diff options
Diffstat (limited to 'apps/files_encryption')
22 files changed, 595 insertions, 224 deletions
diff --git a/apps/files_encryption/appinfo/info.xml b/apps/files_encryption/appinfo/info.xml index 9d495916d26..b6d9d6bb0a3 100644 --- a/apps/files_encryption/appinfo/info.xml +++ b/apps/files_encryption/appinfo/info.xml @@ -2,11 +2,15 @@ <info> <id>files_encryption</id> <name>Encryption</name> - <description>The new ownCloud 5 files encryption system. After the app was enabled you need to re-login to initialize your encryption keys.</description> + <description>The ownCloud files encryption system provides server side-encryption. After the app was enabled you need to re-login to initialize your encryption keys.</description> <licence>AGPL</licence> <author>Sam Tuke, Bjoern Schiessle, Florin Peter</author> <require>4</require> <shipped>true</shipped> + <documentation> + <user>http://doc.owncloud.org/server/6.0/user_manual/files/encryption.html</user> + <admin>http://doc.owncloud.org/server/6.0/admin_manual/configuration/configuration_encryption.html</admin> + </documentation> <rememberlogin>false</rememberlogin> <types> <filesystem/> diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 7b13ae2a1d0..09d5687e226 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -30,6 +30,9 @@ use OC\Files\Filesystem; */
class Hooks {
+ // file for which we want to rename the keys after the rename operation was successful
+ private static $renamedFiles = array();
+
/**
* @brief Startup encryption backend upon user login
* @note This method should never be called for users using client side encryption
@@ -480,6 +483,18 @@ class Hooks { }
/**
+ * @brief mark file as renamed so that we know the original source after the file was renamed
+ * @param array $params with the old path and the new path
+ */
+ public static function preRename($params) {
+ $util = new Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
+ list($ownerOld, $pathOld) = $util->getUidAndFilename($params['oldpath']);
+ self::$renamedFiles[$params['oldpath']] = array(
+ 'uid' => $ownerOld,
+ 'path' => $pathOld);
+ }
+
+ /**
* @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
* @param array with oldpath and newpath
*
@@ -501,19 +516,32 @@ class Hooks { $userId = \OCP\User::getUser();
$util = new Util($view, $userId);
+ if (isset(self::$renamedFiles[$params['oldpath']]['uid']) &&
+ isset(self::$renamedFiles[$params['oldpath']]['path'])) {
+ $ownerOld = self::$renamedFiles[$params['oldpath']]['uid'];
+ $pathOld = self::$renamedFiles[$params['oldpath']]['path'];
+ } else {
+ \OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::ERROR);
+ return false;
+ }
+
+ list($ownerNew, $pathNew) = $util->getUidAndFilename($params['newpath']);
+
// Format paths to be relative to user files dir
- if ($util->isSystemWideMountPoint($params['oldpath'])) {
- $baseDir = 'files_encryption/';
- $oldKeyfilePath = $baseDir . 'keyfiles/' . $params['oldpath'];
+ if ($util->isSystemWideMountPoint($pathOld)) {
+ $oldKeyfilePath = 'files_encryption/keyfiles/' . $pathOld;
+ $oldShareKeyPath = 'files_encryption/share-keys/' . $pathOld;
} else {
- $baseDir = $userId . '/' . 'files_encryption/';
- $oldKeyfilePath = $baseDir . 'keyfiles/' . $params['oldpath'];
+ $oldKeyfilePath = $ownerOld . '/' . 'files_encryption/keyfiles/' . $pathOld;
+ $oldShareKeyPath = $ownerOld . '/' . 'files_encryption/share-keys/' . $pathOld;
}
- if ($util->isSystemWideMountPoint($params['newpath'])) {
- $newKeyfilePath = $baseDir . 'keyfiles/' . $params['newpath'];
+ if ($util->isSystemWideMountPoint($pathNew)) {
+ $newKeyfilePath = 'files_encryption/keyfiles/' . $pathNew;
+ $newShareKeyPath = 'files_encryption/share-keys/' . $pathNew;
} else {
- $newKeyfilePath = $baseDir . 'keyfiles/' . $params['newpath'];
+ $newKeyfilePath = $ownerNew . '/files_encryption/keyfiles/' . $pathNew;
+ $newShareKeyPath = $ownerNew . '/files_encryption/share-keys/' . $pathNew;
}
// add key ext if this is not an folder
@@ -522,11 +550,11 @@ class Hooks { $newKeyfilePath .= '.key';
// handle share-keys
- $localKeyPath = $view->getLocalFile($baseDir . 'share-keys/' . $params['oldpath']);
+ $localKeyPath = $view->getLocalFile($oldShareKeyPath);
$escapedPath = Helper::escapeGlobPattern($localKeyPath);
$matches = glob($escapedPath . '*.shareKey');
foreach ($matches as $src) {
- $dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
+ $dst = \OC\Files\Filesystem::normalizePath(str_replace($pathOld, $pathNew, $src));
// create destination folder if not exists
if (!file_exists(dirname($dst))) {
@@ -538,15 +566,13 @@ class Hooks { } else {
// handle share-keys folders
- $oldShareKeyfilePath = $baseDir . 'share-keys/' . $params['oldpath'];
- $newShareKeyfilePath = $baseDir . 'share-keys/' . $params['newpath'];
// create destination folder if not exists
- if (!$view->file_exists(dirname($newShareKeyfilePath))) {
- $view->mkdir(dirname($newShareKeyfilePath), 0750, true);
+ if (!$view->file_exists(dirname($newShareKeyPath))) {
+ $view->mkdir(dirname($newShareKeyPath), 0750, true);
}
- $view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
+ $view->rename($oldShareKeyPath, $newShareKeyPath);
}
// Rename keyfile so it isn't orphaned
@@ -561,18 +587,17 @@ class Hooks { }
// build the path to the file
- $newPath = '/' . $userId . '/files' . $params['newpath'];
- $newPathRelative = $params['newpath'];
+ $newPath = '/' . $ownerNew . '/files' . $pathNew;
if ($util->fixFileSize($newPath)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
- $usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
+ $usersSharing = $util->getSharingUsersArray($sharingEnabled, $pathNew);
// update sharing-keys
- $util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
+ $util->setSharedFileKeyfiles($session, $usersSharing, $pathNew);
}
\OC_FileProxy::$enabled = $proxyStatus;
diff --git a/apps/files_encryption/l10n/da.php b/apps/files_encryption/l10n/da.php index 9d307f1064d..9e4290534c0 100644 --- a/apps/files_encryption/l10n/da.php +++ b/apps/files_encryption/l10n/da.php @@ -8,19 +8,27 @@ $TRANSLATIONS = array( "Could not change the password. Maybe the old password was not correct." => "Kunne ikke ændre kodeordet. Måske var det gamle kodeord ikke korrekt.", "Private key password successfully updated." => "Privat nøgle kodeord succesfuldt opdateret.", "Could not update the private key password. Maybe the old password was not correct." => "Kunne ikke opdatere det private nøgle kodeord-. Måske var det gamle kodeord forkert.", +"Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." => "Krypteringsprogrammet er ikke igangsat. Det kan skyldes at krypteringsprogrammet er blevet genaktiveret under din session. Prøv at logge ud og ind igen for at aktivere krypteringsprogrammet. ", +"Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "Din private nøgle er ikke gyldig. Sandsynligvis er dit kodeord blevet ændret uden for %s (f.eks dit firmas adressebog). Du kan opdatere din private nøglekode i dine personlige indstillinger for at genskabe adgang til dine krypterede filer.", +"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." => "Kan ikke kryptere denne fil, sandsynligvis fordi felen er delt. Bed venligst filens ejer om at dele den med dig på ny.", +"Unknown error please check your system settings or contact your administrator" => "Ukendt fejl. Kontroller venligst dit system eller kontakt din administrator", "Missing requirements." => "Manglende betingelser.", "Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Sørg for at PHP 5.3.3 eller nyere er installeret og