upgrade to new folder structure

author: Bjoern Schiessle <schiessle@owncloud.com> 2014-11-18 17:25:36 +0100
committer: Bjoern Schiessle <schiessle@owncloud.com> 2014-12-02 16:03:54 +0100
commit: 49cfc3035944956269e7264df9fbfb202b7e096d (patch)
tree: e37976b7b0019a2dc551952c359a2bbe3814b191 /apps/files_encryption/lib
parent: a90606fb14adc0aa149a87528d4f1ce61d0250e9 (diff)
download: nextcloud-server-49cfc3035944956269e7264df9fbfb202b7e096d.tar.gz
nextcloud-server-49cfc3035944956269e7264df9fbfb202b7e096d.zip
4 files changed, 268 insertions, 33 deletions
diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index 2c340bcb23f..c8de1a73d27 100644
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -31,7 +31,9 @@ namespace OCA\Encryption;
 class Keymanager {
 
 	// base dir where all the file related keys are stored
-	const KEYS_BASE_DIR = '/files_encryption/keys/';
+	private static $keys_base_dir = '/files_encryption/keys/';
+	private static $encryption_base_dir = '/files_encryption';
+	private static $public_key_dir = '/files_encryption/public_keys';
 
 	/**
 	 * read key from hard disk
@@ -95,10 +97,14 @@ class Keymanager {
 	 * @return string public key or false
 	 */
 	public static function getPublicKey(\OC\Files\View $view, $userId) {
-		$path = '/public-keys/' . $userId . '.publicKey';
+		$path = self::$public_key_dir . '/' . $userId . '.publicKey';
 		return self::getKey($path, $view);
 	}
 
+	public static function getPublicKeyPath() {
+		return self::$public_key_dir;
+	}
+
 	/**
 	 * Retrieve a user's public and private key
 	 * @param \OC\Files\View $view
@@ -168,9 +174,9 @@ class Keymanager {
 
 		// in case of system wide mount points the keys are stored directly in the data directory
 		if ($util->isSystemWideMountPoint($filename)) {
-			$keyPath = self::KEYS_BASE_DIR . $filePath_f . '/';
+			$keyPath = self::$keys_base_dir . $filePath_f . '/';
 		} else {
-			$keyPath = '/' . $owner . self::KEYS_BASE_DIR . $filePath_f . '/';
+			$keyPath = '/' . $owner . self::$keys_base_dir . $filePath_f . '/';
 		}
 
 		return $keyPath;
@@ -215,7 +221,7 @@ class Keymanager {
 		$result = false;
 
 		if (!\OCP\User::userExists($uid)) {
-			$publicKey = '/public-keys/' . $uid . '.publicKey';
+			$publicKey = self::$public_key_dir . '/' . $uid . '.publicKey';
 			$result = $view->unlink($publicKey);
 		}
 
@@ -229,7 +235,7 @@ class Keymanager {
 	 * @param string $uid
 	 */
 	public static function publicKeyExists($view, $uid) {
-		return $view->file_exists('/public-keys/'. $uid . '.publicKey');
+		return $view->file_exists(self::$public_key_dir . '/'. $uid . '.publicKey');
 	}
 
 
@@ -278,8 +284,8 @@ class Keymanager {
 
 		$recoveryKeyId = Helper::getRecoveryKeyId();
 		if ($recoveryKeyId) {
-			$result = ($view->file_exists("/public-keys/" . $recoveryKeyId . ".publicKey")
-					&& $view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".privateKey"));
+			$result = ($view->file_exists(self::$public_key_dir . '/' . $recoveryKeyId . ".publicKey")
+					&& $view->file_exists(self::$encryption_base_dir . '/' . $recoveryKeyId . ".privateKey"));
 		}
 
 		return $result;
@@ -290,8 +296,8 @@ class Keymanager {
 
 		$publicShareKeyId = Helper::getPublicShareKeyId();
 		if ($publicShareKeyId) {
-			$result = ($view->file_exists("/public-keys/" . $publicShareKeyId . ".publicKey")
-					&& $view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".privateKey"));
+			$result = ($view->file_exists(self::$public_key_dir . '/' . $publicShareKeyId . ".publicKey")
+					&& $view->file_exists(self::$encryption_base_dir . '/' . $publicShareKeyId . ".privateKey"));
 
 		}
 
@@ -308,9 +314,8 @@ class Keymanager {
 	public static function setPublicKey($key, $user = '') {
 
