diff options
Diffstat (limited to 'apps/encryption/controller')
| -rw-r--r-- | apps/encryption/controller/recoverycontroller.php | 192 | ||||
| -rw-r--r-- | apps/encryption/controller/settingscontroller.php | 165 | ||||
| -rw-r--r-- | apps/encryption/controller/statuscontroller.php | 98 |
3 files changed, 0 insertions, 455 deletions
diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php deleted file mode 100644 index e4b02e004dc..00000000000 --- a/apps/encryption/controller/recoverycontroller.php +++ /dev/null @@ -1,192 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Clark Tomlinson <fallen013@gmail.com> - * @author Lukas Reschke <lukas@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OCA\Encryption\Controller; - - -use OCA\Encryption\Recovery; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http; -use OCP\IConfig; -use OCP\IL10N; -use OCP\IRequest; -use OCP\AppFramework\Http\DataResponse; - -class RecoveryController extends Controller { - /** - * @var IConfig - */ - private $config; - /** - * @var IL10N - */ - private $l; - /** - * @var Recovery - */ - private $recovery; - - /** - * @param string $AppName - * @param IRequest $request - * @param IConfig $config - * @param IL10N $l10n - * @param Recovery $recovery - */ - public function __construct($AppName, - IRequest $request, - IConfig $config, - IL10N $l10n, - Recovery $recovery) { - parent::__construct($AppName, $request); - $this->config = $config; - $this->l = $l10n; - $this->recovery = $recovery; - } - - /** - * @param string $recoveryPassword - * @param string $confirmPassword - * @param string $adminEnableRecovery - * @return DataResponse - */ - public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { - // Check if both passwords are the same - if (empty($recoveryPassword)) { - $errorMessage = (string)$this->l->t('Missing recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], - Http::STATUS_BAD_REQUEST); - } - - if (empty($confirmPassword)) { - $errorMessage = (string)$this->l->t('Please repeat the recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], - Http::STATUS_BAD_REQUEST); - } - - if ($recoveryPassword !== $confirmPassword) { - $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], - Http::STATUS_BAD_REQUEST); - } - - if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { - if ($this->recovery->enableAdminRecovery($recoveryPassword)) { - return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully enabled')]]); - } - return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); - } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { - if ($this->recovery->disableAdminRecovery($recoveryPassword)) { - return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully disabled')]]); - } - return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); - } - // this response should never be sent but just in case. - return new DataResponse(['data' => ['message' => (string)$this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST); - } - - /** - * @param string $newPassword - * @param string $oldPassword - * @param string $confirmPassword - * @return DataResponse - */ - public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { - //check if both passwords are the same - if (empty($oldPassword)) { - $errorMessage = (string)$this->l->t('Please provide the old recovery password'); - return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); - } - - if (empty($newPassword)) { - $errorMessage = (string)$this->l->t('Please provide a new recovery password'); - return new DataResponse (['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); - } - - if (empty($confirmPassword)) { - $errorMessage = (string)$this->l->t('Please repeat the new recovery password'); - return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); - } - - if ($newPassword !== $confirmPassword) { - $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); - } - - $result = $this->recovery->changeRecoveryKeyPassword($newPassword, - $oldPassword); - - if ($result) { - return new DataResponse( - [ - 'data' => [ - 'message' => (string)$this->l->t('Password successfully changed.')] - ] - ); - } - return new DataResponse( - [ - 'data' => [ - 'message' => (string)$this->l->t('Could not change the password. Maybe the old password was not correct.') - ] - ], Http::STATUS_BAD_REQUEST); - } - - /** - * @NoAdminRequired - * - * @param string $userEnableRecovery - * @return DataResponse - */ - public function userSetRecovery($userEnableRecovery) { - if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { - - $result = $this->recovery->setRecoveryForUser($userEnableRecovery); - - if ($result) { - if ($userEnableRecovery === '0') { - return new DataResponse( - [ - 'data' => [ - 'message' => (string)$this->l->t('Recovery Key disabled')] - ] - ); - } - return new DataResponse( - [ - 'data' => [ - 'message' => (string)$this->l->t('Recovery Key enabled')] - ] - ); - } - - } - return new DataResponse( - [ - 'data' => [ - 'message' => (string)$this->l->t('Could not enable the recovery key, please try again or contact your administrator') - ] - ], Http::STATUS_BAD_REQUEST); - } - -} diff --git a/apps/encryption/controller/settingscontroller.php b/apps/encryption/controller/settingscontroller.php deleted file mode 100644 index 5c171a23aec..00000000000 --- a/apps/encryption/controller/settingscontroller.php +++ /dev/null @@ -1,165 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Joas Schilling <nickvergessen@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OCA\Encryption\Controller; - -use OCA\Encryption\Crypto\Crypt; -use OCA\Encryption\KeyManager; -use OCA\Encryption\Session; -use