mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
Browse Source

only collect detailed access list if it is really needed 

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
tags/v13.0.0beta1
Bjoern Schiessle 7 years ago
parent
9c5ba2f12c
commit
da51ec38f4
No account linked to committer's email address
4 changed files with 32 additions and 2 deletions
Split View Show Diff Stats
  1. 9
    0
      apps/encryption/lib/Crypto/Encryption.php
  2. 9
    1
      lib/private/Encryption/Update.php
  3. 4
    1
      lib/private/Files/Stream/Encryption.php
  4. 10
    0
      lib/public/Encryption/IEncryptionModule.php

+ 9
- 0
apps/encryption/lib/Crypto/Encryption.php View File

@@ -569,4 +569,13 @@ class Encryption implements IEncryptionModule {
public function isReadyForUser($user) {
return $this->keyManager->userHasKeys($user);
}

/**
* We only need a detailed access list if the master key is not enabled
*
* @return bool
*/
public function needDetailedAccessList() {
return !$this->util->isMasterKeyEnabled();
}
}

+ 9
- 1
lib/private/Encryption/Update.php View File

@@ -168,6 +168,14 @@ class Update {
*/
public function update($path) {

$encryptionModule = $this->encryptionManager->getEncryptionModule();

// if the encryption module doesn't encrypt the files on a per-user basis
// we have nothing to do here.
if ($encryptionModule->needDetailedAccessList() === false) {
return;
}

// if a folder was shared, get a list of all (sub-)folders
if ($this->view->is_dir($path)) {
$allFiles = $this->util->getAllFiles($path);
@@ -175,7 +183,7 @@ class Update {
$allFiles = array($path);
}

$encryptionModule = $this->encryptionManager->getEncryptionModule();

foreach ($allFiles as $file) {
$usersSharing = $this->file->getAccessList($file);

+ 4
- 1
lib/private/Files/Stream/Encryption.php View File

@@ -254,7 +254,10 @@ class Encryption extends Wrapper {
$sharePath = dirname($sharePath);
}

$accessList = $this->file->getAccessList($sharePath);
$accessList = [];
if ($this->encryptionModule->needDetailedAccessList()) {
$accessList = $this->file->getAccessList($sharePath);
}
$this->newHeader = $this->encryptionModule->begin($this->fullPath, $this->uid, $mode, $this->header, $accessList);

if (

+ 10
- 0
lib/public/Encryption/IEncryptionModule.php View File

@@ -182,4 +182,14 @@ interface IEncryptionModule {
*/
public function isReadyForUser($user);

/**
* Does the encryption module needs a detailed list of users with access to the file?
* For example if the encryption module uses per-user encryption keys and needs to know
* the users with access to the file to encrypt/decrypt it.
*
* @since 13.0.0
* @return bool
*/
public function needDetailedAccessList();

}

Write Preview
Loading…
Cancel
Save