From d62962ae6fb1d091d35f368908c4227bcf12b4e5 Mon Sep 17 00:00:00 2001 From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com> Date: Tue, 10 Dec 2024 13:42:26 +0100 Subject: [PATCH] fix: encryption fixes - some email columns changed to text to make sure the can hold encrypted values - added backwards compatible encryption in up function and decryption in down function. - use updateOrInsert instead of just insert to avoid errors if the column already exists. --- ...eate_email_notification_settings_table.php | 8 +-- ...notification_settings_from_teams_table.php | 71 +++++++++++-------- ...notification_settings_from_teams_table.php | 34 +++++---- ...notification_settings_from_teams_table.php | 61 +++++++++------- 4 files changed, 100 insertions(+), 74 deletions(-) diff --git a/database/migrations/2024_12_05_212355_create_email_notification_settings_table.php b/database/migrations/2024_12_05_212355_create_email_notification_settings_table.php index 6d564e331..951975a22 100644 --- a/database/migrations/2024_12_05_212355_create_email_notification_settings_table.php +++ b/database/migrations/2024_12_05_212355_create_email_notification_settings_table.php @@ -16,10 +16,10 @@ return new class extends Migration $table->foreignId('team_id')->constrained()->cascadeOnDelete(); $table->boolean('smtp_enabled')->default(false); - $table->string('smtp_from_address')->nullable(); - $table->string('smtp_from_name')->nullable(); - $table->string('smtp_recipients')->nullable(); - $table->string('smtp_host')->nullable(); + $table->text('smtp_from_address')->nullable(); + $table->text('smtp_from_name')->nullable(); + $table->text('smtp_recipients')->nullable(); + $table->text('smtp_host')->nullable(); $table->integer('smtp_port')->nullable(); $table->string('smtp_encryption')->nullable(); $table->text('smtp_username')->nullable(); diff --git a/database/migrations/2024_12_05_212546_migrate_email_notification_settings_from_teams_table.php b/database/migrations/2024_12_05_212546_migrate_email_notification_settings_from_teams_table.php index dce7f13a8..da635d32d 100644 --- a/database/migrations/2024_12_05_212546_migrate_email_notification_settings_from_teams_table.php +++ b/database/migrations/2024_12_05_212546_migrate_email_notification_settings_from_teams_table.php @@ -2,6 +2,7 @@ use Illuminate\Database\Migrations\Migration; use Illuminate\Database\Schema\Blueprint; +use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Schema; @@ -12,30 +13,35 @@ return new class extends Migration $teams = DB::table('teams')->get(); foreach ($teams as $team) { - DB::table('email_notification_settings')->insert([ - 'team_id' => $team->id, - 'smtp_enabled' => $team->smtp_enabled ?? false, - 'smtp_from_address' => $team->smtp_from_address, - 'smtp_from_name' => $team->smtp_from_name, - 'smtp_recipients' => $team->smtp_recipients, - 'smtp_host' => $team->smtp_host, - 'smtp_port' => $team->smtp_port, - 'smtp_encryption' => $team->smtp_encryption, - 'smtp_username' => $team->smtp_username, - 'smtp_password' => $team->smtp_password, - 'smtp_timeout' => $team->smtp_timeout, - 'use_instance_email_settings' => $team->use_instance_email_settings ?? false, - 'resend_enabled' => $team->resend_enabled ?? false, - 'resend_api_key' => $team->resend_api_key, - 'deployment_success_email_notifications' => $team->smtp_notifications_deployments ?? false, - 'deployment_failure_email_notifications' => $team->smtp_notifications_deployments ?? true, - 'backup_success_email_notifications' => $team->smtp_notifications_database_backups ?? false, - 'backup_failure_email_notifications' => $team->smtp_notifications_database_backups ?? true, - 'scheduled_task_success_email_notifications' => $team->smtp_notifications_scheduled_tasks ?? false, - 'scheduled_task_failure_email_notifications' => $team->smtp_notifications_scheduled_tasks ?? true, - 'status_change_email_notifications' => $team->smtp_notifications_status_changes ?? false, - 'server_disk_usage_email_notifications' => $team->smtp_notifications_server_disk_usage ?? true, - ]); + DB::table('email_notification_settings')->updateOrInsert( + ['team_id' => $team->id], + [ + 'smtp_enabled' => $team->smtp_enabled ?? false, + 'smtp_from_address' => Crypt::encryptString($team->smtp_from_address), + 'smtp_from_name' => Crypt::encryptString($team->smtp_from_name), + 'smtp_recipients' => Crypt::encryptString($team->smtp_recipients), + 'smtp_host' => Crypt::encryptString($team->smtp_host), + 'smtp_port' => $team->smtp_port, + 'smtp_encryption' => $team->smtp_encryption, + 'smtp_username' => Crypt::encryptString($team->smtp_username), + 'smtp_password' => $team->smtp_password, + 'smtp_timeout' => $team->smtp_timeout, + + 'use_instance_email_settings' => $team->use_instance_email_settings ?? false, + + 'resend_enabled' => $team->resend_enabled ?? false, + 'resend_api_key' => $team->resend_api_key, + + 'deployment_success_email_notifications' => $team->smtp_notifications_deployments ?? false, + 'deployment_failure_email_notifications' => $team->smtp_notifications_deployments ?? true, + 'backup_success_email_notifications' => $team->smtp_notifications_database_backups ?? false, + 'backup_failure_email_notifications' => $team->smtp_notifications_database_backups ?? true, + 'scheduled_task_success_email_notifications' => $team->smtp_notifications_scheduled_tasks ?? false, + 'scheduled_task_failure_email_notifications' => $team->smtp_notifications_scheduled_tasks ?? true, + 'status_change_email_notifications' => $team->smtp_notifications_status_changes ?? false, + 'server_disk_usage_email_notifications' => $team->smtp_notifications_server_disk_usage ?? true, + ] + ); } Schema::table('teams', function (Blueprint $table) { @@ -76,13 +82,17 @@ return new class extends Migration $table->text('smtp_username')->nullable(); $table->text('smtp_password')->nullable(); $table->integer('smtp_timeout')->nullable(); + $table->boolean('use_instance_email_settings')->default(false); $table->boolean('resend_enabled')->default(false); + $table->text('resend_api_key')->nullable(); + $table->boolean('smtp_notifications_deployments')->default(false); $table->boolean('smtp_notifications_database_backups')->default(true); $table->boolean('smtp_notifications_scheduled_tasks')->default(false); $table->boolean('smtp_notifications_status_changes')->default(false); + $table->boolean('smtp_notifications_server_disk_usage')->default(true); }); $settings = DB::table('email_notification_settings')->get(); @@ -91,18 +101,21 @@ return new class extends Migration ->where('id', $setting->team_id) ->update([ 'smtp_enabled' => $setting->smtp_enabled, - 'smtp_from_address' => $setting->smtp_from_address, - 'smtp_from_name' => $setting->smtp_from_name, - 'smtp_recipients' => $setting->smtp_recipients, - 'smtp_host' => $setting->smtp_host, + 'smtp_from_address' => Crypt::decryptString($setting->smtp_from_address), + 'smtp_from_name' => Crypt::decryptString($setting->smtp_from_name), + 'smtp_recipients' => Crypt::decryptString($setting->smtp_recipients), + 'smtp_host' => Crypt::decryptString($setting->smtp_host), 'smtp_port' => $setting->smtp_port, 'smtp_encryption' => $setting->smtp_encryption, - 'smtp_username' => $setting->smtp_username, + 'smtp_username' => Crypt::decryptString($setting->smtp_username), 'smtp_password' => $setting->smtp_password, 'smtp_timeout' => $setting->smtp_timeout, + 'use_instance_email_settings' => $setting->use_instance_email_settings, + 'resend_enabled' => $setting->resend_enabled, 'resend_api_key' => $setting->resend_api_key, + 'smtp_notifications_deployments' => $setting->deployment_success_email_notifications || $setting->deployment_failure_email_notifications, 'smtp_notifications_database_backups' => $setting->backup_success_email_notifications || $setting->backup_failure_email_notifications, 'smtp_notifications_scheduled_tasks' => $setting->scheduled_task_success_email_notifications || $setting->scheduled_task_failure_email_notifications, diff --git a/database/migrations/2024_12_05_212631_migrate_discord_notification_settings_from_teams_table.php b/database/migrations/2024_12_05_212631_migrate_discord_notification_settings_from_teams_table.php index 6a738dd22..228691acb 100644 --- a/database/migrations/2024_12_05_212631_migrate_discord_notification_settings_from_teams_table.php +++ b/database/migrations/2024_12_05_212631_migrate_discord_notification_settings_from_teams_table.php @@ -2,6 +2,7 @@ use Illuminate\Database\Migrations\Migration; use Illuminate\Database\Schema\Blueprint; +use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Schema; @@ -15,19 +16,22 @@ return new class extends Migration $teams = DB::table('teams')->get(); foreach ($teams as $team) { - DB::table('discord_notification_settings')->insert([ - 'team_id' => $team->id, - 'discord_enabled' => $team->discord_enabled ?? false, - 'discord_webhook_url' => $team->discord_webhook_url, - 'deployment_success_discord_notifications' => $team->discord_notifications_deployments ?? false, - 'deployment_failure_discord_notifications' => $team->discord_notifications_deployments ?? true, - 'backup_success_discord_notifications' => $team->discord_notifications_database_backups ?? false, - 'backup_failure_discord_notifications' => $team->discord_notifications_database_backups ?? true, - 'scheduled_task_success_discord_notifications' => $team->discord_notifications_scheduled_tasks ?? false, - 'scheduled_task_failure_discord_notifications' => $team->discord_notifications_scheduled_tasks ?? true, - 'status_change_discord_notifications' => $team->discord_notifications_status_changes ?? false, - 'server_disk_usage_discord_notifications' => $team->discord_notifications_server_disk_usage ?? true, - ]); + DB::table('discord_notification_settings')->updateOrInsert( + ['team_id' => $team->id], + [ + 'discord_enabled' => $team->discord_enabled ?? false, + 'discord_webhook_url' => Crypt::encryptString($team->discord_webhook_url), + + 'deployment_success_discord_notifications' => $team->discord_notifications_deployments ?? false, + 'deployment_failure_discord_notifications' => $team->discord_notifications_deployments ?? true, + 'backup_success_discord_notifications' => $team->discord_notifications_database_backups ?? false, + 'backup_failure_discord_notifications' => $team->discord_notifications_database_backups ?? true, + 'scheduled_task_success_discord_notifications' => $team->discord_notifications_scheduled_tasks ?? false, + 'scheduled_task_failure_discord_notifications' => $team->discord_notifications_scheduled_tasks ?? true, + 'status_change_discord_notifications' => $team->discord_notifications_status_changes ?? false, + 'server_disk_usage_discord_notifications' => $team->discord_notifications_server_disk_usage ?? true, + ] + ); } Schema::table('teams', function (Blueprint $table) { @@ -52,6 +56,7 @@ return new class extends Migration Schema::table('teams', function (Blueprint $table) { $table->boolean('discord_enabled')->default(false); $table->string('discord_webhook_url')->nullable(); + $table->boolean('discord_notifications_test')->default(true); $table->boolean('discord_notifications_deployments')->default(true); $table->boolean('discord_notifications_status_changes')->default(true); @@ -66,7 +71,8 @@ return new class extends Migration ->where('id', $setting->team_id) ->update([ 'discord_enabled' => $setting->discord_enabled, - 'discord_webhook_url' => $setting->discord_webhook_url, + 'discord_webhook_url' => Crypt::decryptString($setting->discord_webhook_url), + 'discord_notifications_deployments' => $setting->deployment_success_discord_notifications || $setting->deployment_failure_discord_notifications, 'discord_notifications_status_changes' => $setting->status_change_discord_notifications, 'discord_notifications_database_backups' => $setting->backup_success_discord_notifications || $setting->backup_failure_discord_notifications, diff --git a/database/migrations/2024_12_05_212705_migrate_telegram_notification_settings_from_teams_table.php b/database/migrations/2024_12_05_212705_migrate_telegram_notification_settings_from_teams_table.php index b706ac544..d9d4d6b16 100644 --- a/database/migrations/2024_12_05_212705_migrate_telegram_notification_settings_from_teams_table.php +++ b/database/migrations/2024_12_05_212705_migrate_telegram_notification_settings_from_teams_table.php @@ -2,6 +2,7 @@ use Illuminate\Database\Migrations\Migration; use Illuminate\Database\Schema\Blueprint; +use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Schema; @@ -12,29 +13,31 @@ return new class extends Migration $teams = DB::table('teams')->get(); foreach ($teams as $team) { - DB::table('telegram_notification_settings')->insert([ - 'team_id' => $team->id, - 'telegram_enabled' => $team->telegram_enabled ?? false, - 'telegram_token' => $team->telegram_token, - 'telegram_chat_id' => $team->telegram_chat_id, + DB::table('telegram_notification_settings')->updateOrInsert( + ['team_id' => $team->id], + [ + 'telegram_enabled' => $team->telegram_enabled ?? false, + 'telegram_token' => Crypt::encryptString($team->telegram_token), + 'telegram_chat_id' => Crypt::encryptString($team->telegram_chat_id), - 'deployment_success_telegram_notifications' => $team->telegram_notifications_deployments ?? false, - 'deployment_failure_telegram_notifications' => $team->telegram_notifications_deployments ?? true, - 'backup_success_telegram_notifications' => $team->telegram_notifications_database_backups ?? false, - 'backup_failure_telegram_notifications' => $team->telegram_notifications_database_backups ?? true, - 'scheduled_task_success_telegram_notifications' => $team->telegram_notifications_scheduled_tasks ?? false, - 'scheduled_task_failure_telegram_notifications' => $team->telegram_notifications_scheduled_tasks ?? true, - 'status_change_telegram_notifications' => $team->telegram_notifications_status_changes ?? false, - 'server_disk_usage_telegram_notifications' => $team->telegram_notifications_server_disk_usage ?? true, + 'deployment_success_telegram_notifications' => $team->telegram_notifications_deployments ?? false, + 'deployment_failure_telegram_notifications' => $team->telegram_notifications_deployments ?? true, + 'backup_success_telegram_notifications' => $team->telegram_notifications_database_backups ?? false, + 'backup_failure_telegram_notifications' => $team->telegram_notifications_database_backups ?? true, + 'scheduled_task_success_telegram_notifications' => $team->telegram_notifications_scheduled_tasks ?? false, + 'scheduled_task_failure_telegram_notifications' => $team->telegram_notifications_scheduled_tasks ?? true, + 'status_change_telegram_notifications' => $team->telegram_notifications_status_changes ?? false, + 'server_disk_usage_telegram_notifications' => $team->telegram_notifications_server_disk_usage ?? true, - 'telegram_notifications_deployment_success_topic_id' => $team->telegram_notifications_deployments_message_thread_id, - 'telegram_notifications_deployment_failure_topic_id' => $team->telegram_notifications_deployments_message_thread_id, - 'telegram_notifications_backup_success_topic_id' => $team->telegram_notifications_database_backups_message_thread_id, - 'telegram_notifications_backup_failure_topic_id' => $team->telegram_notifications_database_backups_message_thread_id, - 'telegram_notifications_scheduled_task_success_topic_id' => $team->telegram_notifications_scheduled_tasks_thread_id, - 'telegram_notifications_scheduled_task_failure_topic_id' => $team->telegram_notifications_scheduled_tasks_thread_id, - 'telegram_notifications_status_change_topic_id' => $team->telegram_notifications_status_changes_message_thread_id, - ]); + 'telegram_notifications_deployment_success_topic_id' => Crypt::encryptString($team->telegram_notifications_deployments_message_thread_id), + 