Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
Currently if we have the same field machine names across different webforms, the webform encrypt setttings would be shared acrross webforms.
Old description:
In the process of writing tests for a project, while trying to save the form to add a new webform field to a webform, the test was failing because of missing webform.encrypt
schema.
Proposed resolution
Mofify current schema so that the settings are saved per webform and per field.
Remaining tasks
Do it.
User interface changes
None.
API changes
None.
Data model changes
Database schema changes for the webform settings.
Comment | File | Size | Author |
---|---|---|---|
#45 | 2921824-45.patch | 13.36 KB | Manuel Garcia |
| |||
#45 | interdiff-44-45.txt | 909 bytes | Manuel Garcia |
#44 | 2921824-44.patch | 13.38 KB | Manuel Garcia |
| |||
#44 | interdiff-39-44.txt | 9.42 KB | Manuel Garcia |
#43 | Screenshot from 2017-11-20 09-04-55.png | 40.97 KB | Manuel Garcia |
Comments
Comment #2
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedHere it is, works with the current data structure.
Comment #3
vijaycs85Looks good.
Out of scope of this issue, but we should be using proper namespace here i.e. webform_encrypt.settings.
Comment #4
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commented@vijaycs85 yeah, but that would require an upgrade path, so I went with the path of least resistance...
Comment #5
fenstratI noticed a nasty issue with the current config schema. While it's not related to properly defining the schema as the patch is doing here, it's probably worth fixing here.
The current schema is like so:
Further fields are added under settings. At no point is the form name accounted for. So, if a second form shares the component machine name field_name_1 that means they also share encryption settings. Not cool :)
Given the module still has no D8 release and is only reporting 14 installs I think it's time to introduce a breaking schema change now (including the namespace issue @vijaycs85 mentioned above). I don't think an upgrade path is worth it.
This will also effect #2855702: Allow encryption for more elements. I've run out of time on this till next week, but can pick it up then.
Comment #6
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedYeah @fenstrat you are correct in your assessment of the way the module currently saves the data.
Ideally this configuration should be saved with the webform itself, so inside
webform.webform.WEBFORMID.elements.FIELDNAME
I believe this may be is a sign of a bigger problem, perhaps this module should be making use of the hooks provided by webform module, instead of using hook_form_FORM_ID_alter etc.
Comment #7
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commented#2855702: Allow encryption for more elements was committed a few days ago.
I've spent a bit of time on this today, here are my findindings:
webform_ui_element_form
. So it looks like we're stuck with our current approach.WebformElementEncrypt::processWebformElementEncrypt()
currently adds our settings form fields, has no information regarding to which webform this field is attached to. So unless someone figures this out, I'm not sure how we're going to do #5.Comment #8
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedOK, nothing like stating that you're blocked to unblock yourself apparently...
Anyway, here is a patch addressing:
We should write a test for our uninstall hook, as it is pretty important for us not to break it accidentally, we should open up a follow up for this.
Re-titling and modifying the issue description to reflect the new scope.
Comment #9
vijaycs85Looks good @Manuel Garcia. Just few questions for my understanding:
So we are going to save settings per webform?
don't we need to change element.settings here?
Comment #10
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedRe #9.1:
Yes, so that field configurations are not shared across webforms. Eg. so you can have fields with the same name on different webforms, but on one webform its encrypted and on another webform it is not. (see #5).
Re #9.2:
Not necessary there, we actually want the the whole configuration, so that inside the loop for the submissions:
we can check the configuration for each specific submission by using the webform_id as well as the field name (so we can figure out if we need to decrypt or not).
Comment #11
fenstrat@Manuel Garcia thanks!
The attached patch adapts what you had to use third_party_settings.
p.s. I think testing on the 8.x branch needs to be be enabled, something is going wrong as pift is saying 'No tests found'. btw I'm happy to be a co-maintainer if needed.
Comment #12
vijaycs85Nice one @fenstrat. me and @Manuel Garcia were talking about using third party settings.
Regarding testing: I have reopened #2921913: Add co-maintainers as how my access has been rollback to check the testing tab.
Comment #13
fenstrat@vijaycs85 cheers. Will post in that co-maintainer issue.
Think I found why the tests aren't running, was missing the src folder.
Comment #14
vijaycs85@fenstrat looks like the test is not in right directory - #2923249: Fix test dir
Comment #15
vijaycs85@fenstrat :D snap!
Comment #16
fenstrat@vijaycs85 hahaaa :) Happy to move that out if you want to get #2923249: Fix test dir in.
Comment #18
vijaycs85@fenstrat :) now the test is failing, let's move that out and push it and reroll this one.
Comment #19
vijaycs85Looks like I don't have access to project anymore :( waiting for response on #2921913: Add co-maintainers
Comment #20
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedBrilliant thanks @fenstrat!
Just committed #2923249: Fix test dir, retesting #11.
Comment #21
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedThis looks unnecessarily complex... is there a reason why we can't just
$webform->setThirdPartySetting('webform_encrypt', 'element', $config);
no matter what the values are?Comment #23
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedWe should proceed from #11
Comment #24
fenstrat@Manuel Garcia yeah agreed that logic is yucky, however passing an empty value to
setThirdPartySetting()
still writes a null value to config forelement
(i.e. that creates a dependency on webform_encrypt even if no components in the form have encryption enabled). I'll have another look tomorrow (and at the least document what's going on) when I continue from #11. Thanks!Comment #25
fenstratThis continues from #11.
setThirdPartySetting()
Comment #26
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedAgain, thanks @fenstrat for working on this :)
Patch is looking good to me now, just adding a comment explaning why we need this logic in this patch.
