usemuffin / obfuscate Goto Github PK
View Code? Open in Web Editor NEWID obfuscation for the CakePHP ORM.
License: MIT License
obfuscate's People
Contributors
Stargazers
Watchers
Forkers
bravo-kernel johnulist adnan0703 isemantics falinn adrienlz josegonzalez nuzulfikrie smsolutionsdottech dheia arusinowskiobfuscate's Issues
Cannot convert value of type `string` to integer
I just added the Obfuscate behavior but I think I'm missing something. When I try to find a model with a cloaked id, I get the error message Cannot convert value of type string to integer
I pretty much followed the instructions. This is the code in my table. Will be called after a simple find in the the view method of my controller.
public function beforeFind($event, Query $query, $options, $primary)
{
return $query->find('obfuscate');
}The problem is, that the beforeFind event of the table is called after the beforeFind event of the behavior so the cloaked id (string) won't be uncloaked when I add the 'obfuscate' finder in the table's beforeFind. I think this could be solved by altering the behavior and model callback priorities, but since this is not mentioned in the instructions and doesn't really feel right, I thought there might be a different solution?
exposing UUIDs instead of obfuscating primary key
I am actually thinking to go more into https://github.com/dereuromark/cakephp-expose if "real obfuscating" is actually the primary goal - for several reasons.
But I guess the "short id" obfuscate stategy can still be useful probably.
Short URL generation or alike.
Just not for obfuscating, as those are not really "secure" and still allow tracking of the primary key data and basic ordering (including then count of records per time-frame).
Should this be a note maybe in the Readme?
Fails with FOC/Crud Plugin
I'm using the FOC/Crud plugin and would like to use this as well but it seems to conflict. Is there something I can do to make this work?
2016-01-23 05:02:46 Error: [Cake\Network\Exception\NotFoundException] Not found
Request URL: /en/users/view/1
Stack Trace:
#0 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Traits/FindMethodTrait.php(50): Crud\Action\ViewAction->_notFound('1', Object(Crud\Event\Subject))
#1 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Action/viewAction.php(53): Crud\Action\ViewAction->_findRecord('1', Object(Crud\Event\Subject))
#2 [internal function]: Crud\Action\ViewAction->_handle('1')
#3 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Action/BaseAction.php(69): call_user_func_array(Array, Array)
#4 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Controller/Component/CrudComponent.php(228): Crud\Action\BaseAction->handle(Array)
#5 /home/vagrant/public/cakebooks/src/Controller/UsersController.php(133): Crud\Controller\Component\CrudComponent->execute()
#6 [internal function]: App\Controller\UsersController->view('1')
#7 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Controller/ControllerTrait.php(51): call_user_func_array(Array, Array)
#8 /home/vagrant/public/cakebooks/vendor/cakephp/cakephp/src/Routing/Dispatcher.php(114): App\Controller\AppController->invokeAction()
#9 /home/vagrant/public/cakebooks/vendor/cakephp/cakephp/src/Routing/Dispatcher.php(87): Cake\Routing\Dispatcher->_invoke(Object(App\Controller\UsersController))
#10 /home/vagrant/public/cakebooks/webroot/index.php(36): Cake\Routing\Dispatcher->dispatch(Object(Cake\Network\Request), Object(Cake\Network\Response))
#11 {main}
I guess this is more a CRUD issue but I thought you might have some ideas.
Obfuscated id not elucidated when calling view action.
Obfuscated id not elucidated when calling view action because of mismatching comparison.
