]> source.dussan.org Git - nextcloud-server.git/commitdiff
let user update private key password in case it was changed from outside, e.g. extern...
authorBjörn Schießle <schiessle@owncloud.com>
Mon, 3 Jun 2013 13:27:31 +0000 (15:27 +0200)
committerBjörn Schießle <schiessle@owncloud.com>
Thu, 13 Jun 2013 11:26:33 +0000 (13:26 +0200)
apps/files_encryption/ajax/updatePrivateKeyPassword.php [new file with mode: 0644]
apps/files_encryption/js/settings-personal.js
apps/files_encryption/settings-personal.php
apps/files_encryption/templates/settings-personal.php

diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
new file mode 100644 (file)
index 0000000..e0b3d55
--- /dev/null
@@ -0,0 +1,54 @@
+<?php
+
+/**
+ * Copyright (c) 2013, Bjoern Schiessle <schiessle@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or later.
+ * See the COPYING-README file.
+ *
+ * @brief Script to change recovery key password
+ *
+ */
+
+use OCA\Encryption;
+
+\OCP\JSON::checkLoggedIn();
+\OCP\JSON::checkAppEnabled('files_encryption');
+\OCP\JSON::callCheck();
+
+$l = OC_L10N::get('core');
+
+$return = false;
+
+$oldPassword = $_POST['oldPassword'];
+$newPassword = $_POST['newPassword'];
+
+$view = new \OC\Files\View('/');
+$session = new \OCA\Encryption\Session($view);
+$user = \OCP\User::getUser();
+
+$proxyStatus = \OC_FileProxy::$enabled;
+\OC_FileProxy::$enabled = false;
+
+$keyPath = '/' . $user . '/files_encryption/'.$user.'.private.key';
+
+$encryptedKey = $view->file_get_contents($keyPath);
+$decryptedKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword);
+
+if ($decryptedKey) {
+
+       $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedKey, $newPassword);
+       $view->file_put_contents($keyPath, $encryptedKey);
+
+       $session->getPrivateKey($decryptedKey);
+
+       $return = true;
+}
+
+\OC_FileProxy::$enabled = $proxyStatus;
+
+// success or failure
+if ($return) {
+       \OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.'))));
+} else {
+       \OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.'))));
+}
\ No newline at end of file
index 312b672ad464be90d5b3ef5cd466c5677141baa2..46105176c298e252127e18f01b25467be416dbce 100644 (file)
@@ -57,4 +57,34 @@ $(document).ready(function(){
                }
                
        );
+
+       // update private key password
+
+       $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) {
+               var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val();
+               var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val();
+               if (newPrivateKeyPassword != '' && oldPrivateKeyPassword != '' ) {
+                       $('button:button[name="submitChangePrivateKeyPassword"]').removeAttr("disabled");
+               } else {
+                       $('button:button[name="submitChangePrivateKeyPassword"]').attr("disabled", "true");
+               }
+       });
+
+       $('button:button[name="submitChangePrivateKeyPassword"]').click(function() {
+               var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val();
+               var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val();
+               OC.msg.startSaving('#encryption .msg');
+               $.post(
+               OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' )
+                       , { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword }
+                       ,  function( data ) {
+                               if (data.status == "error") {
+                                       OC.msg.finishedSaving('#encryption .msg', data);
+                               } else {
+                                       OC.msg.finishedSaving('#encryption .msg', data);
+                               }
+                       }
+               );
+       });
+
 });
\ No newline at end of file
index 3e96565949b95f3cd09ef29ae1703fa3b8bab76b..d23a4cfdde3e0ecf2e360c7d8ad326a7cb008e3c 100644 (file)
@@ -14,6 +14,9 @@ $tmpl = new OCP\Template('files_encryption', 'settings-personal');
 $user = \OCP\USER::getUser();\r
 $view = new \OC_FilesystemView('/');\r
 $util = new \OCA\Encryption\Util($view, $user);\r
+$session = new \OCA\Encryption\Session($view);\r
+\r
+$privateKeySet = ($session->getPrivateKey() !== false) ? true : false;\r
 \r
 $recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');\r
 $recoveryEnabledForUser = $util->recoveryEnabledForUser();\r
@@ -23,6 +26,7 @@ $recoveryEnabledForUser = $util->recoveryEnabledForUser();
 \r
 $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);\r
 $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser);\r
+$tmpl->assign("privateKeySet" , $privateKeySet);\r
 \r
 return $tmpl->fetchPage();\r
 \r
index 04d6e79179ea219190ced54d76f0321ca096d1d2..bacdc1333753fa18eec7cf00a28ead1fd96b63d6 100644 (file)
@@ -3,6 +3,35 @@
                <legend>\r
                        <?php p( $l->t( 'Encryption' ) ); ?>\r
                </legend>\r
+\r
+               <?php if ( ! $_["privateKeySet"] ): ?>\r
+                       <p>\r
+                               <label for="changePrivateKeyPasswd"><?php p( $l->t( "Your private key password no longer match your log-in password:" ) ); ?></label>\r
+                               <br />\r
+                               <em><?php p( $l->t( "Set your old private key password to your current log-in password." ) ); ?></em>\r
+                               <br />\r
+                               <input\r
+                                       type="password"\r
+                                       name="changePrivateKeyPassword"\r
+                                       id="oldPrivateKeyPassword" />\r
+                               <label for="oldPrivateKeyPassword"><?php p($l->t( "Old log-in password" )); ?></label>\r
+                               <br />\r
+                               <input\r
+                                       type="password"\r
+                                       name="changePrivateKeyPassword"\r
+                                       id="newPrivateKeyPassword" />\r
+                               <label for="newRecoveryPassword"><?php p($l->t( "Current log-in password" )); ?></label>\r
+                               <br />\r
+                               <button\r
+                                       type="button"\r
+                                       name="submitChangePrivateKeyPassword"\r
+                                       disabled><?php p($l->t( "Update Private Key Password" )); ?>\r
+                               </button>\r
+                               <span class="msg"></span>\r
+                       </p>\r
+               <?php endif; ?>\r
+\r
+               <br />\r
                \r
                <?php if ( $_["recoveryEnabled"] ): ?>\r
                        <p>\r
@@ -28,6 +57,7 @@
                                <div id="recoveryEnabledError"><?php p( $l->t( 'Could not update file recovery' ) ); ?></div>\r
                        </p>\r
                <?php endif; ?>\r
+\r
                <br />\r
        </fieldset>\r
 </form>\r