PLAT-1841 adding new fields to store encrypted data on backend

Author: falendary

poms/clients/filters.py

@@ -15,9 +15,13 @@ class ClientsFilterSet(FilterSet):
     short_name = CharFilter()
     public_name = CharFilter()
     first_name = CharFilter()
+    first_name_hash = CharFilter()
     last_name = CharFilter()
+    last_name_hash = CharFilter()
     telephone = CharFilter()
+    telephone_hash = CharFilter()
     email = CharFilter()
+    email_hash = CharFilter()
     portfolios = CharFilter(field_name="portfolios__user_code", lookup_expr="icontains")
     client_secrets = CharFilter(
         field_name="client_secrets__user_code", lookup_expr="icontains"

poms/clients/migrations/0008_alter_client_email_alter_client_first_name_and_more.py

@@ -0,0 +1,33 @@
+# Generated by Django 4.2.20 on 2025-05-22 14:16
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('clients', '0007_alter_clientsecret_unique_together'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='client',
+            name='email',
+            field=models.TextField(blank=True, help_text='Email address of client', null=True),
+        ),
+        migrations.AlterField(
+            model_name='client',
+            name='first_name',
+            field=models.TextField(blank=True, help_text='First name of client', null=True),
+        ),
+        migrations.AlterField(
+            model_name='client',
+            name='last_name',
+            field=models.TextField(blank=True, help_text='Last name of client', null=True),
+        ),
+        migrations.AlterField(
+            model_name='client',
+            name='telephone',
+            field=models.TextField(blank=True, help_text='Telephone number of client', null=True),
+        ),
+    ]

poms/clients/migrations/0009_client_email_hash_client_first_name_hash_and_more.py

@@ -0,0 +1,33 @@
+# Generated by Django 4.2.20 on 2025-05-22 14:25
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('clients', '0008_alter_client_email_alter_client_first_name_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='client',
+            name='email_hash',
+            field=models.CharField(blank=True, help_text='SHA-256 hash of the email address', max_length=64, null=True),
+        ),
+        migrations.AddField(
+            model_name='client',
+            name='first_name_hash',
+            field=models.CharField(blank=True, help_text='SHA-256 hash of the first name', max_length=64, null=True),
+        ),
+        migrations.AddField(
+            model_name='client',
+            name='last_name_hash',
+            field=models.CharField(blank=True, help_text='SHA-256 hash of the last name', max_length=64, null=True),
+        ),
+        migrations.AddField(
+            model_name='client',
+            name='telephone_hash',
+            field=models.CharField(blank=True, help_text='SHA-256 hash of the telephone number', max_length=64, null=True),
+        ),
+    ]

poms/clients/models.py

@@ -12,30 +12,50 @@ class Client(NamedModel):
         verbose_name=gettext_lazy("master user"),
         on_delete=models.CASCADE,
     )
-    first_name = models.CharField(
-        max_length=255,
+    first_name = models.TextField(
         blank=True,
         null=True,
         help_text="First name of client",
     )
-    last_name = models.CharField(
-        max_length=255,
+    first_name_hash = models.CharField(
+        max_length=64,
+        blank=True,
+        null=True,
+        help_text="SHA-256 hash of the first name",
+    )
+    last_name = models.TextField(
         blank=True,
         null=True,
         help_text="Last name of client",
     )
-    telephone = models.CharField(
-        max_length=255,
+    last_name_hash = models.CharField(
+        max_length=64,
+        blank=True,
+        null=True,
+        help_text="SHA-256 hash of the last name",
+    )
+    telephone = models.TextField(
         blank=True,
         null=True,
         help_text="Telephone number of client",
     )
-    email = models.EmailField(
-        max_length=255,
+    telephone_hash = models.CharField(
+        max_length=64,
+        blank=True,
+        null=True,
+        help_text="SHA-256 hash of the telephone number",
+    )
+    email = models.TextField(
         blank=True,
         null=True,
         help_text="Email address of client",
     )
+    email_hash = models.CharField(
+        max_length=64,
+        blank=True,
+        null=True,
+        help_text="SHA-256 hash of the email address",
+    )
 
     class Meta(NamedModel.Meta):
         verbose_name = gettext_lazy("client")

