Merge pull request #15265 from owncloud/enc2_fixes

core improvements for Encryption 2.0

5 files changed, 28 insertions, 6 deletions

diff --git a/lib/private/encryption/update.php b/lib/private/encryption/update.php
index 649cf0285a6..06dc330151e 100644
--- a/lib/private/encryption/update.php
+++ b/lib/private/encryption/update.php
@@ -104,7 +104,7 @@ class Update {
 
 			foreach ($allFiles as $path) {
 				$usersSharing = $this->util->getSharingUsersArray($path);
-				$encryptionModule->update($absPath, $usersSharing);
+				$encryptionModule->update($absPath, $this->uid, $usersSharing);
 			}
 	}
 
diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php
index 2c6ff266841..85e852ec2c9 100644
--- a/lib/private/encryption/util.php
+++ b/lib/private/encryption/util.php
@@ -389,9 +389,22 @@ class Util {
 	 * @return boolean
 	 */
 	public function isExcluded($path) {
-		$root = explode('/', $path, 2);
-		if (isset($root[0])) {
-			if (in_array($root[0], $this->excludedPaths)) {
+		$normalizedPath = \OC\Files\Filesystem::normalizePath($path);
+		$root = explode('/', $normalizedPath, 4);
+		if (count($root) > 2) {
+
+			//detect system wide folders
+			if (in_array($root[1], $this->excludedPaths)) {
+				return true;
+			}
+
+			$v1 = $this->userManager->userExists($root[1]);
+			$v2 = in_array($root[2], $this->excludedPaths);
+
+			// detect user specific folders
+			if ($this->userManager->userExists($root[1])
+				&& in_array($root[2], $this->excludedPaths)) {
+
 				return true;
 			}
 		}
diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php
index 44fc2124f7a..0e70c99c8d7 100644
--- a/lib/private/files/storage/wrapper/encryption.php
+++ b/lib/private/files/storage/wrapper/encryption.php
@@ -254,7 +254,7 @@ class Encryption extends Wrapper {
 				'" not found, file will be stored unencrypted');
 		}
 
-		if($shouldEncrypt === true && !$this->util->isExcluded($path) && $encryptionModule !== null) {
+		if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) {
 			$source = $this->storage->fopen($path, $mode);
 			$handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header,
 				$this->uid, $encryptionModule, $this->storage, $this, $this->util, $mode,
diff --git a/lib/public/encryption/iencryptionmodule.php b/lib/public/encryption/iencryptionmodule.php
index 2527e35e639..7265fee1259 100644
--- a/lib/public/encryption/iencryptionmodule.php
+++ b/lib/public/encryption/iencryptionmodule.php
@@ -84,10 +84,11 @@ interface IEncryptionModule {
 	 * update encrypted file, e.g. give additional users access to the file
 	 *
 	 * @param string $path path to the file which should be updated
+	 * @param string $uid of the user who performs the operation
 	 * @param array $accessList who has access to the file contains the key 'users' and 'public'
 	 * @return boolean
 	 */
-	public function update($path, $accessList);
+	public function update($path, $uid, $accessList);
 
 	/**
 	 * should the file be encrypted or not
diff --git a/lib/public/encryption/keys/istorage.php b/lib/public/encryption/keys/istorage.php
index 24f6efd6e51..4c2b01f4ad0 100644
--- a/lib/public/encryption/keys/istorage.php
+++ b/lib/public/encryption/keys/istorage.php
@@ -105,6 +105,14 @@ interface IStorage {
 	public function deleteFileKey($path, $keyId);
 
 	/**
+	 * delete all file keys for a given file
+	 *
+	 * @param string $path to the file
+	 * @return boolean
+	 */
+	public function deleteAllFileKeys($path);
+
+	/**
 	 * delete system-wide encryption keys not related to a specific user,
 	 * e.g something like a key for public link shares
 	 *