OCA\Encryption\Util; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http; -use OCP\AppFramework\Http\DataResponse; -use OCP\IL10N; -use OCP\IRequest; -use OCP\ISession; -use OCP\IUserManager; -use OCP\IUserSession; - -class SettingsController extends Controller { - - /** @var IL10N */ - private $l; - - /** @var IUserManager */ - private $userManager; - - /** @var IUserSession */ - private $userSession; - - /** @var KeyManager */ - private $keyManager; - - /** @var Crypt */ - private $crypt; - - /** @var Session */ - private $session; - - /** @var ISession */ - private $ocSession; - - /** @var Util */ - private $util; - - /** - * @param string $AppName - * @param IRequest $request - * @param IL10N $l10n - * @param IUserManager $userManager - * @param IUserSession $userSession - * @param KeyManager $keyManager - * @param Crypt $crypt - * @param Session $session - * @param ISession $ocSession - * @param Util $util - */ - public function __construct($AppName, - IRequest $request, - IL10N $l10n, - IUserManager $userManager, - IUserSession $userSession, - KeyManager $keyManager, - Crypt $crypt, - Session $session, - ISession $ocSession, - Util $util -) { - parent::__construct($AppName, $request); - $this->l = $l10n; - $this->userSession = $userSession; - $this->userManager = $userManager; - $this->keyManager = $keyManager; - $this->crypt = $crypt; - $this->session = $session; - $this->ocSession = $ocSession; - $this->util = $util; - } - - - /** - * @NoAdminRequired - * @UseSession - * - * @param string $oldPassword - * @param string $newPassword - * @return DataResponse - */ - public function updatePrivateKeyPassword($oldPassword, $newPassword) { - $result = false; - $uid = $this->userSession->getUser()->getUID(); - $errorMessage = $this->l->t('Could not update the private key password.'); - - //check if password is correct - $passwordCorrect = $this->userManager->checkPassword($uid, $newPassword); - if ($passwordCorrect === false) { - // if check with uid fails we need to check the password with the login name - // e.g. in the ldap case. For local user we need to check the password with - // the uid because in this case the login name is case insensitive - $loginName = $this->ocSession->get('loginname'); - $passwordCorrect = $this->userManager->checkPassword($loginName, $newPassword); - } - - if ($passwordCorrect !== false) { - $encryptedKey = $this->keyManager->getPrivateKey($uid); - $decryptedKey = $this->crypt->decryptPrivateKey($encryptedKey, $oldPassword, $uid); - - if ($decryptedKey) { - $encryptedKey = $this->crypt->encryptPrivateKey($decryptedKey, $newPassword, $uid); - $header = $this->crypt->generateHeader(); - if ($encryptedKey) { - $this->keyManager->setPrivateKey($uid, $header . $encryptedKey); - $this->session->setPrivateKey($decryptedKey); - $result = true; - } - } else { - $errorMessage = $this->l->t('The old password was not correct, please try again.'); - } - } else { - $errorMessage = $this->l->t('The current log-in password was not correct, please try again.'); - } - - if ($result === true) { - $this->session->setStatus(Session::INIT_SUCCESSFUL); - return new DataResponse( - ['message' => (string) $this->l->t('Private key password successfully updated.')] - ); - } else { - return new DataResponse( - ['message' => (string) $errorMessage], - Http::STATUS_BAD_REQUEST - ); - } - - } - - /** - * @UseSession - * - * @param bool $encryptHomeStorage - * @return DataResponse - */ - public function setEncryptHomeStorage($encryptHomeStorage) { - $this->util->setEncryptHomeStorage($encryptHomeStorage); - return new DataResponse(); - } -} diff --git a/apps/encryption/controller/statuscontroller.php b/apps/encryption/controller/statuscontroller.php deleted file mode 100644 index 99fdc68c3d0..00000000000 --- a/apps/encryption/controller/statuscontroller.php +++ /dev/null @@ -1,98 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - - -namespace OCA\Encryption\Controller; - - -use OCA\Encryption\Session; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http\DataResponse; -use OCP\IL10N; -use OCP\IRequest; - -class StatusController extends Controller { - - /** @var IL10N */ - private $l; - - /** @var Session */ - private $session; - - /** - * @param string $AppName - * @param IRequest $request - * @param IL10N $l10n - * @param Session $session - */ - public function __construct($AppName, - IRequest $request, - IL10N $l10n, - Session $session - ) { - parent::__construct($AppName, $request); - $this->l = $l10n; - $this->session = $session; - } - - /** - * @NoAdminRequired - * @return DataResponse - */ - public function getStatus() { - - $status = 'error'; - $message = 'no valid init status'; - switch( $this->session->getStatus()) { - case Session::RUN_MIGRATION: - $status = 'interactionNeeded'; - $message = (string)$this->l->t( - 'You need to migrate your encryption keys from the old encryption (ownCloud <= 8.0) to the new one. Please run \'occ encryption:migrate\' or contact your administrator' - ); - break; - case Session::INIT_EXECUTED: - $status = 'interactionNeeded'; - $message = (string)$this->l->t( - 'Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.' - ); - break; - case Session::NOT_INITIALIZED: - $status = 'interactionNeeded'; - $message = (string)$this->l->t( - 'Encryption App is enabled but your keys are not initialized, please log-out and log-in again' - ); - break; - case Session::INIT_SUCCESSFUL: - $status = 'success'; - $message = (string)$this->l->t('Encryption App is enabled and ready'); - } - - return new DataResponse( - [ - 'status' => $status, - 'data' => [ - 'message' => $message] - ] - ); - } - -} |