Code Coverage for /app/server/src/App/Services/ProtectService.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	94.74% covered (success)	94.74%	72 / 76	33.33% covered (danger)	33.33%	1 / 3	CRAP	0.00% covered (danger)	0.00%	0 / 1
ProtectService	94.59% covered (success)	94.59%	70 / 74	33.33% covered (danger)	33.33%	1 / 3	45.32	0.00% covered (danger)	0.00%	0 / 1
__construct	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
get	94.59% covered (success)	94.59%	35 / 37	0.00% covered (danger)	0.00%	0 / 1	22.08
add	94.44% covered (success)	94.44%	34 / 36	0.00% covered (danger)	0.00%	0 / 1	22.08

1	<?php
2
3	declare(strict_types=1);
4
5	namespace UppServices;
6
7	require_once __DIR__.'/legacy/ddbb/conx.php';
8	require_once __DIR__.'/legacy/protect/secure.php';
9
10	/**
11	* Protected data: read/write encrypted fields in PROTECTED table.
12	* Delegates to legacy protect/secure.php (wrsecured, rdsecured).
13	*/
14	class ProtectService
15	{
16	private readonly SessionService $sessionService;
17
18	public function __construct(SessionService $sessionService)
19	{
20	$this->sessionService = $sessionService;
21	}
22
23	/**
24	* Read a protected field value.
25	*
26	* @param array<string, mixed> $query Query params (device, session, place, target, entry, field).
27	* @return array{errorcode: int, value?: string\|null}
28	*/
29	public function get(array $query): array
30	{
31	$retval = \ApplicationError::Success;
32	$value = null;
33	$conx = new \ConxHelper(__FILE__);
34
35	$device = isset($query['device']) ? (string) $query['device'] : '';
36	$sessionId = isset($query['session']) ? (string) $query['session'] : '';
37	$place = isset($query['place']) ? $query['place'] : null;
38	$target = isset($query['target']) ? (string) $query['target'] : '';
39	$entry = isset($query['entry']) ? (string) $query['entry'] : '';
40	$field = isset($query['field']) ? (string) $query['field'] : '';
41
42	if (\success($retval)) {
43	if ($device === '' \|\| $sessionId === '') {
44	\addlog(__FILE__, \LogLevel::Error, "ProtectService::get: missing device or session in query.");
45	$retval = \ApplicationError::Parameters;
46	}
47	}
48
49	if (\success($retval)) {
50	if ($place === null \|\| $place === '') {
51	\addlog(__FILE__, \LogLevel::Error, "ProtectService::get: mandatory parameter 'place' not provided.");
52	$retval = \ApplicationError::Parameters;
53	}
54	}
55
56	if (\success($retval)) {
57	if ($target === '' \|\| $entry === '' \|\| $field === '') {
58	\addlog(__FILE__, \LogLevel::Error, "ProtectService::get: missing target, entry or field in query.");
59	$retval = \ApplicationError::Parameters;
60	}
61	}
62
63	if (\success($retval)) {
64	$userid = null;
65	$sessionObjid = null;
66	$retval = $this->sessionService->checkSession($conx, $sessionId, $device, $userid, $sessionObjid);
67	}
68
69	if (\success($retval)) {
70	$conx->tenant = $place;
71	if ($conx->tenant === null) {
72	\addlog(__FILE__, \LogLevel::Error, "ProtectService::get: connection to place database failed.");
73	$retval = \ApplicationError::Database;
74	}
75	}
76
77	if (\success($retval)) {
78	$retval = \rdsecured($conx, $target, $entry, $field, $sessionObjid, $userid, $value);
79	}
80
81	$conx->release();
82
83	return [
84	'errorcode' => $retval,
85	'value' => \success($retval) ? $value : null
86	];
87	}
88
89	/**
90	* Write a protected field value.
91	*
92	* @param array<string, mixed> $query Query params (device, session, place).
93	* @param array<string, mixed> $body JSON body (target, entry, field, value).
94	* @return array{errorcode: int}
95	*/
96	public function add(array $query, array $body): array
97	{
98	$retval = \ApplicationError::Success;
99	$conx = new \ConxHelper(__FILE__);
100
101	$device = isset($query['device']) ? (string) $query['device'] : '';
102	$sessionId = isset($query['session']) ? (string) $query['session'] : '';
103	$place = isset($query['place']) ? $query['place'] : null;
104
105	$target = isset($body['target']) ? (string) $body['target'] : '';
106	$entry = isset($body['entry']) ? (string) $body['entry'] : '';
107	$field = isset($body['field']) ? (string) $body['field'] : '';
108	$value = isset($body['value']) ? (string) $body['value'] : '';
109
110	if (\success($retval)) {
111	if ($device === '' \|\| $sessionId === '') {
112	\addlog(__FILE__, \LogLevel::Error, "ProtectService::add: missing device or session in query.");
113	$retval = \ApplicationError::Parameters;
114	}
115	}
116
117	if (\success($retval)) {
118	if ($place === null \|\| $place === '') {
119	\addlog(__FILE__, \LogLevel::Error, "ProtectService::add: mandatory parameter 'place' not provided.");
120	$retval = \ApplicationError::Parameters;
121	}
122	}
123
124	if (\success($retval)) {
125	if ($target === '' \|\| $entry === '' \|\| $field === '') {
126	\addlog(__FILE__, \LogLevel::Error, "ProtectService::add: missing target, entry or field in body.");
127	$retval = \ApplicationError::Parameters;
128	}
129	}
130
131	if (\success($retval)) {
132	$userid = null;
133	$sessionObjid = null;
134	$retval = $this->sessionService->checkSession($conx, $sessionId, $device, $userid, $sessionObjid);
135	}
136
137	if (\success($retval)) {
138	$conx->tenant = $place;
139	if ($conx->tenant === null) {
140	\addlog(__FILE__, \LogLevel::Error, "ProtectService::add: connection to place database failed.");
141	$retval = \ApplicationError::Database;
142	}
143	}
144
145	if (\success($retval)) {
146	$retval = \wrsecured($conx, $target, $entry, $field, $value, $sessionObjid, $userid);
147	}
148
149	$conx->release();
150
151	return [
152	'errorcode' => $retval
153	];
154	}
155	}