Merge branch 'master' into display-share-owner-master

Conflicts:
	apps/files_sharing/lib/cache.php

9 files changed, 186 insertions, 35 deletions

diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index 3af43f10264..0b6c5adf3fb 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -501,11 +501,20 @@ class Hooks {
 	 * @param array $params with the old path and the new path

 	 */

 	public static function preRename($params) {

-		$util = new Util(new \OC_FilesystemView('/'), \OCP\User::getUser());

+		$user = \OCP\User::getUser();

+		$view = new \OC_FilesystemView('/');

+		$util = new Util($view, $user);

 		list($ownerOld, $pathOld) = $util->getUidAndFilename($params['oldpath']);

-		self::$renamedFiles[$params['oldpath']] = array(

-			'uid' => $ownerOld,

-			'path' => $pathOld);

+

+		// we only need to rename the keys if the rename happens on the same mountpoint

+		// otherwise we perform a stream copy, so we get a new set of keys

+		$mp1 = $view->getMountPoint('/' . $user . '/files/' . $params['oldpath']);

+		$mp2 = $view->getMountPoint('/' . $user . '/files/' . $params['newpath']);

+		if ($mp1 === $mp2) {

+			self::$renamedFiles[$params['oldpath']] = array(

+				'uid' => $ownerOld,

+				'path' => $pathOld);

+		}

 	}

 

 	/**

diff --git a/apps/files_encryption/js/settings-admin.js b/apps/files_encryption/js/settings-admin.js
index c2140a6f1eb..785d02002fa 100644
--- a/apps/files_encryption/js/settings-admin.js
+++ b/apps/files_encryption/js/settings-admin.js
@@ -7,28 +7,6 @@
  * See the COPYING-README file.
  */
 
-OC.msg={
-	startSaving:function(selector){
-		$(selector)
-			.html( t('settings', 'Saving...') )
-			.removeClass('success')
-			.removeClass('error')
-			.stop(true, true)
-			.show();
-	},
-	finishedSaving:function(selector, data){
-		if( data.status === "success" ){
-			 $(selector).html( data.data.message )
-				.addClass('success')
-				.stop(true, true)
-				.delay(3000)
-				.fadeOut(900);
-		}else{
-			$(selector).html( data.data.message ).addClass('error');
-		}
-	}
-};
-
 $(document).ready(function(){
 	// Trigger ajax on recoveryAdmin status change
 	var enabledStatus = $('#adminEnableRecovery').val();
diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php
index 9d456f6c517..a2d42c22c13 100644
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@@ -38,6 +38,7 @@ class Proxy extends \OC_FileProxy {
 
 	private static $blackList = null; //mimetypes blacklisted from encryption
 	private static $unencryptedSizes = array(); // remember unencrypted size
+	private static $fopenMode = array(); // remember the fopen mode
 
 	/**
 	 * Check if a file requires encryption
@@ -146,7 +147,7 @@ class Proxy extends \OC_FileProxy {
 		if ( isset(self::$unencryptedSizes[$normalizedPath]) ) {
 			$view = new \OC_FilesystemView('/');
 			$view->putFileInfo($normalizedPath,
-					array('encrypted' => true, 'encrypted_size' => self::$unencryptedSizes[$normalizedPath]));
+					array('encrypted' => true, 'unencrypted_size' => self::$unencryptedSizes[$normalizedPath]));
 			unset(self::$unencryptedSizes[$normalizedPath]);
 		}
 
@@ -214,6 +215,16 @@ class Proxy extends \OC_FileProxy {
 	}
 
 	/**
+	 * @brief remember initial fopen mode because sometimes it gets changed during the request
+	 * @param string $path path
+	 * @param string $mode type of access
+	 */
+	public function preFopen($path, $mode) {
+		self::$fopenMode[$path] = $mode;
+	}
+
+
+	/**
 	 * @param $path
 	 * @param $result
 	 * @return resource
@@ -240,7 +251,15 @@ class Proxy extends \OC_FileProxy {
 		$proxyStatus = \OC_FileProxy::$enabled;
 		\OC_FileProxy::$enabled = false;
 
