Browse Source
add helper class accessible for encryption modules to ask for a list of users with access to a file, needed to apply the recovery key to all files
tags/v8.1.0alpha1
Bjoern Schiessle
9 years ago
16 changed files with 290 additions and 107 deletions
+ 3
- 1
apps/encryption/appinfo/application.php
View File
| @@ -139,7 +139,9 @@ class Application extends \OCP\AppFramework\App { | |||
| $server->getSecureRandom(), | |||
| $c->query('KeyManager'), | |||
| $server->getConfig(), | |||
| $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID)); | |||
| $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), | |||
| $server->getEncryptionFilesHelper(), | |||
| new \OC\Files\View()); | |||
| }); | |||
| $container->registerService('RecoveryController', function (IAppContainer $c) { | |||
+ 5
- 0
apps/encryption/appinfo/routes.php
View File
| @@ -38,6 +38,11 @@ namespace OCA\Encryption\AppInfo; | |||
| 'name' => 'Recovery#changeRecoveryPassword', | |||
| 'url' => '/ajax/changeRecoveryPassword', | |||
| 'verb' => 'POST' | |||
| ], | |||
| [ | |||
| 'name' => 'Recovery#userSetRecovery', | |||
| 'url' => '/ajax/userSetRecovery', | |||
| 'verb' => 'POST' | |||
| ] | |||
+ 48
- 13
apps/encryption/controller/recoverycontroller.php
View File
| @@ -61,61 +61,72 @@ class RecoveryController extends Controller { | |||
| public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { | |||
| // Check if both passwords are the same | |||
| if (empty($recoveryPassword)) { | |||
| $errorMessage = $this->l->t('Missing recovery key password'); | |||
| $errorMessage = (string) $this->l->t('Missing recovery key password'); | |||
| return new DataResponse(['data' => ['message' => $errorMessage]], 500); | |||
| } | |||
| if (empty($confirmPassword)) { | |||
| $errorMessage = $this->l->t('Please repeat the recovery key password'); | |||
| $errorMessage = (string) $this->l->t('Please repeat the recovery key password'); | |||
| return new DataResponse(['data' => ['message' => $errorMessage]], 500); | |||
| } | |||
| if ($recoveryPassword !== $confirmPassword) { | |||
| $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); | |||
| $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); | |||
| return new DataResponse(['data' => ['message' => $errorMessage]], 500); | |||
| } | |||
| if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { | |||
| if ($this->recovery->enableAdminRecovery($recoveryPassword)) { | |||
| return new DataResponse(['status' =>'success', 'data' => array('message' => $this->l->t('Recovery key successfully enabled'))]); | |||
| return new DataResponse(['status' =>'success', 'data' => array('message' => (string) $this->l->t('Recovery key successfully enabled'))]); | |||
| } | |||
| return new DataResponse(['data' => array('message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); | |||
| return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); | |||
| } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { | |||
| if ($this->recovery->disableAdminRecovery($recoveryPassword)) { | |||
| return new DataResponse(['data' => array('message' => $this->l->t('Recovery key successfully disabled'))]); | |||
| return new DataResponse(['data' => array('message' => (string) $this->l->t('Recovery key successfully disabled'))]); | |||
| } | |||
| return new DataResponse(['data' => array('message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); | |||
| return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); | |||
| } | |||
| } | |||
| public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { | |||
| //check if both passwords are the same | |||
| if (empty($oldPassword)) { | |||
| $errorMessage = $this->l->t('Please provide the old recovery password'); | |||
| $errorMessage = (string) $this->l->t('Please provide the old recovery password'); | |||
| return new DataResponse(array('data' => array('message' => $errorMessage))); | |||
| } | |||
| if (empty($newPassword)) { | |||
| $errorMessage = $this->l->t('Please provide a new recovery password'); | |||
| $errorMessage = (string) $this->l->t('Please provide a new recovery password'); | |||
