Fix #194: Missing decryption on fetch

wultra · Jun 25, 2024 · 93b0599 · 93b0599
1 parent 2c8267a
commit 93b0599
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 111 deletions.
diff --git a/...server/src/main/java/com/wultra/security/userdatastore/converter/AttachmentConverter.java b/...server/src/main/java/com/wultra/security/userdatastore/converter/AttachmentConverter.java
@@ -19,57 +19,21 @@
 
 import com.wultra.security.userdatastore.client.model.dto.AttachmentDto;
 import com.wultra.security.userdatastore.model.entity.AttachmentEntity;
-import com.wultra.security.userdatastore.model.entity.DocumentEntity;
 import com.wultra.security.userdatastore.model.repository.DocumentRepository;
-import org.springframework.beans.factory.annotation.Autowired;
+import com.wultra.security.userdatastore.service.EncryptionService;
+import lombok.AllArgsConstructor;
 import org.springframework.stereotype.Component;
 
-import java.util.Optional;
-
 /**
  * Converter for attachments.
  *
  * @author Roman Strobl, [email protected]
  */
 @Component
+@AllArgsConstructor
 public class AttachmentConverter {
 
-    private final DocumentRepository documentRepository;
-
-    /**
-     * Converter constructor.
-     * @param documentRepository Document repository.
-     */
-    @Autowired
-    public AttachmentConverter(DocumentRepository documentRepository) {
-        this.documentRepository = documentRepository;
-    }
-
-    /**
-     * Convert {@link AttachmentDto} to {@link AttachmentEntity}.
-     * @param attachment Attachment DTO.
-     * @return Attachment entity.
-     */
-    public AttachmentEntity toAttachmentEntity(final AttachmentDto attachment) {
-        if (attachment == null) {
-            return null;
-        }
-
-        final Optional<DocumentEntity> documentEntityOptional = documentRepository.findById(attachment.documentId());
-        if (documentEntityOptional.isEmpty()) {
-            return null;
-        }
-
-        final AttachmentEntity entity = new AttachmentEntity();
-        entity.setId(attachment.id());
-        entity.setDocument(documentEntityOptional.get());
-        entity.setAttachmentData(attachment.attachmentData());
-        entity.setAttachmentType(attachment.attachmentType());
-        entity.setExternalId(attachment.externalId());
-        entity.setTimestampCreated(attachment.timestampCreated());
-        entity.setTimestampLastUpdated(attachment.timestampLastUpdated());
-        return entity;
-    }
+    private final EncryptionService encryptionService;
 
     /**
      * Convert {@link AttachmentEntity} to {@link AttachmentDto}.
@@ -84,7 +48,7 @@ public AttachmentDto toAttachment(final AttachmentEntity entity) {
         return AttachmentDto.builder()
                 .id(entity.getId())
                 .documentId(entity.getDocument().getId())
-                .attachmentData(entity.getAttachmentData())
+                .attachmentData(encryptionService.decryptAttachment(entity))
                 .attachmentType(entity.getAttachmentType())
                 .externalId(entity.getExternalId())
                 .timestampCreated(entity.getTimestampCreated())

diff --git a/...e-server/src/main/java/com/wultra/security/userdatastore/converter/DocumentConverter.java b/...e-server/src/main/java/com/wultra/security/userdatastore/converter/DocumentConverter.java
@@ -22,6 +22,8 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.wultra.security.userdatastore.client.model.dto.DocumentDto;
 import com.wultra.security.userdatastore.model.entity.DocumentEntity;
+import com.wultra.security.userdatastore.service.EncryptionService;
+import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
@@ -35,33 +37,11 @@
  */
 @Component
 @Slf4j
+@AllArgsConstructor
 public class DocumentConverter {
 
     private final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
-
-    /**
-     * Convert {@link DocumentDto} to {@link DocumentEntity}.
-     * @param document Document DTO.
-     * @return Document entity.
-     */
-    public DocumentEntity toDocumentEntity(final DocumentDto document) {
-        if (document == null) {
-            return null;
-        }
-
-        final DocumentEntity entity = new DocumentEntity();
-        entity.setId(document.id());
-        entity.setUserId(document.userId());
-        entity.setDocumentType(document.documentType());
-        entity.setDataType(document.dataType());
-        entity.setDocumentDataId(document.documentDataId());
-        entity.setExternalId(document.externalId());
-        entity.setDocumentData(document.documentData());
-        convertAndSetAttributes(document.attributes(), entity);
-        entity.setTimestampCreated(document.timestampCreated());
-        entity.setTimestampLastUpdated(document.timestampLastUpdated());
-        return entity;
-    }
+    private final EncryptionService encryptionService;
 
