrom(

115
src/Concerns/WithAttributeEncryption.php
View File

@ -3,6 +3,7 @@
namespace BjornVoesten\CipherSweet\Concerns; namespace BjornVoesten\CipherSweet\Concerns;
use Illuminate\Database\Eloquent\Builder; use Illuminate\Database\Eloquent\Builder;
use Illuminate\Support\Arr;
/** /**
* @mixin \Illuminate\Database\Eloquent\Model * @mixin \Illuminate\Database\Eloquent\Model
@ -15,8 +16,9 @@ trait WithAttributeEncryption
* @param string $attribute * @param string $attribute
* @param string|int|boolean $value * @param string|int|boolean $value
* @return array * @return array
* @throws \Exception
*/ */
public function encrypt(string $attribute, $value): array public function encrypt(string $attribute, $value)
{ {
[$ciphertext, $indexes] = $result = app('ciphersweet')->encrypt( [$ciphertext, $indexes] = $result = app('ciphersweet')->encrypt(
$this, $attribute, $value $this, $attribute, $value
@ -35,12 +37,12 @@ trait WithAttributeEncryption
* Encrypt the attribute. * Encrypt the attribute.
* *
* @param string $attribute * @param string $attribute
* @return string|null * @return $this
*/ */
public function decrypt(string $attribute): ?string public function decrypt(string $attribute)
{ {
return app('ciphersweet')->decrypt( return app('ciphersweet')->decrypt(
$this, $attribute, $this->attributes[$attribute] ?? null $this, $attribute, $this->attributes[$attribute]
); );
} }
@ -52,25 +54,27 @@ trait WithAttributeEncryption
* @param $operator * @param $operator
* @param $value * @param $value
* @param array $indexes * @param array $indexes
* @param string $boolean
* @return void * @return void
* @throws \Exception
*/ */
public function scopeWhereEncrypted(Builder $query, string $column, $operator, $value, array $indexes = [], $boolean = 'and'): void public function scopeWhereEncrypted(Builder $query, string $column, $operator, $value, array $indexes = []): void
{ {
/** @var array $available */ $available = Arr::last(
$available = $this->encrypt($column, $value)[1]; $this->encrypt($column, $value)
);
$indexes = empty($indexes) ? array_keys($available) : $indexes; $indexes = empty($indexes)
? array_keys($available)
: $indexes;
$method = $boolean === 'or' $first = true;
? 'orWhere' foreach ($indexes as $index) {
: 'where'; $first
? $query->where($index, $operator, $available[$index])
: $query->orWhere($index, $operator, $available[$index]);
$query->{$method}(function (Builder $query) use ($available, $operator, $indexes) { $first = false;
foreach ($indexes as $key => $index) { }
$query->where($index, $operator, $available[$index]);
}
});
} }
/** /**
@ -79,76 +83,23 @@ trait WithAttributeEncryption
* @param \Illuminate\Database\Eloquent\Builder $query * @param \Illuminate\Database\Eloquent\Builder $query
* @param string $column * @param string $column
* @param string $operator * @param string $operator
* @param mixed $value * @param $value
* @param array $indexes * @param array $indexes
* @param string $boolean
* @return void
*/
public function scopeOrWhereEncrypted(
Builder $query, string $column, string $operator, $value,
array $indexes = [], $boolean = 'or'
): void
{
$this->scopeWhereEncrypted(
$query, $column, $operator, $value, $indexes, $boolean
);
}
/**
* Add a where in clause to the query for an encrypted column.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string $column
* @param array $values
* @param array $indexes
* @param string $boolean
* @return void * @return void
* @throws \Exception * @throws \Exception
*/ */
public function scopeWhereInEncrypted( public function scopeOrWhereEncrypted(Builder $query, string $column, string $operator, $value, array $indexes = []): void
Builder $query, string $column, array $values, array $indexes = [],
$boolean = 'and'
): void
{ {
$values = array_map(function (string $value) use ($column) { $available = Arr::last(
return $this->encrypt($column, $value)[1]; $this->encrypt($column, $value)
}, $values);
$available = array_keys($values[0]);
$indexes = empty($indexes) ? $available : $indexes;
$method = $boolean === 'or'
? 'orWhere'
: 'where';
$query->{$method}(function (Builder $query) use ($values, $indexes) {
foreach ($indexes as $key => $index) {
(bool) $key
? $query->orWhereIn($index, $values)
: $query->whereIn($index, $values);
}
});
}
/**
* Add a or where in clause to the query for an encrypted column.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string $column
* @param array $values
* @param array $indexes
* @param string $boolean
* @return void
* @throws \Exception
*/
public function scopeOrWhereInEncrypted(
Builder $query, string $column, array $values, array $indexes = [],
$boolean = 'or'
): void
{
$this->scopeWhereInEncrypted(
$query, $column, $values, $indexes, $boolean
); );
$indexes = empty($indexes)
? array_keys($available)
: $indexes;
foreach ($indexes as $index) {
$query->orWhere($index, $operator, $available[$index]);
}
} }
} }