| return new DataResponse (array('data' => array('message' => $errorMessage))); | |||
| } | |||
| if (empty($confirmPassword)) { | |||
| $errorMessage = $this->l->t('Please repeat the new recovery password'); | |||
| $errorMessage = (string) $this->l->t('Please repeat the new recovery password'); | |||
| return new DataResponse(array('data' => array('message' => $errorMessage))); | |||
| } | |||
| if ($newPassword !== $confirmPassword) { | |||
| $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); | |||
| $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); | |||
| return new DataResponse(array('data' => array('message' => $errorMessage))); | |||
| } | |||
| $result = $this->recovery->changeRecoveryKeyPassword($newPassword, $oldPassword); | |||
| if ($result) { | |||
| return new DataResponse(array('status' => 'success' ,'data' => array('message' => $this->l->t('Password successfully changed.')))); | |||
| return new DataResponse( | |||
| array( | |||
| 'status' => 'success' , | |||
| 'data' => array( | |||
| 'message' => (string) $this->l->t('Password successfully changed.')) | |||
| ) | |||
| ); | |||
| } else { | |||
| return new DataResponse(array('data' => array('message' => $this->l->t('Could not change the password. Maybe the old password was not correct.')))); | |||
| return new DataResponse( | |||
| array( | |||
| 'data' => array | |||
| ('message' => (string) $this->l->t('Could not change the password. Maybe the old password was not correct.')) | |||
| ) | |||
| ); | |||
| } | |||
| } | |||
| @@ -131,4 +142,28 @@ class RecoveryController extends Controller { | |||
| } | |||
| } | |||
| public function userSetRecovery($userEnableRecovery) { | |||
| if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { | |||
| $result = $this->recovery->setRecoveryForUser($userEnableRecovery); | |||
| if ($result) { | |||
| return new DataResponse( | |||
| array( | |||
| 'status' => 'success', | |||
| 'data' => array( | |||
| 'message' => (string) $this->l->t('Recovery Key enabled')) | |||
| ) | |||
| ); | |||
| } else { | |||
| return new DataResponse( | |||
| array( | |||
| 'data' => array | |||
| ('message' => (string) $this->l->t('Could not enable the recovery key, please try again or contact your administrator')) | |||
| ) | |||
| ); | |||
| } | |||
| } | |||
| } | |||
| } | |||
+ 1
- 28
apps/encryption/js/settings-personal.js
View File
| @@ -29,7 +29,7 @@ $(document).ready(function(){ | |||
| var recoveryStatus = $( this ).val(); | |||
| OC.msg.startAction('#userEnableRecovery .msg', 'Updating recovery keys. This can take some time...'); | |||
| $.post( | |||
| OC.filePath( 'files_encryption', 'ajax', 'userrecovery.php' ) | |||
| OC.generateUrl('/apps/encryption/ajax/userSetRecovery') | |||
| , { userEnableRecovery: recoveryStatus } | |||
| , function( data ) { | |||
| OC.msg.finishedAction('#userEnableRecovery .msg', data); | |||
| @@ -40,33 +40,6 @@ $(document).ready(function(){ | |||
| } | |||
| ); | |||
| $("#encryptAll").click( | |||
| function(){ | |||
| // Hide feedback messages in case they're already visible | |||
| $('#encryptAllSuccess').hide(); | |||
| $('#encryptAllError').hide(); | |||
| var userPassword = $( '#userPassword' ).val(); | |||
| var encryptAll = $( '#encryptAll' ).val(); | |||
| $.post( | |||
| OC.filePath( 'files_encryption', 'ajax', 'encryptall.php' ) | |||
| , { encryptAll: encryptAll, userPassword: userPassword } | |||
| , function( data ) { | |||
| if ( data.status == "success" ) { | |||
| $('#encryptAllSuccess').show(); | |||
| } else { | |||
| $('#encryptAllError').show(); | |||
| } | |||
| } | |||
| ); | |||
| // Ensure page is not reloaded on form submit | |||
| return false; | |||
| } | |||
| ); | |||
| // update private key password | |||
| $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) { | |||
+ 73
- 14
apps/encryption/lib/recovery.php
View File
| @@ -29,7 +29,8 @@ use OCP\IUser; | |||
| use OCP\IUserSession; | |||
| use OCP\PreConditionNotMetException; | |||
| use OCP\Security\ISecureRandom; | |||
| use OCP\Share; | |||
