Merge pull request #6 from Aeliot-Tm/refactore_stored_functions_defin…

…itions fix: refactor stored MySQL functions definitions
Aeliot-Tm · Jun 26, 2024 · d728908 · d728908
2 parents 97ff188 + 33c86fe
commit d728908
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 48 deletions.
diff --git a/example/Doctrine/Encryption/FunctionProvider.php b/example/Doctrine/Encryption/FunctionProvider.php
@@ -32,51 +32,58 @@ public function getDefinitions(Connection $connection): array
         $definitions = $this->defaultFunctionProvider->getDefinitions($connection);
 
         $definitions[FunctionEnum::GET_ENCRYPTION_KEY][PlatformEnum::MYSQL] = sprintf(
-            'CREATE FUNCTION %1$s() RETURNS TEXT DETERMINISTIC
-             BEGIN
-                 IF (@encryption_key IS NULL)
-                 THEN
-                     SET @encryption_key = %2$s(@%3$s);
-                 END IF;
+            'CREATE
+                FUNCTION %1$s() RETURNS TEXT
+                DETERMINISTIC
+                SQL SECURITY DEFINER
+            BEGIN
+                IF (@encryption_key IS NULL)
+                THEN
+                    SET @encryption_key = %2$s(@%3$s);
+                END IF;
 
-                 IF (@encryption_key IS NULL OR LENGTH(@encryption_key) = 0)
-                 THEN
-                     SIGNAL SQLSTATE \'%4$s\'
-                         SET MESSAGE_TEXT = \'Encryption key not found\';
-                 END IF;
+                IF (@encryption_key IS NULL OR LENGTH(@encryption_key) = 0)
+                THEN
+                    SIGNAL SQLSTATE \'%4$s\'
+                        SET MESSAGE_TEXT = \'Encryption key not found\';
+                END IF;
 
-                 RETURN @encryption_key;
-             END;',
+                RETURN @encryption_key;
+            END;',
             FunctionEnum::GET_ENCRYPTION_KEY,
             self::FUNCTION_NAME,
             self::PARAMETER_NAME,
             DatabaseErrorEnum::EMPTY_ENCRYPTION_KEY,
         );
 
         $definitions[self::FUNCTION_NAME][PlatformEnum::MYSQL] = sprintf(
-            'CREATE FUNCTION %1$s(env_key TEXT) RETURNS TEXT
-             LANGUAGE SQL DETERMINISTIC CONTAINS SQL SQL SECURITY DEFINER
-             BEGIN
-                 DECLARE db_key varchar(64) DEFAULT NULL;
-                 DECLARE exist_secrets_table INT DEFAULT NULL;
-                 SET db_key = NULL;
+            'CREATE
+                FUNCTION %1$s(env_key TEXT) RETURNS TEXT
+                LANGUAGE SQL
+                DETERMINISTIC
+                READS SQL DATA
+                SQL SECURITY DEFINER
+            BEGIN
+                DECLARE db_key varchar(64) DEFAULT NULL;
+                DECLARE exist_secrets_table INT DEFAULT NULL;
+                SET db_key = NULL;
 
-                 SELECT COUNT(1) INTO exist_secrets_table FROM INFORMATION_SCHEMA.TABLES
-                      WHERE TABLE_SCHEMA = "secret_database" AND TABLE_NAME = "secret_table";
+                SELECT COUNT(1) INTO exist_secrets_table FROM INFORMATION_SCHEMA.TABLES
+                     WHERE TABLE_SCHEMA = "secret_database" AND TABLE_NAME = "secret_table";
 
-                 IF (exist_secrets_table > 0)
-                 THEN
-                     SELECT secret INTO db_key
-                       FROM secret_database.secret_table WHERE id = "db_secret";
-                 END IF;
+                IF (exist_secrets_table > 0)
+                THEN
+                    SELECT secret INTO db_key
+                      FROM secret_database.secret_table WHERE id = "db_secret";
+                END IF;
 
