Source code

001/**
002 * Copyright 2005-2016 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kew.routeheader;
017
018import org.kuali.rice.krad.data.jpa.converters.EncryptionConverter;
019
020import javax.persistence.AttributeConverter;
021import javax.persistence.Converter;
022import java.util.regex.Matcher;
023import java.util.regex.Pattern;
024
025/**
026 * A JPA Converter which supports mixed encrypted and non-encrypted document content XML.
027 *
028 * <p>Leverages behavior from the  standard {@link EncryptionConverter} but additionally when converting to the entity
029 * attribute value, it will detect whether or not the value is encrypted XML or plain text XML and decrypt if necessary.
030 * This allows for this situation where encryption is enabled at a later date. Using this mechanism, existing plain text
031 * docs can be loaded (but could potentially be saved back to the database encrypted if encryption is enabled).</p>
032 *
033 * <p>Note that the mixed mode only works one way. If you have been using encryption and then disable it, this
034 * converter will not be able to decrypt your old doc content for you since it will no longer have the encryption key
035 * available to it.</p>
036 *
037 * @author Kuali Rice Team (rice.collab@kuali.org)
038 */
039@Converter
040public class DocumentContentEncryptionConverter implements AttributeConverter<String, String> {
041
042    /**
043     * It's XML if it starts with a '<' though there can be some whitespace in front of it as well. Encrypted and
044     * Base64 encoded content will *never* start with a '<' so this should be a safe check.
045     */
046    private static final Pattern IS_XML = Pattern.compile("^\\s*<");
047
048    private static final EncryptionConverter encryptionConverter = new EncryptionConverter();
049
050    @Override
051    public String convertToEntityAttribute(String dataValue) {
052        // can't pass 'null' to Matcher, so let's check that first
053        if (dataValue == null) {
054            return null;
055        }
056        Matcher matcher = IS_XML.matcher(dataValue);
057        if (matcher.lookingAt()) {
058            return dataValue;
059        }
060        return encryptionConverter.convertToEntityAttribute(dataValue);
061    }
062
063    @Override
064    public String convertToDatabaseColumn(String attribute) {
065        return encryptionConverter.convertToDatabaseColumn(attribute);
066    }
067}