| use OC\Files\View; | |||
| use OCP\Encryption\IFile; | |||
| class Recovery { | |||
| @@ -58,7 +59,17 @@ class Recovery { | |||
| * @var IStorage | |||
| */ | |||
| private $keyStorage; | |||
| /** | |||
| * @var View | |||
| */ | |||
| private $view; | |||
| /** | |||
| * @var IFile | |||
| */ | |||
| private $file; | |||
| /** | |||
| * @var string | |||
| */ | |||
| private $recoveryKeyId; | |||
| /** | |||
| @@ -68,19 +79,25 @@ class Recovery { | |||
| * @param KeyManager $keyManager | |||
| * @param IConfig $config | |||
| * @param IStorage $keyStorage | |||
| * @param IFile $file | |||
| * @param View $view | |||
| */ | |||
| public function __construct(IUserSession $user, | |||
| Crypt $crypt, | |||
| ISecureRandom $random, | |||
| KeyManager $keyManager, | |||
| IConfig $config, | |||
| IStorage $keyStorage) { | |||
| IStorage $keyStorage, | |||
| IFile $file, | |||
| View $view) { | |||
| $this->user = $user && $user->isLoggedIn() ? $user->getUser() : false; | |||
| $this->crypt = $crypt; | |||
| $this->random = $random; | |||
| $this->keyManager = $keyManager; | |||
| $this->config = $config; | |||
| $this->keyStorage = $keyStorage; | |||
| $this->view = $view; | |||
| $this->file = $file; | |||
| } | |||
| /** | |||
| @@ -138,14 +155,6 @@ class Recovery { | |||
| return false; | |||
| } | |||
| public function addRecoveryKeys($keyId) { | |||
| // No idea new way to do this.... | |||
| } | |||
| public function removeRecoveryKeys() { | |||
| // No idea new way to do this.... | |||
| } | |||
| /** | |||
| * @return bool | |||
| */ | |||
| @@ -159,23 +168,73 @@ class Recovery { | |||
| } | |||
| /** | |||
| * @param $enabled | |||
| * @param string $value | |||
| * @return bool | |||
| */ | |||
| public function setRecoveryForUser($enabled) { | |||
| $value = $enabled ? '1' : '0'; | |||
| public function setRecoveryForUser($value) { | |||
| try { | |||
| $this->config->setUserValue($this->user->getUID(), | |||
| 'encryption', | |||
| 'recoveryEnabled', | |||
| $value); | |||
| if ($value === '1') { | |||
| $this->addRecoveryKeys('/' . $this->user . '/files/'); | |||
| } else { | |||
| $this->removeRecoveryKeys(); | |||
| } | |||
| return true; | |||
| } catch (PreConditionNotMetException $e) { | |||
| return false; | |||
| } | |||
| } | |||
| /** | |||
| * add recovery key to all encrypted files | |||
| */ | |||
| private function addRecoveryKeys($path = '/') { | |||
| $dirContent = $this->view->getDirectoryContent($path); | |||
| foreach ($dirContent as $item) { | |||
| // get relative path from files_encryption/keyfiles/ | |||
| $filePath = $item['path']; | |||
| if ($item['type'] === 'dir') { | |||
| $this->addRecoveryKeys($filePath . '/'); | |||
| } else { | |||
| $fileKey = $this->keyManager->getFileKey($filePath, $this->user); | |||
| if (!empty($fileKey)) { | |||
| $accessList = $this->file->getAccessList($path); | |||
| $publicKeys = array(); | |||
| foreach ($accessList['users'] as $uid) { | |||
| $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); | |||
| } | |||
| $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); | |||
| $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); | |||
| } | |||
| } | |||
| } | |||
| } | |||
| /** | |||
| * remove recovery key to all encrypted files | |||
| */ | |||
| private function removeRecoveryKeys($path = '/') { | |||
| $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); | |||
| foreach ($dirContent as $item) { | |||
| // get relative path from files_encryption/keyfiles | |||
| $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); | |||
| if ($item['type'] === 'dir') { | |||
| $this->removeRecoveryKeys($filePath . '/'); | |||
| } else { | |||
| // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' | |||
| $file = substr($filePath, 0, -4); | |||
| $this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey'); | |||
| } | |||
| } | |||
| } | |||
| /** | |||
| * @param $recoveryPassword | |||
| */ | |||
+ 5
- 1
apps/encryption/settings/settings-personal.php
View File
| @@ -29,7 +29,11 @@ $user = \OCP\User::getUser(); | |||