     /**
      * Convert {@link DocumentEntity} to {@link DocumentDto}.
@@ -80,7 +60,7 @@ public DocumentDto toDocument(final DocumentEntity entity) {
                 .dataType(entity.getDataType())
                 .documentDataId(entity.getDocumentDataId())
                 .externalId(entity.getExternalId())
-                .documentData(entity.getDocumentData())
+                .documentData(encryptionService.decryptDocumentData(entity))
                 .attributes(convertAttributesToMap(entity.getAttributes()))
                 .timestampCreated(entity.getTimestampCreated())
                 .timestampLastUpdated(entity.getTimestampLastUpdated())

diff --git a/...tore-server/src/main/java/com/wultra/security/userdatastore/converter/PhotoConverter.java b/...tore-server/src/main/java/com/wultra/security/userdatastore/converter/PhotoConverter.java
@@ -18,58 +18,22 @@
 package com.wultra.security.userdatastore.converter;
 
 import com.wultra.security.userdatastore.client.model.dto.PhotoDto;
-import com.wultra.security.userdatastore.model.entity.DocumentEntity;
 import com.wultra.security.userdatastore.model.entity.PhotoEntity;
 import com.wultra.security.userdatastore.model.repository.DocumentRepository;
-import org.springframework.beans.factory.annotation.Autowired;
+import com.wultra.security.userdatastore.service.EncryptionService;
+import lombok.AllArgsConstructor;
 import org.springframework.stereotype.Component;
 
-import java.util.Optional;
-
 /**
  * Converter for photos.
  *
  * @author Roman Strobl, [email protected]
  */
 @Component
+@AllArgsConstructor
 public class PhotoConverter {
 
-    private final DocumentRepository documentRepository;
-
-    /**
-     * Converter constructor.
-     * @param documentRepository Document repository.
-     */
-    @Autowired
-    public PhotoConverter(DocumentRepository documentRepository) {
-        this.documentRepository = documentRepository;
-    }
-
-    /**
-     * Convert {@link PhotoDto} to {@link PhotoEntity}.
-     * @param photo Photo DTO.
-     * @return Photo entity.
-     */
-    public PhotoEntity toPhotoEntity(final PhotoDto photo) {
-        if (photo == null) {
-            return null;
-        }
-
-        final Optional<DocumentEntity> documentEntityOptional = documentRepository.findById(photo.documentId());
-        if (documentEntityOptional.isEmpty()) {
-            return null;
-        }
-
-        final PhotoEntity entity = new PhotoEntity();
-        entity.setId(photo.id());
-        entity.setDocument(documentEntityOptional.get());
-        entity.setPhotoData(photo.photoData());
-        entity.setPhotoType(photo.photoType());
-        entity.setExternalId(photo.externalId());
-        entity.setTimestampCreated(photo.timestampCreated());
-        entity.setTimestampLastUpdated(photo.timestampLastUpdated());
-        return entity;
-    }
+    private final EncryptionService encryptionService;
 
     /**
      * Convert {@link PhotoEntity} to {@link PhotoDto}.
@@ -84,7 +48,7 @@ public PhotoDto toPhoto(final PhotoEntity entity) {
         return PhotoDto.builder()
                 .id(entity.getId())
                 .documentId(entity.getDocument().getId())
-                .photoData(entity.getPhotoData())
+                .photoData(encryptionService.decryptPhoto(entity))
                 .photoType(entity.getPhotoType())
                 .externalId(entity.getExternalId())
                 .timestampCreated(entity.getTimestampCreated())
@@ -93,4 +57,3 @@ public PhotoDto toPhoto(final PhotoEntity entity) {
     }
 
 }
-
diff --git a/...ore-server/src/main/java/com/wultra/security/userdatastore/service/AttachmentService.java b/...ore-server/src/main/java/com/wultra/security/userdatastore/service/AttachmentService.java
@@ -70,7 +70,6 @@ public AttachmentResponse fetchAttachments(final String userId, final Optional<S
             return new AttachmentResponse(attachments);
         }
         final List<AttachmentEntity> attachmentEntities = attachmentRepository.findAllByUserId(userId);
-        attachmentEntities.forEach(encryptionService::decryptAttachment);
         final List<AttachmentDto> attachments = attachmentEntities.stream().map(attachmentConverter::toAttachment).toList();
         audit("Retrieved attachments for user ID: {}", userId);
         return new AttachmentResponse(attachments);

diff --git a/...store-server/src/main/java/com/wultra/security/userdatastore/service/DocumentService.java b/...store-server/src/main/java/com/wultra/security/userdatastore/service/DocumentService.java
@@ -67,7 +67,6 @@ public DocumentResponse fetchDocuments(final String userId, final Optional<Strin
             return new DocumentResponse(Collections.singletonList(document));
         }
         final List<DocumentEntity> documentEntities = documentRepository.findAllByUserId(userId);
-        documentEntities.forEach(encryptionService::decryptDocumentData);
         final List<DocumentDto> documents = documentEntities.stream().map(documentConverter::toDocument).toList();
         audit("Retrieved documents of user ID: {}", userId);
         return new DocumentResponse(documents);

diff --git a/...ore-server/src/main/java/com/wultra/security/userdatastore/service/EncryptionService.java b/...ore-server/src/main/java/com/wultra/security/userdatastore/service/EncryptionService.java
@@ -47,7 +47,7 @@
  */
 @Service
 @Slf4j
-class EncryptionService {
+public class EncryptionService {
 
     private final String masterDbEncryptionKeyBase64;