Add encrypted casts support + allow using the trait on multiple models (#14)

* Add encrypted casts test (wip)

* Handle and test 'encrypted' casts

* Add APP_KEY to phpunit.xml

* Update attribute casting in VirtualColumn

* Test casting of all default 'encrypted' castables

* Fix code style (php-cs-fixer)

* Handle custom castables in VirtualColumn

* Add custom encrypted castable

* Test custom encrypted castable, refactor test

* Move EncryptedCast class to VirtualColumnTest

* Correct expected/actual value order in assertions

* Break code style (testing)

* Fix code style (php-cs-fixer)

* Check Laravel CI version (testing)

* dd() Laravel version

* Delete dd()

* Delete get() and set() types

* Use non-lowercase custom cast class strings

* Check hasCast manually

* Correct encrypted castable logic

* Update src/VirtualColumn.php

* Use `$dataEncoded` bool instead of `$dataEncodingStatus` string

* Don't accept unused `$e`

* Refactor `encodeAttributes()`

* Use `$model->getCustomColumns()` instead of `static::getCustomColumns()`

* Use `$model` instead of `static` where possible

* Correct test

* Revert `static` -> `$model` changes

* Correct typo

* Refactor `$afterListeneres`

* Fix code style (php-cs-fixer)

* Make static things non-static in VirtualColumn

* Change method to non-static in test

* Add base class that uses VirtualColumn in tests

* Add encrypted castables docblock

* Fix merge

* Fix ParentModel change

* make $this and $model use clear and consistent

---------

Co-authored-by: Samuel Štancl <[email protected]>
Co-authored-by: Samuel Štancl <[email protected]>

Author: lukinovec

phpunit.xml

@@ -1,20 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" backupGlobals="false" bootstrap="vendor/autoload.php" colors="true" processIsolation="false" stopOnFailure="false" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.0/phpunit.xsd">
-  <coverage>
-    <include>
-      <directory suffix=".php">./src</directory>
-    </include>
-    <exclude>
-      <file>./src/routes.php</file>
-    </exclude>
-  </coverage>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" backupGlobals="false" bootstrap="vendor/autoload.php" colors="true" processIsolation="false" stopOnFailure="false" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.4/phpunit.xsd">
+  <coverage/>
   <testsuites>
     <testsuite name="Unit">
       <directory suffix="Test.php">./tests</directory>
     </testsuite>
   </testsuites>
   <php>
     <env name="APP_ENV" value="testing"/>
+    <env name="APP_KEY" value="base64:+osRhaqQtOcYM79fhVU8YdNBs/1iVJPWYUr9zvTPCs0="/>
     <env name="BCRYPT_ROUNDS" value="4"/>
     <env name="CACHE_DRIVER" value="redis"/>
     <env name="MAIL_DRIVER" value="array"/>
@@ -24,4 +18,12 @@
     <env name="DB_DATABASE" value=":memory:"/>
     <env name="AWS_DEFAULT_REGION" value="us-west-2"/>
   </php>
+  <source>
+    <include>
+      <directory suffix=".php">./src</directory>
+    </include>
+    <exclude>
+      <file>./src/routes.php</file>
+    </exclude>
+  </source>
 </phpunit>

phpunit.xml.bak

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" backupGlobals="false" bootstrap="vendor/autoload.php" colors="true" processIsolation="false" stopOnFailure="false" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.0/phpunit.xsd">
+  <coverage>
+    <include>
+      <directory suffix=".php">./src</directory>
+    </include>
+    <exclude>
+      <file>./src/routes.php</file>
+    </exclude>
+  </coverage>
+  <testsuites>
+    <testsuite name="Unit">
+      <directory suffix="Test.php">./tests</directory>
+    </testsuite>
+  </testsuites>
+  <php>
+    <env name="APP_ENV" value="testing"/>
+    <env name="APP_KEY" value="base64:+osRhaqQtOcYM79fhVU8YdNBs/1iVJPWYUr9zvTPCs0="/>
+    <env name="BCRYPT_ROUNDS" value="4"/>
+    <env name="CACHE_DRIVER" value="redis"/>
+    <env name="MAIL_DRIVER" value="array"/>
+    <env name="QUEUE_CONNECTION" value="sync"/>
+    <env name="SESSION_DRIVER" value="array"/>
+    <env name="DB_CONNECTION" value="sqlite"/>
+    <env name="DB_DATABASE" value=":memory:"/>
+    <env name="AWS_DEFAULT_REGION" value="us-west-2"/>
+  </php>
+</phpunit>

src/VirtualColumn.php

@@ -4,6 +4,9 @@
 
 namespace Stancl\VirtualColumn;
 
+use Illuminate\Contracts\Encryption\DecryptException;
+use Illuminate\Support\Facades\Crypt;
+
 /**
  * This trait lets you add a "data" column functionality to any Eloquent model.
  * It serializes attributes which don't exist as columns on the model's table
@@ -13,74 +16,119 @@
  */
 trait VirtualColumn
 {
-    public static $afterListeners = [];
+    /**
+     * Encrypted castables have to be handled using a special approach that prevents the data from getting encrypted repeatedly.
+     *
+     * The default encrypted castables ('encrypted', 'encrypted:array', 'encrypted:collection', 'encrypted:json', 'encrypted:object')
+     * are already handled, so you can use this array to add your own encrypted castables.
+     */
+    public static array $customEncryptedCastables = [];
 
     /**
      * We need this property, because both created & saved event listeners
      * decode the data (to take precedence before other created & saved)
      * listeners, but we don't want the data to be decoded twice.
-     *
-     * @var string
      */
-    public $dataEncodingStatus = 'decoded';
+    public bool $dataEncoded = false;
 