| $view = new \OC\Files\View('/'); | |||
| $util = new \OCA\Encryption\Util( | |||
| new \OC\Files\View(), $crypt, $keymanager, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig()); | |||
| new \OC\Files\View(), | |||
| $crypt, $keymanager, | |||
| \OC::$server->getLogger(), | |||
| \OC::$server->getUserSession(), | |||
| \OC::$server->getConfig()); | |||
| $privateKeySet = $session->isPrivateKeySet(); | |||
| // did we tried to initialize the keys for this session? | |||
+ 2
- 0
apps/encryption/templates/settings-personal.php
View File
| @@ -1,6 +1,8 @@ | |||
| <?php | |||
| /** @var array $_ */ | |||
| /** @var OC_L10N $l */ | |||
| script('encryption', 'settings-personal'); | |||
| script('core', 'multiselect'); | |||
| ?> | |||
| <form id="encryption" class="section"> | |||
| <h2><?php p($l->t('ownCloud basic encryption module')); ?></h2> | |||
+ 1
- 0
lib/base.php
View File
| @@ -723,6 +723,7 @@ class OC { | |||
| \OC::$server->getConfig()), | |||
| \OC\Files\Filesystem::getMountManager(), | |||
| \OC::$server->getEncryptionManager(), | |||
| \OC::$server->getEncryptionFilesHelper(), | |||
| $uid | |||
| ); | |||
| \OCP\Util::connectHook('OCP\Share', 'post_shared', $updater, 'postShared'); | |||
+ 81
- 0
lib/private/encryption/file.php
View File
| @@ -0,0 +1,81 @@ | |||
| <?php | |||
| /** | |||
| * ownCloud | |||
| * | |||
| * @copyright (C) 2015 ownCloud, Inc. | |||
| * | |||
| * @author Bjoern Schiessle <schiessle@owncloud.com> | |||
| * | |||
| * This library is free software; you can redistribute it and/or | |||
| * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE | |||
| * License as published by the Free Software Foundation; either | |||
| * version 3 of the License, or any later version. | |||
| * | |||
| * This library is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
| * GNU AFFERO GENERAL PUBLIC LICENSE for more details. | |||
| * | |||
| * You should have received a copy of the GNU Affero General Public | |||
| * License along with this library. If not, see <http://www.gnu.org/licenses/>. | |||
| */ | |||
| namespace OC\Encryption; | |||
| use OC\Encryption\Util; | |||
| class File implements \OCP\Encryption\IFile { | |||
| /** @var Util */ | |||
| protected $util; | |||
| public function __construct(Util $util) { | |||
| $this->util = $util; | |||
| } | |||
| /** | |||
| * get list of users with access to the file | |||
| * | |||
| * @param $path to the file | |||
| * @return array | |||
| */ | |||
| public function getAccessList($path) { | |||
| // Make sure that a share key is generated for the owner too | |||
| list($owner, $ownerPath) = $this->util->getUidAndFilename($path); | |||
| // always add owner to the list of users with access to the file | |||
| $userIds = array($owner); | |||
| if (!$this->util->isFile($ownerPath)) { | |||
| return array('users' => $userIds, 'public' => false); | |||
| } | |||
| $ownerPath = substr($ownerPath, strlen('/files')); | |||
| $ownerPath = $this->util->stripPartialFileExtension($ownerPath); | |||
| // Find out who, if anyone, is sharing the file | |||
| $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); | |||
| $userIds = \array_merge($userIds, $result['users']); | |||
| $public = $result['public'] || $result['remote']; | |||
| // check if it is a group mount | |||
| if (\OCP\App::isEnabled("files_external")) { | |||
| $mounts = \OC_Mount_Config::getSystemMountPoints(); | |||
| foreach ($mounts as $mount) { | |||
| if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { | |||
| $mountedFor = $this->util->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']); | |||
| $userIds = array_merge($userIds, $mountedFor); | |||
| } | |||
| } | |||
| } | |||
| // Remove duplicate UIDs | |||
| $uniqueUserIds = array_unique($userIds); | |||
| return array('users' => $uniqueUserIds, 'public' => $public); | |||
| } | |||
| } | |||
+ 7
- 1
lib/private/encryption/update.php
View File
| @@ -46,12 +46,16 @@ class Update { | |||
| /** @var string */ | |||
| protected $uid; | |||
| /** @var \OC\Encryption\File */ | |||
| protected $file; | |||
| /** | |||
| * | |||
