Setting does not encrypt value

[mStirner]

When new item is added, the provided secret values are not encrypted, just plain stored in the database.

[mStirner]

unit test:

    it("Should decrypt secrets", (done) => {
        try {

            let item = C_COMPONENT.items[0];

            item.secrets.map((secret) => {
                return secret.decrypt();
            }).forEach((secret) => {
                console.log("Secret", secret);
            });

            done();

        } catch (err) {
            done(err)
        }
    });

        C_COMPONENT.add({
            _id,
            name: "Test credentials",
            identifier: "TEST",
            secrets: [{
                name: "Username",
                key: "USERNAME",
                value: "marc.stirner@example.com"
            }, {
                name: "Password",
                key: "PASSWORD",
                value: "Pa$$w0rd"
            }]
        }, (err, item) => {
            try {

                // check event arguments
                event.args.forEach((args) => {
                    assert.equal(args[0] instanceof Vault, true);
                });

                assert.ok(err === null);
                assert.equal(item instanceof Vault, true);

                done(err);

            } catch (err) {

                done(err);

            }
        });

  264 passing (2s)
  1 failing

  1) Components
       General
         vault
           Should decrypt secrets:
     TypeError [ERR_INVALID_ARG_TYPE]: The first argument must be of type string or an instance of Buffer, ArrayBuffer, or Array or an Array-like Object. Received undefined
      at new NodeError (node:internal/errors:387:5)
      at Function.from (node:buffer:328:9)
      at Secret.decrypt (components/vault/class.secret.js:110:27)
      at /home/marc/projects/OpenHaus/backend/tests/components/vault.js:57:31
      at Array.map (<anonymous>)
      at Context.<anonymous> (tests/components/vault.js:56:26)
      at processImmediate (node:internal/timers:466:21)
      at process.topLevelDomainCallback (node:domain:161:15)
      at process.callbackTrampoline (node:internal/async_hooks:128:24)

[mStirner]

Change the set handler:

        Object.defineProperty(this, "value", {
            set(value) {

                // check if value is allready encrypted
                if (value?.split(":")?.length === 1) {
                    value = encrypt(value);
                }

                // ignore usless set
                // related to #219
                if (value == obj.value) {
                    return;
                }

                obj.value = value;

                process.nextTick(changed);

            },
            get() {
                return obj.value;
            },
            // NOTE: Make value field not enumarble?
            configurable: false
        });

Hide the value property (enumerable=false) and encrypt/decrypt on set/get?
That could cause a lot of useless workload due to the encrypt/decrypt while being updated from API and change streams.

👎

Better would be to keep the encrypt/decrypt methods, encrypt the value on pre add hook, and assume/ensure that only the set on value is done with already encrypted data. For that i would say hide the value field and drop:

                // check if value is allready encrypted
                if (value?.split(":")?.length === 1) {
                    value = encrypt(value);
                }

This would be better practice in my opinion.

[mStirner]

Closed due to the available fix.
Pin the issue for discussion how to handle value setting