Merge pull request #16037 from owncloud/enc_dont_disable_encryption

don't let the the user disable encryption once it was activated

4 files changed, 29 insertions, 16 deletions

diff --git a/core/css/styles.css b/core/css/styles.css
index 4cf5e4e18ca..c8704066cf1 100644
--- a/core/css/styles.css
+++ b/core/css/styles.css
@@ -224,6 +224,10 @@ textarea:disabled {
 	color: #999;
 	cursor: default;
 }
+input:disabled+label, input:disabled:hover+label, input:disabled:focus+label {
+	color: #999 !important;
+	cursor: default;
+}
 
 /* Primary action button, use sparingly */
 .primary, input[type="submit"].primary, input[type="button"].primary, button.primary, .button.primary {
diff --git a/settings/css/settings.css b/settings/css/settings.css
index 583e8804951..4e398c64c4e 100644
--- a/settings/css/settings.css
+++ b/settings/css/settings.css
@@ -494,3 +494,7 @@ doesnotexist:-o-prefocus, .strengthify-wrapper {
 #encryptionModules {
 	padding: 10px;
 }
+
+#warning {
+	color: red;
+}
diff --git a/settings/js/admin.js b/settings/js/admin.js
index 9cdb7f5b0f1..8f705b9048d 100644
--- a/settings/js/admin.js
+++ b/settings/js/admin.js
@@ -54,20 +54,15 @@ $(document).ready(function(){
 		$('#shareAPI p:not(#enable)').toggleClass('hidden', !this.checked);
 	});
 
-	$('#encryptionEnabled').change(function() {
-		$('#encryptionAPI div#EncryptionSettingsArea').toggleClass('hidden');
+	$('#enableEncryption').change(function() {
+		$('#encryptionAPI div#EncryptionWarning').toggleClass('hidden');
 	});
 
-	$('#encryptionAPI input').change(function() {
-		var value = $(this).val();
-		if ($(this).attr('type') === 'checkbox') {
-			if (this.checked) {
-				value = 'yes';
-			} else {
-				value = 'no';
-			}
-		}
-		OC.AppConfig.setValue('core', $(this).attr('name'), value);
+	$('#reallyEnableEncryption').click(function() {
+		$('#encryptionAPI div#EncryptionWarning').toggleClass('hidden');
+		$('#encryptionAPI div#EncryptionSettingsArea').toggleClass('hidden');
+		OC.AppConfig.setValue('core', 'encryption_enabled', 'yes');
+		$('#enableEncryption').attr('disabled', 'disabled');
 	});
 
 	$('#startmigration').click(function(event){
diff --git a/settings/templates/admin.php b/settings/templates/admin.php
index 5edf4e2a9c7..638c3d7bff5 100644
--- a/settings/templates/admin.php
+++ b/settings/templates/admin.php
@@ -319,13 +319,23 @@ if ($_['cronErrors']) {
 		href="<?php p(link_to_docs('admin-encryption')); ?>"></a>
 
 	<p id="enable">
-		<input type="checkbox" name="encryption_enabled"
-			   id="encryptionEnabled"
-			   value="1" <?php if ($_['encryptionEnabled']) print_unescaped('checked="checked"'); ?> />
+		<input type="checkbox"
+			   id="enableEncryption"
+			   value="1" <?php if ($_['encryptionEnabled']) print_unescaped('checked="checked" disabled="disabled"'); ?> />
 		<label
-			for="encryptionEnabled"><?php p($l->t('Enable server-side encryption')); ?> <span id="startmigration_msg" class="msg"></span> </label><br/>
+			for="enableEncryption"><?php p($l->t('Enable server-side encryption')); ?> <span id="startmigration_msg" class="msg"></span> </label><br/>
 	</p>
 
+	<div id="EncryptionWarning" class="warning hidden">
+		<?php p($l->t('Encryption is a one way process. Once encryption is enabled,
+		all files from that point forward will be encrypted on the server and it
+		will not be possible to disable encryption at a later date. This is the final warning:
+		Do you really want to enable encryption?')) ?>
+		<input type="button"
+			   id="reallyEnableEncryption"
+			   value="<?php p($l->t("Enable encryption")); ?>" />
+	</div>
+
 	<div id="EncryptionSettingsArea" class="<?php if (!$_['encryptionEnabled']) p('hidden'); ?>">
 		<div id='selectEncryptionModules' class="<?php if (!$_['encryptionReady']) p('hidden'); ?>">
 			<?php