at OpenSSL sammen med PHP-udvidelsen er aktiveret og korrekt konfigureret. Indtil videre er krypteringsprogrammet deaktiveret.", "Following users are not set up for encryption:" => "Følgende brugere er ikke sat op til kryptering:", +"Initial encryption started... This can take some time. Please wait." => "Førstegangskryptering er påbegyndt... Dette kan tage nogen tid. Vent venligst.", "Saving..." => "Gemmer...", +"Go directly to your " => "Gå direkte til din ", "personal settings" => "Personlige indstillinger", "Encryption" => "Kryptering", "Enable recovery key (allow to recover users files in case of password loss):" => "Aktiver gendannelsesnøgle (Tillad gendannelse af brugerfiler i tilfælde af tab af kodeord):", "Recovery key password" => "Gendannelsesnøgle kodeord", +"Repeat Recovery key password" => "Gentag gendannelse af nøglekoden", "Enabled" => "Aktiveret", "Disabled" => "Deaktiveret", "Change recovery key password:" => "Skift gendannelsesnøgle kodeord:", "Old Recovery key password" => "Gammel Gendannelsesnøgle kodeord", "New Recovery key password" => "Ny Gendannelsesnøgle kodeord", +"Repeat New Recovery key password" => "Gentag dannelse af ny gendannaleses nøglekode", "Change Password" => "Skift Kodeord", "Your private key password no longer match your log-in password:" => "Dit private nøgle kodeord stemmer ikke længere overens med dit login kodeord:", "Set your old private key password to your current log-in password." => "Sæt dit gamle private nøgle kodeord til at være dit nuværende login kodeord. ", diff --git a/apps/files_encryption/l10n/el.php b/apps/files_encryption/l10n/el.php index 6b21122027a..22c1095e284 100644 --- a/apps/files_encryption/l10n/el.php +++ b/apps/files_encryption/l10n/el.php @@ -8,20 +8,30 @@ $TRANSLATIONS = array( "Could not change the password. Maybe the old password was not correct." => "Αποτυχία αλλαγής κωδικού ίσως ο παλιός κωδικός να μην ήταν σωστός.", "Private key password successfully updated." => "Το Προσωπικό κλειδί πρόσβασης ενημερώθηκε επιτυχώς", "Could not update the private key password. Maybe the old password was not correct." => "Αποτυχία ενημέρωσης του κωδικού για το προσωπικό κλειδί. Ενδεχομένως ο παλιός κωδικός δεν ήταν σωστός.", +"Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." => "Η εφαρμογή κρυπτογράφησης δεν έχει εκκινήσει! Ίσως η εφαρμογή κρυπτογράφησης επανενεργοποιήθηκε κατά τη διάρκεια της τρέχουσας σύνδεσής σας. Παρακαλώ προσπαθήστε να αποσυνδεθείτε και να ξανασυνδεθείτε για να εκκινήσετε την εφαρμογή κρυπτογράφησης.", +"Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "Το προσωπικό σας κλειδί δεν είναι έγκυρο! Πιθανόν ο κωδικός σας να άλλαξε έξω από το %s (π.χ. τη λίστα διευθύνσεων της εταιρείας σας). Μπορείτε να ενημερώσετε το προσωπικό σας κλειδί επαναφοράς κωδικού στις προσωπικές σας ρυθμίσεις για να επανακτήσετε πρόσβαση στα κρυπτογραφημένα σας αρχεία.", +"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." => "Δεν ήταν δυνατό να αποκρυπτογραφηθεί αυτό το αρχείο, πιθανόν πρόκειται για κοινόχρηστο αρχείο. Παρακαλώ ζητήστε από τον ιδιοκτήτη του αρχείου να το ξαναμοιραστεί μαζί σας.", "Unknown error please check your system settings or contact your administrator" => "Άγνωστο σφάλμα, παρακαλώ ελέγξτε τις ρυθμίσεις συστήματος ή επικοινωνήστε με τον διαχειριστή σας ", "Missing requirements." => "Προαπαιτούμενα που απουσιάζουν.", "Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Παρακαλώ επιβεβαιώστε ότι η PHP 5.3.3 ή νεότερη είναι εγκατεστημένη και ότι το OpenSSL μαζί με το PHP extension είναι ενεργοποιήμένο και έχει ρυθμιστεί σωστά. Προς το παρόν, η εφαρμογή κρυπτογράφησης είναι απενεργοποιημένη.", "Following users are not set up for encryption:" => "Οι κάτωθι χρήστες δεν έχουν ρυθμιστεί για κρυπογράφηση:", +"Initial encryption started... This can take some time. Please wait." => "Η αρχική κρυπτογράφηση άρχισε... Αυτό μπορεί να πάρει κάποια ώρα. Παρακαλώ περιμένετε.", "Saving..." => "Γίνεται αποθήκευση...", "Go directly to your " => "Πηγαίνε απευθείας στο ", "personal settings" => "προσωπικές ρυθμίσεις", "Encryption" => "Κρυπτογράφηση", +"Enable recovery key (allow to recover users files in case of password loss):" => "Ενεργοποίηση κλειδιού ανάκτησης (επιτρέψτε την ανάκτηση αρχείων χρηστών σε περίπτωση απώλειας κωδικού):", "Recovery key password" => "Επαναφορά κωδικού κλειδιού", +"Repeat Recovery key password" => "Επαναλάβετε το κλειδί επαναφοράς κωδικού", "Enabled" => "Ενεργοποιημένο", "Disabled" => "Απενεργοποιημένο", +"Change recovery key password:" => "Αλλαγή κλειδιού επαναφοράς κωδικού:", +"Old Recovery key password" => "Παλιό κλειδί επαναφοράς κωδικού", "New Recovery key password" => "Νέο κλειδί επαναφοράς κωδικού", +"Repeat New Recovery key password" => "Επαναλάβετε νέο κλειδί επαναφοράς κωδικού", "Change Password" => "Αλλαγή Κωδικού Πρόσβασης", "Your private key password no longer match your log-in password:" => "Ο κωδικός του προσωπικού κλειδιού δεν ταιριάζει πλέον με τον κωδικό σύνδεσής σας:", +"Set your old private key password to your current log-in password." => "Ορίστε το παλιό σας προσωπικό κλειδί ως τον τρέχων κωδικό πρόσβασης.", " If you don't remember your old password you can ask your administrator to recover your files." => "Εάν δεν θυμάστε τον παλιό σας κωδικό μπορείτε να ζητήσετε από τον διαχειριστή σας να επανακτήσει τα αρχεία σας.", "Old log-in password" => "Παλαιό συνθηματικό εισόδου", "Current log-in password" => "Τρέχον συνθηματικό πρόσβασης", diff --git a/apps/files_encryption/l10n/es_MX.php b/apps/files_encryption/l10n/es_MX.php new file mode 100644 index 00000000000..3906e3cacbe --- /dev/null +++ b/apps/files_encryption/l10n/es_MX.php @@ -0,0 +1,44 @@ +<?php +$TRANSLATIONS = array( +"Recovery key successfully enabled" => "Se ha habilitado la recuperación de archivos", +"Could not enable recovery key. Please check your recovery key password!" => "No se pudo habilitar la clave de recuperación. Por favor compruebe su contraseña.", +"Recovery key successfully disabled" => "Clave de recuperación deshabilitada", +"Could not disable recovery key. Please check your recovery key password!" => "No se pudo deshabilitar la clave de recuperación. Por favor compruebe su contraseña!", +"Password successfully changed." => "Su contraseña ha sido cambiada", +"Could not change the password. Maybe the old password was not correct." => "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.", +"Private key password successfully updated." => "Contraseña de clave privada actualizada con éxito.", +"Could not update the private key password. Maybe the old password was not correct." => "No se pudo cambiar la contraseña. Puede que la contraseña antigua no sea correcta.", +"Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." => "¡La aplicación de cifrado no ha sido inicializada! Quizá fue restablecida durante tu sesión. Por favor intenta cerrar la sesión y volver a iniciarla para inicializar la aplicación de cifrado.", +"Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera. de %s (Ej:Su directorio corporativo). Puede actualizar la contraseña de su clave privada en sus opciones personales para recuperar el acceso a sus archivos.", +"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." => "No fue posible descifrar este archivo, probablemente se trate de un archivo compartido. Solicite al propietario del mismo que vuelva a compartirlo con usted.", +"Unknown error please check your system settings or contact your administrator" => "Error desconocido. Verifique la configuración de su sistema o póngase en contacto con su