poms/clients/serializers.py

@@ -44,9 +44,13 @@ class Meta:
             "short_name",
             "public_name",
             "first_name",
+            "first_name_hash",
             "last_name",
+            "last_name_hash",
             "telephone",
+            "telephone_hash",
             "email",
+            "email_hash",
             "notes",
             "portfolios",
             "portfolios_object",

poms/users/fields.py

@@ -1,6 +1,7 @@
 from django.contrib.auth.models import User
 from rest_framework import serializers
 from rest_framework.fields import CurrentUserDefault
+import base64
 
 from poms_app import settings
 
@@ -100,3 +101,18 @@ class RoleField(UserCodeOrPrimaryKeyRelatedField):
 
 class AccessPolicyField(UserCodeOrPrimaryKeyRelatedField):
     queryset = AccessPolicy.objects.all()
+
+
+class Base64BinaryField(serializers.Field):
+    def to_representation(self, value):
+        if value is None:
+            return None
+        return base64.b64encode(value).decode('utf-8')
+
+    def to_internal_value(self, data):
+        if data is None:
+            return None
+        try:
+            return base64.b64decode(data)
+        except Exception as e:
+            raise serializers.ValidationError('Invalid Base64-encoded data.')

poms/users/migrations/0016_member_public_key_masterusersymmetrickey.py

@@ -0,0 +1,28 @@
+# Generated by Django 4.2.20 on 2025-05-22 11:47
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('users', '0015_alter_ecosystemdefault_managers'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='member',
+            name='public_key',
+            field=models.TextField(blank=True, null=True, verbose_name='public key'),
+        ),
+        migrations.CreateModel(
+            name='MasterUserSymmetricKey',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('encrypted_key', models.BinaryField(help_text='Store AES key encrypted by member public key')),
+                ('master_user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='symmetric_keys', to='users.masteruser')),
+                ('member', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='workspace_keys', to='users.member')),
+            ],
+        ),
+    ]

poms/users/models.py

@@ -1240,6 +1240,8 @@ class Member(FakeDeletableModel):
         default="active",
     )
 
+    public_key = models.TextField(null=True, blank=True, verbose_name="public key")  # PEM format
+
     @property
     def data(self):
         if not self.json_data:
@@ -1305,6 +1307,20 @@ def display_name(self):
             return self.username
 
 
+class MasterUserSymmetricKey(models.Model):
+    master_user = models.ForeignKey(
+        MasterUser,
+        on_delete=models.CASCADE,
+        related_name="symmetric_keys"
+    )
+    member = models.ForeignKey(
+        Member,
+        on_delete=models.CASCADE,
+        related_name="workspace_keys"
+    )
+    encrypted_key = models.BinaryField(help_text="Store AES key encrypted by member public key")
+
+
 class OtpToken(models.Model):
     user = models.ForeignKey(
         settings.AUTH_USER_MODEL,

poms/users/serializers.py

@@ -44,7 +44,7 @@
     HiddenMemberField,
     MasterUserField,
     MemberField,
-    RoleField,
+    RoleField, Base64BinaryField,
 )
 from poms.users.models import (
     TIMEZONE_CHOICES,
@@ -53,7 +53,7 @@
     Member,
     OtpToken,
     UsercodePrefix,
-    UserProfile,
+    UserProfile, MasterUserSymmetricKey,
 )
 from poms.users.utils import (
     get_master_user_from_context,
@@ -730,6 +730,18 @@ def update(self, instance, validated_data):
         return super().update(instance, validated_data)
 
 
+class MasterUserSymmetricKeySerializer(serializers.ModelSerializer):
+
+    member_object = MemberSerializer(many=True, read_only=True, source="member")
+
+    encrypted_key = Base64BinaryField()
+
+    class Meta:
+        model = MasterUserSymmetricKey
+        fields = ['id', 'master_user', 'member', 'encrypted_key', 'member_object']
+        read_only_fields = ['id']
+
+
 class MemberViewSerializer(serializers.ModelSerializer):
     class Meta:
         model = Member

poms/users/urls.py

@@ -10,6 +10,7 @@
     "ping",
 )
 router.register(r"user", users.UserViewSet, "user")
+router.register(r"symmetric-key", users.MasterUserSymmetricKeyViewSet, "symmetrickey")
 router.register(r"master-user", users.MasterUserViewSet, "masteruser")
 router.register(  # Deprecated at all, no light-method needed
     r"master-user-light",