-                 IF (exist_secrets_table > 0 AND (db_key IS NULL OR LENGTH(db_key) != 64))
-                 THEN
-                     SIGNAL SQLSTATE \'%2$s\'
-                         SET MESSAGE_TEXT = \'Cannot build key\';
-                 END IF;
+                IF (exist_secrets_table > 0 AND (db_key IS NULL OR LENGTH(db_key) != 64))
+                THEN
+                    SIGNAL SQLSTATE \'%2$s\'
+                        SET MESSAGE_TEXT = \'Cannot build key\';
+                END IF;
 
-                 RETURN CONCAT(db_key, env_key);
+                RETURN CONCAT(db_key, env_key);
             END;',
             self::FUNCTION_NAME,
             DatabaseErrorEnum::EMPTY_ENCRYPTION_KEY,

diff --git a/src/Service/DefaultFunctionDefinitionsTrait.php b/src/Service/DefaultFunctionDefinitionsTrait.php
@@ -19,34 +19,43 @@ public function getDefinitions(Connection $connection): array
         return [
             FunctionEnum::DECRYPT => [
                 PlatformEnum::MYSQL => sprintf(
-                    'CREATE FUNCTION %1$s(source_data LONGBLOB) RETURNS LONGTEXT DETERMINISTIC
-                        BEGIN
-                            RETURN AES_DECRYPT(source_data, %2$s());
-                        END;',
+                    'CREATE
+                        FUNCTION %1$s(source_data LONGBLOB) RETURNS LONGTEXT
+                        DETERMINISTIC
+                        SQL SECURITY DEFINER
+                    BEGIN
+                        RETURN AES_DECRYPT(source_data, %2$s());
+                    END;',
                     FunctionEnum::DECRYPT,
                     FunctionEnum::GET_ENCRYPTION_KEY
                 ),
             ],
             FunctionEnum::ENCRYPT => [
                 PlatformEnum::MYSQL => sprintf(
-                    'CREATE FUNCTION %1$s(source_data LONGTEXT) RETURNS LONGBLOB DETERMINISTIC
-                        BEGIN
-                            RETURN AES_ENCRYPT(source_data, %2$s());
-                        END;',
+                    'CREATE
+                        FUNCTION %1$s(source_data LONGTEXT) RETURNS LONGBLOB
+                        DETERMINISTIC
+                        SQL SECURITY DEFINER
+                    BEGIN
+                        RETURN AES_ENCRYPT(source_data, %2$s());
+                    END;',
                     FunctionEnum::ENCRYPT,
                     FunctionEnum::GET_ENCRYPTION_KEY
                 ),
             ],
             FunctionEnum::GET_ENCRYPTION_KEY => [
                 PlatformEnum::MYSQL => sprintf(
-                    'CREATE FUNCTION %1$s() RETURNS TEXT DETERMINISTIC
-                        BEGIN
-                            IF (@encryption_key IS NULL OR LENGTH(@encryption_key) = 0) THEN
-                                SIGNAL SQLSTATE \'%2$s\'
-                                    SET MESSAGE_TEXT = \'Encryption key not found\';
-                            END IF;
-                            RETURN @encryption_key;
-                        END;',
+                    'CREATE
+                        FUNCTION %1$s() RETURNS TEXT
+                        DETERMINISTIC
+                        SQL SECURITY DEFINER
+                    BEGIN
+                        IF (@encryption_key IS NULL OR LENGTH(@encryption_key) = 0) THEN
+                            SIGNAL SQLSTATE \'%2$s\'
+                                SET MESSAGE_TEXT = \'Encryption key not found\';
+                        END IF;
+                        RETURN @encryption_key;
+                    END;',
                     FunctionEnum::GET_ENCRYPTION_KEY,
                     DatabaseErrorEnum::EMPTY_ENCRYPTION_KEY
                 ),