Fix schema generation for encrypted fields that are considered domain…

… entities. This commit makes sure to consider the encrypted annotation on fields that are considered domain type property values, encrypting the entire object if necessary.
spring-projects · Aug 8, 2023 · b6cd129 · b6cd129
1 parent c532ec3
commit b6cd129
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 2 deletions.
diff --git a/...db/src/main/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreator.java b/...db/src/main/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreator.java
@@ -203,8 +203,9 @@ private JsonSchemaProperty computeSchemaForProperty(List<MongoPersistentProperty
 								target.properties(nestedProperties.toArray(new JsonSchemaProperty[0])), required));
 					}
 				}
-				return targetProperties.size() == 1 ? targetProperties.iterator().next()
+				JsonSchemaProperty schemaProperty = targetProperties.size() == 1 ? targetProperties.iterator().next()
 						: JsonSchemaProperty.merged(targetProperties);
+				return applyEncryptionDataIfNecessary(property, schemaProperty);
 			}
 		}
 

diff --git a/...ain/java/org/springframework/data/mongodb/core/schema/IdentifiableJsonSchemaProperty.java b/...ain/java/org/springframework/data/mongodb/core/schema/IdentifiableJsonSchemaProperty.java
@@ -36,6 +36,7 @@
 import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
 import org.springframework.util.ObjectUtils;
+import org.springframework.util.StringUtils;
 
 /**
  * {@link JsonSchemaProperty} implementation.
@@ -1139,7 +1140,9 @@ public Document toDocument() {
 				enc.append("bsonType", type.toBsonType().value()); // TODO: no samples with type -> is it bson type all the way?
 			}
 
-			enc.append("algorithm", algorithm);
+			if(StringUtils.hasText(algorithm)) {
+				enc.append("algorithm", algorithm);
+			}
 
 			propertySpecification.append("encrypt", enc);
 

diff --git a/...st/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreatorUnitTests.java b/...st/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreatorUnitTests.java
@@ -271,6 +271,17 @@ void bsonTypeVsJustTypeValueResolutionIsDoneByDefault() {
 				.containsEntry("properties.value", new Document("type", "string"));
 	}
 
+	@Test // GH-4454
+	void wrapEncryptedEntityTypeLikeProperty() {
+
+		MongoJsonSchema schema = MongoJsonSchemaCreator.create() //
+				.filter(MongoJsonSchemaCreator.encryptedOnly()) // filter non encrypted fields
+				.createSchemaFor(WithEncryptedEntityLikeProperty.class);
+
+		assertThat(schema.schemaDocument()) //
+				.containsEntry("properties.domainTypeValue", Document.parse("{'encrypt': {'bsonType': 'object' } }"));
+	}
+
 	// --> TYPES AND JSON
 
 	// --> ENUM
@@ -676,4 +687,9 @@ static class C extends A {
 	static class PropertyClashWithA {
 		Integer aNonEncrypted;
 	}
+
+	@Encrypted(algorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic")
+	static class WithEncryptedEntityLikeProperty {
+		@Encrypted SomeDomainType domainTypeValue;
+	}
 }