 		$user = $user === '' ? \OCP\User::getUser() : $user;
-		$path = '/public-keys';
 
-		return self::setKey($path, $user . '.publicKey', $key, new \OC\Files\View('/'));
+		return self::setKey(self::$public_key_dir, $user . '.publicKey', $key, new \OC\Files\View('/'));
 	}
 
 	/**
@@ -323,10 +328,9 @@ class Keymanager {
 	public static function setPrivateSystemKey($key, $keyName) {
 
 		$keyName = $keyName . '.privateKey';
-		$path = '/owncloud_private_key';
 		$header = Crypt::generateHeader();
 
-		return self::setKey($path, $keyName,$header . $key, new \OC\Files\View());
+		return self::setKey(self::$encryption_base_dir, $keyName,$header . $key, new \OC\Files\View());
 	}
 
 	/**
@@ -337,7 +341,7 @@ class Keymanager {
 	 */
 	public static function getPrivateSystemKey($keyName) {
 		$path = $keyName . '.privateKey';
-		return self::getKey($path, new \OC\Files\View('/owncloud_private_key'));
+		return self::getKey($path, new \OC\Files\View(self::$encryption_base_dir));
 	}
 
 	/**
diff --git a/apps/files_encryption/lib/migration.php b/apps/files_encryption/lib/migration.php
index 62a765d21f4..ee2e52114cf 100644
--- a/apps/files_encryption/lib/migration.php
+++ b/apps/files_encryption/lib/migration.php
@@ -4,7 +4,7 @@
  *
  * @copyright (C) 2014 ownCloud, Inc.
  *
- * @author Thomas Müller <deepdiver@owncloud.com>
+ * @author Bjoern Schiessle <schiessle@owncloud.com>
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@@ -26,26 +26,257 @@ namespace OCA\Files_Encryption;
 
 class Migration {
 
-	public function __construct($tableName = 'encryption') {
-		$this->tableName = $tableName;
+	/**
+	 * @var \OC\Files\View
+	 */
+	private $view;
+	private $public_share_key_id;
+	private $recovery_key_id;
+
+	public function __construct() {
+		$this->view = new \OC\Files\View();
+		$this->public_share_key_id = \OCA\Encryption\Helper::getPublicShareKeyId();
+		$this->recovery_key_id = \OCA\Encryption\Helper::getRecoveryKeyId();
+	}
+
+	public function reorganizeFolderStructure() {
+
+		$this->createPathForKeys('/files_encryption');
+
+		// backup system wide folders
+		$this->backupSystemWideKeys();
+
+		// rename public keys
+		$this->renamePublicKeys();
+
+		// rename system wide mount point
+		$this->renameFileKeys('', '/files_encryption/keyfiles');
+
+		// rename system private keys
+		$this->renameSystemPrivateKeys();
+
+		// delete old system wide folders
+		$this->view->deleteAll('/public-keys');
+		$this->view->deleteAll('/owncloud_private_key');
+		$this->view->deleteAll('/files_encryption/share-keys');
+		$this->view->deleteAll('/files_encryption/keyfiles');
+
+		$users = \OCP\User::getUsers();
+		foreach ($users as $user) {
+			// backup all keys
+			if ($this->backupUserKeys($user)) {
+				// create new 'key' folder
+				$this->view->mkdir($user . '/files_encryption/keys');
+				// rename users private key
+				$this->renameUsersPrivateKey($user);
+				// rename file keys
+				$path = $user . '/files_encryption/keyfiles';
+				$this->renameFileKeys($user, $path);
+				$trashPath = $user . '/files_trashbin/keyfiles';
+				if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($trashPath)) {
+					$this->renameFileKeys($user, $trashPath, true);
+					$this->view->deleteAll($trashPath);
+					$this->view->deleteAll($user . '/files_trashbin/share-keys');
+				}
+				// delete old folders
+				$this->deleteOldKeys($user);
+			}
+		}
+	}
+
+	private function backupSystemWideKeys() {
+		$backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s");
+		$this->view->mkdir($backupDir);
+		$this->view->copy('owncloud_private_key', $backupDir . '/owncloud_private_key');
+		$this->view->copy('public-keys', $backupDir . '/public-keys');
+		$this->view->copy('files_encryption', $backupDir . '/files_encryption');
+	}
+
+	private function backupUserKeys($user) {
+		$encryptionDir = $user . '/files_encryption';
+		if ($this->view->is_dir($encryptionDir)) {
+			$backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s");
+			$this->view->mkdir($backupDir);
+			$this->view->copy($encryptionDir, $backupDir);
+			return true;
+		}
+		return false;
+	}
+
+	private function renamePublicKeys() {
+		$dh = $this->view->opendir('public-keys');
+
+		$this->createPathForKeys('files_encryption/public_keys');
+
+		if (is_resource($dh)) {
+			while (($oldPublicKey = readdir($dh)) !== false) {
+				if (!\OC\Files\Filesystem::isIgnoredDir($oldPublicKey)) {
+					$newPublicKey = substr($oldPublicKey, 0, strlen($oldPublicKey) - strlen('.public.key')) . '.publicKey';
+					$this->view->rename('public-keys/' . $oldPublicKey , 'files_encryption/public_keys/' . $newPublicKey);
+				}
+			}
+			closedir($dh);
+		}
 	}
 
