2014-10-30 21:44:22 +01:00
|
|
|
import DS from "ember-data";
|
2015-08-23 16:13:52 +02:00
|
|
|
import Ember from "ember";
|
2015-08-20 14:12:28 +02:00
|
|
|
/* global sjcl */
|
2014-10-30 21:44:22 +01:00
|
|
|
|
2015-08-23 16:13:52 +02:00
|
|
|
/*
|
|
|
|
|
* extends DS.RESTSerializer to implement encryption
|
|
|
|
|
*
|
|
|
|
|
* By default every attribute hash is encrypted using SJCL.
|
|
|
|
|
* This is configurable by options parameter of DS.attr().
|
|
|
|
|
*
|
|
|
|
|
* Options:
|
|
|
|
|
* - encrypted (boolean)
|
|
|
|
|
* If false the attribute won't be encrypted.
|
|
|
|
|
* - includePlainOnCreate (string)
|
|
|
|
|
* If set the attribute will be included plain (not encrypted) when
|
|
|
|
|
* recorde is created. Value is the attributes name used.
|
|
|
|
|
*/
|
2015-08-19 22:00:01 +02:00
|
|
|
export default DS.RESTSerializer.extend({
|
2015-10-25 19:38:14 +01:00
|
|
|
encryption: Ember.inject.service(),
|
|
|
|
|
encryptionKey: Ember.computed.alias('encryption.key'),
|
|
|
|
|
|
2015-08-23 16:13:52 +02:00
|
|
|
/*
|
|
|
|
|
* implement decryption
|
|
|
|
|
*/
|
2015-08-19 22:00:01 +02:00
|
|
|
normalize: function(modelClass, resourceHash, prop) {
|
2015-10-25 19:38:14 +01:00
|
|
|
var decryptionKey = this.get('encryptionKey');
|
2015-08-23 16:13:52 +02:00
|
|
|
|
|
|
|
|
// run before serialization of attribute hash
|
2015-08-19 22:00:01 +02:00
|
|
|
modelClass.eachAttribute(function(key, attributes) {
|
|
|
|
|
if (
|
|
|
|
|
attributes.options.encrypted !== false
|
|
|
|
|
) {
|
2015-10-17 15:44:27 +02:00
|
|
|
if (typeof resourceHash[key] !== "undefined" && resourceHash[key] !== null) {
|
2015-10-16 17:41:24 +02:00
|
|
|
try {
|
|
|
|
|
resourceHash[key] = JSON.parse(
|
|
|
|
|
sjcl.decrypt(decryptionKey, resourceHash[key])
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
catch (err) {
|
|
|
|
|
throw {
|
|
|
|
|
type: "decryption-failed",
|
|
|
|
|
message: "decryption failed for " + key + " using key " + decryptionKey,
|
|
|
|
|
original: err
|
|
|
|
|
};
|
|
|
|
|
}
|
2015-08-19 22:00:01 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}, this);
|
2015-10-25 16:46:11 +01:00
|
|
|
|
|
|
|
|
// run legacy support transformation specified in model serializer
|
|
|
|
|
if (typeof this.legacySupport === 'function') {
|
|
|
|
|
resourceHash = this.legacySupport(resourceHash);
|
|
|
|
|
}
|
2015-08-19 22:00:01 +02:00
|
|
|
|
|
|
|
|
return this._super(modelClass, resourceHash, prop);
|
|
|
|
|
},
|
|
|
|
|
|
2015-08-23 16:13:52 +02:00
|
|
|
/*
|
|
|
|
|
* implement encryption
|
|
|
|
|
*/
|
|
|
|
|
serializeAttribute: function(snapshot, json, key, attribute) {
|
|
|
|
|
this._super(snapshot, json, key, attribute);
|
|
|
|
|
|
|
|
|
|
// get encryption key from snapshot which is model representation
|
2015-10-25 19:38:14 +01:00
|
|
|
var encryptionKey = this.get('encryptionKey');
|
2015-08-23 16:13:52 +02:00
|
|
|
|
|
|
|
|
// map includePlainOnCreate after serialization of attribute hash
|
|
|
|
|
// but before encryption so we can just use the serialized hash
|
|
|
|
|
if (
|
|
|
|
|
!Ember.isEmpty(attribute.options.includePlainOnCreate) &&
|
|
|
|
|
typeof attribute.options.includePlainOnCreate === 'string'
|
|
|
|
|
) {
|
|
|
|
|
json[attribute.options.includePlainOnCreate] = json[key];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// encrypt after serialization of attribute hash
|
2015-08-19 22:00:01 +02:00
|
|
|
if (
|
2015-08-23 16:13:52 +02:00
|
|
|
attribute.options.encrypted !== false
|
2015-08-19 22:00:01 +02:00
|
|
|
) {
|
|
|
|
|
try {
|
|
|
|
|
json[key] = sjcl.encrypt(encryptionKey, JSON.stringify(json[key]));
|
|
|
|
|
}
|
|
|
|
|
catch(err) {
|
2015-08-20 14:12:28 +02:00
|
|
|
throw {
|
|
|
|
|
type: 'encryption-failed',
|
|
|
|
|
message: "encryption failed with key: " + encryptionKey,
|
|
|
|
|
original: err
|
|
|
|
|
};
|
2015-08-19 22:00:01 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
});
|