-		$meta = stream_get_meta_data($result);
+		// if we remember the mode from the pre proxy we re-use it
+		// oterwise we fall back to stream_get_meta_data()
+		if (isset(self::$fopenMode[$path])) {
+			$mode = self::$fopenMode[$path];
+			unset(self::$fopenMode[$path]);
+		} else {
+			$meta = stream_get_meta_data($result);
+			$mode = $meta['mode'];
+		}
 
 		$view = new \OC_FilesystemView('');
 
@@ -258,14 +277,15 @@ class Proxy extends \OC_FileProxy {
 
 			// Open the file using the crypto stream wrapper
 			// protocol and let it do the decryption work instead
-			$result = fopen('crypt://' . $path, $meta['mode']);
+			$result = fopen('crypt://' . $path, $mode);
 
 		} elseif (
-			self::shouldEncrypt($path)
-			and $meta['mode'] !== 'r'
-				and $meta['mode'] !== 'rb'
+				self::shouldEncrypt($path)
+				and $mode !== 'r'
+				and $mode !== 'rb'
+
 		) {
-			$result = fopen('crypt://' . $path, $meta['mode']);
+			$result = fopen('crypt://' . $path, $mode);
 		}
 
 		// Re-enable the proxy
diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php
index aa58e33e9d2..3daaa06425f 100644
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@@ -134,6 +134,14 @@ class Session {
 
 	}
 
+	/**
+	 * @brief remove encryption keys and init status from session
+	 */
+	public function closeSession() {
+		\OC::$session->remove('encryptionInitialized');
+		\OC::$session->remove('privateKey');
+	}
+
 
 	/**
 	 * @brief Gets status if we already tried to initialize the encryption app
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 88eacc6f136..58ac03373a7 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -167,6 +167,9 @@ class Stream {
 		} else {
 
 			$this->meta = stream_get_meta_data($this->handle);
+			// sometimes fopen changes the mode, e.g. for a url "r" convert to "r+"
+			// but we need to remember the original access type
+			$this->meta['mode'] = $mode;
 
 		}
 
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index ec06bd52f5e..6bf69cd8ee1 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -1772,4 +1772,12 @@ class Util {
 		return $session;
 	}
 
+	/*
+	 * @brief remove encryption related keys from the session
+	 */
+	public function closeEncryptionSession() {
+		$session = new \OCA\Encryption\Session($this->view);
+		$session->closeSession();
+	}
+
 }
diff --git a/apps/files_encryption/tests/hooks.php b/apps/files_encryption/tests/hooks.php
index 7d926caea1b..d0e4b5f732e 100644
--- a/apps/files_encryption/tests/hooks.php
+++ b/apps/files_encryption/tests/hooks.php
@@ -47,6 +47,7 @@ class Test_Encryption_Hooks extends \PHPUnit_Framework_TestCase {
 	public $rootView; // view on /data/user
 	public $data;
 	public $filename;
+	public $folder;
 
 	public static function setUpBeforeClass() {
 		// reset backend
@@ -89,6 +90,7 @@ class Test_Encryption_Hooks extends \PHPUnit_Framework_TestCase {
 		// init short data
 		$this->data = 'hats';
 		$this->filename = 'enc_hooks_tests-' . uniqid() . '.txt';
+		$this->folder = 'enc_hooks_tests_folder-' . uniqid();
 
 	}
 
@@ -268,4 +270,57 @@ class Test_Encryption_Hooks extends \PHPUnit_Framework_TestCase {
 		}
 	}
 