administrador", +"Missing requirements." => "Requisitos incompletos.", +"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Por favor, asegúrese de que PHP 5.3.3 o posterior está instalado y que la extensión OpenSSL de PHP está habilitada y configurada correctamente. Por el momento, la aplicación de cifrado ha sido deshabilitada.", +"Following users are not set up for encryption:" => "Los siguientes usuarios no han sido configurados para el cifrado:", +"Initial encryption started... This can take some time. Please wait." => "Encriptación iniciada... Esto puede tomar un tiempo. Por favor espere.", +"Saving..." => "Guardando...", +"Go directly to your " => "Ir directamente a su", +"personal settings" => "opciones personales", +"Encryption" => "Cifrado", +"Enable recovery key (allow to recover users files in case of password loss):" => "Habilitar la clave de recuperación (permite recuperar los archivos del usuario en caso de pérdida de la contraseña);", +"Recovery key password" => "Contraseña de clave de recuperación", +"Repeat Recovery key password" => "Repite la contraseña de clave de recuperación", +"Enabled" => "Habilitar", +"Disabled" => "Deshabilitado", +"Change recovery key password:" => "Cambiar la contraseña de la clave de recuperación", +"Old Recovery key password" => "Antigua clave de recuperación", +"New Recovery key password" => "Nueva clave de recuperación", +"Repeat New Recovery key password" => "Repetir la nueva clave de recuperación", +"Change Password" => "Cambiar contraseña", +"Your private key password no longer match your log-in password:" => "Su contraseña de clave privada ya no coincide con su contraseña de acceso:", +"Set your old private key password to your current log-in password." => "Establecer la contraseña de su antigua clave privada a su contraseña actual de acceso.", +" If you don't remember your old password you can ask your administrator to recover your files." => "Si no recuerda su antigua contraseña puede pedir a su administrador que le recupere sus archivos.", +"Old log-in password" => "Contraseña de acceso antigua", +"Current log-in password" => "Contraseña de acceso actual", +"Update Private Key Password" => "Actualizar Contraseña de Clave Privada", +"Enable password recovery:" => "Habilitar la recuperación de contraseña:", +"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Habilitar esta opción le permitirá volver a tener acceso a sus archivos cifrados en caso de pérdida de contraseña", +"File recovery settings updated" => "Opciones de recuperación de archivos actualizada", +"Could not update file recovery" => "No se pudo actualizar la recuperación de archivos" +); +$PLURAL_FORMS = "nplurals=2; plural=(n != 1);"; diff --git a/apps/files_encryption/l10n/hu_HU.php b/apps/files_encryption/l10n/hu_HU.php index 323291bbfbe..163011ff80b 100644 --- a/apps/files_encryption/l10n/hu_HU.php +++ b/apps/files_encryption/l10n/hu_HU.php @@ -1,18 +1,44 @@ <?php $TRANSLATIONS = array( -"Recovery key successfully disabled" => "Visszaállítási kulcs sikeresen kikapcsolva", -"Password successfully changed." => "Jelszó sikeresen megváltoztatva.", +"Recovery key successfully enabled" => "A helyreállítási kulcs sikeresen bekapcsolva", +"Could not enable recovery key. Please check your recovery key password!" => "A helyreállítási kulcsot nem lehetett engedélyezni. Ellenőrizze a helyreállítási kulcsa jelszavát!", +"Recovery key successfully disabled" => "A helyreállítási kulcs sikeresen kikapcsolva", +"Could not disable recovery key. Please check your recovery key password!" => "A helyreállítási kulcsot nem lehetett kikapcsolni. Ellenőrizze a helyreállítási kulcsa jelszavát!", +"Password successfully changed." => "A jelszót sikeresen megváltoztattuk.", "Could not change the password. Maybe the old password was not correct." => "A jelszót nem lehet megváltoztatni! Lehet, hogy hibás volt a régi jelszó.", -"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Kérlek győződj meg arról, hogy PHP 5.3.3 vagy annál frissebb van telepítve, valamint a PHP-hez tartozó OpenSSL bővítmény be van-e kapcsolva és az helyesen van-e konfigurálva! Ki lett kapcsolva ideiglenesen a titkosító alkalmazás.", +"Private key password successfully updated." => "A személyes kulcsának jelszava frissítésre került.", +"Could not update the private key password. Maybe the old password was not correct." => "A személyes kulcsa jelszavát nem lehetett frissíteni. Lehet, hogy hibás volt a régi jelszó.", +"Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." => "A titkosítási modul nincs elindítva! Talán a munkafolyamat közben került engedélyezésre. Kérjük jelentkezzen ki majd ismét jelentkezzen be, hogy a titkosítási modul megfelelően elinduljon!", +"Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "Az állományok titkosításához használt titkos kulcsa érvénytelen. Valószínűleg a %s rendszeren kívül változtatta meg a jelszavát (pl. a munkahelyi címtárban). A személyes beállításoknál frissítheti a titkos kulcsát, hogy ismét elérhesse a titkosított állományait.", +"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." => "Az állományt nem sikerült dekódolni, valószínűleg ez egy megosztott fájl. Kérje meg az állomány tulajdonosát, hogy újra ossza meg Önnel ezt az állományt!", +"Unknown error please check your system settings or contact your administrator" => "Ismeretlen hiba. Ellenőrizze a rendszer beállításait vagy forduljon a rendszergazdához!", +"Missing requirements." => "Hiányzó követelmények.", +"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Kérem gondoskodjon arról, hogy PHP 5.3.3 vagy annál frissebb legyen telepítve, továbbá az OpenSSL a megfelelő PHP-bővítménnyel együtt rendelkezésre álljon és helyesen legyen konfigurálva! A titkosító modul egyelőre kikapcsolásra került.", +"Following users are not set up for encryption:" => "A következő felhasználók nem állították be a titkosítást:", +"Initial encryption started... This can take some time. Please wait." => "A titkosítási folyamat megkezdődött... Ez hosszabb ideig is eltarthat. Kérem várjon.", "Saving..." => "Mentés...", +"Go directly to your " => "Ugrás ide:", "personal settings" => "személyes beállítások", "Encryption" => "Titkosítás", +"Enable recovery key (allow to recover users files in case of password loss):" => "A helyreállítási kulcs beállítása (lehetővé teszi a felhasználók állományainak visszaállítását, ha elfelejtik a jelszavukat):", +"Recovery key password" => "A helyreállítási kulcs jelszava", +"Repeat Recovery key password" => "Ismételje meg a helyreállítási kulcs jelszavát", "Enabled" => "Bekapcsolva", "Disabled" => "Kikapcsolva", +"Change recovery key password:" => "A helyreállítási kulcs jelszavának módosítása:", +"Old Recovery key password" => "Régi Helyreállítási Kulcs Jelszava", +"New Recovery key password" => "Új Helyreállítási kulcs jelszava", +"Repeat New Recovery key password" => "Ismételje meg az új helyreállítási kulcs jelszavát", "Change Password" => "Jelszó megváltoztatása", +"Your private key password no longer match your log-in password:" => "A személyes kulcs jelszava mostantól nem azonos a belépési jelszavával:", +"Set your old private key password to your current log-in password." => "Állítsuk be a személyes kulcs jelszavát a jelenlegi bejelentkezési jelszavunkra.", +" If you don't remember your old password you can ask your administrator to recover your files." => "Ha nem emlékszik a régi jelszavára akkor megkérheti a rendszergazdát, hogy állítsa vissza az állományait.", "Old log-in password" => "Régi bejelentkezési jelszó", "Current