Changed metadata encryption to have a new dictionary type: d:encrypted

- Properties have to be encrypted and decrypted in code using MetadataEncryptor ('metadataEncryptor') - No conversion, encryption or decryption is done by Alfresco - Unencrypted values cannot be persisted and get thrown out - ALF-8646: RINF 38: Text data encryption - ALF-8956: RINF 38: Encryption key password specified by installer - ALF-9055: RINF 38: Support encryption against existing data git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@28480 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2011-06-20 11:50:37 +00:00
parent dc3139bef7
commit 1714397cac
31 changed files with 426 additions and 456 deletions
--- a/source/java/org/alfresco/repo/node/integrity/PropertiesIntegrityEvent.java
+++ b/source/java/org/alfresco/repo/node/integrity/PropertiesIntegrityEvent.java
@@ -24,11 +24,14 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;

+import javax.crypto.SealedObject;
+
 import org.alfresco.model.ContentModel;
 import org.alfresco.service.cmr.dictionary.AspectDefinition;
 import org.alfresco.service.cmr.dictionary.Constraint;
 import org.alfresco.service.cmr.dictionary.ConstraintDefinition;
 import org.alfresco.service.cmr.dictionary.ConstraintException;
+import org.alfresco.service.cmr.dictionary.DataTypeDefinition;
 import org.alfresco.service.cmr.dictionary.DictionaryService;
 import org.alfresco.service.cmr.dictionary.PropertyDefinition;
 import org.alfresco.service.cmr.dictionary.TypeDefinition;
@@ -76,9 +79,6 @@ public class PropertiesIntegrityEvent extends AbstractIntegrityEvent

    /**
     * Checks the properties for the type and aspects of the given node.
-     * 
-     * @param nodeRef
-     * @param eventResults
     */
    private void checkAllProperties(NodeRef nodeRef, List<IntegrityRecord> eventResults)
    {
@@ -163,6 +163,19 @@ public class PropertiesIntegrityEvent extends AbstractIntegrityEvent
                continue;
            }
            Serializable propertyValue = nodeProperties.get(propertyQName);
+            // Check for encryption first
+            if (propertyDef.getDataType().getName().equals(DataTypeDefinition.ENCRYPTED))
+            {
+                if (propertyValue != null && !(propertyValue instanceof SealedObject))
+                {
+                    IntegrityRecord result = new IntegrityRecord(
+                            "Property must be encrypted: \n" +
+                            "   Node: " + nodeRef + "\n" +
+                            "   Type: " + typeQName + "\n" +
+                            "   Property: " + propertyQName);
+                    eventResults.add(result);
+                }
+            }
            // check constraints
            List<ConstraintDefinition> constraintDefs = propertyDef.getConstraints();
            for (ConstraintDefinition constraintDef : constraintDefs)