+	/**
+	 * @brief test rename operation
+	 */
+	function testRenameHook() {
+
+		// save file with content
+		$cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->filename, $this->data);
+
+		// test that data was successfully written
+		$this->assertTrue(is_int($cryptedFile));
+
+		// check if keys exists
+		$this->assertTrue($this->rootView->file_exists(
+			'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
+			. $this->filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
+
+		$this->assertTrue($this->rootView->file_exists(
+			'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/'
+			. $this->filename . '.key'));
+
+		// make subfolder
+		$this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder);
+
+		$this->assertTrue($this->rootView->is_dir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder));
+
+		// move the file out of the shared folder
+		$root = $this->rootView->getRoot();
+		$this->rootView->chroot('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/');
+		$this->rootView->rename($this->filename, '/' . $this->folder . '/' . $this->filename);
+		$this->rootView->chroot($root);
+
+		$this->assertFalse($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->filename));
+		$this->assertTrue($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->filename));
+
+		// keys should be renamed too
+		$this->assertFalse($this->rootView->file_exists(
+			'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
+			. $this->filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
+		$this->assertFalse($this->rootView->file_exists(
+			'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/'
+			. $this->filename . '.key'));
+
+		$this->assertTrue($this->rootView->file_exists(
+			'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $this->folder . '/'
+			. $this->filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
+		$this->assertTrue($this->rootView->file_exists(
+			'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->folder . '/'
+			. $this->filename . '.key'));
+
+		// cleanup
+		$this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder);
+	}
+
 }
diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php
index 46a21dd55cd..be56968ac09 100755
--- a/apps/files_encryption/tests/share.php
+++ b/apps/files_encryption/tests/share.php
@@ -127,6 +127,7 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
 		\OC_User::deleteUser(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4);
 	}
 
+
 	/**
 	 * @medium
 	 * @param bool $withTeardown
@@ -498,6 +499,7 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
 		}
 	}
 
+
 	function testPublicShareFile() {
 		// login as admin
 		\Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
@@ -864,6 +866,13 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
 
 		\OCA\Encryption\Helper::adminDisableRecovery('test123');
 		$this->assertEquals(0, \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled'));
+
+		//clean up, reset passwords
+		\OC_User::setPassword(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, 'test123');
+		$params = array('uid' => \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2,
+			'password' => \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2,
+			'recoveryPassword' => 'test123');
+		\OCA\Encryption\Hooks::setPassphrase($params);
 	}
 
 	/**
@@ -947,4 +956,65 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
 		$this->view->chroot('/');
 	}
 
+
+	/**
+	 * @brief test moving a shared file out of the Shared folder
+	 */
+	function testRename() {
+
+		// login as admin
+		\Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
+
+		// save file with content
+		$cryptedFile = file_put_contents('crypt:///' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort);
+
+		// test that data was successfully written
+		$this->assertTrue(is_int($cryptedFile));
+
+		// get the file info from previous created file
+		$fileInfo = $this->view->getFileInfo(
+			'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename);
+
+		// check if we have a valid file info
+		$this->assertTrue($fileInfo instanceof \OC\Files\FileInfo);
+
+		// share the file
+		\OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, OCP\PERMISSION_ALL);
+
+		// check if share key for user2exists
+		$this->assertTrue($this->view->file_exists(
+			'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
+			. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
+
+
+		// login as user2
+		\Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2);
+
+		$this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/Shared/' . $this->filename));
+
+		// get file contents
+		$retrievedCryptedFile = $this->view->file_get_contents(
+			'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/Shared/' . $this->filename);
+
+		// check if data is the same as we previously written
+		$this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+		// move the file out of the shared folder
+		$this->view->rename('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/Shared/' . $this->filename,
+				'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
+
+		// check if we can read the moved file
+		$retrievedRenamedFile = $this->view->file_get_contents(
+			'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
+
+		// check if data is the same as we previously written
+		$this->assertEquals($this->dataShort, $retrievedRenamedFile);
+
+		// the owners file should be deleted
+		$this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename));
+
+		// cleanup
+		$this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
+	}
+
 }
diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php
index f70e30c4d73..203ba55dbfd 100755
--- a/apps/files_encryption/tests/util.php
+++ b/apps/files_encryption/tests/util.php
@@ -344,7 +344,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase {
 
 		// check if mtime and etags unchanged
 		$this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']);
-		$this->assertEquals($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);
+		$this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);
 
 		$this->view->unlink($this->userId . '/files/' . $filename);
 	}
@@ -373,7 +373,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase {
 
 		// check if mtime and etags unchanged
 		$this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']);
-		$this->assertEquals($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);
+		$this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);
 		// file should no longer be encrypted
 		$this->assertEquals(0, $fileInfoUnencrypted['encrypted']);