-	// migrate settings from oc_encryption to oc_preferences
-	public function dropTableEncryption() {
-		$tableName = $this->tableName;
-		if (!\OC_DB::tableExists($tableName)) {
-			return;
+	private function renameSystemPrivateKeys() {
+		$dh = $this->view->opendir('owncloud_private_key');
+
+		if (is_resource($dh)) {
+			while (($oldPrivateKey = readdir($dh)) !== false) {
+				if (!\OC\Files\Filesystem::isIgnoredDir($oldPrivateKey)) {
+					$newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey';
+					$this->view->rename('owncloud_private_key/' . $oldPrivateKey , 'files_encryption/' . $newPrivateKey);
+				}
+			}
+			closedir($dh);
 		}
-		$sql = "select `uid`, max(`recovery_enabled`) as `recovery_enabled`, min(`migration_status`) as `migration_status` from `*PREFIX*$tableName` group by `uid`";
-		$query = \OCP\DB::prepare($sql);
-		$result = $query->execute(array())->fetchAll();
+	}
+
+	private function renameUsersPrivateKey($user) {
+		 $oldPrivateKey = $user . '/files_encryption/' . $user . '.private.key';
+		 $newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey';
+
+		 $this->view->rename($oldPrivateKey, $newPrivateKey);
+	}
 
-		foreach ($result as $row) {
-			\OC_Preferences::setValue($row['uid'], 'files_encryption', 'recovery_enabled', $row['recovery_enabled']);
-			\OC_Preferences::setValue($row['uid'], 'files_encryption', 'migration_status', $row['migration_status']);
+	private function getFileName($file, $trash) {
+
+		$extLength = strlen('.key');
+
+		if ($trash) {
+			$parts = explode('.', $file);
+			if ($parts[count($parts) - 1] !== 'key') {
+				$extLength = $extLength + strlen('.' . $parts[count($parts) - 1]);
+			}
 		}
 
-		\OC_DB::dropTable($tableName);
+		$filename = substr($file, 0, strlen($file) - $extLength);
+
+		return $filename;
 	}
 