28
src/Macros/Blueprint.php
View File

@ -11,7 +11,7 @@ class Blueprint
{ {
public function encrypted(): Closure public function encrypted(): Closure
{ {
return function (string $name, ?array $indexes = null, ?string $after = null, bool $nullable = false): void { return function (string $name, ?array $indexes = null): void {
$columns = empty($indexes) $columns = empty($indexes)
? [ ? [
$name, $name,
@ -23,13 +23,7 @@ class Blueprint
); );
foreach ($columns as $column) { foreach ($columns as $column) {
$addedColumn = $this->string($column)->nullable($nullable); $this->string($column);
if($after) {
$addedColumn->after($after);
$after = $column;
}
} }
$this->index($columns); $this->index($columns);
@ -38,8 +32,22 @@ class Blueprint
public function nullableEncrypted(): Closure public function nullableEncrypted(): Closure
{ {
return function (string $name, ?array $indexes = null, ?string $after = null): void { return function (string $name, ?array $indexes = null): void {
$this->encrypted($name, $indexes, $after, true); $columns = empty($indexes)
? [
$name,
"{$name}_index",
]
: array_merge(
[$name],
$indexes
);
foreach ($columns as $column) {
$this->string($column)->nullable();
}
$this->index($columns);
}; };
} }
} }

4
tests/Concerns/CreateUsersTable.php
View File

@ -10,8 +10,8 @@ trait CreateUsersTable
protected function createUsersTable(): void protected function createUsersTable(): void
{ {
Schema::create('users', function (Blueprint $table) { Schema::create('users', function (Blueprint $table) {
$table->id(); $table->id('id');
$table->string('social_security_number')->nullable(); $table->string('social_security_number');
$table->string('social_security_number_index')->nullable(); $table->string('social_security_number_index')->nullable();
$table->string('custom_index')->nullable(); $table->string('custom_index')->nullable();
$table->timestamps(); $table->timestamps();

4
tests/Concerns/CreatesUsers.php
View File

@ -9,10 +9,10 @@ trait CreatesUsers
/** /**
* Create a new user instance. * Create a new user instance.
* *
* @param string|null $socialSecurityNumber * @param string $socialSecurityNumber
* @return \Tests\Mocks\User|\Illuminate\Database\Eloquent\Model * @return \Tests\Mocks\User|\Illuminate\Database\Eloquent\Model
*/ */
protected function user(?string $socialSecurityNumber): User protected function user(string $socialSecurityNumber): User
{ {
return User::query()->create([ return User::query()->create([
'social_security_number' => $socialSecurityNumber, 'social_security_number' => $socialSecurityNumber,

34
tests/Unit/EncryptionTest.php
View File

@ -27,12 +27,12 @@ class EncryptionTest extends TestCase
'social_security_number' => '123-456-789', 'social_security_number' => '123-456-789',
]); ]);
static::assertSame( $this->assertSame(
'123-456-789', '123-456-789',
$user->social_security_number $user->social_security_number
); );
static::assertNotEmpty( $this->assertNotEmpty(
$user->social_security_number_index $user->social_security_number_index
); );
} }
@ -41,12 +41,12 @@ class EncryptionTest extends TestCase
{ {
$user = $this->user('123-456-789'); $user = $this->user('123-456-789');
static::assertNotSame( $this->assertNotSame(
'123-456-789', '123-456-789',
$user->getRawOriginal('social_security_number') $user->getRawOriginal('social_security_number')
); );
static::assertNotEmpty( $this->assertNotEmpty(
$user->social_security_number_index $user->social_security_number_index
); );
@ -78,12 +78,12 @@ class EncryptionTest extends TestCase
]) ])
->save(); ->save();
static::assertNotSame( $this->assertNotSame(
'123-456-789', '123-456-789',
$user->getRawOriginal('social_security_number') $user->getRawOriginal('social_security_number')
); );
static::assertNotEmpty( $this->assertNotEmpty(
$user->getAttribute('custom_index') $user->getAttribute('custom_index')
); );
@ -100,29 +100,9 @@ class EncryptionTest extends TestCase
{ {
$user = $this->user('123-456-789'); $user = $this->user('123-456-789');
static::assertSame( $this->assertSame(
'123-456-789', '123-456-789',
$user->getAttribute('social_security_number') $user->getAttribute('social_security_number')
); );
} }
public function testAttributesCanBeMadeNull(): void
{
$user = $this->user('123-456-789');
static::assertSame(
'123-456-789',
$user->social_security_number
);
$user->social_security_number = null;
static::assertNull(
$user->social_security_number
);
static::assertNull(
$user->social_security_number_index
);
}
} }

