ask user for passwords when switching from client to server side encryption

4 files changed, 50 insertions, 12 deletions

diff --git a/apps/files_encryption/ajax/mode.php b/apps/files_encryption/ajax/mode.php
index 0515cdccb0a..c81d4947956 100644
--- a/apps/files_encryption/ajax/mode.php
+++ b/apps/files_encryption/ajax/mode.php
@@ -7,11 +7,22 @@
 
 //TODO: Handle switch between client and server side encryption
 

+use OCA_Encryption\Keymanager;
+
 OCP\JSON::checkAppEnabled('files_encryption');

 OCP\JSON::checkLoggedIn();

 OCP\JSON::callCheck();

 
 $mode = $_POST['mode'];
+$changePasswd = false;
+$passwdChanged = false;
+
+if ( isset($_POST['newpasswd']) && isset($_POST['oldpasswd']) ) {
+	$oldpasswd = $_POST['oldpasswd'];
+	$newpasswd = $_POST['newpasswd'];
+	$changePasswd = true;
+	$passwdChanged = Keymanager::changePasswd($oldpasswd, $newpasswd);
+}
 
 $query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );

 $result = $query->execute(array(\OCP\User::getUser()));

@@ -21,4 +32,8 @@ if ($result->fetchRow()){
 } else {
 	$query = OC_DB::prepare( 'INSERT INTO *PREFIX*encryption ( mode, uid ) VALUES( ?, ? )' );
 }
-$query->execute(array($mode, \OCP\User::getUser()));
\ No newline at end of file
+if ( (!$changePasswd || $passwdChanged) && $query->execute(array($mode, \OCP\User::getUser())) ) {
+	OCP\JSON::success();
+} else {
+	OCP\JSON::error();
+}
\ No newline at end of file
diff --git a/apps/files_encryption/js/settings-personal.js b/apps/files_encryption/js/settings-personal.js
index 6d3c9f9a486..fad077a8dd7 100644
--- a/apps/files_encryption/js/settings-personal.js
+++ b/apps/files_encryption/js/settings-personal.js
@@ -6,16 +6,33 @@
 
 $(document).ready(function(){
 	$('input[name=encryption_mode]').change(function(){
+		var prevmode = document.getElementById('prev_encryption_mode').value
 		var  client=$('input[value="client"]:checked').val()
 			 ,server=$('input[value="server"]:checked').val()
 			 ,user=$('input[value="user"]:checked').val()
 			 ,none=$('input[value="none"]:checked').val()
-		if (client)
-			var encmode= 'client';
-		else if (server)
-			var encmode = 'server';
-		else
-			var encmode = 'none';	
-		$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: encmode });
+		if (client) {
+			$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'client' });
+			if (prevmode == 'server') {
+				OC.dialogs.info(t('encryption', 'Please go to your owncloud client and change your encryption password to complete the conversion'), t('encryption', 'switched to client side encryption'));
+			}
+		} else if (server) {
+			if (prevmode == 'client') {
+		    OC.dialogs.form([{text:'login password', name:'newpasswd', type:'password'},{text:'Encryption password used on the client', name:'oldpasswd', type:'password'}],t('encryption', 'Please enter your passwords'), function(data) {
+		   		$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server', newpasswd: data[0].value, oldpasswd: data[1].value }, function(result) {
+		   			if (result.status != 'success') {
+		   				console.log("change selection back to " + prevmode+'_encryption');
+		   				document.getElementById(prevmode+'_encryption').checked = true;
+		   			} else {
+		   			}
+		   			
+		   		});
+		    });
+			} else {
+				$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server' });
+			}
+		} else {
+			$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'none' });
+		}
 	})
 })
\ No newline at end of file
diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index 0bf9be26ae0..e546ba825e4 100644
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -199,4 +199,10 @@ class Keymanager {
 		return $result;

 	}

 	

+	public static function changePasswd($oldpasswd, $newpasswd) {

+		//TODO change password of private key

+		error_log("password changed from '$oldpasswd' to '$newpasswd'");

+		return true;

+	}

+	

 }
\ No newline at end of file
diff --git a/apps/files_encryption/templates/settings-personal.php b/apps/files_encryption/templates/settings-personal.php
index 4546aecacfa..de05fa5a4bc 100644
--- a/apps/files_encryption/templates/settings-personal.php
+++ b/apps/files_encryption/templates/settings-personal.php
@@ -4,10 +4,10 @@
 <strong>Choose encryption mode:</strong>

 

 <p>

-	<input type="radio" name="encryption_mode" value="client" style="width:20px;" <?php if ($_['encryption_mode'] == 'client') echo "checked='checked'"?>/> Client side encryption (most secure but makes it impossible to access your data from the web interface)<br />

-	<input type="radio" name="encryption_mode" value="server" style="width:20px;" <?php if ($_['encryption_mode'] == 'server') echo "checked='checked'"?> /> Server side encryption (allows you to access your files from the web interface and the desktop client)<br />

-	<input type="radio" name="encryption_mode" value="none" style="width:20px;" <?php if ($_['encryption_mode'] == 'none') echo "checked='checked'"?>/> None (no encryption at all)<br/>

+	<input type="hidden" name="prev_encryption_mode" id="prev_encryption_mode" value="<?php echo $_['encryption_mode']; ?>">

+	<input type="radio" name="encryption_mode" value="client" id='client_encryption' style="width:20px;" <?php if ($_['encryption_mode'] == 'client') echo "checked='checked'"?>/> Client side encryption (most secure but makes it impossible to access your data from the web interface)<br />

+	<input type="radio" name="encryption_mode" value="server" id='server_encryption' style="width:20px;" <?php if ($_['encryption_mode'] == 'server') echo "checked='checked'"?> /> Server side encryption (allows you to access your files from the web interface and the desktop client)<br />

+	<input type="radio" name="encryption_mode" value="none" id='none_encryption' style="width:20px;" <?php if ($_['encryption_mode'] == 'none') echo "checked='checked'"?>/> None (no encryption at all)<br/>

 	</p>	

 	</fieldset>

 </form>

-