add migration script from old encryption to new one

4 files changed, 53 insertions, 12 deletions

diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php
index 74cad0a75bb..45c98baede3 100644
--- a/lib/private/encryption/manager.php
+++ b/lib/private/encryption/manager.php
@@ -22,24 +22,34 @@
 
 namespace OC\Encryption;
 
+use OC\Files\Storage\Shared;
 use OC\Files\Storage\Wrapper\Encryption;
+use OC\Files\View;
 use OCP\Encryption\IEncryptionModule;
+use OCP\Encryption\IManager;
 use OCP\Files\Mount\IMountPoint;
+use OCP\IConfig;
+use OCP\ILogger;
 
-class Manager implements \OCP\Encryption\IManager {
+class Manager implements IManager {
 
 	/** @var array */
 	protected $encryptionModules;
 
-	/** @var \OCP\IConfig */
+	/** @var IConfig */
 	protected $config;
 
+	/** @var ILogger */
+	protected $logger;
+
 	/**
-	 * @param \OCP\IConfig $config
+	 * @param IConfig $config
+	 * @param ILogger $logger
 	 */
-	public function __construct(\OCP\IConfig $config) {
+	public function __construct(IConfig $config, ILogger $logger) {
 		$this->encryptionModules = array();
 		$this->config = $config;
+		$this->logger = $logger;
 	}
 
 	/**
@@ -59,6 +69,24 @@ class Manager implements \OCP\Encryption\IManager {
 	}
 
 	/**
+	 * check if new encryption is ready
+	 *
+	 * @return boolean
+	 */
+	public function isReady() {
+		// check if we are still in transit between the old and the new encryption
+		$oldEncryption = $this->config->getAppValue('files_encryption', 'installed_version');
+		if (!empty($oldEncryption)) {
+			$warning = 'Installation is in transit between the old Encryption (ownCloud <= 8.0)
+			and the new encryption. Please enable the "ownCloud Default Encryption Module"
+			and run \'occ encryption:migrate\'';
+			$this->logger->warning($warning);
+			return false;
+		}
+		return true;
+	}
+
+	/**
 	 * Registers an encryption module
 	 *
 	 * @param IEncryptionModule $module
@@ -185,10 +213,10 @@ class Manager implements \OCP\Encryption\IManager {
 				'mountPoint' => $mountPoint,
 				'mount' => $mount];
 
-			if (!($storage instanceof \OC\Files\Storage\Shared)) {
+			if (!($storage instanceof Shared)) {
 				$manager = \OC::$server->getEncryptionManager();
-				$util = new \OC\Encryption\Util(
-					new \OC\Files\View(), \OC::$server->getUserManager(), \OC::$server->getConfig());
+				$util = new Util(
+					new View(), \OC::$server->getUserManager(), \OC::$server->getConfig());
 				$user = \OC::$server->getUserSession()->getUser();
 				$logger = \OC::$server->getLogger();
 				$uid = $user ? $user->getUID() : null;
diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php
index e7cf607c7b1..2eed2f7ca35 100644
--- a/lib/private/encryption/util.php
+++ b/lib/private/encryption/util.php
@@ -24,6 +24,7 @@ namespace OC\Encryption;
 
 use OC\Encryption\Exceptions\EncryptionHeaderKeyExistsException;
 use OC\Encryption\Exceptions\EncryptionHeaderToLargeException;
+use OC\Encryption\Exceptions\ModuleDoesNotExistsException;
 use OC\Files\View;
 use OCP\Encryption\IEncryptionModule;
 use OCP\IConfig;
@@ -92,6 +93,7 @@ class Util {
 	 *
 	 * @param array $header
 	 * @return string
+	 * @throws ModuleDoesNotExistsException
 	 */
 	public function getEncryptionModuleId(array $header = null) {
 		$id = '';
@@ -99,6 +101,14 @@ class Util {
 
 		if (isset($header[$encryptionModuleKey])) {
 			$id = $header[$encryptionModuleKey];
+		} elseif (isset($header['cipher'])) {
+			if (class_exists('\OCA\Encryption\Crypto\Encryption')) {
+				// fall back to default encryption if the user migrated from
+				// ownCloud <= 8.0 with the old encryption
+				$id = \OCA\Encryption\Crypto\Encryption::ID;
+			} else {
+				throw new ModuleDoesNotExistsException('ownCloud default encryption module missing');
+			}
 		}
 
 		return $id;
diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php
index 5697139bd6b..01bd861e3a2 100644
--- a/lib/private/files/storage/wrapper/encryption.php
+++ b/lib/private/files/storage/wrapper/encryption.php
@@ -154,7 +154,8 @@ class Encryption extends Wrapper {
 	 * @return bool
 	 */
 	public function unlink($path) {
-		if ($this->util->isExcluded($path)) {
+		$fullPath = $this->getFullPath($path);
+		if ($this->util->isExcluded($fullPath)) {
 			return $this->storage->unlink($path);
 		}
 
@@ -175,7 +176,8 @@ class Encryption extends Wrapper {
 	 * @return bool
 	 */
 	public function rename($path1, $path2) {
-		if ($this->util->isExcluded($path1)) {
+		$fullPath1 = $this->getFullPath($path1);
+		if ($this->util->isExcluded($fullPath1)) {
 			return $this->storage->rename($path1, $path2);
 		}
 
@@ -204,8 +206,9 @@ class Encryption extends Wrapper {
 	 * @return bool
 	 */
 	public function copy($path1, $path2) {
-		if ($this->util->isExcluded($path1)) {
-			return $this->storage->rename($path1, $path2);
+		$fullPath1 = $this->getFullPath($path1);
+		if ($this->util->isExcluded($fullPath1)) {
+			return $this->storage->copy($path1, $path2);
 		}
 
 		$source = $this->getFullPath($path1);
diff --git a/lib/private/server.php b/lib/private/server.php
index 6df7722973e..e35da6a138e 100644
--- a/lib/private/server.php
+++ b/lib/private/server.php
@@ -84,7 +84,7 @@ class Server extends SimpleContainer implements IServerContainer {
 		});
 
 		$this->registerService('EncryptionManager', function (Server $c) {
-			return new Encryption\Manager($c->getConfig());
+			return new Encryption\Manager($c->getConfig(), $c->getLogger());
 		});
 
 		$this->registerService('EncryptionFileHelper', function (Server $c) {