handle system wide mount points

diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index e911c1785df5f74c89eecc8abd679b4e8b5f0bcb..084abdb2c2edd6f2b6cd4b387738bf511390c0d7 100755 (executable)
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -126,7 +126,12 @@ class Keymanager {
                $util = new Util($view, \OCP\User::getUser());
                list($owner, $filename) = $util->getUidAndFilename($path);
 
-               $basePath = '/' . $owner . '/files_encryption/keyfiles';
+               // in case of system wide mount points the keys are stored directly in the data directory
+               if (self::isSystemWideMountPoint($filename)) {
+                       $basePath = '/files_encryption/keyfiles';
+               } else {
+                       $basePath = '/' . $owner . '/files_encryption/keyfiles';
+               }
 
                $targetPath = self::keySetPreparation($view, $filename, $basePath, $owner);
 
@@ -233,7 +238,12 @@ class Keymanager {
                list($owner, $filename) = $util->getUidAndFilename($filePath);
                $filePath_f = ltrim($filename, '/');
 
-               $keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
+               // in case of system wide mount points the keys are stored directly in the data directory
+               if (self::isSystemWideMountPoint($filename)) {
+                       $keyfilePath = '/files_encryption/keyfiles/' . $filePath_f . '.key';
+               } else {
+                       $keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
+               }
 
                $proxyStatus = \OC_FileProxy::$enabled;
                \OC_FileProxy::$enabled = false;
@@ -341,19 +351,20 @@ class Keymanager {
 
                list($owner, $filename) = $util->getUidAndFilename($path);
 
-               $basePath = '/' . $owner . '/files_encryption/share-keys';
+               // in case of system wide mount points the keys are stored directly in the data directory
+               if (self::isSystemWideMountPoint($filename)) {
+                       $basePath = '/files_encryption/share-keys';
+               } else {
+                       $basePath = '/' . $owner . '/files_encryption/share-keys';
+               }
 
                $shareKeyPath = self::keySetPreparation($view, $filename, $basePath, $owner);
 
                // try reusing key file if part file
                if (self::isPartialFilePath($shareKeyPath)) {
-
                        $writePath = $basePath . '/' . self::fixPartialFilePath($shareKeyPath) . '.' . $userId . '.shareKey';
-
                } else {
-
                        $writePath = $basePath . '/' . $shareKeyPath . '.' . $userId . '.shareKey';
-
                }
 
                $proxyStatus = \OC_FileProxy::$enabled;
@@ -440,8 +451,13 @@ class Keymanager {
                $util = new Util($view, \OCP\User::getUser());
 
                list($owner, $filename) = $util->getUidAndFilename($filePath);
-               $shareKeyPath = \OC\Files\Filesystem::normalizePath(
-                       '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
+
+               // in case of system wide mount points the keys are stored directly in the data directory
+               if (self::isSystemWideMountPoint($filename)) {
+                       $shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
+               } else {
+                       $shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
+               }
 
                if ($view->file_exists($shareKeyPath)) {
 
@@ -568,4 +584,19 @@ class Keymanager {
                return $targetPath;
 
        }
+
+       /**
+        * @brief check if the file is stored on a system wide mount point
+        * @param $path relative to /data/user with leading '/'
+        * @return boolean
+        */
+       private static function isSystemWideMountPoint($path) {
+               $mount = OC_Mount_Config::getSystemMountPoints();
+               foreach ($mount as $mountPoint => $data) {
+                       if ($mountPoint == substr($path, 1, strlen($mountPoint))) {
+                               return true;
+                       }
+               }
+               return false;
+       }
 }
\ No newline at end of file

diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index b3de85254e25327717f6af7beede1d4bdd04714b..a5290013a4b43f6c1d443efe75b0f180eec84cbb 100644 (file)
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -992,13 +992,9 @@ class Util {
                        \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled')
                        && $this->recoveryEnabledForUser()
                ) {
-
                        $recoveryEnabled = true;
-
                } else {
-
                        $recoveryEnabled = false;
-
                }
 
                // Make sure that a share key is generated for the owner too
@@ -1019,20 +1015,24 @@ class Util {
                // If recovery is enabled, add the 
                // Admin UID to list of users to share to
                if ($recoveryEnabled) {
-
                        // Find recoveryAdmin user ID
                        $recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
-
                        // Add recoveryAdmin to list of users sharing
                        $userIds[] = $recoveryKeyId;
-
                }
 
                // add current user if given
                if ($currentUserId !== false) {
-
                        $userIds[] = $currentUserId;
+               }
 
+               // check if it is a group mount
+               $mount = OC_Mount_Config::getSystemMountPoints();
+               foreach ($mount as $mountPoint => $data) {
+                       if ($mountPoint == substr($ownerPath, 1, strlen($mountPoint))) {
+                               $userIds = array_merge($userIds,
+                                       $this->getUserWithAccessToMountPoint($data['applicable']['users'], $data['applicable']['groups']));
+                       }
                }
 
                // Remove duplicate UIDs
@@ -1042,6 +1042,20 @@ class Util {
 
        }
 
+       private function getUserWithAccessToMountPoint($users, $groups) {
+               $result = array();
+               if (in_array('all', $users)) {
+                       $result = \OCP\User::getUsers();
+               } else {
+                       $result = array_merge($result, $users);
+                       foreach ($groups as $group) {
+                               $result = array_merge($result, \OC_Group::usersInGroup($group));
+                       }
+               }
+
+               return $result;
+       }
+
        /**
         * @brief start migration mode to initially encrypt users data
         * @return boolean