usemuffin / obfuscate Goto Github PK
View Code? Open in Web Editor NEWID obfuscation for the CakePHP ORM.
License: MIT License
ID obfuscation for the CakePHP ORM.
License: MIT License
I just added the Obfuscate behavior but I think I'm missing something. When I try to find a model with a cloaked id, I get the error message Cannot convert value of type
string to integer
I pretty much followed the instructions. This is the code in my table. Will be called after a simple find in the the view method of my controller.
public function beforeFind($event, Query $query, $options, $primary)
{
return $query->find('obfuscate');
}
The problem is, that the beforeFind event of the table is called after the beforeFind event of the behavior so the cloaked id (string) won't be uncloaked when I add the 'obfuscate' finder in the table's beforeFind. I think this could be solved by altering the behavior and model callback priorities, but since this is not mentioned in the instructions and doesn't really feel right, I thought there might be a different solution?
I am actually thinking to go more into https://github.com/dereuromark/cakephp-expose if "real obfuscating" is actually the primary goal - for several reasons.
But I guess the "short id" obfuscate stategy can still be useful probably.
Short URL generation or alike.
Just not for obfuscating, as those are not really "secure" and still allow tracking of the primary key data and basic ordering (including then count of records per time-frame).
Should this be a note maybe in the Readme?
I'm using the FOC/Crud plugin and would like to use this as well but it seems to conflict. Is there something I can do to make this work?
2016-01-23 05:02:46 Error: [Cake\Network\Exception\NotFoundException] Not found
Request URL: /en/users/view/1
Stack Trace:
#0 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Traits/FindMethodTrait.php(50): Crud\Action\ViewAction->_notFound('1', Object(Crud\Event\Subject))
#1 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Action/viewAction.php(53): Crud\Action\ViewAction->_findRecord('1', Object(Crud\Event\Subject))
#2 [internal function]: Crud\Action\ViewAction->_handle('1')
#3 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Action/BaseAction.php(69): call_user_func_array(Array, Array)
#4 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Controller/Component/CrudComponent.php(228): Crud\Action\BaseAction->handle(Array)
#5 /home/vagrant/public/cakebooks/src/Controller/UsersController.php(133): Crud\Controller\Component\CrudComponent->execute()
#6 [internal function]: App\Controller\UsersController->view('1')
#7 /home/vagrant/public/cakebooks/vendor/friendsofcake/crud/src/Controller/ControllerTrait.php(51): call_user_func_array(Array, Array)
#8 /home/vagrant/public/cakebooks/vendor/cakephp/cakephp/src/Routing/Dispatcher.php(114): App\Controller\AppController->invokeAction()
#9 /home/vagrant/public/cakebooks/vendor/cakephp/cakephp/src/Routing/Dispatcher.php(87): Cake\Routing\Dispatcher->_invoke(Object(App\Controller\UsersController))
#10 /home/vagrant/public/cakebooks/webroot/index.php(36): Cake\Routing\Dispatcher->dispatch(Object(Cake\Network\Request), Object(Cake\Network\Response))
#11 {main}
I guess this is more a CRUD issue but I thought you might have some ideas.
Obfuscated id not elucidated when calling view action because of mismatching comparison.