log-in password" => "Jelenlegi bejelentkezési jelszó", -"Update Private Key Password" => "Privát kulcs jelszó frissítése", -"Enable password recovery:" => "Jelszó-visszaállítás bekapcsolása" +"Update Private Key Password" => "A személyest kulcs jelszó frissítése", +"Enable password recovery:" => "Jelszó-visszaállítás bekapcsolása", +"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Ez az opció lehetővé teszi, hogy a titkosított állományok tartalmát visszanyerjük abban az esetben, ha elfelejti a jelszavát", +"File recovery settings updated" => "A fájlhelyreállítási beállítások frissültek", +"Could not update file recovery" => "A fájlhelyreállítás nem frissíthető" ); $PLURAL_FORMS = "nplurals=2; plural=(n != 1);"; diff --git a/apps/files_encryption/l10n/id.php b/apps/files_encryption/l10n/id.php index 32c348bd8ba..a719d445820 100644 --- a/apps/files_encryption/l10n/id.php +++ b/apps/files_encryption/l10n/id.php @@ -1,6 +1,41 @@ <?php $TRANSLATIONS = array( +"Recovery key successfully enabled" => "Kunci pemulihan berhasil diaktifkan", +"Could not enable recovery key. Please check your recovery key password!" => "Tidak dapat mengaktifkan kunci pemulihan. Silakan periksa sandi kunci pemulihan Anda!", +"Recovery key successfully disabled" => "Kunci pemulihan berhasil dinonaktifkan", +"Could not disable recovery key. Please check your recovery key password!" => "Tidak dapat menonaktifkan kunci pemulihan. Silakan periksa sandi kunci pemulihan Anda!", +"Password successfully changed." => "Sandi berhasil diubah", +"Could not change the password. Maybe the old password was not correct." => "Tidak dapat mengubah sandi. Kemungkinan sandi lama yang dimasukkan salah.", +"Private key password successfully updated." => "Sandi kunci privat berhasil diperbarui.", +"Could not update the private key password. Maybe the old password was not correct." => "Tidak dapat memperbarui sandi kunci privat. Kemungkinan sandi lama yang Anda masukkan salah.", +"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." => "Tidak dapat mendekripsi berkas ini, mungkin ini adalah berkas bersama. Silakan meminta pemilik berkas ini untuk membagikan kembali dengan Anda.", +"Unknown error please check your system settings or contact your administrator" => "Kesalahan tak dikenal, silakan periksa pengaturan sistem Anda atau hubungi admin.", +"Missing requirements." => "Persyaratan yang hilang.", +"Following users are not set up for encryption:" => "Pengguna berikut belum diatur untuk enkripsi:", +"Initial encryption started... This can take some time. Please wait." => "Inisial enskripsi dijalankan... Ini dapat memakan waktu. Silakan tunggu.", "Saving..." => "Menyimpan...", -"Encryption" => "Enkripsi" +"Go directly to your " => "Langsung ke anda", +"personal settings" => "pengaturan pribadi", +"Encryption" => "Enkripsi", +"Enable recovery key (allow to recover users files in case of password loss):" => "Aktifkan kunci pemulihan (memungkinkan pengguna untuk memulihkan berkas dalam kasus kehilangan sandi):", +"Recovery key password" => "Sandi kunci pemulihan", +"Repeat Recovery key password" => "Ulangi sandi kunci Pemulihan", +"Enabled" => "Diaktifkan", +"Disabled" => "Dinonaktifkan", +"Change recovery key password:" => "Ubah sandi kunci pemulihan:", +"Old Recovery key password" => "Sandi kunci Pemulihan Lama", +"New Recovery key password" => "Sandi kunci Pemulihan Baru", +"Repeat New Recovery key password" => "Ulangi sandi kunci Pemulihan baru", +"Change Password" => "Ubah sandi", +"Your private key password no longer match your log-in password:" => "Sandi kunci privat Anda tidak lagi cocok dengan sandi masuk:", +"Set your old private key password to your current log-in password." => "Atur sandi kunci privat lama Anda sebagai sandi masuk Anda saat ini.", +" If you don't remember your old password you can ask your administrator to recover your files." => "Jika Anda tidak ingat sandi lama, Anda dapat meminta administrator Anda untuk memulihkan berkas.", +"Old log-in password" => "Sandi masuk yang lama", +"Current log-in password" => "Sandi masuk saat ini", +"Update Private Key Password" => "Perbarui Sandi Kunci Privat", +"Enable password recovery:" => "Aktifkan sandi pemulihan:", +"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Mengaktifkan opsi ini memungkinkan Anda untuk mendapatkan kembali akses ke berkas terenkripsi Anda dalam kasus kehilangan sandi", +"File recovery settings updated" => "Pengaturan pemulihan berkas diperbarui", +"Could not update file recovery" => "Tidak dapat memperbarui pemulihan berkas" ); $PLURAL_FORMS = "nplurals=1; plural=0;"; diff --git a/apps/files_encryption/l10n/ko.php b/apps/files_encryption/l10n/ko.php index cf06136c9b6..d91e861ca5d 100644 --- a/apps/files_encryption/l10n/ko.php +++ b/apps/files_encryption/l10n/ko.php @@ -1,26 +1,44 @@ <?php $TRANSLATIONS = array( -"Recovery key successfully enabled" => "복구키가 성공적으로 활성화 되었습니다", -"Could not enable recovery key. Please check your recovery key password!" => "복구키를 활성화 할수 없습니다. 복구키의 비밀번호를 확인해주세요!", -"Recovery key successfully disabled" => "복구키가 성공적으로 비활성화 되었습니다", -"Could not disable recovery key. Please check your recovery key password!" => "복구키를 비활성화 할수 없습니다. 복구키의 비밀번호를 확인해주세요!", +"Recovery key successfully enabled" => "복구 키가 성공적으로 활성화되었습니다", +"Could not enable recovery key. Please check your recovery key password!" => "복구 키를 활성화 할 수 없습니다. 복구 키의 암호를 확인해 주세요!", +"Recovery key successfully disabled" => "복구 키가 성공적으로 비활성화 되었습니다", +"Could not disable recovery key. Please check your recovery key password!" => "복구 키를 비활성화 할 수 없습니다. 복구 키의 암호를 확인해주세요!", "Password successfully changed." => "암호가 성공적으로 변경되었습니다", -"Could not change the password. Maybe the old password was not correct." => "암호를 변경할수 없습니다. 아마도 예전 암호가 정확하지 않은것 같습니다.", -"Private key password successfully updated." => "개인키 암호가 성공적으로 업데이트 됨.", +"Could not change the password. Maybe the old password was not correct." => "암호를 변경할 수 없습니다. 예전 암호가 정확하지 않은 것 같습니다.", +"Private key password successfully updated." => "개인 키 암호가 성공적으로 업데이트 됨.", +"Could not update the private key password. Maybe the old password was not correct." => "개인 키 암호를 업데이트할 수 없습니다. 이전 암호가 올바르지 않은 것 같습니다.", +"Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." => "암호화 앱이 초기화되지 않았습니다! 암호화 앱이 다시 활성화된 것 같습니다. 암호화 앱을 초기화하려면 로그아웃했다 다시 로그인하십시오.", +"Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "개인 키가 올바르지 않습니다! 암호가 %s(예: 회사 디렉터리) 외부에서 변경된 것 같습니다. 암호화된 파일에 다시 접근하려면 개인 설정에서 개인 키 암호를 수정하십시오.", +"Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." => "이 파일을 복호화할 수 없습니다. 공유된 파일일 수도 있습니다. 파일 소유자에게 공유를 다시 요청하십시오.", +"Unknown error please check your system settings or contact your administrator" => "알 수 없는 오류. 시스템 설정을 확인하거나 관리자에게 문의하십시오.", +"Missing requirements." => "요구 사항이 부족합니다.", +"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "PHP 5.3.3 이상 설치 여부, PHP의 OpenSSL 확장 기능 활성화 및 설정 여부를 확인하십시오. 암호화 앱이 비활성화 되었습니다.", +"Following users are not set up for encryption:" => "다음 사용자는 암호화를 사용할 수 없습니다:", +"Initial encryption started... This can take some time. Please wait." => "초기 암호화가 시작되었습니다... 