'telegram_notifications_deployment_failure_topic_id' => Crypt::encryptString($team->telegram_notifications_deployments_message_thread_id), + 'telegram_notifications_backup_success_topic_id' => Crypt::encryptString($team->telegram_notifications_database_backups_message_thread_id), + 'telegram_notifications_backup_failure_topic_id' => Crypt::encryptString($team->telegram_notifications_database_backups_message_thread_id), + 'telegram_notifications_scheduled_task_success_topic_id' => Crypt::encryptString($team->telegram_notifications_scheduled_tasks_thread_id), + 'telegram_notifications_scheduled_task_failure_topic_id' => Crypt::encryptString($team->telegram_notifications_scheduled_tasks_thread_id), + 'telegram_notifications_status_change_topic_id' => Crypt::encryptString($team->telegram_notifications_status_changes_message_thread_id), + ] + ); } Schema::table('teams', function (Blueprint $table) { @@ -63,12 +66,14 @@ return new class extends Migration $table->boolean('telegram_enabled')->default(false); $table->text('telegram_token')->nullable(); $table->text('telegram_chat_id')->nullable(); + $table->boolean('telegram_notifications_test')->default(true); $table->boolean('telegram_notifications_deployments')->default(true); $table->boolean('telegram_notifications_status_changes')->default(true); $table->boolean('telegram_notifications_database_backups')->default(true); $table->boolean('telegram_notifications_scheduled_tasks')->default(true); $table->boolean('telegram_notifications_server_disk_usage')->default(true); + $table->text('telegram_notifications_test_message_thread_id')->nullable(); $table->text('telegram_notifications_deployments_message_thread_id')->nullable(); $table->text('telegram_notifications_status_changes_message_thread_id')->nullable(); @@ -82,17 +87,19 @@ return new class extends Migration ->where('id', $setting->team_id) ->update([ 'telegram_enabled' => $setting->telegram_enabled, - 'telegram_token' => $setting->telegram_token, - 'telegram_chat_id' => $setting->telegram_chat_id, + 'telegram_token' => Crypt::decryptString($setting->telegram_token), + 'telegram_chat_id' => Crypt::decryptString($setting->telegram_chat_id), + 'telegram_notifications_deployments' => $setting->deployment_success_telegram_notifications || $setting->deployment_failure_telegram_notifications, 'telegram_notifications_status_changes' => $setting->status_change_telegram_notifications, 'telegram_notifications_database_backups' => $setting->backup_success_telegram_notifications || $setting->backup_failure_telegram_notifications, 'telegram_notifications_scheduled_tasks' => $setting->scheduled_task_success_telegram_notifications || $setting->scheduled_task_failure_telegram_notifications, 'telegram_notifications_server_disk_usage' => $setting->server_disk_usage_telegram_notifications, - 'telegram_notifications_deployments_message_thread_id' => $setting->telegram_notifications_deployment_success_topic_id, - 'telegram_notifications_status_changes_message_thread_id' => $setting->telegram_notifications_status_change_topic_id, - 'telegram_notifications_database_backups_message_thread_id' => $setting->telegram_notifications_backup_success_topic_id, - 'telegram_notifications_scheduled_tasks_thread_id' => $setting->telegram_notifications_scheduled_task_success_topic_id, + + 'telegram_notifications_deployments_message_thread_id' => Crypt::decryptString($setting->telegram_notifications_deployment_success_topic_id), + 'telegram_notifications_status_changes_message_thread_id' => Crypt::decryptString($setting->telegram_notifications_status_change_topic_id), + 'telegram_notifications_database_backups_message_thread_id' => Crypt::decryptString($setting->telegram_notifications_backup_success_topic_id), + 'telegram_notifications_scheduled_tasks_thread_id' => Crypt::decryptString($setting->telegram_notifications_scheduled_task_success_topic_id), ]); } }