Implemented initial recoveryAdmin functionality in crypto file proxy

2 files changed, 80 insertions, 25 deletions

diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php
index 820b7d8b67e..ae36b9fe09f 100644
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@@ -93,29 +93,29 @@ class Proxy extends \OC_FileProxy {
 	
 	public function preFile_put_contents( $path, &$data ) {
 
-        if ( self::shouldEncrypt( $path ) ) {
+		if ( self::shouldEncrypt( $path ) ) {
 
-        	// Stream put contents should have been converted to fopen
+			// Stream put contents should have been converted to fopen
 			if ( !is_resource( $data ) ) {
 
-                $userId = \OCP\USER::getUser();
-				$rootView = new \OC_FilesystemView( '/' );
-				$util = new Util( $rootView, $userId );
-				$session = new Session( $rootView );
+				$userId = \OCP\USER::getUser();
+				$view = new \OC_FilesystemView( '/' );
+				$util = new Util( $view, $userId );
+				$session = new Session( $view );
 				$privateKey = $session->getPrivateKey();
 				$filePath = $util->stripUserFilesPath( $path );
 				// Set the filesize for userland, before encrypting
 				$size = strlen( $data );
-				
+					
 				// Disable encryption proxy to prevent recursive calls
-                $proxyStatus = \OC_FileProxy::$enabled;
-                \OC_FileProxy::$enabled = false;
-				
+				$proxyStatus = \OC_FileProxy::$enabled;
+				\OC_FileProxy::$enabled = false;
+					
 				// Check if there is an existing key we can reuse
-				if ( $encKeyfile = Keymanager::getFileKey( $rootView, $userId, $filePath ) ) {
+				if ( $encKeyfile = Keymanager::getFileKey( $view, $userId, $filePath ) ) {
 					
 					// Fetch shareKey
-					$shareKey = Keymanager::getShareKey( $rootView, $userId, $filePath );
+					$shareKey = Keymanager::getShareKey( $view, $userId, $filePath );
 					
 					// Decrypt the keyfile
 					$plainKey = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
@@ -124,7 +124,7 @@ class Proxy extends \OC_FileProxy {
 				
 					// Make a new key
 					$plainKey = Crypt::generateKey();
-				
+					
 				}
 				
 				// Encrypt data
@@ -134,34 +134,73 @@ class Proxy extends \OC_FileProxy {
 				
 				$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $filePath, $userId );
 
-                // Fetch public keys for all users who will share the file
-				$publicKeys = Keymanager::getPublicKeys( $rootView, $uniqueUserIds );
+				// Fetch public keys for all users who will share the file
+				$publicKeys = Keymanager::getPublicKeys( $view, $uniqueUserIds );
 
-                // Encrypt plain keyfile to multiple sharefiles
+				// Encrypt plain keyfile to multiple sharefiles
 				$multiEncrypted = Crypt::multiKeyEncrypt( $plainKey, $publicKeys );
 				
 				// Save sharekeys to user folders
-				Keymanager::setShareKeys( $rootView, $filePath, $multiEncrypted['keys'] );
+				Keymanager::setShareKeys( $view, $filePath, $multiEncrypted['keys'] );
 				
 				// Set encrypted keyfile as common varname
 				$encKey = $multiEncrypted['data'];
 				
 				// Save keyfile for newly encrypted file in parallel directory tree
-				Keymanager::setFileKey( $rootView, $filePath, $userId, $encKey );
+				Keymanager::setFileKey( $view, $filePath, $userId, $encKey );
 
 				// Replace plain content with encrypted content by reference
 				$data = $encData;
-				
+					
 				// Update the file cache with file info
-                \OC\Files\Filesystem::putFileInfo( $filePath, array( 'encrypted'=>true, 'size' => strlen($size), 'unencrypted_size' => $size), '' );
+				\OC\Files\Filesystem::putFileInfo( $filePath, array( 'encrypted'=>true, 'size' => strlen($size), 'unencrypted_size' => $size), '' );
 
-                // Re-enable proxy - our work is done
+				// Re-enable proxy - our work is done
 				\OC_FileProxy::$enabled = $proxyStatus;
 				
 			}
 		}
 
-        return true;
+		return true;
+		
+	}
+	
+	public function postFile_put_contents( $path, $length ) {
+	
+		$userId = \OCP\USER::getUser();
+		$view = new \OC_FilesystemView( '/' );
+		$util = new Util( $view, $userId );
+	
+		// Check if recoveryAdmin is enabled for system and user
+		// TODO: Consider storing recoveryAdmin status for user in session
+		if ( 
+			\OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' )
+			&& $util->recoveryEnabledForUser()
+		) {
+			
+			// Get owner UID and filepath
+			list( $owner, $ownerPath ) = $util->getUidAndFilename( $path );
+		
+			$recoveryAdminUid = \OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' );
+			$usersSharing = \OCP\Share::getUsersSharingFile( $ownerPath, $owner,true, true, true );
+		
+			// Check if file is already shared to recoveryAdmin
+			if ( ! in_array( $recoveryAdminUid, $usersSharing ) ) {
+
+				$relPath = $util->stripFilesPath( $path );
+
+				// Get file info from filecache
+				$fileInfo = \OC\Files\Filesystem::getFileInfo( $path );
+				
+				// Register share to recoveryAdmin with share API
+				// FIXME: Some of these vars aren't set
+				// FIXME: What should the permission number be to grant all rights?
+// 				\OCP\Share::shareItem( $itemType, $itemSource, 0, $recoveryAdminUid, 17 ); 
+			
+			}
+		
+		}
+		
 	}
 	
 	/**
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 068f7148425..41d51fbf6fb 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -548,6 +548,7 @@ class Util {
 
 	/**
 	 * @brief Format a path to be relative to the /user/files/ directory
+	 * @note e.g. turns '/admin/files/test.txt' into 'test.txt'
 	 */
 	public function stripUserFilesPath( $path ) {
 	
@@ -561,6 +562,21 @@ class Util {
 	}
 	
 	/**
+	 * @brief Format a path to be relative to the /user directory
+	 * @note e.g. turns '/admin/files/test.txt' into 'files/test.txt'
+	 */
+	public function stripFilesPath( $path ) {
+	
+		$trimmed = ltrim( $path, '/' );
+		$split = explode( '/', $trimmed );
+		$sliced = array_slice( $split, 1 );
+		$relPath = implode( '/', $sliced );
+		
+		return $relPath;
+	
+	}
+	
+	/**
 	 * @brief Format a shared path to be relative to the /user/files/ directory
 	 * @note Expects a path like /uid/files/Shared/filepath
 	 */
@@ -1142,16 +1158,16 @@ class Util {
 
     /**
      * @brief get shares parent.
-     * @param int $Id of the current share
+     * @param int $id of the current share
      * @return array of the parent
      */
-    public static function getShareParent( $Id ) {
+    public static function getShareParent( $id ) {
 
         $query = \OC_DB::prepare( 'SELECT `file_target`, `item_type`'
             .' FROM `*PREFIX*share`'
             .' WHERE `id` = ?' );
 
-        $result = $query->execute( array( $Id ) );
+        $result = $query->execute( array( $id ) );
 
         $row = $result->fetchRow();