Skip to content

[Encryption] Fix BSON types and query option name #2785

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 24, 2025
Merged

[Encryption] Fix BSON types and query option name #2785

merged 3 commits into from
Jun 24, 2025

Conversation

GromNaN
Copy link
Member

@GromNaN GromNaN commented Jun 23, 2025

Q A
Type bug
BC Break no
Fixed issues -

Part of #2779

The Doctrine ODM type names doesn't match the BSON type names. We have to map them to create the encryptedFieldsMap.

Also fix the name of the property precision in QE field definition.

@GromNaN GromNaN changed the title Fix BSON types and query option name [Encryption] Fix BSON types and query option name Jun 23, 2025
@GromNaN GromNaN mentioned this pull request Jun 23, 2025
Draft
6 tasks
@GromNaN GromNaN marked this pull request as ready for review June 23, 2025 21:23
@GromNaN GromNaN requested a review from alcaeus June 23, 2025 21:23
GromNaN
GromNaN commented Jun 23, 2025
View reviewed changes
phpstan-baseline.neon
@@ -2005,43 +1999,43 @@ parameters:
path: tests/Doctrine/ODM/MongoDB/Tests/Tools/EncryptedFieldsMapGeneratorTest.php

-
message: '#^Method Doctrine\\Persistence\\Mapping\\AbstractClassMetadataFactory@anonymous/tests/Doctrine/ODM/MongoDB/Tests/Tools/EncryptedFieldsMapGeneratorTest\.php\:165\:\:__construct\(\) has parameter \$classNames with no value type specified in iterable type array\.$#'
message: '#^Method Doctrine\\Persistence\\Mapping\\AbstractClassMetadataFactory@anonymous/tests/Doctrine/ODM/MongoDB/Tests/Tools/EncryptedFieldsMapGeneratorTest\.php\:168\:\:__construct\(\) has parameter \$classNames with no value type specified in iterable type array\.$#'
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The anonymous class name contains the line number it's defined. Each time the previous test is updated, this baseline entries need to be updated.

GromNaN
GromNaN commented Jun 23, 2025
View reviewed changes
GromNaN
GromNaN commented Jun 23, 2025
View reviewed changes
lib/Doctrine/ODM/MongoDB/Utility/EncryptedFieldsMapGenerator.php
},
// @todo allow setting a keyId in #[Encrypt] attribute
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@todo removed, we don't need to support custom keyId with queryable encryption auto-encryption. They are generated automatically.

alcaeus
alcaeus approved these changes Jun 24, 2025
View reviewed changes
Copy link
Member

@alcaeus alcaeus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. We can create a separate ticket for the ODM type => BSON type mapping and handle that later, as it's not strictly necessary.

lib/Doctrine/ODM/MongoDB/Utility/EncryptedFieldsMapGenerator.php
Type::TIMESTAMP => 'timestamp',
Type::OBJECTID => 'objectId',
Type::STRING => 'string',
Type::BINDATA, Type::BINDATABYTEARRAY, Type::BINDATAFUNC, Type::BINDATACUSTOM, Type::BINDATAUUID, Type::BINDATAMD5, Type::BINDATAUUIDRFC4122 => 'binData',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it make sense to add a getBSONType method to the Type class and override it in the individual types? Happy to defer this work until later, but I think it may be more efficient especially if people use custom types that map to a given BSON type.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was thinking to add a bsonType parameter to the #[Encrypt] attribute, for custom needs. Adding Type::getBSONType() is a better option. PHPORM-358

lib/Doctrine/ODM/MongoDB/Utility/EncryptedFieldsMapGenerator.php Outdated
Type::OBJECTID => 'objectId',
Type::STRING => 'string',
Type::BINDATA, Type::BINDATABYTEARRAY, Type::BINDATAFUNC, Type::BINDATACUSTOM, Type::BINDATAUUID, Type::BINDATAMD5, Type::BINDATAUUIDRFC4122 => 'binData',
// Type BOOL is not supported in encrypted fields map
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is that limitation called out in the server docs somewhere? We should definitely call it out in our documentation so people can adapt their schema accordingly.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested again, bool seems to be supported. I don't know why it was failing previously.

@GromNaN GromNaN merged commit b7cb9de into doctrine:feature/queryable-encryption Jun 24, 2025
20 checks passed
@GromNaN GromNaN deleted the fix-field-types branch June 24, 2025 12:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alcaeus alcaeus alcaeus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@GromNaN @alcaeus