summaryrefslogtreecommitdiffstats
path: root/apps/encryption/lib
diff options
context:
space:
mode:
authorBjoern Schiessle <bjoern@schiessle.org>2017-05-30 13:22:48 +0200
committerBjoern Schiessle <bjoern@schiessle.org>2017-07-06 11:47:11 +0200
commit66debbe18ecf5bf8676c3b6d211bca006a615575 (patch)
treea471ed0bf44295871c4a6e8442d8a0edd46dbc56 /apps/encryption/lib
parent5f75468aa4341672e3a805ab5ce2ae03ba7402cc (diff)
downloadnextcloud-server-66debbe18ecf5bf8676c3b6d211bca006a615575.tar.gz
nextcloud-server-66debbe18ecf5bf8676c3b6d211bca006a615575.zip
add occ command to disable the master key again
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'apps/encryption/lib')
-rw-r--r--apps/encryption/lib/Command/DisableMasterKey.php89
1 files changed, 89 insertions, 0 deletions
diff --git a/apps/encryption/lib/Command/DisableMasterKey.php b/apps/encryption/lib/Command/DisableMasterKey.php
new file mode 100644
index 00000000000..97c2ad40b61
--- /dev/null
+++ b/apps/encryption/lib/Command/DisableMasterKey.php
@@ -0,0 +1,89 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Bjoern Schiessle <bjoern@schiessle.org>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+namespace OCA\Encryption\Command;
+
+
+use OCA\Encryption\Util;
+use OCP\IConfig;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\ConfirmationQuestion;
+
+class DisableMasterKey extends Command {
+
+ /** @var Util */
+ protected $util;
+
+ /** @var IConfig */
+ protected $config;
+
+ /** @var QuestionHelper */
+ protected $questionHelper;
+
+ /**
+ * @param Util $util
+ * @param IConfig $config
+ * @param QuestionHelper $questionHelper
+ */
+ public function __construct(Util $util,
+ IConfig $config,
+ QuestionHelper $questionHelper) {
+
+ $this->util = $util;
+ $this->config = $config;
+ $this->questionHelper = $questionHelper;
+ parent::__construct();
+ }
+
+ protected function configure() {
+ $this
+ ->setName('encryption:disable-master-key')
+ ->setDescription('Disable the master key and use per-user keys instead. Only available for fresh installations with no existing encrypted data! There is no way to enable it again.');
+ }
+
+ protected function execute(InputInterface $input, OutputInterface $output) {
+
+ $isMasterKeyEnabled = $this->util->isMasterKeyEnabled();
+
+ if(!$isMasterKeyEnabled) {
+ $output->writeln('Master key already disabled');
+ } else {
+ $question = new ConfirmationQuestion(
+ 'Warning: Only perform this operation for a fresh installations with no existing encrypted data! '
+ . 'There is no way to enable the master key again. '
+ . 'We strongly recommend to keep the master key, it provides significant performance improvements '
+ . 'and is easier to handle for both, users and administrators. '
+ . 'Do you really want to switch to per-user keys? (y/n) ', false);
+ if ($this->questionHelper->ask($input, $output, $question)) {
+ $this->config->setAppValue('encryption', 'useMasterKey', '0');
+ $output->writeln('Master key successfully disabled.');
+ } else {
+ $output->writeln('aborted.');
+ }
+ }
+
+ }
+
+}