@@ -44,50 +44,63 @@ public function run(IOutput $out) {
4444 $ configId$ storageConfiggetId ();
4545 $ changedOptions
4646 foreach ($ backendOptionsas $ key$ value
47- $ realValue$ value
48- if ($ key'password ' ) {
49- try {
50- $ realValue$ this crypto ->decrypt ($ value
51- } catch (\Exception $ ex
52- $ outwarning ("Storage configuration with id = {$ configId: Cannot decrypt value for key {$ key, assuming unencrypted value " );
53- }
54- }
55-
47+ $ realValue$ this conditionalDecrypt ($ key$ value$ out$ configId
5648 if ($ this shouldBeEncrypted ($ storageConfig$ key
5749 $ changedOptions$ key$ realValue
5850 }
5951 }
6052 if ($ changedOptions
61- // need to force a fake password change to update the password later
62- foreach ($ changedOptionsas $ key$ value
63- $ storageConfigsetBackendOption ($ key"{$ value0 " );
64- }
65- $ this storageService ->updateStorage ($ storageConfig
66- // re-insert the old password so it will be encrypted now
67- foreach ($ changedOptionsas $ key$ value
68- $ storageConfigsetBackendOption ($ key$ value
69- }
70- $ this storageService ->updateStorage ($ storageConfig
53+ $ this updateConfig ($ storageConfig$ changedOptions
7154 $ outinfo ("Storage configuration with id = {$ configId updated correctly " );
7255 }
7356 }
7457 }
7558
59+ private function conditionalDecrypt ($ key$ valueIOutput $ out$ configId
60+ // only attempt to decrypt the "password" key
61+ if ($ key'password ' ) {
62+ try {
63+ return $ this crypto ->decrypt ($ value
64+ } catch (\Exception $ ex
65+ $ outwarning ("Storage configuration with id = {$ configId: Cannot decrypt value for key {$ key, assuming unencrypted value " );
66+ }
67+ } else {
68+ return $ value
69+ }
70+ }
71+
7672 private function shouldBeEncrypted ($ storageConfig$ key
7773 $ backend$ storageConfiggetBackend ();
7874 $ backendParameters$ backendgetParameters ();
7975
8076 $ auth$ storageConfiggetAuthMechanism ();
8177 $ authParameters$ authgetParameters ();
8278
83- if (isset ($ backendParameters$ key$ backendParameters$ keygetType () === DefinitionParameter::VALUE_PASSWORD ) {
79+ if (
80+ (
81+ isset ($ backendParameters$ key
82+ $ backendParameters$ keygetType () === DefinitionParameter::VALUE_PASSWORD
83+ ) || (
84+ isset ($ authParameters$ key
85+ $ authParameters$ keygetType () === DefinitionParameter::VALUE_PASSWORD
86+ )
87+ ) {
8488 return true ;
8589 }
90+ return false ;
91+ }
8692
87- if (isset ($ authParameters$ key$ authParameters$ keygetType () === DefinitionParameter::VALUE_PASSWORD ) {
88- return true ;
93+ private function updateConfig (IStorageConfig $ storageConfig$ changedOptions
94+ // need to force a fake password change to update the password later
95+ foreach ($ changedOptionsas $ key$ value
96+ $ storageConfigsetBackendOption ($ key"{$ value0 " );
8997 }
90- return false ;
98+ $ this storageService ->updateStorage ($ storageConfig
99+ // re-insert the old password so it will be encrypted now
100+ foreach ($ changedOptionsas $ key$ value
101+ $ storageConfigsetBackendOption ($ key$ value
102+ }
103+ $ this storageService ->updateStorage ($ storageConfig
91104 }
92105
93106 /**
0 commit comments