| * @param \OC\Files\View $view | |||
| * @param \OC\Encryption\Util $util | |||
| * @param \OC\Files\Mount\Manager $mountManager | |||
| * @param \OC\Encryption\Manager $encryptionManager | |||
| * @param \OC\Encryption\File $file | |||
| * @param string $uid | |||
| */ | |||
| public function __construct( | |||
| @@ -59,6 +63,7 @@ class Update { | |||
| Util $util, | |||
| Mount\Manager $mountManager, | |||
| Manager $encryptionManager, | |||
| File $file, | |||
| $uid | |||
| ) { | |||
| @@ -66,6 +71,7 @@ class Update { | |||
| $this->util = $util; | |||
| $this->mountManager = $mountManager; | |||
| $this->encryptionManager = $encryptionManager; | |||
| $this->file = $file; | |||
| $this->uid = $uid; | |||
| } | |||
| @@ -103,7 +109,7 @@ class Update { | |||
| $encryptionModule = $this->encryptionManager->getDefaultEncryptionModule(); | |||
| foreach ($allFiles as $path) { | |||
| $usersSharing = $this->util->getSharingUsersArray($path); | |||
| $usersSharing = $this->file->getAccessList($path); | |||
| $encryptionModule->update($absPath, $this->uid, $usersSharing); | |||
| } | |||
| } | |||
+ 2
- 45
lib/private/encryption/util.php
View File
| @@ -162,49 +162,6 @@ class Util { | |||
| return $paddedHeader; | |||
| } | |||
| /** | |||
| * Find, sanitise and format users sharing a file | |||
| * @note This wraps other methods into a portable bundle | |||
| * @param string $path path relative to current users files folder | |||
| * @return array | |||
| */ | |||
| public function getSharingUsersArray($path) { | |||
| // Make sure that a share key is generated for the owner too | |||
| list($owner, $ownerPath) = $this->getUidAndFilename($path); | |||
| // always add owner to the list of users with access to the file | |||
| $userIds = array($owner); | |||
| if (!$this->isFile($ownerPath)) { | |||
| return array('users' => $userIds, 'public' => false); | |||
| } | |||
| $ownerPath = substr($ownerPath, strlen('/files')); | |||
| $ownerPath = $this->stripPartialFileExtension($ownerPath); | |||
| // Find out who, if anyone, is sharing the file | |||
| $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); | |||
| $userIds = \array_merge($userIds, $result['users']); | |||
| $public = $result['public'] || $result['remote']; | |||
| // check if it is a group mount | |||
| if (\OCP\App::isEnabled("files_external")) { | |||
| $mounts = \OC_Mount_Config::getSystemMountPoints(); | |||
| foreach ($mounts as $mount) { | |||
| if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { | |||
| $mountedFor = $this->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']); | |||
| $userIds = array_merge($userIds, $mountedFor); | |||
| } | |||
| } | |||
| } | |||
| // Remove duplicate UIDs | |||
| $uniqueUserIds = array_unique($userIds); | |||
| return array('users' => $uniqueUserIds, 'public' => $public); | |||
| } | |||
| /** | |||
| * go recursively through a dir and collect all files and sub files. | |||
| * | |||
| @@ -243,7 +200,7 @@ class Util { | |||
| * @param string $path | |||
| * @return boolean | |||
| */ | |||
| protected function isFile($path) { | |||
| public function isFile($path) { | |||
| if (substr($path, 0, strlen('/files/')) === '/files/') { | |||
| return true; | |||
| } | |||
| @@ -361,7 +318,7 @@ class Util { | |||
| } | |||
| } | |||
| protected function getUserWithAccessToMountPoint($users, $groups) { | |||
| public function getUserWithAccessToMountPoint($users, $groups) { | |||
| $result = array(); | |||
| if (in_array('all', $users)) { | |||
| $result = \OCP\User::getUsers(); | |||
+ 8
- 1
lib/private/files/stream/encryption.php
View File
| @@ -31,6 +31,9 @@ class Encryption extends Wrapper { | |||
| /** @var \OC\Encryption\Util */ | |||
| protected $util; | |||
| /** @var \OC\Encryption\File */ | |||
| protected $file; | |||
| /** @var \OCP\Encryption\IEncryptionModule */ | |||
| protected $encryptionModule; | |||
| @@ -97,6 +100,7 @@ class Encryption extends Wrapper { | |||
| 'encryptionModule', | |||
| 'header', | |||
| 'uid', | |||
| 'file', | |||
| 'util', | |||
| 'size', | |||
| 'unencryptedSize', | |||