-    protected static function decodeVirtualColumn(self $model): void
+    protected function decodeVirtualColumn(): void
     {
-        if ($model->dataEncodingStatus === 'decoded') {
+        if (! $this->dataEncoded) {
             return;
         }
 
-        foreach ($model->getAttribute(static::getDataColumn()) ?? [] as $key => $value) {
-            $model->setAttribute($key, $value);
-            $model->syncOriginalAttribute($key);
+        $encryptedCastables = array_merge(
+            static::$customEncryptedCastables,
+            ['encrypted', 'encrypted:array', 'encrypted:collection', 'encrypted:json', 'encrypted:object'], // Default encrypted castables
+        );
+
+        foreach ($this->getAttribute($this->getDataColumn()) ?? [] as $key => $value) {
+            $attributeHasEncryptedCastable = in_array(data_get($this->getCasts(), $key), $encryptedCastables);
+
+            if ($attributeHasEncryptedCastable && $this->valueEncrypted($value)) {
+                $this->attributes[$key] = $value;
+            } else {
+                $this->setAttribute($key, $value);
+            }
+
+            $this->syncOriginalAttribute($key);
         }
 
-        $model->setAttribute(static::getDataColumn(), null);
+        $this->setAttribute($this->getDataColumn(), null);
 
-        $model->dataEncodingStatus = 'decoded';
+        $this->dataEncoded = false;
     }
 
-    protected static function encodeAttributes(self $model): void
+    protected function encodeAttributes(): void
     {
-        if ($model->dataEncodingStatus === 'encoded') {
+        if ($this->dataEncoded) {
             return;
         }
 
-        foreach ($model->getAttributes() as $key => $value) {
-            if (! in_array($key, static::getCustomColumns())) {
-                $current = $model->getAttribute(static::getDataColumn()) ?? [];
+        $dataColumn = $this->getDataColumn();
+        $customColumns = $this->getCustomColumns();
+        $attributes = array_filter($this->getAttributes(), fn ($key) => ! in_array($key, $customColumns), ARRAY_FILTER_USE_KEY);
 
-                $model->setAttribute(static::getDataColumn(), array_merge($current, [
-                    $key => $value,
-                ]));
+        // Remove data column from the attributes
+        unset($attributes[$dataColumn]);
 
-                unset($model->attributes[$key]);
-                unset($model->original[$key]);
-            }
+        foreach ($attributes as $key => $value) {
+            // Remove attribute from the model
+            unset($this->attributes[$key]);
+            unset($this->original[$key]);
         }
 
-        $model->dataEncodingStatus = 'encoded';
+        // Add attribute to the data column
+        $this->setAttribute($dataColumn, $attributes);
+
+        $this->dataEncoded = true;
     }
 
-    public static function bootVirtualColumn()
+    public function valueEncrypted(string $value): bool
     {
-        static::registerAfterListener('retrieved', function ($model) {
-            // We always decode after model retrieval.
-            $model->dataEncodingStatus = 'encoded';
+        try {
+            Crypt::decryptString($value);
 
-            static::decodeVirtualColumn($model);
-        });
+            return true;
+        } catch (DecryptException) {
+            return false;
+        }
+    }
+
+    protected function decodeAttributes()
+    {
+        $this->dataEncoded = true;
+
+        $this->decodeVirtualColumn();
+    }
 
-        // Encode if writing
-        static::registerAfterListener('saving', [static::class, 'encodeAttributes']);
-        static::registerAfterListener('creating', [static::class, 'encodeAttributes']);
-        static::registerAfterListener('updating', [static::class, 'encodeAttributes']);
+    protected function getAfterListeners(): array
+    {
+        return [
+            'retrieved' => [
+                function () {
+                    // Always decode after model retrieval
+                    $this->dataEncoded = true;
+
+                    $this->decodeVirtualColumn();
+                },
+            ],
+            'saving' => [
+                [$this, 'encodeAttributes'],
+            ],
+            'creating' => [
+                [$this, 'encodeAttributes'],
+            ],
+            'updating' => [
+                [$this, 'encodeAttributes'],
+            ],
+        ];
     }
 
     protected function decodeIfEncoded()
     {
-        if ($this->dataEncodingStatus === 'encoded') {
-            static::decodeVirtualColumn($this);
+        if ($this->dataEncoded) {
+            $this->decodeVirtualColumn();
         }
     }
 
@@ -97,7 +145,7 @@ protected function fireModelEvent($event, $halt = true)
 
     public function runAfterListeners($event, $halt = true)
     {
-        $listeners = static::$afterListeners[$event] ?? [];
+        $listeners = $this->getAfterListeners()[$event] ?? [];
 
         if (! $event) {
             return;
@@ -115,27 +163,22 @@ public function runAfterListeners($event, $halt = true)
         }
     }
 
-    public static function registerAfterListener(string $event, callable $callback)
-    {
-        static::$afterListeners[$event][] = $callback;
-    }
-
     public function getCasts()
     {
         return array_merge(parent::getCasts(), [
-            static::getDataColumn() => 'array',
+            $this->getDataColumn() => 'array',
         ]);
     }
 
     /**
      * Get the name of the column that stores additional data.
      */
-    public static function getDataColumn(): string
+    public function getDataColumn(): string
     {
         return 'data';
     }
 
-    public static function getCustomColumns(): array
+    public function getCustomColumns(): array
     {
         return [
             'id',
@@ -149,10 +192,10 @@ public static function getCustomColumns(): array
      */
     public function getColumnForQuery(string $column): string
     {
-        if (in_array($column, static::getCustomColumns(), true)) {
+        if (in_array($column, $this->getCustomColumns(), true)) {
             return $column;
         }
 
-        return static::getDataColumn() . '->' . $column;
+        return $this->getDataColumn() . '->' . $column;
     }
 }