X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=blobdiff_plain;f=DataObjects%2FCore_setting.php;h=97ec8bd3742a1f88bc0646132f2a02af0931bb29;hp=d0e6081f7a577a0589f0f0d609bb2697e6820ebc;hb=HEAD;hpb=55fb9a7d129685c9e326a3f630ecd20bcd9254f5

diff --git a/DataObjects/Core_setting.php b/DataObjects/Core_setting.php
index d0e6081f..e1eea761 100644
--- a/DataObjects/Core_setting.php
+++ b/DataObjects/Core_setting.php
@@ -8,13 +8,18 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject
     
     function initKeys()
     {
-        $d = HTML_FlexyFramework::get()->Pman['storedir'].'/key';
+        // return false when fail
+        $dir = $this->getKeyDirectory();
+        
+        if(!$dir) {
+            return false; // only fail case?
+        }
         
         if(
-            file_exists("{$d}/pub.key") ||
-            file_exists("{$d}/pri.key")
+            file_exists("{$dir}/pub.key") ||
+            file_exists("{$dir}/pri.key")
         ){
-            return;
+            return true;
         }
         
         $ssl = openssl_pkey_new(array(
@@ -27,81 +32,132 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject
         $pub_key = openssl_pkey_get_details($ssl);
         $pub_key = $pub_key["key"];
         
-        file_put_contents("{$d}/pub.key",$pub_key);
-        file_put_contents("{$d}/pri.key",$pri_key);
+        file_put_contents("{$dir}/pub.key",$pub_key);
+        file_put_contents("{$dir}/pri.key",$pri_key);
+        
+        return true;
     }
     
-    function getSetting($m,$n)
+    function lookup($m,$n)
     {
         $s = DB_DataObject::factory('core_setting');
         $s->setFrom(array(
             'module' => $m,
             'name' => $n
         ));
+        
         if($s->find(true)) {
             return $s;
         }
+        
         return false;
     }
     
     function beforeInsert($q, $roo)
     {
-        exit;
-        
-        return;
+        if (isset($q['is_encrypt'])) {
+            $roo->jerr("no direct access for setting encrypted data at present?");
+        }
+        // we store column data in here now - so it has to be insertable.
+        //exit;
     }
     
-    function initSetting($a)
+    function getKeyDirectory()
     {
-        if(empty($a) || empty($dir)) {
-            return;
+        $client_dir = HTML_FlexyFramework::get()->Pman['storedir'];
+        
+        $key_dir = $client_dir.'/keys';
+        
+        if(file_exists($key_dir)) {
+            return $key_dir;
         }
         
-        $c = $this->getSetting($a['module'], $a['name']);
-        if($c) {
-            return;
+        if(!is_writable($key_dir)) {
+            return false;
         }
         
-        //$ff->pman['storedir']/key generic for all projects?
+        mkdir($key_dir, 0755, true);
         
-        $this->setStoreDir($dir);
+        return $key_dir;
+    }
+    
+    // FIXME  - this needs to go in beforeInsert/beforeUpdate
+    // should not be sending this the values..
+    function initSetting($a)
+    {
+        if(empty($a)) {
+            return;
+        }
         
         $this->initKeys();
         
-        $val = $a['val'];
-        if(!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) {
-            $val = $this->encrypt($val);
-        }
+        $c = $this->lookup($a['module'], $a['name']);
         
-        $s = DB_DataObject::factory('core_setting');
-        $s->setFrom(array(
-            'module' => $a['module'],
-            'name' => $a['name'],
-            'description' => $a['description'],
-            'val' =>$val,
-            'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1
+        $o = $c ? clone($c) : false;
+        
+        $c = $c ? $c : DB_DataObject::factory('core_setting');
+        
+        $c->setFrom(array(
+            'module'        =>     $a['module'],
+            'name'          =>       $a['name'],
+            'description'   => $a['description'],
+            'val' => (!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) ?
+                $this->encrypt($a['val']) : $a['val'],
+            'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1,
+            'is_valid' => 1
         ));
         
-        $s->insert();
+        $o ?  $c->update($o) : $c->insert();
     }
     
+    //one key for encrypting all the settings
     function encrypt($v)
     {
-        $pub_key = file_get_contents("{$this->storedir}/pub.key");
+        $key_dir = "{$this->getKeyDirectory()}/pub.key";
+        
+        if(!file_exists($key_dir)) {
+            return false;
+        }
+        
+        $pub_key = file_get_contents($key_dir);
         if(!$pub_key) {
-            return;
+            return false;
         }
-        openssl_public_encrypt($v, $cipher, $pub_key);
-        return $cipher;
+        openssl_public_encrypt($v, $ciphertext, $pub_key);
+        return $ciphertext;
     }
     
-    function setStoreDir($dir)
+    function decrypt($v)
     {
-        if(!file_exists($dir)) {
-            $oldumask = umask(0);
-            mkdir($dir, 0775, true);
-            umask($oldumask);  
+        $key_dir = "{$this->getKeyDirectory()}/pri.key";
+        
+        if(!file_exists($key_dir)) {
+            return false;
         }
-        $this->storedir = $dir;
+        
+        $pri_key = file_get_contents($key_dir);
+        
+        if(!$pri_key) {
+            return false;
+        }
+        
+        openssl_private_decrypt($v, $plaintext, $pri_key);
+        
+        return $plaintext;
+    }
+    
+    function getDecryptVal()
+    {
+        
+        if(empty($this->val)) {
+            return false;
+        }
+        
+        if(empty($this->is_encrypt)) {
+            return $this->val;
+        }
+        
+        return $this->decrypt($this->val);
     }
+    
 }