| @@ -117,6 +121,7 @@ class Encryption extends Wrapper { | |||
| * @param \OC\Files\Storage\Storage $storage | |||
| * @param \OC\Files\Storage\Wrapper\Encryption $encStorage | |||
| * @param \OC\Encryption\Util $util | |||
| * @param \OC\Encryption\File $file | |||
| * @param string $mode | |||
| * @param int $size | |||
| * @param int $unencryptedSize | |||
| @@ -130,6 +135,7 @@ class Encryption extends Wrapper { | |||
| \OC\Files\Storage\Storage $storage, | |||
| \OC\Files\Storage\Wrapper\Encryption $encStorage, | |||
| \OC\Encryption\Util $util, | |||
| \OC\Encryption\File $file, | |||
| $mode, | |||
| $size, | |||
| $unencryptedSize) { | |||
| @@ -144,6 +150,7 @@ class Encryption extends Wrapper { | |||
| 'header' => $header, | |||
| 'uid' => $uid, | |||
| 'util' => $util, | |||
| 'file' => $file, | |||
| 'size' => $size, | |||
| 'unencryptedSize' => $unencryptedSize, | |||
| 'encryptionStorage' => $encStorage | |||
| @@ -229,7 +236,7 @@ class Encryption extends Wrapper { | |||
| $sharePath = dirname($path); | |||
| } | |||
| $accessList = $this->util->getSharingUsersArray($sharePath); | |||
| $accessList = $this->file->getAccessList($sharePath); | |||
| $this->newHeader = $this->encryptionModule->begin($this->fullPath, $this->uid, $this->header, $accessList); | |||
| return true; | |||
+ 12
- 0
lib/private/server.php
View File
| @@ -87,6 +87,11 @@ class Server extends SimpleContainer implements IServerContainer { | |||
| return new Encryption\Manager($c->getConfig()); | |||
| }); | |||
| $this->registerService('EncryptionFileHelper', function (Server $c) { | |||
| $util = new \OC\Encryption\Util(new \OC\Files\View(), $c->getUserManager(), $c->getConfig()); | |||
| return new Encryption\File($util); | |||
| }); | |||
| $this->registerService('EncryptionKeyStorageFactory', function ($c) { | |||
| return new Encryption\Keys\Factory(); | |||
| }); | |||
| @@ -407,6 +412,13 @@ class Server extends SimpleContainer implements IServerContainer { | |||
| return $this->query('EncryptionManager'); | |||
| } | |||
| /** | |||
| * @return \OC\Encryption\File | |||
| */ | |||
| function getEncryptionFilesHelper() { | |||
| return $this->query('EncryptionFileHelper'); | |||
| } | |||
| /** | |||
| * @param string $encryptionModuleId encryption module ID | |||
| * | |||
+ 36
- 0
lib/public/encryption/ifile.php
View File
| @@ -0,0 +1,36 @@ | |||
| <?php | |||
| /** | |||
| * ownCloud | |||
| * | |||
| * @copyright (C) 2015 ownCloud, Inc. | |||
| * | |||
| * @author Bjoern Schiessle <schiessle@owncloud.com> | |||
| * | |||
| * This library is free software; you can redistribute it and/or | |||
| * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE | |||
| * License as published by the Free Software Foundation; either | |||
| * version 3 of the License, or any later version. | |||
| * | |||
| * This library is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
| * GNU AFFERO GENERAL PUBLIC LICENSE for more details. | |||
| * | |||
| * You should have received a copy of the GNU Affero General Public | |||
| * License along with this library. If not, see <http://www.gnu.org/licenses/>. | |||
| */ | |||
| namespace OCP\Encryption; | |||
| interface IFile { | |||
| /** | |||
| * get list of users with access to the file | |||
| * | |||
| * @param $path to the file | |||
| * @return array | |||
| */ | |||
| public function getAccessList($path); | |||
| } | |||
+ 1
- 3
lib/public/encryption/imanager.php
View File
| @@ -22,9 +22,7 @@ | |||
| */ | |||
| namespace OCP\Encryption; | |||
| // | |||
| // TODO: move exceptions to OCP | |||
| // | |||
| use OC\Encryption\Exceptions\ModuleDoesNotExistsException; | |||
| use OC\Encryption\Exceptions\ModuleAlreadyExistsException; | |||
+ 5
- 0
lib/public/iservercontainer.php
View File
| @@ -183,6 +183,11 @@ interface IServerContainer { | |||
| */ | |||
| function getEncryptionManager(); | |||
| /** | |||
| * @return \OC\Encryption\File | |||
| */ | |||
| function getEncryptionFilesHelper(); | |||
| /** | |||
| * @param string $encryptionModuleId encryption module ID | |||
| * | |||
Loading…