+	private function getExtension($file, $trash) {
+
+		$extension = '';
+
+		if ($trash) {
+			$parts = explode('.', $file);
+			if ($parts[count($parts) - 1] !== 'key') {
+				$extension = '.' . $parts[count($parts) - 1];
+			}
+		}
+
+		return $extension;
+	}
+
+	private function getFilePath($path, $user, $trash) {
+		$offset = $trash ? strlen($user . '/files_trashbin/keyfiles') :  strlen($user . '/files_encryption/keyfiles');
+		return substr($path, $offset);
+	}
+
+	private function getTargetDir($user, $filePath, $filename, $extension, $trash) {
+		if ($trash) {
+			$targetDir = $user . '/files_trashbin/keys/' . $filePath . '/' . $filename . $extension;
+		} else {
+			$targetDir = $user . '/files_encryption/keys/' . $filePath . '/' . $filename . $extension;
+		}
+
+		return $targetDir;
+	}
+
+	private function renameFileKeys($user, $path, $trash = false) {
+
+		$dh = $this->view->opendir($path);
+
+		if (is_resource($dh)) {
+			while (($file = readdir($dh)) !== false) {
+				if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+					if ($this->view->is_dir($path . '/' . $file)) {
+						$this->renameFileKeys($user, $path . '/' . $file, $trash);
+					} else {
+						$filename = $this->getFileName($file, $trash);
+						$filePath = $this->getFilePath($path, $user, $trash);
+						$extension = $this->getExtension($file, $trash);
+						$targetDir = $this->getTargetDir($user, $filePath, $filename, $extension, $trash);
+						$this->createPathForKeys($targetDir);
+						$this->view->copy($path . '/' . $file, $targetDir . '/fileKey');
+						$this->renameShareKeys($user, $filePath, $filename, $targetDir, $trash);
+					}
+				}
+			}
+			closedir($dh);
+		}
+	}
+
+	private function getOldShareKeyPath($user, $filePath, $trash) {
+		if ($trash) {
+			$oldShareKeyPath = $user . '/files_trashbin/share-keys/' . $filePath;
+		} else {
+			$oldShareKeyPath = $user . '/files_encryption/share-keys/' . $filePath;
+		}
+
+		return $oldShareKeyPath;
+	}
+
+	private function getUidFromShareKey($file, $filename, $trash) {
+		$extLength = strlen('.shareKey');
+		if ($trash) {
+			$parts = explode('.', $file);
+			if ($parts[count($parts) - 1] !== 'shareKey') {
+				$extLength = $extLength + strlen('.' . $parts[count($parts) - 1]);
+			}
+		}
+
+		$uid = substr($file, strlen($filename) + 1, $extLength * -1);
+
+		return $uid;
+	}
+
+	private function renameShareKeys($user, $filePath, $filename, $target, $trash) {
+		$oldShareKeyPath = $this->getOldShareKeyPath($user, $filePath, $trash);
+		$dh = $this->view->opendir($oldShareKeyPath);
+
+		if (is_resource($dh)) {
+			while (($file = readdir($dh)) !== false) {
+				if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+					if ($this->view->is_dir($oldShareKeyPath . '/' . $file)) {
+						continue;
+					} else {
+						if (substr($file, 0, strlen($filename) +1) === $filename . '.') {
+
+							$uid = $this->getUidFromShareKey($file, $filename, $trash);
+							if ($uid === $this->public_share_key_id ||
+									$uid === $this->recovery_key_id ||
+									\OCP\User::userExists($uid)) {
+								$this->view->copy($oldShareKeyPath . '/' . $file, $target . '/' . $uid . '.shareKey');
+							}
+						}
+					}
+
+				}
+			}
+			closedir($dh);
+		}
+	}
+
+	private function deleteOldKeys($user) {
+		$this->view->deleteAll($user . '/files_encryption/keyfiles');
+		$this->view->deleteAll($user . '/files_encryption/share-keys');
+	}
+
+	private function createPathForKeys($path) {
+		if (!$this->view->file_exists($path)) {
+			$sub_dirs = explode('/', $path);
+			$dir = '';
+			foreach ($sub_dirs as $sub_dir) {
+				$dir .= '/' . $sub_dir;
+				if (!$this->view->is_dir($dir)) {
+					$this->view->mkdir($dir);
+				}
+			}
+		}
+	}
+
+
 }
diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php
index 355264a5070..7f1e0664cdc 100644
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@@ -48,9 +48,9 @@ class Session {
 
 		$this->view = $view;
 
-		if (!$this->view->is_dir('owncloud_private_key')) {
+		if (!$this->view->is_dir('files_encryption')) {
 
-			$this->view->mkdir('owncloud_private_key');
+			$this->view->mkdir('files_encryption');
 
 		}
 
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 6c1b2f60d7e..42a7e20c87f 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -73,7 +73,7 @@ class Util {
 		$this->fileFolderName = 'files';
 		$this->userFilesDir =
 				'/' . $userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
-		$this->publicKeyDir = '/' . 'public-keys';
+		$this->publicKeyDir = Keymanager::getPublicKeyPath();
 		$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
 		$this->keysPath = $this->encryptionDir . '/' . 'keys';
 		$this->publicKeyPath =
author	Bjoern Schiessle <schiessle@owncloud.com>	2014-11-18 17:25:36 +0100
committer	Bjoern Schiessle <schiessle@owncloud.com>	2014-12-02 16:03:54 +0100
commit	49cfc3035944956269e7264df9fbfb202b7e096d (patch)
tree	e37976b7b0019a2dc551952c359a2bbe3814b191 /apps/files_encryption/lib
parent	a90606fb14adc0aa149a87528d4f1ce61d0250e9 (diff)
download	nextcloud-server-49cfc3035944956269e7264df9fbfb202b7e096d.tar.gz nextcloud-server-49cfc3035944956269e7264df9fbfb202b7e096d.zip