a new approach to display the error message

6 files changed, 92 insertions, 11 deletions

diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php
index 0d6f57f46e9..79b2ad3abaf 100644
--- a/apps/encryption/appinfo/application.php
+++ b/apps/encryption/appinfo/application.php
@@ -209,7 +209,8 @@ class Application extends \OCP\AppFramework\App {
 					$c->query('Crypt'),
 					$server->getLogger(),
 					$server->getUserSession(),
-					$server->getConfig());
+					$server->getConfig(),
+					$server->getUserManager());
 			});
 
 	}
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php
index a4abcd7dc5a..0fd85fa4e9a 100644
--- a/apps/encryption/lib/crypto/encryption.php
+++ b/apps/encryption/lib/crypto/encryption.php
@@ -270,6 +270,15 @@ class Encryption implements IEncryptionModule {
 	 * @return mixed decrypted data
 	 */
 	public function decrypt($data) {
+		if (empty($this->fileKey)) {
+			$msg = $this->l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+			$this->logger->error('Can not decrypt this file,
+			probably this is a shared file.
+			Please ask the file owner to reshare the file with you.');
+
+			throw new DecryptionFailedException($msg);
+		}
+
 		$result = '';
 		if (!empty($data)) {
 			$result = $this->crypt->symmetricDecryptFileContent($data, $this->fileKey, $this->cipher);
@@ -346,6 +355,36 @@ class Encryption implements IEncryptionModule {
 	}
 
 	/**
+	 * check if the encryption module is able to read the file,
+	 * e.g. if all encryption keys exists
+	 *
+	 * @param string $path
+	 * @param string $uid user for whom we want to check if he can read the file
+	 * @return bool
+	 * @throws DecryptionFailedException
+	 */
+	public function isReadable($path, $uid) {
+		$fileKey = $this->keyManager->getFileKey($path, $uid);
+		if (empty($fileKey)) {
+			$owner = $this->util->getOwner($path);
+			if ($owner !== $uid) {
+				// if it is a shared file we throw a exception with a useful
+				// error message because in this case it means that the file was
+				// shared with the user at a point where the user didn't had a
+				// valid private/public key
+				$msg = 'Encryption module "' . $this->getDisplayName() .
+					'" is not able to read ' . $path;
+				$hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+				$this->logger->warning($msg);
+				throw new DecryptionFailedException($msg, 0, null, $hint);
+			}
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
 	 * @param string $path
 	 * @return string
 	 */
@@ -360,4 +399,5 @@ class Encryption implements IEncryptionModule {
 
 		return $realPath;
 	}
+
 }
diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php
index 51d5241122f..afed96aaa38 100644
--- a/apps/encryption/lib/util.php
+++ b/apps/encryption/lib/util.php
@@ -29,6 +29,7 @@ use OCA\Encryption\Crypto\Crypt;
 use OCP\IConfig;
 use OCP\ILogger;
 use OCP\IUser;
+use OCP\IUserManager;
 use OCP\IUserSession;
 use OCP\PreConditionNotMetException;
 
@@ -53,6 +54,10 @@ class Util {
 	 * @var IConfig
 	 */
 	private $config;
+	/**
+	 * @var IUserManager
+	 */
+	private $userManager;
 
 	/**
 	 * Util constructor.
@@ -62,18 +67,21 @@ class Util {
 	 * @param ILogger $logger
 	 * @param IUserSession $userSession
 	 * @param IConfig $config
+	 * @param IUserManager $userManager
 	 */
 	public function __construct(View $files,
 								Crypt $crypt,
 								ILogger $logger,
 								IUserSession $userSession,
-								IConfig $config
+								IConfig $config,
+								IUserManager $userManager
 	) {
 		$this->files = $files;
 		$this->crypt = $crypt;
 		$this->logger = $logger;
 		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false;
 		$this->config = $config;
+		$this->userManager = $userManager;
 	}
 
 	/**
@@ -117,5 +125,26 @@ class Util {
 		return $this->files->file_exists($uid . '/files');
 	}
 
