Merge pull request #15584 from owncloud/enc_fix_upload_shared_folder

skip user if we don't have a public key

4 files changed, 83 insertions, 3 deletions

diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php
index 0c9dcb76fbc..0d6f57f46e9 100644
--- a/apps/encryption/appinfo/application.php
+++ b/apps/encryption/appinfo/application.php
@@ -94,10 +94,12 @@ class Application extends \OCP\AppFramework\App {
 	public function registerEncryptionModule() {
 		$container = $this->getContainer();
 
+
 		$this->encryptionManager->registerEncryptionModule(
 			Encryption::ID,
 			Encryption::DISPLAY_NAME,
 			function() use ($container) {
+
 			return new Encryption(
 				$container->query('Crypt'),
 				$container->query('KeyManager'),
@@ -105,6 +107,7 @@ class Application extends \OCP\AppFramework\App {
 				$container->getServer()->getLogger()
 			);
 		});
+
 	}
 
 	public function registerServices() {
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php
index 4e181b0712a..29fda09e87f 100644
--- a/apps/encryption/lib/crypto/encryption.php
+++ b/apps/encryption/lib/crypto/encryption.php
@@ -25,6 +25,7 @@
 namespace OCA\Encryption\Crypto;
 
 
+use OCA\Encryption\Exceptions\PublicKeyMissingException;
 use OCA\Encryption\Util;
 use OCP\Encryption\IEncryptionModule;
 use OCA\Encryption\KeyManager;
@@ -67,6 +68,7 @@ class Encryption implements IEncryptionModule {
 	/** @var Util */
 	private $util;
 
+
 	/** @var  ILogger */
 	private $logger;
 
@@ -161,6 +163,9 @@ class Encryption implements IEncryptionModule {
 	 * @param string $path to the file
 	 * @return string remained data which should be written to the file in case
 	 *                of a write operation
+	 * @throws PublicKeyMissingException
+	 * @throws \Exception
+	 * @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
 	 */
 	public function end($path) {
 		$result = '';
@@ -171,7 +176,18 @@ class Encryption implements IEncryptionModule {
 			}
 			$publicKeys = array();
 			foreach ($this->accessList['users'] as $uid) {
-				$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
+				try {
+					$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
+				} catch (PublicKeyMissingException $e) {
+					$this->logger->warning(
+						'no public key found for user "{uid}", user will not be able to read the file',
+						['app' => 'encryption', 'uid' => $uid]
+					);
+					// if the public key of the owner is missing we should fail
+					if ($uid === $this->user) {
+						throw $e;
+					}
+				}
 			}
 
 			$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys);
diff --git a/apps/encryption/tests/lib/crypto/cryptTest.php b/apps/encryption/tests/lib/crypto/cryptTest.php
index 3ea57668348..4114adb115a 100644
--- a/apps/encryption/tests/lib/crypto/cryptTest.php
+++ b/apps/encryption/tests/lib/crypto/cryptTest.php
@@ -20,7 +20,7 @@
  */
 
 
-namespace OCA\Encryption\Tests\Crypt;
+namespace OCA\Encryption\Tests\lib\Crypto;
 
 
 use OCA\Encryption\Crypto\Crypt;
diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php
index cb4ca2d3a12..aa28a8b44a4 100644
--- a/apps/encryption/tests/lib/crypto/encryptionTest.php
+++ b/apps/encryption/tests/lib/crypto/encryptionTest.php
@@ -19,8 +19,9 @@
  *
  */
 
-namespace OCA\Encryption\Tests\Crypto;
+namespace OCA\Encryption\Tests\lib\Crypto;
 
+use OCA\Encryption\Exceptions\PublicKeyMissingException;
 use Test\TestCase;
 use OCA\Encryption\Crypto\Encryption;
 
@@ -63,6 +64,66 @@ class EncryptionTest extends TestCase {
 			$this->utilMock,
 			$this->loggerMock
 		);
+
+	}
+
+	/**
+	 * test if public key from one of the recipients is missing
+	 */
+	public function testEndUser1() {
+		$this->instance->begin('/foo/bar', 'user1', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
+		$this->endTest();
+	}
+
+	/**
+	 * test if public key from owner is missing
+	 *
+	 * @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException
+	 */
+	public function testEndUser2() {
+		$this->instance->begin('/foo/bar', 'user2', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
+		$this->endTest();
+	}
+
+	/**
+	 * common part of testEndUser1 and testEndUser2
+	 *
+	 * @throws PublicKeyMissingException
+	 */
+	public function endTest() {
+		// prepare internal variables
+		\Test_Helper::invokePrivate($this->instance, 'isWriteOperation', [true]);
+		\Test_Helper::invokePrivate($this->instance, 'writeCache', ['']);
+
+		$this->keyManagerMock->expects($this->any())
+			->method('getPublicKey')
+			->will($this->returnCallback([$this, 'getPublicKeyCallback']));
+		$this->keyManagerMock->expects($this->any())
+			->method('addSystemKeys')
+			->will($this->returnCallback([$this, 'addSystemKeysCallback']));
+		$this->cryptMock->expects($this->any())
+			->method('multiKeyEncrypt')
+			->willReturn(true);
+		$this->cryptMock->expects($this->any())
+			->method('setAllFileKeys')
+			->willReturn(true);
+
+		$this->instance->end('/foo/bar');
+	}
+
+
+	public function getPublicKeyCallback($uid) {
+		if ($uid === 'user2') {
+			throw new PublicKeyMissingException($uid);
+		}
+		return $uid;
+	}
+
+	public function addSystemKeysCallback($accessList, $publicKeys) {
+		$this->assertSame(2, count($publicKeys));
+		$this->assertArrayHasKey('user1', $publicKeys);
+		$this->assertArrayHasKey('user3', $publicKeys);
+		return $publicKeys;
 	}
 
 	/**