diff options
| author | Sam Tuke <samtuke@owncloud.com> | 2013-03-28 18:29:18 +0100 |
|---|---|---|
| committer | Sam Tuke <samtuke@owncloud.com> | 2013-03-28 18:29:18 +0100 |
| commit | 9ecfd07f23e7fe2924bee6103792c00c6ec3cb0a (patch) | |
| tree | dc2ea57eb0148e18ade451f8893a462a6e3ced6d /apps/files_encryption/ajax | |
| parent | e717f7150e703821fc98a30ff80b953b737785e2 (diff) | |
| download | nextcloud-server-9ecfd07f23e7fe2924bee6103792c00c6ec3cb0a.tar.gz nextcloud-server-9ecfd07f23e7fe2924bee6103792c00c6ec3cb0a.zip | |
Added ajax scripts for setting pwd recovery preferences
Diffstat (limited to 'apps/files_encryption/ajax')
| -rw-r--r-- | apps/files_encryption/ajax/adminrecovery.php | 72 | ||||
| -rw-r--r-- | apps/files_encryption/ajax/userrecovery.php | 42 |
2 files changed, 114 insertions, 0 deletions
diff --git a/apps/files_encryption/ajax/adminrecovery.php b/apps/files_encryption/ajax/adminrecovery.php new file mode 100644 index 00000000000..f22114f8514 --- /dev/null +++ b/apps/files_encryption/ajax/adminrecovery.php @@ -0,0 +1,72 @@ +setValue( $app, $key, $value ) + +<?php +/** + * Copyright (c) 2013, Sam Tuke <samtuke@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + * + * @brief Script to handle admin settings for encrypted key recovery + */ + +use OCA\Encryption; + +\OCP\JSON::checkAdminUser(); +\OCP\JSON::checkAppEnabled( 'files_encryption' ); +\OCP\JSON::callCheck(); + +if ( + isset( $_POST['adminEnableRecovery'] ) + && $_POST['adminEnableRecovery'] == 1 + && isset( $_POST['recoveryPassword'] ) + && ! empty ( $_POST['recoveryPassword'] ) +) { + + // TODO: Let the admin set this themselves + $recoveryAdminUid = 'recoveryAdmin'; + + // If desired recoveryAdmin UID is already in use + if ( ! \OC_User::userExists( $recoveryAdminUid ) ) { + + // Create new recoveryAdmin user + \OC_User::createUser( $recoveryAdminUid, $_POST['recoveryPassword'] ); + + $doSetup = true; + + } else { + + // Get list of admin users + $admins = OC_Group::usersInGroup( 'admin' ); + + // If the existing recoveryAdmin UID is an admin + if ( in_array( $recoveryAdminUid, $admins ) ) { + + // The desired recoveryAdmi UID pre-exists and can be used + $doSetup = true; + + // If the recoveryAdmin UID exists but doesn't have admin rights + } else { + + \OCP\JSON::error(); + + } + + } + + // If recoveryAdmin has passed other checks + if ( $doSetup ) { + + $view = new \OC_FilesystemView( '/' ); + $util = new Util( $view, $recoveryAdminUid ); + + // Ensure recoveryAdmin is ready for encryption (has usable keypair etc.) + $util->setupServerSide( $_POST['recoveryPassword'] ); + + // Store the UID in the DB + OC_Appconfig::setValue( 'encryption', 'recoveryAdminUid', $recoveryAdminUid ); + + \OCP\JSON::success(); + + } + +}
\ No newline at end of file diff --git a/apps/files_encryption/ajax/userrecovery.php b/apps/files_encryption/ajax/userrecovery.php new file mode 100644 index 00000000000..56c18f7ad5b --- /dev/null +++ b/apps/files_encryption/ajax/userrecovery.php @@ -0,0 +1,42 @@ +setValue( $app, $key, $value ) + +<?php +/** + * Copyright (c) 2013, Sam Tuke <samtuke@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + * + * @brief Script to handle admin settings for encrypted key recovery + */ + +use OCA\Encryption; + +\OCP\JSON::checkLoggedIn(); +\OCP\JSON::checkAppEnabled( 'files_encryption' ); +\OCP\JSON::callCheck(); + +if ( + isset( $_POST['userEnableRecovery'] ) +) { + + // Ensure preference is an integer + $recoveryEnabled = intval( $_POST['userEnableRecovery'] ); + + $userId = \OCP\USER::getUser(); + $view = new \OC_FilesystemView( '/' ); + $util = new Util( $view, $userId ); + + // Save recovery preference to DB + $result = $util->setRecovery( $recoveryEnabled ); + + if ( $result ) { + + \OCP\JSON::success(); + + } else { + + \OCP\JSON::error(); + + } + +}
\ No newline at end of file |