DoctrineEncryptBundle Symfony – encrypted field updated although the entity is only selected

  doctrine-orm, encryption, symfony

On Symfony4, I’m using AmbtaDoctrineEncryptBundle to encrypt some columns in my DB.

Functionnaly, everything works fine but logs show that when the entity is selected, if there is a flush somewhere, then the entity is updated with new values in the encrypted columns (the plain data is unchanged, so it’s just a performance issue : it should not update something that is not changed).

Here is an example of a function that does nothing but querying the entity User (housing auth data) that is linked to the entity Identity (housing name/givenname of the User).

    /**
    * @Route("/myaccount2/", name="myAccount2", methods={"GET", "POST"})
    * @IsGranted("ROLE_USER")
    */
    public function myAccount2(LoggerInterface $logger)
    {
        $user = $this->getUser();
        $em = $this->getDoctrine()->getManager();
        $logger->debug('before');
        $em->flush();
        $logger->debug('after');
        return $this->redirectToRoute('index');
    }

This should do nothing on the DB, but logs show this :

[2020-05-07 09:42:14] app.DEBUG: before [] []
[2020-05-07 09:42:14] doctrine.DEBUG: "START TRANSACTION" [] []
[2020-05-07 09:42:14] doctrine.DEBUG: UPDATE identity SET name = ?, given_name = ? WHERE id = ? ["MUIEAAYnaoFEu3KQ1Y-HH6XfRb [...]","MUIEADmhmrmQJgV-ITjZymLS-- [...]","a8c39458-8213-4534-9767-57 [...]"] []
[2020-05-07 09:42:14] doctrine.DEBUG: "COMMIT" [] []
[2020-05-07 09:42:14] app.DEBUG: after [] []

Here are parts of the definition of the involved entities :

User

    /**
    * @ORMEntity(repositoryClass="AppRepositoryUserRepository")
    * @UniqueEntity(fields={"email"}, message="security.alreadyused")
    */
    class User implements UserInterface
    {
        /**
        * @ORMOneToOne(targetEntity="AppEntityIdentity", mappedBy="User", cascade={"persist", "remove"})
        */
        private $identity;

Identity

<?php

    namespace AppEntity;

    use AmbtaDoctrineEncryptBundleConfigurationEncrypted;
    use SymfonyComponentValidatorConstraints as Assert;
    use SymfonyBridgeDoctrineValidatorConstraintsUniqueEntity;
    use DoctrineORMMapping as ORM;

    /**
     * @ORMEntity(repositoryClass="AppRepositoryIdentityRepository")
     * @UniqueEntity(
     *     fields={"alias"},
     *     message="public.alias.unique"
     * ))
     */
    class Identity
    {
        /**
         * @ORMId()
         * @ORMColumn(type="string", length=36, nullable=false)
         */
        private $id;

        /**
         * @ORMColumn(type="string", length=1000)
         * @Encrypted
         */
        private $name;

        /**
         * @ORMColumn(type="string", length=1000)
         * @Encrypted
         */
        private $givenName;

        /**
         * @ORMOneToOne(targetEntity="AppEntityUser", inversedBy="identity", cascade={"persist", "remove"})
         * @ORMJoinColumn(nullable=false)
         */
        private $User;

Note that if the @encrypted is removed from the two fields (name and givenName) in the entity Identity, no update is done on the DB :

[2020-05-07 11:06:18] app.DEBUG: before [] []
[2020-05-07 11:06:18] app.DEBUG: after [] []

Thanks for any insight on this weird behavior !

Source: Symfony Questions

LEAVE A COMMENT