Add method for decrypting values accordingly (#9088)

2025-10-26 08:42:29 +01:00 · 2024-06-18 05:31:35 -03:00 · 2024-06-18 05:31:35 -03:00 · a10eee25b3
commit a10eee25b3
parent 591cc4f002
4 changed files with 30 additions and 4 deletions
--- a/engine/schema/src/main/java/com/cloud/domain/dao/DomainDetailsDao.java
+++ b/engine/schema/src/main/java/com/cloud/domain/dao/DomainDetailsDao.java
@ -31,4 +31,6 @@ public interface DomainDetailsDao extends GenericDao<DomainDetailVO, Long> {
    void deleteDetails(long domainId);

    void update(long domainId, Map<String, String> details);
+
+    String getActualValue(DomainDetailVO domainDetailVO);
 }
--- a/engine/schema/src/main/java/com/cloud/domain/dao/DomainDetailsDaoImpl.java
+++ b/engine/schema/src/main/java/com/cloud/domain/dao/DomainDetailsDaoImpl.java
@ -24,6 +24,7 @@ import javax.inject.Inject;

 import com.cloud.domain.DomainDetailVO;
 import com.cloud.domain.DomainVO;
+import com.cloud.utils.crypt.DBEncryptionUtil;
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.QueryBuilder;
 import com.cloud.utils.db.SearchBuilder;
@ -34,6 +35,7 @@ import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.cloudstack.framework.config.ConfigKey.Scope;
 import org.apache.cloudstack.framework.config.ScopedConfigStorage;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.config.impl.ConfigurationVO;

 public class DomainDetailsDaoImpl extends GenericDaoBase<DomainDetailVO, Long> implements DomainDetailsDao, ScopedConfigStorage {
    protected final SearchBuilder<DomainDetailVO> domainSearch;
@ -111,7 +113,7 @@ public class DomainDetailsDaoImpl extends GenericDaoBase<DomainDetailVO, Long> i
        String enableDomainSettingsForChildDomain = _configDao.getValue("enable.domain.settings.for.child.domain");
        if (!Boolean.parseBoolean(enableDomainSettingsForChildDomain)) {
            vo = findDetail(id, key.key());
-            return vo == null ? null : vo.getValue();
+            return vo == null ? null : getActualValue(vo);
        }
        DomainVO domain = _domainDao.findById(id);
        // if value is not configured in domain then check its parent domain till ROOT
@ -125,6 +127,15 @@ public class DomainDetailsDaoImpl extends GenericDaoBase<DomainDetailVO, Long> i
                break;
            }
        }
-        return vo == null ? null : vo.getValue();
+        return vo == null ? null : getActualValue(vo);
+    }
+
+    @Override
+    public String getActualValue(DomainDetailVO domainDetailVO) {
+        ConfigurationVO configurationVO = _configDao.findByName(domainDetailVO.getName());
+        if (configurationVO != null && configurationVO.isEncrypted()) {
+            return DBEncryptionUtil.decrypt(domainDetailVO.getValue());
+        }
+        return domainDetailVO.getValue();
    }
 }
--- a/engine/schema/src/main/java/com/cloud/user/AccountDetailsDao.java
+++ b/engine/schema/src/main/java/com/cloud/user/AccountDetailsDao.java
@ -34,4 +34,6 @@ public interface AccountDetailsDao extends GenericDao<AccountDetailVO, Long> {
     * they will get created
     */
    void update(long accountId, Map<String, String> details);
+
+    String getActualValue(AccountDetailVO accountDetailVO);
 }
--- a/engine/schema/src/main/java/com/cloud/user/AccountDetailsDaoImpl.java
+++ b/engine/schema/src/main/java/com/cloud/user/AccountDetailsDaoImpl.java
@ -23,6 +23,7 @@ import java.util.Optional;

 import javax.inject.Inject;

+import com.cloud.utils.crypt.DBEncryptionUtil;
 import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.cloudstack.framework.config.ConfigKey.Scope;
 import org.apache.cloudstack.framework.config.ScopedConfigStorage;
@ -40,6 +41,7 @@ import com.cloud.utils.db.SearchCriteria;
 import com.cloud.utils.db.SearchCriteria.Op;
 import com.cloud.utils.db.TransactionLegacy;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.config.impl.ConfigurationVO;

 public class AccountDetailsDaoImpl extends GenericDaoBase<AccountDetailVO, Long> implements AccountDetailsDao, ScopedConfigStorage {
    protected final SearchBuilder<AccountDetailVO> accountSearch;
@ -119,7 +121,7 @@ public class AccountDetailsDaoImpl extends GenericDaoBase<AccountDetailVO, Long>
    public String getConfigValue(long id, ConfigKey<?> key) {
        // check if account level setting is configured
        AccountDetailVO vo = findDetail(id, key.key());
-        String value = vo == null ? null : vo.getValue();
+        String value = vo == null ? null : getActualValue(vo);
        if (value != null) {
            return value;
        }
@ -140,7 +142,7 @@ public class AccountDetailsDaoImpl extends GenericDaoBase<AccountDetailVO, Long>
                while (domain != null) {
                    DomainDetailVO domainVO = _domainDetailsDao.findDetail(domain.getId(), key.key());
                    if (domainVO != null) {
-                        value = domainVO.getValue();
+                        value = _domainDetailsDao.getActualValue(domainVO);
                        break;
                    } else if (domain.getParent() != null) {
                        domain = _domainDao.findById(domain.getParent());
@ -152,4 +154,13 @@ public class AccountDetailsDaoImpl extends GenericDaoBase<AccountDetailVO, Long>
        }
        return value;
    }
+
+    @Override
+    public String getActualValue(AccountDetailVO accountDetailVO) {
+        ConfigurationVO configurationVO = _configDao.findByName(accountDetailVO.getName());
+        if (configurationVO != null && configurationVO.isEncrypted()) {
+            return DBEncryptionUtil.decrypt(accountDetailVO.getValue());
+        }
+        return accountDetailVO.getValue();
+    }
 }