diff options
author | Clark Tomlinson <fallen013@gmail.com> | 2015-04-16 09:34:47 -0400 |
---|---|---|
committer | Clark Tomlinson <fallen013@gmail.com> | 2015-04-16 09:34:47 -0400 |
commit | 1174ad0681bb82252a26b5ee44d5b2990171932b (patch) | |
tree | 77f5d7d2e65e9d5eeedb3f36f0576cb5196ba09e /settings | |
parent | c7e5e30b86733a22ac0d411e00537b10e0220ddd (diff) | |
parent | 959665003b408ed837066307350fb76b83beaa52 (diff) | |
download | nextcloud-server-1174ad0681bb82252a26b5ee44d5b2990171932b.tar.gz nextcloud-server-1174ad0681bb82252a26b5ee44d5b2990171932b.zip |
Merge pull request #15445 from owncloud/enc2_migration
add migration script from old encryption to new one
Diffstat (limited to 'settings')
-rw-r--r-- | settings/admin.php | 5 | ||||
-rw-r--r-- | settings/application.php | 16 | ||||
-rw-r--r-- | settings/controller/encryptioncontroller.php | 122 | ||||
-rw-r--r-- | settings/js/admin.js | 22 | ||||
-rw-r--r-- | settings/routes.php | 1 | ||||
-rw-r--r-- | settings/templates/admin.php | 57 |
6 files changed, 205 insertions, 18 deletions
diff --git a/settings/admin.php b/settings/admin.php index 976d0a5c3f1..5cfe2654f66 100644 --- a/settings/admin.php +++ b/settings/admin.php @@ -82,7 +82,12 @@ $excludedGroupsList = $appConfig->getValue('core', 'shareapi_exclude_groups_list $excludedGroupsList = explode(',', $excludedGroupsList); // FIXME: this should be JSON! $template->assign('shareExcludedGroupsList', implode('|', $excludedGroupsList)); $template->assign('encryptionEnabled', \OC::$server->getEncryptionManager()->isEnabled()); +$backends = \OC::$server->getUserManager()->getBackends(); +$externalBackends = (count($backends) > 1) ? true : false; +$template->assign('encryptionReady', \OC::$server->getEncryptionManager()->isReady()); +$template->assign('externalBackendsEnabled', $externalBackends); $encryptionModules = \OC::$server->getEncryptionManager()->getEncryptionModules(); + try { $defaultEncryptionModule = \OC::$server->getEncryptionManager()->getDefaultEncryptionModule(); $defaultEncryptionModuleId = $defaultEncryptionModule->getId(); diff --git a/settings/application.php b/settings/application.php index be127da31ac..59fe9f6b65a 100644 --- a/settings/application.php +++ b/settings/application.php @@ -23,8 +23,10 @@ namespace OC\Settings; +use OC\Files\View; use OC\Settings\Controller\AppSettingsController; use OC\Settings\Controller\CheckSetupController; +use OC\Settings\Controller\EncryptionController; use OC\Settings\Controller\GroupsController; use OC\Settings\Controller\LogSettingsController; use OC\Settings\Controller\MailSettingsController; @@ -65,6 +67,17 @@ class Application extends App { $c->query('DefaultMailAddress') ); }); + $container->registerService('EncryptionController', function(IContainer $c) { + return new EncryptionController( + $c->query('AppName'), + $c->query('Request'), + $c->query('L10N'), + $c->query('Config'), + $c->query('DatabaseConnection'), + $c->query('UserManager'), + new View() + ); + }); $container->registerService('AppSettingsController', function(IContainer $c) { return new AppSettingsController( $c->query('AppName'), @@ -207,5 +220,8 @@ class Application extends App { $container->registerService('Util', function(IContainer $c) { return new \OC_Util(); }); + $container->registerService('DatabaseConnection', function(IContainer $c) { + return $c->query('ServerContainer')->getDatabaseConnection(); + }); } } diff --git a/settings/controller/encryptioncontroller.php b/settings/controller/encryptioncontroller.php new file mode 100644 index 00000000000..800982d1f04 --- /dev/null +++ b/settings/controller/encryptioncontroller.php @@ -0,0 +1,122 @@ +<?php +/** + * @author Björn Schießle <schiessle@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + + +namespace OC\Settings\Controller; +use OC\Files\View; +use OCA\Encryption\Migration; +use OCP\IL10N; +use OCP\AppFramework\Controller; +use OCP\IRequest; +use OCP\IConfig; +use OC\DB\Connection; +use OCP\IUserManager; + +/** + * @package OC\Settings\Controller + */ +class EncryptionController extends Controller { + + /** @var \OCP\IL10N */ + private $l10n; + + /** @var Connection */ + private $connection; + + /** @var IConfig */ + private $config; + + /** @var IUserManager */ + private $userManager; + + /** @var View */ + private $view; + + /** + * @param string $appName + * @param IRequest $request + * @param \OCP\IL10N $l10n + * @param \OCP\IConfig $config + * @param \OC\DB\Connection $connection + * @param IUserManager $userManager + * @param View $view + */ + public function __construct($appName, + IRequest $request, + IL10N $l10n, + IConfig $config, + Connection $connection, + IUserManager $userManager, + View $view) { + parent::__construct($appName, $request); + $this->l10n = $l10n; + $this->config = $config; + $this->connection = $connection; + $this->view = $view; + $this->userManager = $userManager; + } + + /** + * start migration + * + * @return array + */ + public function startMigration() { + // allow as long execution on the web server as possible + set_time_limit(0); + $migration = new Migration($this->config, $this->view, $this->connection); + $migration->reorganizeSystemFolderStructure(); + $migration->updateDB(); + + try { + + foreach ($this->userManager->getBackends() as $backend) { + + $limit = 500; + $offset = 0; + do { + $users = $backend->getUsers('', $limit, $offset); + foreach ($users as $user) { + $migration->reorganizeFolderStructureForUser($user); + } + $offset += $limit; + } while (count($users) >= $limit); + } + + } catch (\Exception $e) { + return array( + 'data' => array( + 'message' => (string)$this->l10n->t('A problem occurred, please check your log files (Error: %s)', [$e->getMessage()]), + ), + 'status' => 'error', + ); + } + + return array('data' => + array('message' => + (string) $this->l10n->t('Migration Completed') + ), + 'status' => 'success' + ); + + } + +} diff --git a/settings/js/admin.js b/settings/js/admin.js index 34f58db8688..9cdb7f5b0f1 100644 --- a/settings/js/admin.js +++ b/settings/js/admin.js @@ -55,7 +55,7 @@ $(document).ready(function(){ }); $('#encryptionEnabled').change(function() { - $('#encryptionAPI div#selectEncryptionModules').toggleClass('hidden'); + $('#encryptionAPI div#EncryptionSettingsArea').toggleClass('hidden'); }); $('#encryptionAPI input').change(function() { @@ -70,6 +70,26 @@ $(document).ready(function(){ OC.AppConfig.setValue('core', $(this).attr('name'), value); }); + $('#startmigration').click(function(event){ + $(window).on('beforeunload.encryption', function(e) { + return t('settings', 'Migration in progress. Please wait until the migration is finished'); + }); + event.preventDefault(); + $('#startmigration').prop('disabled', true); + OC.msg.startAction('#startmigration_msg', t('settings', 'Migration started …')); + $.post(OC.generateUrl('/settings/admin/startmigration'), '', function(data){ + OC.msg.finishedAction('#startmigration_msg', data); + if (data['status'] === 'success') { + $('#encryptionAPI div#selectEncryptionModules').toggleClass('hidden'); + $('#encryptionAPI div#migrationWarning').toggleClass('hidden'); + } else { + $('#startmigration').prop('disabled', false); + } + $(window).off('beforeunload.encryption'); + + }); + }); + $('#shareAPI input:not(#excludedGroups)').change(function() { var value = $(this).val(); if ($(this).attr('type') === 'checkbox') { diff --git a/settings/routes.php b/settings/routes.php index 1bb14812145..462b4ab543f 100644 --- a/settings/routes.php +++ b/settings/routes.php @@ -42,6 +42,7 @@ $application->registerRoutes($this, [ ['name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'], ['name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'], ['name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'], + ['name' => 'Encryption#startMigration', 'url' => '/settings/admin/startmigration', 'verb' => 'POST'], ['name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'], ['name' => 'AppSettings#viewApps', 'url' => '/settings/apps', 'verb' => 'GET'], ['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'], diff --git a/settings/templates/admin.php b/settings/templates/admin.php index 4bc497df764..55c0018e5af 100644 --- a/settings/templates/admin.php +++ b/settings/templates/admin.php @@ -300,27 +300,50 @@ if ($_['cronErrors']) { </div> <div class="section" id='encryptionAPI'> - <h2><?php p($l->t('Server Side Encryption'));?></h2> - <p id="enable"> - <input type="checkbox" name="encryption_enabled" id="encryptionEnabled" - value="1" <?php if ($_['encryptionEnabled']) print_unescaped('checked="checked"'); ?> /> - <label for="encryptionEnabled"><?php p($l->t('Enable Server-Side-Encryption'));?></label><br/> - </p> - <div id='selectEncryptionModules' class="<?php if (!$_['encryptionEnabled']) { p('hidden'); }?>"> - <?php if (empty($_['encryptionModules'])): p('No encryption module loaded, please load a encryption module in the app menu'); - else: ?> + <h2><?php p($l->t('Server Side Encryption')); ?> </h2> + + <p id="enable"> + <input type="checkbox" name="encryption_enabled" + id="encryptionEnabled" + value="1" <?php if ($_['encryptionEnabled']) print_unescaped('checked="checked"'); ?> /> + <label + for="encryptionEnabled"><?php p($l->t('Enable Server-Side-Encryption')); ?> <span id="startmigration_msg" class="msg"></span> </label><br/> + </p> + + <div id="EncryptionSettingsArea" class="<?php if (!$_['encryptionEnabled']) p('hidden'); ?>"> + <div id='selectEncryptionModules' class="<?php if (!$_['encryptionReady']) p('hidden'); ?>"> + <?php + if (empty($_['encryptionModules'])) { + p('No encryption module loaded, please load a encryption module in the app menu'); + } else { ?> <h3>Select default encryption module:</h3> <fieldset id='encryptionModules'> - <?php foreach ($_['encryptionModules'] as $id => $module): ?> - <input type="radio" id="<?php p($id) ?>" - name="default_encryption_module" - value="<?php p($id) ?>" - <?php if($module['default']) { p('checked'); } ?>> - <label for="<?php p($id) ?>"><?php p($module['displayName']) ?></label><br /> - <?php endforeach;?> + <?php foreach ($_['encryptionModules'] as $id => $module): ?> + <input type="radio" id="<?php p($id) ?>" + name="default_encryption_module" + value="<?php p($id) ?>" + <?php if ($module['default']) { + p('checked'); + } ?>> + <label + for="<?php p($id) ?>"><?php p($module['displayName']) ?></label> + <br/> + <?php endforeach; ?> </fieldset> - <?php endif; ?> + <?php } ?> + </div> + <div id="migrationWarning" class="<?php if ($_['encryptionReady']) p('hidden'); ?>"> + <?php + if ($_['encryptionReady'] === false && $_['externalBackendsEnabled'] === true) { + p('You need to migrate your encryption keys from the old encryption (ownCloud <= 8.0) to the new one. ' + . 'Please enable the "ownCloud Default Encryption Module" and run \'occ encryption:migrate\''); + } elseif ($_['encryptionReady'] === false && $_['externalBackendsEnabled'] === false) { + p('You need to migrate your encryption keys from the old encryption (ownCloud <= 8.0) to the new one.'); ?> + <input type="submit" name="startmigration" id="startmigration" + value="<?php p($l->t('Start migration')); ?>"/> + <?php } ?> </div> + </div> </div> <div class="section" id="mail_general_settings"> |