시간이 걸릴 수도 있으니 기다려 주십시오.", "Saving..." => "저장 중...", +"Go directly to your " => "다음으로 바로 가기: ", "personal settings" => "개인 설정", "Encryption" => "암호화", -"Recovery key password" => "키 비밀번호 복구", +"Enable recovery key (allow to recover users files in case of password loss):" => "복구 키 사용 (암호를 잊었을 때 파일을 복구할 수 있도록 함):", +"Recovery key password" => "복구 키 암호", +"Repeat Recovery key password" => "복구 키 암호 재입력", "Enabled" => "활성화", "Disabled" => "비활성화", -"Change recovery key password:" => "복구 키 비밀번호 변경", -"Old Recovery key password" => "예전 복구 키 비밀번호", -"New Recovery key password" => "새 복구 키 비밀번호", +"Change recovery key password:" => "복구 키 암호 변경:", +"Old Recovery key password" => "이전 복구 키 암호", +"New Recovery key password" => "새 복구 키 암호", +"Repeat New Recovery key password" => "새 복구 키 암호 재입력", "Change Password" => "암호 변경", -"Old log-in password" => "예전 로그인 암호", +"Your private key password no longer match your log-in password:" => "개인 키 암호와 로그인 암호가 일치하지 않습니다:", +"Set your old private key password to your current log-in password." => "이전 개인 키 암호를 현재 로그인 암호로 설정하십시오.", +" If you don't remember your old password you can ask your administrator to recover your files." => " 이전 암호가 기억나지 않으면 시스템 관리자에게 파일 복구를 요청하십시오.", +"Old log-in password" => "이전 로그인 암호", "Current log-in password" => "현재 로그인 암호", "Update Private Key Password" => "개인 키 암호 업데이트", +"Enable password recovery:" => "암호 복구 사용:", +"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "이 옵션을 사용하면 암호를 잊었을 때 암호화된 파일에 다시 접근할 수 있습니다", "File recovery settings updated" => "파일 복구 설정 업데이트됨", -"Could not update file recovery" => "파일 복구를 업데이트 할수 없습니다" +"Could not update file recovery" => "파일 복구를 업데이트할 수 없습니다" ); $PLURAL_FORMS = "nplurals=1; plural=0;"; diff --git a/apps/files_encryption/l10n/pl.php b/apps/files_encryption/l10n/pl.php index 5d1a48d1246..b768bd46f8c 100644 --- a/apps/files_encryption/l10n/pl.php +++ b/apps/files_encryption/l10n/pl.php @@ -15,6 +15,7 @@ $TRANSLATIONS = array( "Missing requirements." => "Brak wymagań.", "Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Proszę upewnić się, że PHP 5.3.3 lub nowszy jest zainstalowany i że OpenSSL oraz rozszerzenie PHP jest włączone i poprawnie skonfigurowane. Obecnie szyfrowanie aplikacji zostało wyłączone.", "Following users are not set up for encryption:" => "Następujący użytkownicy nie mają skonfigurowanego szyfrowania:", +"Initial encryption started... This can take some time. Please wait." => "Rozpoczęto szyfrowanie... To może chwilę potrwać. Proszę czekać.", "Saving..." => "Zapisywanie...", "Go directly to your " => "Przejdź bezpośrednio do", "personal settings" => "Ustawienia osobiste", diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 17bcac5c585..5dcb05fa196 100755 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -29,6 +29,8 @@ namespace OCA\Encryption; */ class Helper { + private static $tmpFileMapping; // Map tmp files to files in data/user/files + /** * @brief register share related hooks * @@ -59,6 +61,7 @@ class Helper { */ public static function registerFilesystemHooks() { + \OCP\Util::connectHook('OC_Filesystem', 'rename', 'OCA\Encryption\Hooks', 'preRename'); \OCP\Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename'); } @@ -274,7 +277,7 @@ class Helper { $split = explode('/', $trimmed); // it is not a file relative to data/user/files - if (count($split) < 2 || $split[1] !== 'files') { + if (count($split) < 2 || ($split[1] !== 'files' && $split[1] !== 'cache')) { return false; } @@ -423,5 +426,27 @@ class Helper { public static function escapeGlobPattern($path) { return preg_replace('/(\*|\?|\[)/', '[$1]', $path); } + + /** + * @brief remember from which file the tmp file (getLocalFile() call) was created + * @param string $tmpFile path of tmp file + * @param string $originalFile path of the original file relative to data/ + */ + public static function addTmpFileToMapper($tmpFile, $originalFile) { + self::$tmpFileMapping[$tmpFile] = $originalFile; + } + + /** + * @brief get the path of the original file + * @param string $tmpFile path of the tmp file + * @return mixed path of the original file or false + */ + public static function getPathFromTmpFile($tmpFile) { + if (isset(self::$tmpFileMapping[$tmpFile])) { + return self::$tmpFileMapping[$tmpFile]; + } + + return false; + } } diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 5ba3bfa784f..4e71ab1dd5d 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -37,6 +37,7 @@ namespace OCA\Encryption; class Proxy extends \OC_FileProxy { private static $blackList = null; //mimetypes blacklisted from encryption + private static $unencryptedSizes = array(); // remember unencrypted size /** * Check if a file requires encryption @@ -114,6 +115,13 @@ class Proxy extends \OC_FileProxy { // get encrypted content $data = $view->file_get_contents($tmpPath); + // store new unenecrypted size so that it can be updated + // in the post proxy + $tmpFileInfo = $view->getFileInfo($tmpPath); + if ( isset($tmpFileInfo['size']) ) { + self::$unencryptedSizes[\OC_Filesystem::normalizePath($path)] = $tmpFileInfo['size']; + } + // remove our temp file $view->deleteAll('/' . \OCP\User::getUser() . '/cache/' . $cacheFolder); @@ -128,6 +136,24 @@ class Proxy extends \OC_FileProxy { } /** + * @brief update file cache with the new unencrypted size after file was written + * @param string $path + * @param mixed $result + * @return mixed + */ + public function postFile_put_contents($path, $result) { + $normalizedPath = \OC_Filesystem::normalizePath($path); + if ( isset(self::$unencryptedSizes[$normalizedPath]) ) { + $view = new \OC_FilesystemView('/'); + $view->putFileInfo($normalizedPath, + array('encrypted' => true, 'encrypted_size' => self::$unencryptedSizes[$normalizedPath])); + unset(self::$unencryptedSizes[$normalizedPath]); + } + + return $result; + } + + /** * @param string $path Path of file from which has been read * @param string $data Data that has been read from file */ @@ -182,8 +208,11 @@ class Proxy extends \OC_FileProxy { */ public function preUnlink($path) { - // let the trashbin handle this - if (\OCP\App::isEnabled('files_trashbin')) { + $relPath = Helper::stripUserFilesPath($path); + + // skip this method if the trash bin is enabled or if we delete a file + // outside of /data/user/files + if (\OCP\App::isEnabled('files_trashbin') || $relPath === false) { return true; } @@ -197,10 +226,7 @@ class Proxy extends \OC_FileProxy { $util = new Util($view, $userId); - // get relative path - $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); - - list($owner, $ownerPath) = $util->getUidAndFilename($relativePath); + list($owner, $ownerPath) = $util->getUidAndFilename($relPath); // Delete keyfile & shareKey so it isn't orphaned if (!Keymanager::deleteFileKey($view, $ownerPath)) { @@ -246,8 +272,8 @@ class Proxy extends \OC_FileProxy { // split the path parts $pathParts = explode('/', $path); - // FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted - if (isset($pathParts[2]) && $pathParts[2] === 'cache') { + // don't try to encrypt/decrypt cache chunks or files in the trash bin + if (isset($pathParts[2]) && ($pathParts[2] === 'cache' || $pathParts[2] === 'files_trashbin')) { return $result; } diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index 7a37d2200a4..b3bf34ddb82 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -64,6 +64,9 @@ class Stream { private $publicKey; private $encKeyfile; private $newFile; // helper var, we only need to write the keyfile for new files + private $isLocalTmpFile = false; // do we operate on a local tmp file + private $localTmpFile; // path of local tmp file + /** * @var \OC\Files\View */ @@ -91,13 +94,18 @@ class Stream { $this->rootView = new \OC_FilesystemView('/'); } - $this->session = new \OCA\Encryption\Session($this->rootView); $this->privateKey = $this->session->getPrivateKey(); - // rawPath is relative to the data directory - $this->rawPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path)); + $normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path)); + if ($originalFile = Helper::getPathFromTmpFile($normalizedPath)) { + $this->rawPath = $originalFile; + $this->isLocalTmpFile = true; + $this->localTmpFile = $normalizedPath; + } else { + $this->rawPath = $normalizedPath; + } $this->userId = Helper::getUser($this->rawPath); @@ -141,10 +149,14 @@ class Stream { \OCA\Encryption\Helper::redirectToErrorPage($this->session); } - $this->size = $this->rootView->filesize($this->rawPath, $mode); + $this->size = $this->rootView->filesize($this->rawPath); } - $this->handle = $this->rootView->fopen($this->rawPath, $mode); + if ($this->isLocalTmpFile) { + $this->handle = fopen($this->localTmpFile, $mode); + } else { + $this->handle = $this->rootView->fopen($this->rawPath, $mode); + } \OC_FileProxy::$enabled = $proxyStatus; @@ -164,14 +176,25 @@ class Stream { } /** + * @brief Returns the current position of the file pointer + * @return int position of the file pointer + */ + public function stream_tell() { + return ftell($this->handle); + } + + /** * @param $offset * @param int $whence + * @return bool true if fseek was successful, otherwise false */ public function stream_seek($offset, $whence = SEEK_SET) { $this->flush(); - fseek($this->handle, $offset, $whence); + // this wrapper needs to return "true" for success. + // the fseek call itself returns 0 on succeess + return !fseek($this->handle, $offset, $whence); } @@ -477,7 +500,7 @@ class Stream { if ($this->privateKey === false) { // cleanup - if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb') { + if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && !$this->isLocalTmpFile) { // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; @@ -498,6 +521,7 @@ class Stream { if ( $this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && + $this->isLocalTmpFile === false && $this->size > 0 && $this->unencryptedSize > 0 ) { diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index bf7c49504a2..8816d4d649a 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -2,9 +2,10 @@ /** * ownCloud * - * @author Sam Tuke, Frank Karlitschek + * @author Sam Tuke, Frank Karlitschek, Bjoern Schiessle * @copyright 2012 Sam Tuke <samtuke@owncloud.com>, - * Frank Karlitschek <frank@owncloud.org> + * Frank Karlitschek <frank@owncloud.org>, + * Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -241,11 +242,9 @@ class Util { if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $row = $result->fetchRow(); - if (isset($row['recovery_enabled'])) { - $recoveryEnabled[] = $row['recovery_enabled']; - } + $row = $result->fetchRow(); + if ($row && isset($row['recovery_enabled'])) { + $recoveryEnabled[] = $row['recovery_enabled']; } } @@ -289,7 +288,7 @@ class Util { $sql = 'UPDATE `*PREFIX*encryption` SET `recovery_enabled` = ? WHERE `uid` = ?'; $args = array( - $enabled, + $enabled ? '1' : '0', $this->userId ); @@ -415,69 +414,42 @@ class Util { } /** - * @brief Fetch the last lines of a file efficiently - * @note Safe to use on large files; does not read entire file to memory - * @note Derivative of http://tekkie.flashbit.net/php/tail-functionality-in-php - */ - public function tail($filename, $numLines) { - - \OC_FileProxy::$enabled = false; - - $text = ''; - $pos = -1; - $handle = $this->view->fopen($filename, 'r'); - - while ($numLines > 0) { - - --$pos; - - if (fseek($handle, $pos, SEEK_END) !== 0) { - - rewind($handle); - $numLines = 0; - - } elseif (fgetc($handle) === "\n") { - - --$numLines; - - } - - $block_size = (-$pos) % 8192; - if ($block_size === 0 || $numLines === 0) { - - $text = fread($handle, ($block_size === 0 ? 8192 : $block_size)) . $text; - - } - } - - fclose($handle); - - \OC_FileProxy::$enabled = true; - - return $text; - } - - /** * @brief Check if a given path identifies an encrypted file * @param string $path * @return boolean */ public function isEncryptedPath($path) { - $relPath = Helper::getPathToRealFile($path); - - if ($relPath === false) { - $relPath = Helper::stripUserFilesPath($path); - } - - $fileKey = Keymanager::getFileKey($this->view, $this, $relPath); + // Disable encryption proxy so data retrieved is in its + // original form + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; - if ($fileKey === false) { - return false; + // we only need 24 byte from the last chunk + $data = ''; + $handle = $this->view->fopen($path, 'r'); + if (is_resource($handle)) { + // suppress fseek warining, we handle the case that fseek doesn't + // work in the else branch + if (@fseek($handle, -24, SEEK_END) === 0) { + $data = fgets($handle); + } else { + // if fseek failed on the storage we create a local copy from the file + // and read this one + fclose($handle); + $localFile = $this->view->getLocalFile($path); + $handle = fopen($localFile, 'r'); + if (is_resource($handle) && fseek($handle, -24, SEEK_END) === 0) { + $data = fgets($handle); + } + } + fclose($handle); } - return true; + // re-enable proxy + \OC_FileProxy::$enabled = $proxyStatus; + return Crypt::isCatfileContent($data); } /** @@ -523,7 +495,20 @@ class Util { $lastChunckPos = ($lastChunkNr * 8192); // seek to end - fseek($stream, $lastChunckPos); + if (@fseek($stream, $lastChunckPos) === -1) { + // storage doesn't support fseek, we need a local copy + fclose($stream); + $localFile = $this->view->getLocalFile($path); + Helper::addTmpFileToMapper($localFile, $path); + $stream = fopen('crypt://' . $localFile, "r"); + if (fseek($stream, $lastChunckPos) === -1) { + // if fseek also fails on the local storage, than + // there is nothing we can do + fclose($stream); + \OCP\Util::writeLog('Encryption library', 'couldn\'t determine size of "' . $path, \OCP\Util::ERROR); + return $result; + } + } // get the content of the last chunk $lastChunkContent = fread($stream, $lastChunkSize); @@ -985,8 +970,8 @@ class Util { if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $row = $result->fetchRow(); + $row = $result->fetchRow(); + if ($row) { $path = substr($row['path'], strlen('files')); } } @@ -1266,11 +1251,9 @@ class Util { if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $row = $result->fetchRow(); - if (isset($row['migration_status'])) { - $migrationStatus[] = $row['migration_status']; - } + $row = $result->fetchRow(); + if ($row && isset($row['migration_status'])) { + $migrationStatus[] = $row['migration_status']; } } @@ -1378,59 +1361,32 @@ class Util { } } - /** * @brief go recursively through a dir and collect all files and sub files. * @param string $dir relative to the users files folder * @return array with list of files relative to the users files folder */ public function getAllFiles($dir) { - $result = array(); + $dirList = array($dir); - $content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath( - $this->userFilesDir . '/' . $dir)); - - // handling for re shared folders - $pathSplit = explode('/', $dir); - - foreach ($content as $c) { - - $sharedPart = $pathSplit[sizeof($pathSplit) - 1]; - $targetPathSplit = array_reverse(explode('/', $c['path'])); - - $path = ''; - - // rebuild path - foreach ($targetPathSplit as $pathPart) { - - if ($pathPart !