(8:10:15 AM) stillnoob: jadb: failing here because of this comparison https://github.com/UseMuffin/Obfuscate/blob/master/src/Model/Behavior/ObfuscateBehavior.php#L95
(8:11:01 AM) stillnoob: ->getField() gives `Publishers.id` on my machine
(8:11:16 AM) stillnoob: ->primaryKey() gives `id` on my machine
(8:11:40 AM) stillnoob: hence the elucidate() inside the if is never reached
Authentication fails looking for obfuscated user id
After adding the ObfuscateBehavior with OptimusStrategy to my Users model authentication no longer functions (it now fails). The query shows Auth is searching for the obfuscated value which makes kind of sense since the behavior catches all beforeFind() events. Full stacktrace below:
{
"success": false,
"data": {
"message": "You are not authorized to access that location.",
"url": "v0/editor/countries",
"code": 401,
"trace": [
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Controller/Component/AuthComponent.php",
"line": 359,
"function": "unauthenticated",
"class": "ADmad\JwtAuth\Auth\JwtAuthenticate",
"type": "->",
"args": [
{
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
{}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Controller/Component/AuthComponent.php",
"line": 296,
"function": "_unauthenticated",
"class": "Cake\Controller\Component\AuthComponent",
"type": "->",
"args": [
{
"components": {
"Alt3Api": null
},
"paginate": {
"page": 1,
"limit": 10,
"maxLimit": 15
},
"name": "Countries",
"helpers": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"autoRender": true,
"View": null,
"plugin": null,
"passedArgs": [],
"modelClass": "Countries",
"viewClass": null,
"viewVars": [],
"dispatchComponents": {
"Crud": true
},
"RequestHandler": {
"enabled": true,
"response": {},
"ext": null,
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"components": []
},
"Crud": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
},
"Auth": {
"components": [
"RequestHandler",
"Flash"
],
"allowedActions": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"session": {}
},
"Alt3Api": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
}
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Event/EventManager.php",
"line": 385,
"function": "authCheck",
"class": "Cake\Controller\Component\AuthComponent",
"type": "->",
"args": [
{
"data": null,
"result": null
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Event/EventManager.php",
"line": 355,
"function": "_callListener",
"class": "Cake\Event\EventManager",
"type": "->",
"args": [
[
{
"components": [
"RequestHandler",
"Flash"
],
"allowedActions": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"session": {}
},
"authCheck"
],
{
"data": null,
"result": null
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Event/EventDispatcherTrait.php",
"line": 78,
"function": "dispatch",
"class": "Cake\Event\EventManager",
"type": "->",
"args": [
{
"data": null,
"result": null
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Controller/Controller.php",
"line": 492,
"function": "dispatchEvent",
"class": "Cake\Controller\Controller",
"type": "->",
"args": [
"Controller.initialize"
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Routing/Dispatcher.php",
"line": 109,
"function": "startupProcess",
"class": "Cake\Controller\Controller",
"type": "->",
"args": []
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Routing/Dispatcher.php",
"line": 87,
"function": "_invoke",
"class": "Cake\Routing\Dispatcher",
"type": "->",
"args": [
{
"components": {
"Alt3Api": null
},
"paginate": {
"page": 1,
"limit": 10,
"maxLimit": 15
},
"name": "Countries",
"helpers": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"autoRender": true,
"View": null,
"plugin": null,
"passedArgs": [],
"modelClass": "Countries",
"viewClass": null,
"viewVars": [],
"dispatchComponents": {
"Crud": true
},
"RequestHandler": {
"enabled": true,
"response": {},
"ext": null,
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"components": []
},
"Crud": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
},
"Auth": {
"components": [
"RequestHandler",
"Flash"
],
"allowedActions": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"session": {}
},
"Alt3Api": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
}
}
]
},
{
"file": "/home/vagrant/projects/api.app/webroot/index.php",
"line": 37,
"function": "dispatch",
"class": "Cake\Routing\Dispatcher",
"type": "->",
"args": [
{
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
{}
]
}
],
"exception": {
"class": "Cake\Network\Exception\UnauthorizedException",
"code": 401,
"message": "You are not authorized to access that location."
}
},
"queryLog": {
"default": [
{
"query": "SELECT Users.id AS `Users__id`, Users.email AS `Users__email`, Users.username AS `Users__username`, Users.slug AS `Users__slug`, Users.password AS `Users__password`, Users.confirmed AS `Users__confirmed`, Users.created AS `Users__created`, Users.modified AS `Users__modified` FROM users Users WHERE Users.id = 2107098648 LIMIT 1",
"took": 5,
"params": {
"c0": 2107098648
},
"numRows": 0,
"error": null
}
],
"test": []
}
}Baked ORM rules checker `existsIn` fails looking up non-obfuscated id
Now that I have added the ObfuscateBehavior to my UsersTable the following (baked) ORM rules checker in my UserProfilesTable no longer passes:
public function buildRules(RulesChecker $rules)
{
$rules->add($rules->existsIn(['user_id'], 'Users'));
}Pretty explainable if you ask me since the rules checker is passing the elucidated/real id whereas the UsersTable is expecting the obfuscated one.
Now for the question; what would be the advised way to solve this? I'm thinking about creating a custom rules checker that obfuscates the id myself.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.