diff options
Diffstat (limited to 'apps/files_encryption/ajax')
| -rw-r--r-- | apps/files_encryption/ajax/adminrecovery.php | 43 | ||||
| -rw-r--r-- | apps/files_encryption/ajax/changeRecoveryPassword.php | 52 | ||||
| -rw-r--r-- | apps/files_encryption/ajax/userrecovery.php | 41 |
3 files changed, 136 insertions, 0 deletions
diff --git a/apps/files_encryption/ajax/adminrecovery.php b/apps/files_encryption/ajax/adminrecovery.php new file mode 100644 index 00000000000..6d7953b5639 --- /dev/null +++ b/apps/files_encryption/ajax/adminrecovery.php @@ -0,0 +1,43 @@ +<?php + +/** + * Copyright (c) 2013, Sam Tuke <samtuke@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + * + * @brief Script to handle admin settings for encrypted key recovery + */ +use OCA\Encryption; + +\OCP\JSON::checkAdminUser(); +\OCP\JSON::checkAppEnabled('files_encryption'); +\OCP\JSON::callCheck(); + +$l=OC_L10N::get('files_encryption'); + +$return = false; + +// Enable recoveryAdmin + +$recoveryKeyId = OC_Appconfig::getValue('files_encryption', 'recoveryKeyId'); + +if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] == 1){ + + $return = \OCA\Encryption\Helper::adminEnableRecovery($recoveryKeyId, $_POST['recoveryPassword']); + $action = "enable"; + +// Disable recoveryAdmin +} elseif ( + isset($_POST['adminEnableRecovery']) + && 0 == $_POST['adminEnableRecovery'] +) { + $return = \OCA\Encryption\Helper::adminDisableRecovery($_POST['recoveryPassword']); + $action = "disable"; +} + +// Return success or failure +if ($return) { + \OCP\JSON::success(array("data" => array( "message" => $l->t('Recovery key successfully ' . $action.'d')))); +} else { + \OCP\JSON::error(array("data" => array( "message" => $l->t('Could not '.$action.' recovery key. Please check your recovery key password!')))); +} diff --git a/apps/files_encryption/ajax/changeRecoveryPassword.php b/apps/files_encryption/ajax/changeRecoveryPassword.php new file mode 100644 index 00000000000..d990796a4fb --- /dev/null +++ b/apps/files_encryption/ajax/changeRecoveryPassword.php @@ -0,0 +1,52 @@ +<?php + +/** + * Copyright (c) 2013, Bjoern Schiessle <schiessle@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + * + * @brief Script to change recovery key password + * + */ + +use OCA\Encryption; + +\OCP\JSON::checkAdminUser(); +\OCP\JSON::checkAppEnabled('files_encryption'); +\OCP\JSON::callCheck(); + +$l=OC_L10N::get('core'); + +$return = false; + +$oldPassword = $_POST['oldPassword']; +$newPassword = $_POST['newPassword']; + +$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser()); + +$result = $util->checkRecoveryPassword($oldPassword); + +if ($result) { + $keyId = $util->getRecoveryKeyId(); + $keyPath = '/owncloud_private_key/' . $keyId . ".private.key"; + $view = new \OC\Files\View('/'); + + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + + $encryptedRecoveryKey = $view->file_get_contents($keyPath); + $decryptedRecoveryKey = \OCA\Encryption\Crypt::symmetricDecryptFileContent($encryptedRecoveryKey, $oldPassword); + $encryptedRecoveryKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword); + $view->file_put_contents($keyPath, $encryptedRecoveryKey); + + \OC_FileProxy::$enabled = $proxyStatus; + + $return = true; +} + +// success or failure +if ($return) { + \OCP\JSON::success(array("data" => array( "message" => $l->t('Password successfully changed.')))); +} else { + \OCP\JSON::error(array("data" => array( "message" => $l->t('Could not change the password. Maybe the old password was not correct.')))); +}
\ No newline at end of file diff --git a/apps/files_encryption/ajax/userrecovery.php b/apps/files_encryption/ajax/userrecovery.php new file mode 100644 index 00000000000..1f42b376e42 --- /dev/null +++ b/apps/files_encryption/ajax/userrecovery.php @@ -0,0 +1,41 @@ +<?php +/** + * Copyright (c) 2013, Sam Tuke <samtuke@owncloud.com> + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + * + * @brief Script to handle admin settings for encrypted key recovery + */ + +use OCA\Encryption; + +\OCP\JSON::checkLoggedIn(); +\OCP\JSON::checkAppEnabled( 'files_encryption' ); +\OCP\JSON::callCheck(); + +if ( + isset( $_POST['userEnableRecovery'] ) + && ( 0 == $_POST['userEnableRecovery'] || 1 == $_POST['userEnableRecovery'] ) +) { + + $userId = \OCP\USER::getUser(); + $view = new \OC_FilesystemView( '/' ); + $util = new \OCA\Encryption\Util( $view, $userId ); + + // Save recovery preference to DB + $return = $util->setRecoveryForUser( $_POST['userEnableRecovery'] ); + + if ($_POST['userEnableRecovery'] == "1") { + $util->addRecoveryKeys(); + } else { + $util->removeRecoveryKeys(); + } + +} else { + + $return = false; + +} + +// Return success or failure +( $return ) ? \OCP\JSON::success() : \OCP\JSON::error();
\ No newline at end of file |