+	/**
+	 * get owner from give path, path relative to data/ expected
+	 *
+	 * @param string $path relative to data/
+	 * @return string
+	 * @throws \BadMethodCallException
+	 */
+	public function getOwner($path) {
+		$owner = '';
+		$parts = explode('/', $path, 3);
+		if (count($parts) > 1) {
+			$owner = $parts[1];
+			if ($this->userManager->userExists($owner) === false) {
+				throw new \BadMethodCallException('Unknown user: ' .
+				'method expects path to a user folder relative to the data folder');
+			}
+
+		}
+
+		return $owner;
+	}
 
 }
diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php
index 003a27da71d..3815626ee64 100644
--- a/apps/encryption/settings/settings-personal.php
+++ b/apps/encryption/settings/settings-personal.php
@@ -35,7 +35,8 @@ $util = new \OCA\Encryption\Util(
 	$crypt,
 	\OC::$server->getLogger(),
 	$userSession,
-	\OC::$server->getConfig());
+	\OC::$server->getConfig(),
+	\OC::$server->getUserManager());
 
 $keyManager = new \OCA\Encryption\KeyManager(
 	\OC::$server->getEncryptionKeyStorage(),
diff --git a/apps/encryption/tests/lib/UtilTest.php b/apps/encryption/tests/lib/UtilTest.php
index eab912b82d4..18cf0386793 100644
--- a/apps/encryption/tests/lib/UtilTest.php
+++ b/apps/encryption/tests/lib/UtilTest.php
@@ -28,11 +28,17 @@ use Test\TestCase;
 
 class UtilTest extends TestCase {
 	private static $tempStorage = [];
+
+	/** @var \PHPUnit_Framework_MockObject_MockObject */
 	private $configMock;
+
+	/** @var \PHPUnit_Framework_MockObject_MockObject */
 	private $filesMock;
-	/**
-	 * @var Util
-	 */
+
+	/** @var \PHPUnit_Framework_MockObject_MockObject */
+	private $userManagerMock;
+
+	/** @var Util */
 	private $instance;
 
 	public function testSetRecoveryForUser() {
@@ -40,9 +46,6 @@ class UtilTest extends TestCase {
 		$this->assertArrayHasKey('recoveryEnabled', self::$tempStorage);
 	}
 
-	/**
-	 *
-	 */
 	public function testIsRecoveryEnabledForUser() {
 		$this->assertTrue($this->instance->isRecoveryEnabledForUser('admin'));
 
@@ -62,6 +65,7 @@ class UtilTest extends TestCase {
 	protected function setUp() {
 		parent::setUp();
 		$this->filesMock = $this->getMock('OC\Files\View');
+		$this->userManagerMock = $this->getMock('\OCP\IUserManager');
 
 		$cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt')
 			->disableOriginalConstructor()
@@ -98,7 +102,7 @@ class UtilTest extends TestCase {
 			->method('setUserValue')
 			->will($this->returnCallback([$this, 'setValueTester']));
 
-		$this->instance = new Util($this->filesMock, $cryptMock, $loggerMock, $userSessionMock, $configMock);
+		$this->instance = new Util($this->filesMock, $cryptMock, $loggerMock, $userSessionMock, $configMock, $this->userManagerMock);
 	}
 
 	/**
diff --git a/apps/files_sharing/lib/sharedstorage.php b/apps/files_sharing/lib/sharedstorage.php
index 33b7f887e19..10a37c7dae9 100644
--- a/apps/files_sharing/lib/sharedstorage.php
+++ b/apps/files_sharing/lib/sharedstorage.php
@@ -217,7 +217,13 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 	}
 
 	public function isReadable($path) {
-		return $this->file_exists($path);
+		$isReadable = false;
+		if ($source = $this->getSourcePath($path)) {
+			list($storage, $internalPath) = \OC\Files\Filesystem::resolvePath($source);
+			$isReadable = $storage->isReadable($internalPath);
+		}
+
+		return $isReadable && $this->file_exists($path);
 	}
 
 	public function isUpdatable($path) {