(8:10:15 AM) stillnoob: jadb: failing here because of this comparison https://github.com/UseMuffin/Obfuscate/blob/master/src/Model/Behavior/ObfuscateBehavior.php#L95
(8:11:01 AM) stillnoob: ->getField() gives `Publishers.id` on my machine
(8:11:16 AM) stillnoob: ->primaryKey() gives `id` on my machine
(8:11:40 AM) stillnoob: hence the elucidate() inside the if is never reached
After adding the ObfuscateBehavior with OptimusStrategy to my Users model authentication no longer functions (it now fails). The query shows Auth is searching for the obfuscated value which makes kind of sense since the behavior catches all beforeFind()
events. Full stacktrace below:
{
"success": false,
"data": {
"message": "You are not authorized to access that location.",
"url": "v0/editor/countries",
"code": 401,
"trace": [
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Controller/Component/AuthComponent.php",
"line": 359,
"function": "unauthenticated",
"class": "ADmad\JwtAuth\Auth\JwtAuthenticate",
"type": "->",
"args": [
{
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
{}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Controller/Component/AuthComponent.php",
"line": 296,
"function": "_unauthenticated",
"class": "Cake\Controller\Component\AuthComponent",
"type": "->",
"args": [
{
"components": {
"Alt3Api": null
},
"paginate": {
"page": 1,
"limit": 10,
"maxLimit": 15
},
"name": "Countries",
"helpers": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"autoRender": true,
"View": null,
"plugin": null,
"passedArgs": [],
"modelClass": "Countries",
"viewClass": null,
"viewVars": [],
"dispatchComponents": {
"Crud": true
},
"RequestHandler": {
"enabled": true,
"response": {},
"ext": null,
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"components": []
},
"Crud": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
},
"Auth": {
"components": [
"RequestHandler",
"Flash"
],
"allowedActions": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"session": {}
},
"Alt3Api": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
}
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Event/EventManager.php",
"line": 385,
"function": "authCheck",
"class": "Cake\Controller\Component\AuthComponent",
"type": "->",
"args": [
{
"data": null,
"result": null
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Event/EventManager.php",
"line": 355,
"function": "_callListener",
"class": "Cake\Event\EventManager",
"type": "->",
"args": [
[
{
"components": [
"RequestHandler",
"Flash"
],
"allowedActions": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"session": {}
},
"authCheck"
],
{
"data": null,
"result": null
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Event/EventDispatcherTrait.php",
"line": 78,
"function": "dispatch",
"class": "Cake\Event\EventManager",
"type": "->",
"args": [
{
"data": null,
"result": null
}
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Controller/Controller.php",
"line": 492,
"function": "dispatchEvent",
"class": "Cake\Controller\Controller",
"type": "->",
"args": [
"Controller.initialize"
]
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Routing/Dispatcher.php",
"line": 109,
"function": "startupProcess",
"class": "Cake\Controller\Controller",
"type": "->",
"args": []
},
{
"file": "/home/vagrant/projects/api.app/vendor/cakephp/cakephp/src/Routing/Dispatcher.php",
"line": 87,
"function": "_invoke",
"class": "Cake\Routing\Dispatcher",
"type": "->",
"args": [
{
"components": {
"Alt3Api": null
},
"paginate": {
"page": 1,
"limit": 10,
"maxLimit": 15
},
"name": "Countries",
"helpers": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"autoRender": true,
"View": null,
"plugin": null,
"passedArgs": [],
"modelClass": "Countries",
"viewClass": null,
"viewVars": [],
"dispatchComponents": {
"Crud": true
},
"RequestHandler": {
"enabled": true,
"response": {},
"ext": null,
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"components": []
},
"Crud": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
},
"Auth": {
"components": [
"RequestHandler",
"Flash"
],
"allowedActions": [],
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"session": {}
},
"Alt3Api": {
"request": {
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
"response": {},
"components": []
}
}
]
},
{
"file": "/home/vagrant/projects/api.app/webroot/index.php",
"line": 37,
"function": "dispatch",
"class": "Cake\Routing\Dispatcher",
"type": "->",
"args": [
{
"params": {
"plugin": null,
"controller": "Countries",
"action": "index",
"_ext": null,
"pass": [],
"_method": "GET",
"prefix": "editor",
"isAjax": false
},
"data": [],
"query": [],
"cookies": [],
"url": "editor/countries",
"base": "v0",
"webroot": "v0/",
"here": "v0/editor/countries",
"trustProxy": false
},
{}
]
}
],
"exception": {
"class": "Cake\Network\Exception\UnauthorizedException",
"code": 401,
"message": "You are not authorized to access that location."
}
},
"queryLog": {
"default": [
{
"query": "SELECT Users.id AS `Users__id`, Users.email AS `Users__email`, Users.username AS `Users__username`, Users.slug AS `Users__slug`, Users.password AS `Users__password`, Users.confirmed AS `Users__confirmed`, Users.created AS `Users__created`, Users.modified AS `Users__modified` FROM users Users WHERE Users.id = 2107098648 LIMIT 1",
"took": 5,
"params": {
"c0": 2107098648
},
"numRows": 0,
"error": null
}
],
"test": []
}
}
Now that I have added the ObfuscateBehavior to my UsersTable the following (baked) ORM rules checker in my UserProfilesTable no longer passes:
public function buildRules(RulesChecker $rules)
{
$rules->add($rules->existsIn(['user_id'], 'Users'));
}
Pretty explainable if you ask me since the rules checker is passing the elucidated/real id whereas the UsersTable is expecting the obfuscated one.
Now for the question; what would be the advised way to solve this? I'm thinking about creating a custom rules checker that obfuscates the id myself.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.