a new approach to display the error message

2 files changed, 70 insertions, 1 deletions

diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php
index a4abcd7dc5a..0fd85fa4e9a 100644
--- a/apps/encryption/lib/crypto/encryption.php
+++ b/apps/encryption/lib/crypto/encryption.php
@@ -270,6 +270,15 @@ class Encryption implements IEncryptionModule {
 	 * @return mixed decrypted data
 	 */
 	public function decrypt($data) {
+		if (empty($this->fileKey)) {
+			$msg = $this->l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+			$this->logger->error('Can not decrypt this file,
+			probably this is a shared file.
+			Please ask the file owner to reshare the file with you.');
+
+			throw new DecryptionFailedException($msg);
+		}
+
 		$result = '';
 		if (!empty($data)) {
 			$result = $this->crypt->symmetricDecryptFileContent($data, $this->fileKey, $this->cipher);
@@ -346,6 +355,36 @@ class Encryption implements IEncryptionModule {
 	}
 
 	/**
+	 * check if the encryption module is able to read the file,
+	 * e.g. if all encryption keys exists
+	 *
+	 * @param string $path
+	 * @param string $uid user for whom we want to check if he can read the file
+	 * @return bool
+	 * @throws DecryptionFailedException
+	 */
+	public function isReadable($path, $uid) {
+		$fileKey = $this->keyManager->getFileKey($path, $uid);
+		if (empty($fileKey)) {
+			$owner = $this->util->getOwner($path);
+			if ($owner !== $uid) {
+				// if it is a shared file we throw a exception with a useful
+				// error message because in this case it means that the file was
+				// shared with the user at a point where the user didn't had a
+				// valid private/public key
+				$msg = 'Encryption module "' . $this->getDisplayName() .
+					'" is not able to read ' . $path;
+				$hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+				$this->logger->warning($msg);
+				throw new DecryptionFailedException($msg, 0, null, $hint);
+			}
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
 	 * @param string $path
 	 * @return string
 	 */
@@ -360,4 +399,5 @@ class Encryption implements IEncryptionModule {
 
 		return $realPath;
 	}
+
 }
diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php
index 51d5241122f..afed96aaa38 100644
--- a/apps/encryption/lib/util.php
+++ b/apps/encryption/lib/util.php
@@ -29,6 +29,7 @@ use OCA\Encryption\Crypto\Crypt;
 use OCP\IConfig;
 use OCP\ILogger;
 use OCP\IUser;
+use OCP\IUserManager;
 use OCP\IUserSession;
 use OCP\PreConditionNotMetException;
 
@@ -53,6 +54,10 @@ class Util {
 	 * @var IConfig
 	 */
 	private $config;
+	/**
+	 * @var IUserManager
+	 */
+	private $userManager;
 
 	/**
 	 * Util constructor.
@@ -62,18 +67,21 @@ class Util {
 	 * @param ILogger $logger
 	 * @param IUserSession $userSession
 	 * @param IConfig $config
+	 * @param IUserManager $userManager
 	 */
 	public function __construct(View $files,
 								Crypt $crypt,
 								ILogger $logger,
 								IUserSession $userSession,
-								IConfig $config
+								IConfig $config,
+								IUserManager $userManager
 	) {
 		$this->files = $files;
 		$this->crypt = $crypt;
 		$this->logger = $logger;
 		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false;
 		$this->config = $config;
+		$this->userManager = $userManager;
 	}
 
 	/**
@@ -117,5 +125,26 @@ class Util {
 		return $this->files->file_exists($uid . '/files');
 	}
 
+	/**
+	 * get owner from give path, path relative to data/ expected
+	 *
+	 * @param string $path relative to data/
+	 * @return string
+	 * @throws \BadMethodCallException
+	 */
+	public function getOwner($path) {
+		$owner = '';
+		$parts = explode('/', $path, 3);
+		if (count($parts) > 1) {
+			$owner = $parts[1];
+			if ($this->userManager->userExists($owner) === false) {
+				throw new \BadMethodCallException('Unknown user: ' .
+				'method expects path to a user folder relative to the data folder');
+			}
+
+		}
+
+		return $owner;
+	}
 
 }