== $sharedPart) { - - $path = '/' . $pathPart . $path; + while ($dirList) { + $dir = array_pop($dirList); + $content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath( + $this->userFilesDir . '/' . $dir)); + foreach ($content as $c) { + $usersPath = isset($c['usersPath']) ? $c['usersPath'] : $c['path']; + if ($c['type'] === 'dir') { + $dirList[] = substr($usersPath, strlen("files")); } else { - - break; - + $result[] = substr($usersPath, strlen("files")); } - } - $path = $dir . $path; - - if ($c['type'] === 'dir') { - - $result = array_merge($result, $this->getAllFiles($path)); - - } else { - - $result[] = $path; - - } } return $result; - } /** @@ -1450,9 +1406,7 @@ class Util { if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $row = $result->fetchRow(); - } + $row = $result->fetchRow(); } return $row; @@ -1476,9 +1430,7 @@ class Util { if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $row = $result->fetchRow(); - } + $row = $result->fetchRow(); } return $row; @@ -1497,18 +1449,16 @@ class Util { $result = $query->execute(array($id)); - $source = array(); + $source = null; if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $source = $result->fetchRow(); - } + $source = $result->fetchRow(); } $fileOwner = false; - if (isset($source['parent'])) { + if ($source && isset($source['parent'])) { $parent = $source['parent']; @@ -1518,16 +1468,14 @@ class Util { $result = $query->execute(array($parent)); - $item = array(); + $item = null; if (\OCP\DB::isError($result)) { \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); } else { - if ($result->numRows() > 0) { - $item = $result->fetchRow(); - } + $item = $result->fetchRow(); } - if (isset($item['parent'])) { + if ($item && isset($item['parent'])) { $parent = $item['parent']; diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index ca14e3e2ccb..388980ad4fd 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -155,7 +155,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { */ function testSymmetricStreamEncryptShortFileContent() { - $filename = 'tmp-' . time() . '.test'; + $filename = 'tmp-' . uniqid() . '.test'; $util = new Encryption\Util(new \OC_FilesystemView(), $this->userId); @@ -214,7 +214,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { function testSymmetricStreamEncryptLongFileContent() { // Generate a a random filename - $filename = 'tmp-' . time() . '.test'; + $filename = 'tmp-' . uniqid() . '.test'; $util = new Encryption\Util(new \OC_FilesystemView(), $this->userId); @@ -297,7 +297,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { */ function testSymmetricStreamDecryptShortFileContent() { - $filename = 'tmp-' . time(); + $filename = 'tmp-' . uniqid(); // Save long data as encrypted file using stream wrapper $cryptedFile = file_put_contents('crypt:///'. $this->userId . '/files/' . $filename, $this->dataShort); @@ -327,7 +327,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { */ function testSymmetricStreamDecryptLongFileContent() { - $filename = 'tmp-' . time(); + $filename = 'tmp-' . uniqid(); // Save long data as encrypted file using stream wrapper $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); @@ -418,7 +418,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { */ function testRenameFile() { - $filename = 'tmp-' . time(); + $filename = 'tmp-' . uniqid(); // Save long data as encrypted file using stream wrapper $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); @@ -431,7 +431,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { $this->assertEquals($this->dataLong, $decrypt); - $newFilename = 'tmp-new-' . time(); + $newFilename = 'tmp-new-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); $view->rename($filename, $newFilename); @@ -449,7 +449,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { */ function testMoveFileIntoFolder() { - $filename = 'tmp-' . time(); + $filename = 'tmp-' . uniqid(); // Save long data as encrypted file using stream wrapper $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); @@ -462,8 +462,8 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { $this->assertEquals($this->dataLong, $decrypt); - $newFolder = '/newfolder' . time(); - $newFilename = 'tmp-new-' . time(); + $newFolder = '/newfolder' . uniqid(); + $newFilename = 'tmp-new-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); $view->mkdir($newFolder); $view->rename($filename, $newFolder . '/' . $newFilename); @@ -484,8 +484,8 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { $view = new \OC\Files\View('/' . $this->userId . '/files'); - $filename = '/tmp-' . time(); - $folder = '/folder' . time(); + $filename = '/tmp-' . uniqid(); + $folder = '/folder' . uniqid(); $view->mkdir($folder); @@ -500,7 +500,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { $this->assertEquals($this->dataLong, $decrypt); - $newFolder = '/newfolder/subfolder' . time(); + $newFolder = '/newfolder/subfolder' . uniqid(); $view->mkdir('/newfolder'); $view->rename($folder, $newFolder); @@ -519,7 +519,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { * @medium */ function testChangePassphrase() { - $filename = 'tmp-' . time(); + $filename = 'tmp-' . uniqid(); // Save long data as encrypted file using stream wrapper $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); @@ -557,7 +557,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { */ function testViewFilePutAndGetContents() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper @@ -590,7 +590,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { * @large */ function testTouchExistingFile() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper @@ -614,7 +614,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { * @medium */ function testTouchFile() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); $view->touch($filename); @@ -638,7 +638,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { * @medium */ function testFopenFile() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper diff --git a/apps/files_encryption/tests/helper.php b/apps/files_encryption/tests/helper.php index cd2be70a8fe..4b46e976b81 100644 --- a/apps/files_encryption/tests/helper.php +++ b/apps/files_encryption/tests/helper.php @@ -8,6 +8,7 @@ require_once __DIR__ . '/../lib/helper.php'; +require_once __DIR__ . '/util.php'; use OCA\Encryption; @@ -16,6 +17,18 @@ use OCA\Encryption; */ class Test_Encryption_Helper extends \PHPUnit_Framework_TestCase { + const TEST_ENCRYPTION_HELPER_USER1 = "test-helper-user1"; + + public static function setUpBeforeClass() { + // create test user + \Test_Encryption_Util::loginHelper(\Test_Encryption_Helper::TEST_ENCRYPTION_HELPER_USER1, true); + } + + public static function tearDownAfterClass() { + // cleanup test user + \OC_User::deleteUser(\Test_Encryption_Helper::TEST_ENCRYPTION_HELPER_USER1); + } + /** * @medium */ @@ -64,4 +77,28 @@ class Test_Encryption_Helper extends \PHPUnit_Framework_TestCase { $this->assertEquals($relativePath, Encryption\Helper::getPathToRealFile($cachePath)); } + function testGetUser() { + + $path1 = "/" . self::TEST_ENCRYPTION_HELPER_USER1 . "/files/foo/bar.txt"; + $path2 = "/" . self::TEST_ENCRYPTION_HELPER_USER1 . "/cache/foo/bar.txt"; + $path3 = "/" . self::TEST_ENCRYPTION_HELPER_USER1 . "/thumbnails/foo"; + $path4 ="/" . "/" . self::TEST_ENCRYPTION_HELPER_USER1; + + // if we are logged-in every path should return the currently logged-in user + $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Encryption\Helper::getUser($path3)); + + // now log out + \Test_Encryption_Util::logoutHelper(); + + // now we should only get the user from /user/files and user/cache paths + $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Encryption\Helper::getUser($path1)); + $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Encryption\Helper::getUser($path2)); + + $this->assertFalse(Encryption\Helper::getUser($path3)); + $this->assertFalse(Encryption\Helper::getUser($path4)); + + // Log-in again + \Test_Encryption_Util::loginHelper(\Test_Encryption_Helper::TEST_ENCRYPTION_HELPER_USER1); + } + } diff --git