GSoC Week 6: encrypt_content_client - finished encryption of new nodes

More calls on module’s install for convenience

I think that the calls that I added will be placed in the test files later on, but for now they they will speed up development and testing.

I have added two calls to update the two users’ objects to include previously generated ECC key pairs, using the same ones for convenience for now. I will expand to dynamically generated ones when writing tests for the module.

Add ECC keys on module install

Updated  and improved nodes’ encryption process

  1. When user presses `Save and publish` button my script takes the main fields, combines them into one string and then appends a big random number.

  2. Create data-key: hash the string generated in step one using SHA-512 algorithm.

  3. Get fields from the submitted form, a function which returns an array of form IDs.

  4. Encrypt those fields with previously generated data-key and save them to an object with the key being form’s id.

  5. Generate new node and create it using the REST resource.

Create node through REST

 

  1. Retrieve all users’ public ECC keys and encrypt the data-key using them.

  2. Call custom REST resource and save the entity_id, entity_type and JSON with encrypted data-keys per user to the database.

  3. Redirect user to /node/{new_nid} url, node’s id is returned from the API call.

Continuing work on the node encryption

I have finished working on encrypting nodes when creating new ones:

  • Adding a new node by making a REST call

After talking to Colan I decided to change my design of node encryption a bit. The main requirement was that I need the node’s ID before submission and data is saved in database.

Articles created through REST

 

Then I came up with a solution to encrypt and create new nodes through REST using an AJAX call when user clicks the “Save and publish” button. In this approach I get the new node’s ID and then can then upload encrypted data-keys to the database and redirect the user the same way he would be redirected without my module.

  • Sending an AJAX request to my custom REST resource

I also made my REST resource more robust. Now it has error checking and validation, and more thought has gone into design and use cases for it. Now it accepts POST requests with a JSON payload and then after some validation, it adds the entry in the database.

  • More robust way of getting added node’s details

After consulting with my mentor, I should have a more robust way of getting current node type and form type, if it is a create or an edit form. I used to rely on a simple string matching technique as in the screenshot below.

I did not manage to finish this feature in this week; it will have to wait until I have nodes’ decryption functionality done in the following week.

Interesting issues

  • Could not determine entity type bundle: "type" field is missing.

Following this article for adding new nodes through REST I encountered above error. I figured out that I was using json in my code instead of hal+json so I had to wrap my JavaScript object in square brackets as described on that documentation page. This is how the fixed node object looks:

Plans for week 7

  • Finish node decryption when editing nodes.

    • Add an update request for my REST resource.

  • There are many places where the content needs to be decrypted. I need to come up with a robust way of decryption them in every place needed.

  • Add configuration per node and later on entities for which fields to encrypt.