150
tests/Unit/QueryTest.php
View File

@ -32,8 +32,8 @@ class QueryTest extends TestCase
->get() ->get()
->modelKeys(); ->modelKeys();
static::assertContains($userOne->id, $keys); $this->assertContains($userOne->id, $keys);
static::assertNotContains($userTwo->id, $keys); $this->assertNotContains($userTwo->id, $keys);
// Assert success using provided index. // Assert success using provided index.
/** @var \Illuminate\Database\Eloquent\Collection $keys */ /** @var \Illuminate\Database\Eloquent\Collection $keys */
@ -44,8 +44,8 @@ class QueryTest extends TestCase
->get() ->get()
->modelKeys(); ->modelKeys();
static::assertContains($userOne->id, $keys); $this->assertContains($userOne->id, $keys);
static::assertNotContains($userTwo->id, $keys); $this->assertNotContains($userTwo->id, $keys);
// Assert undefined index exception. // Assert undefined index exception.
$this->expectException(Exception::class); $this->expectException(Exception::class);
@ -57,22 +57,6 @@ class QueryTest extends TestCase
->get(); ->get();
} }
public function testCanQueryNullableAttributes(): void
{
$userOne = $this->user('123-456-789');
$userTwo = $this->user(null);
// Assert success.
/** @var \Illuminate\Database\Eloquent\Collection $keys */
$keys = User::query()
->whereEncrypted('social_security_number', '=', '123-456-789')
->get()
->modelKeys();
static::assertContains($userOne->id, $keys);
static::assertNotContains($userTwo->id, $keys);
}
public function testCanQueryEncryptedAttributeWithOrWhereClause(): void public function testCanQueryEncryptedAttributeWithOrWhereClause(): void
{ {
$userOne = $this->user('123-456-789'); $userOne = $this->user('123-456-789');
@ -87,9 +71,9 @@ class QueryTest extends TestCase
->get() ->get()
->modelKeys(); ->modelKeys();
static::assertContains($userOne->id, $keys); $this->assertContains($userOne->id, $keys);
static::assertNotContains($userTwo->id, $keys); $this->assertNotContains($userTwo->id, $keys);
static::assertContains($userThree->id, $keys); $this->assertContains($userThree->id, $keys);
// Assert success using provided index. // Assert success using provided index.
/** @var \Illuminate\Database\Eloquent\Collection $keys */ /** @var \Illuminate\Database\Eloquent\Collection $keys */
@ -101,9 +85,9 @@ class QueryTest extends TestCase
->get() ->get()
->modelKeys(); ->modelKeys();
static::assertContains($userOne->id, $keys); $this->assertContains($userOne->id, $keys);
static::assertNotContains($userTwo->id, $keys); $this->assertNotContains($userTwo->id, $keys);
static::assertContains($userThree->id, $keys); $this->assertContains($userThree->id, $keys);
// Assert undefined index exception. // Assert undefined index exception.
$this->expectException(Exception::class); $this->expectException(Exception::class);
@ -114,118 +98,4 @@ class QueryTest extends TestCase
]) ])
->get(); ->get();
} }
public function testCanQueryEncryptedAttributeWithWhereInClause(): void
{
$userOne = $this->user('123-456-789');
$userTwo = $this->user('789-456-123');
$userThree = $this->user('456-789-123');
// Assert success.
/** @var \Illuminate\Database\Eloquent\Collection $keys */
$keys = User::query()
->whereInEncrypted(
'social_security_number',
[
'123-456-789',
'789-456-123',
]
)
->get()
->modelKeys();
static::assertContains($userOne->id, $keys);
static::assertContains($userTwo->id, $keys);
static::assertNotContains($userThree->id, $keys);
// Assert success using provided index.
/** @var \Illuminate\Database\Eloquent\Collection $keys */
$keys = User::query()
->whereInEncrypted(
'social_security_number',
[
'123-456-789',
'789-456-123',
],
['social_security_number_index']
)
->get()
->modelKeys();
static::assertContains($userOne->id, $keys);
static::assertContains($userTwo->id, $keys);
static::assertNotContains($userThree->id, $keys);
$keys = User::query()
->whereInEncrypted(
'social_security_number',
['789-456-123'],
['non_existing_index']
)
->get()
->modelKeys();
static::assertEmpty($keys);
}
public function testCanQueryEncryptedAttributeWithOrWhereInClause(): void
{
$userOne = $this->user('123-456-789');
$userTwo = $this->user('789-456-123');
$userThree = $this->user('456-789-123');
// Assert success.
/** @var \Illuminate\Database\Eloquent\Collection $keys */
$keys = User::query()
->whereInEncrypted(
'social_security_number',
['123-456-789']
)
->orWhereInEncrypted(
'social_security_number',
['789-456-123']
)
->get()
->modelKeys();
static::assertContains($userOne->id, $keys);
static::assertContains($userTwo->id, $keys);
static::assertNotContains($userThree->id, $keys);
// Assert success using provided index.
/** @var \Illuminate\Database\Eloquent\Collection $keys */
$keys = User::query()
->whereInEncrypted(
'social_security_number',
['123-456-789'],
['social_security_number_index']
)
->orWhereInEncrypted(
'social_security_number',
['789-456-123'],
['social_security_number_index']
)
->get()
->modelKeys();
static::assertContains($userOne->id, $keys);
static::assertContains($userTwo->id, $keys);
static::assertNotContains($userThree->id, $keys);
$keys = User::query()
->whereInEncrypted(
'social_security_number',
['789-456-123'],
['non_existing_index']
)
->orWhereInEncrypted(
'social_security_number',
['789-456-123'],
['non_existing_index']
)
->get()
->modelKeys();
static::assertEmpty($keys);
}
} }