You are here

function field_encrypt_form_alter in Field Encryption 8.2

Same name and namespace in other branches
  1. 3.0.x field_encrypt.module \field_encrypt_form_alter()

Implements hook_form_alter().

Adds settings to the field storage configuration forms to allow setting the encryption state.

File

./field_encrypt.module, line 20
Contains module hooks for field_encrypt.

Code

function field_encrypt_form_alter(&$form, FormStateInterface $form_state, $form_id) {

  // If this is the add or edit form for field_storage, we call our function.
  if (in_array($form_id, [
    'field_storage_add_form',
    'field_storage_config_edit_form',
  ])) {

    // Check permissions.
    $user = \Drupal::currentUser();
    if ($user
      ->hasPermission('administer field encryption')) {

      /* @var $field \Drupal\field\Entity\FieldStorageConfig */
      $field = $form_state
        ->getFormObject()
        ->getEntity();
      $field_type = $field
        ->getType();
      $default_properties = \Drupal::config('field_encrypt.settings')
        ->get('default_properties');

      // Add container for field_encrypt specific settings.
      $form['field_encrypt'] = array(
        '#type' => 'details',
        '#title' => t('Field encryption'),
        '#open' => TRUE,
      );

      // Display a warning about changing field data.
      if ($form_id == "field_storage_config_edit_form" && $field
        ->hasData()) {
        $form['field_encrypt']['#prefix'] = '<div class="messages messages--warning">' . t('Warning: changing field encryption settings may cause data corruption!<br />When changing these settings, existing fields will be (re)encrypted in batch according to the new settings. <br />Make sure you have a proper backup, and do not perform this action in an environment where the data will be changing during the batch operation, to avoid data loss.') . '</div>';
      }
      $form['field_encrypt']['field_encrypt'] = array(
        '#type' => 'container',
        '#tree' => TRUE,
      );

      // Add setting to decide if field should be encrypted.
      $form['field_encrypt']['field_encrypt']['encrypt'] = [
        '#type' => 'checkbox',
        '#title' => t('Encrypt field'),
        '#description' => t('Makes the field storage encrypted.'),
        '#default_value' => $field
          ->getThirdPartySetting('field_encrypt', 'encrypt', FALSE),
      ];
      $properties = [];
      $definitions = $field
        ->getPropertyDefinitions();
      foreach ($definitions as $property => $definition) {
        $properties[$property] = $definition
          ->getLabel();
      }
      $field_encrypt_default = isset($default_properties[$field_type]) ? $default_properties[$field_type] : [];
      $form['field_encrypt']['field_encrypt']['properties'] = [
        '#type' => 'checkboxes',
        '#title' => t('Properties'),
        '#description' => t('Specify the field properties to encrypt.'),
        '#options' => $properties,
        '#default_value' => $field
          ->getThirdPartySetting('field_encrypt', 'properties', $field_encrypt_default),
        '#states' => [
          'visible' => [
            ':input[name="field_encrypt[encrypt]"]' => array(
              'checked' => TRUE,
            ),
          ],
        ],
      ];
      $encryption_profile_manager = \Drupal::service('encrypt.encryption_profile.manager');
      $form['field_encrypt']['field_encrypt']['encryption_profile'] = array(
        '#type' => 'select',
        '#title' => t('Encryption profile'),
        '#description' => t('Select the encryption profile to use for encrypting this field.'),
        '#options' => $encryption_profile_manager
          ->getEncryptionProfileNamesAsOptions(),
        '#default_value' => $field
          ->getThirdPartySetting('field_encrypt', 'encryption_profile', FALSE),
        '#states' => [
          'visible' => [
            ':input[name="field_encrypt[encrypt]"]' => array(
              'checked' => TRUE,
            ),
          ],
        ],
      );

      // Add setting to decide if field should be excluded from cache.
      $form['field_encrypt']['field_encrypt']['uncacheable'] = [
        '#type' => 'checkbox',
        '#title' => t('Uncacheable'),
        '#description' => t('Mark this field as uncacheable. This will make sure your unencrypted data will not be exposed in the cache, but will have a negative impact on your performance.'),
        '#default_value' => $field
          ->getThirdPartySetting('field_encrypt', 'uncacheable', TRUE),
        '#states' => [
          'visible' => [
            ':input[name="field_encrypt[encrypt]"]' => array(
              'checked' => TRUE,
            ),
          ],
        ],
      ];

      // We add functions to process the form when it is saved.
      $form['#entity_builders'][] = 'field_encrypt_form_field_add_form_builder';
    }
  }
}