Comment #27
fenstrat@Manuel Garcia marvellous, much better explanation, cheers!
I'd mark this RTBC but I don't think that'd be right. @vijaycs85 care to do a review please? Thanks :)
Comment #28
vijaycs85Thanks @fenstrat & @Manuel Garcia. Looks good to me.
Only note is what would happen for the sites with existing config. As mentioned in #5, we know it's going to break. Probably worth a follow up for those poor 14 sites? :)
Comment #29
fenstrat@vijaycs85 Thanks.
TBH I don't think a config migration is worth it for 14 sites running a dev release?
Comment #30
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedWe should provide an upgrade path, we have to assume is a lot more than 14 sites, since those are just the ones that are pinging drupal.org.
More over, even if it was "just" 14 sites, their webforms will stop encrypting data, they may not even notice and get into trouble legally or otherwise.
Comment #31
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedHere is the upgrade path, I've tested it a bit locally but we should test it further.
Comment #33
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedoops wrong interdiff file extension...
Comment #34
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedSome more work on this:
The last change I made for consistency, but also because with this patch I see that the checkbox is not shown as checked when you have saved it as enabled. As in if you enable encryption for a field, and save it, when you edit it again, the checkbox is not checked. Not sure what is going on there, but we need to fix that before we can commit this...
Comment #35
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedAlright I managed to figure this all out I think...
WebformElementEncrypt::validateWebformElementEncrypt()
is now a lot simpler due to the new schema.Comment #37
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedLet's see if this does the trick :)
Comment #38
vijaycs85Over all, looks good. few findings/minor issues. Not sure if they qualify to 'Needs work' status :)
Minor: Ideally type casting is done by config::save().
Nice!
@Manuel Garcia++
if (empty($old_config)) {
return;
}
// Continue other logics.
Minor: We could return at top if no old config. Saves us condition and intention
Not sure, if it's necessary. update_N eventually does this?
Comment #39
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedThanks @vijaycs85 for the review!
Re #38.1 - you're right, fixed and verified that the value is indeed typecasted on save.
Re #38.2 - Tests++
Re #38.4 - I know it looks weird, I struggled with it as well. The thing is that we need to delete the old config AND clear the cache at the end, so I did it like this in order not to have to do this on two places...
Re #38.5 - That's what I thought at first too, but even though we deleted it, the old config is stil accessible on the site (checked with
config_inspector
). That's not the case if we calldrupal_flush_all_caches()
here so perhaps not all the cache is cleared on hook_update?Comment #40
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedargh again wrong file extension for the interdiff... sorry bot!
Comment #42
fenstrat@Manuel Garcia nice work!
Simplifying the config schema is a good idea, but I think it's gone one level too far. We should reintroduce the
elements
level (this also matches webform itself). Because right now the fields are under the top levelwebform_encrypt
level and that's one level too far.The upgrade path looks good, I've not run it but will make time to test it later.
Comment #43
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedUsing config_inspector, this is how the Raw configuration data looks with this patch, for a webform with two fields,:
And the Tree of configuration data:
Are you sure we want to add another level? I ask because right now its realy clean to get the config for an element like this:
$webform->getThirdPartySetting('webform_encrypt', $element_name);
Comment #44
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedOK, I suppose it makes sense if we want to add some other webform-wide setting and if webform does it like this, we should follow their lead in any case, so here it is, hopefully I didn't forget anything.
Some highlights:
WebformElementEncrypt::validateWebformElementEncrypt()
.Comment #45
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedJust realized we were breaking the uninstall process, fixing it now. We really need test coverage for this.
Comment #46
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedOpened up #2924905: Data gets destroyed due to hook_uninstall.
Comment #47
fenstrat@Manuel Garcia this is great, thank you :) It really does make sense to have under the
elements
level.Tested the upgrade path and it works a treat.
Thanks for spinning off #2924905: Data gets destroyed due to hook_uninstall.
Comment #48
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedThanks @fenstrat
Bumping priority here.
Also, we should have a look at #2924957: Unable to encrypt nested/multiple nested fields before cutting the first alpha release.
Comment #49
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commented#2924905: Data gets destroyed due to hook_uninstall is in now, let's see where we are with this patch now that we have a test for uninstalling.
Comment #50
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedTest is still green, back to RTBC
Comment #52
fenstratExcellent! Thank you @Manuel Garcia and @vijaycs85, onwards :)
Comment #53
vijaycs85yay! great work @Manuel Garcia & @fenstrat. I believe we are ready for first alpha release. I'd go for beta as a) we have done plenty of testing b) port from D7. But I will leave that with other maintainers to decide. Created an issue for release at #2925418: Create an alpha release on 8.x branch
Comment #55
Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commentedJust a heads up that the update hook introduced here is faulty. If your webforms have fields inside containers, the configuration will not be migrated properly, see #2935893: webform_encrypt_update_8101 ignores fields in containers