Dnn.Platform icon indicating copy to clipboard operation
Dnn.Platform copied to clipboard
verified publisher icon dnnsoftware

[Enhancement]: Encryption of profile properties.

Open sboshuis opened this issue 1 year ago • 2 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Description of problem

During DNN Connect we discussed the option to add an option to allow a profile property to be saved encrypted to db.

Description of solution

During the summer break I will try to do the work in DNN. I have some questions and remarks I hope you all can give your oppinion on.

Description of alternatives considered

  • Add extra types? Or add option to encrypt on top. (I prefer the extra option)
  • Extra attention to basic properties e.g. for view vw_Users
  • Or only allow encryption on custom added properties?
  • Use same encryption like SMTPPassword in hostsettings
  • Think about changing encryption keys (via iis?)
  • Test if when property is deleted the values in userproperties are also deleted and not autolinked if re-created after delete.
  • Prevent removing encryption yes/no?
  • should there be a site setting to set what roles should be able to see the decrypted values? << this one seems out of scope. and has big consequenses on api.

Also we need to think about custom modules. When they use the api things will be allright, but if they use sql to get profile prop values (e.g. SP) they will get encrypted string.

Anything else?

No response

Do you be plan to contribute code for this enhancement?

  • [X] Yes

Would you be interested in sponsoring this enhancement?

  • [ ] Yes

Code of Conduct

  • [X] I agree to follow this project's Code of Conduct

sboshuis avatar Jun 14 '24 06:06 sboshuis

The code is allmost ready for PR but I need some help.

Encryption of the property is ready as well as userprofile read/write.

My issue is when there are existing values in userprofile for property that is switched to encryption. atm I do not encrypt all existing values in db (it is an option offcourse)

so when you edit a user the userprop is not encrypted but the property setting is. dnn does not update values unless they are marked as dirty. so as long as you do not change anything to the value it is not updated and thus not saved encrypted.

So the only thing I found was an ugly solution where I add an extra space to values received (only for properties marked as encrypted) so it is marked as Dirty and thus saved but now encrypted. (spaces are trimmed when saved so nothing changes)

So maybe go back to the idea of encrypting all existing values when admin switches the property..

please any thoughts?

sboshuis avatar Oct 28 '24 07:10 sboshuis

@sboshuis you can submit a PR of what you have so far as a "Work In Progress" which will help visualize potential solutions and make it easier to shuffle some ideas. My initial thought would be upon read if the "Secure" flag does not match the admin encryption preferences, it is resaved right there using that preference. When that setting changes, we could invalidate cache and in theory that logic of resaving should only happen once on initial direct data access.

valadas avatar Oct 31 '24 12:10 valadas