a/apps/files_encryption/tests/keymanager.php b/apps/files_encryption/tests/keymanager.php index 1467979f005..58a57ee5af4 100644 --- a/apps/files_encryption/tests/keymanager.php +++ b/apps/files_encryption/tests/keymanager.php @@ -143,7 +143,7 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase { $key = $this->randomKey; - $file = 'unittest-' . time() . '.txt'; + $file = 'unittest-' . uniqid() . '.txt'; $util = new Encryption\Util($this->view, $this->userId); @@ -196,7 +196,7 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase { function testRecursiveDelShareKeys() { // generate filename - $filename = '/tmp-' . time() . '.txt'; + $filename = '/tmp-' . uniqid() . '.txt'; // create folder structure $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); diff --git a/apps/files_encryption/tests/proxy.php b/apps/files_encryption/tests/proxy.php index a22f12411f4..c3006274d6d 100644 --- a/apps/files_encryption/tests/proxy.php +++ b/apps/files_encryption/tests/proxy.php @@ -44,8 +44,10 @@ class Test_Encryption_Proxy extends \PHPUnit_Framework_TestCase { /** * @var \OC_FilesystemView */ - public $view; + public $view; // view in /data/user/files + public $rootView; // view on /data/user public $data; + public $filename; public static function setUpBeforeClass() { // reset backend @@ -74,9 +76,12 @@ class Test_Encryption_Proxy extends \PHPUnit_Framework_TestCase { // init filesystem view $this->view = new \OC_FilesystemView('/'. \Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1 . '/files'); + $this->rootView = new \OC_FilesystemView('/'. \Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1 ); // init short data $this->data = 'hats'; + $this->filename = 'enc_proxy_tests-' . uniqid() . '.txt'; + } public static function tearDownAfterClass() { @@ -90,21 +95,71 @@ class Test_Encryption_Proxy extends \PHPUnit_Framework_TestCase { */ function testPostFileSize() { - // generate filename - $filename = 'tmp-' . time() . '.txt'; - - $this->view->file_put_contents($filename, $this->data); + $this->view->file_put_contents($this->filename, $this->data); \OC_FileProxy::$enabled = false; - $unencryptedSize = $this->view->filesize($filename); + $unencryptedSize = $this->view->filesize($this->filename); \OC_FileProxy::$enabled = true; - $encryptedSize = $this->view->filesize($filename); + $encryptedSize = $this->view->filesize($this->filename); $this->assertTrue($encryptedSize !== $unencryptedSize); + // cleanup + $this->view->unlink($this->filename); + + } + + function testPreUnlinkWithoutTrash() { + + // remember files_trashbin state + $stateFilesTrashbin = OC_App::isEnabled('files_trashbin'); + + // we want to tests with app files_trashbin enabled + \OC_App::disable('files_trashbin'); + + $this->view->file_put_contents($this->filename, $this->data); + + // create a dummy file that we can delete something outside of data/user/files + $this->rootView->file_put_contents("dummy.txt", $this->data); + + // check if all keys are generated + $this->assertTrue($this->rootView->file_exists( + '/files_encryption/share-keys/' + . $this->filename . '.' . \Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1 . '.shareKey')); + $this->assertTrue($this->rootView->file_exists( + '/files_encryption/keyfiles/' . $this->filename . '.key')); + + + // delete dummy file outside of data/user/files + $this->rootView->unlink("dummy.txt"); + + // all keys should still exist + $this->assertTrue($this->rootView->file_exists( + '/files_encryption/share-keys/' + . $this->filename . '.' . \Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1 . '.shareKey')); + $this->assertTrue($this->rootView->file_exists( + '/files_encryption/keyfiles/' . $this->filename . '.key')); + + + // delete the file in data/user/files + $this->view->unlink($this->filename); + + // now also the keys should be gone + $this->assertFalse($this->rootView->file_exists( + '/files_encryption/share-keys/' + . $this->filename . '.' . \Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1 . '.shareKey')); + $this->assertFalse($this->rootView->file_exists( + '/files_encryption/keyfiles/' . $this->filename . '.key')); + + if ($stateFilesTrashbin) { + OC_App::enable('files_trashbin'); + } + else { + OC_App::disable('files_trashbin'); + } } } diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php index 6a29d2428dc..e55427620a6 100755 --- a/apps/files_encryption/tests/share.php +++ b/apps/files_encryption/tests/share.php @@ -649,9 +649,7 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase { * @large */ function testRecoveryFile() { - $this->markTestIncomplete( - 'No idea what\'s wrong here, this works perfectly in real-world. removeRecoveryKeys(\'/\') L709 removes correctly the keys, but for some reasons afterwards also the top-level folder "share-keys" is gone...' - ); + // login as admin \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1); @@ -754,13 +752,13 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase { * @large */ function testRecoveryForUser() { - $this->markTestIncomplete( - 'This test drives Jenkins crazy - "Cannot modify header information - headers already sent" - line 811' - ); + // login as admin \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1); - \OCA\Encryption\Helper::adminEnableRecovery(null, 'test123'); + $result = \OCA\Encryption\Helper::adminEnableRecovery(null, 'test123'); + $this->assertTrue($result); + $recoveryKeyId = OC_Appconfig::getValue('files_encryption', 'recoveryKeyId'); // login as user2 @@ -771,6 +769,9 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase { // enable recovery for admin $this->assertTrue($util->setRecoveryForUser(1)); + // add recovery keys for existing files (e.g. the auto-generated welcome.txt) + $util->addRecoveryKeys(); + // create folder structure $this->view->mkdir('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->folder1); $this->view->mkdir( @@ -809,6 +810,10 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase { // change password \OC_User::setPassword(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, 'test', 'test123'); + $params = array('uid' => \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, + 'password' => 'test', + 'recoveryPassword' => 'test123'); + \OCA\Encryption\Hooks::setPassphrase($params); // login as user2 \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, false, 'test'); @@ -823,8 +828,8 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase { $this->assertEquals($this->dataShort, $retrievedCryptedFile2); // cleanup - $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->folder1); - $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->filename); + $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1); + $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename); // check if share key for user and recovery exists $this->assertFalse($this->view->file_exists( @@ -889,8 +894,8 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase { } catch (Exception $e) { $this->assertEquals(0, strpos($e->getMessage(), "Following users are not set up for encryption")); } - - + + // login as admin \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1); diff --git a/apps/files_encryption/tests/stream.php b/apps/files_encryption/tests/stream.php index 530ee3a7b2d..fed2e7d89d1 100644 --- a/apps/files_encryption/tests/stream.php +++ b/apps/files_encryption/tests/stream.php @@ -99,7 +99,7 @@ class Test_Encryption_Stream extends \PHPUnit_Framework_TestCase { } function testStreamOptions() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper @@ -122,7 +122,7 @@ class Test_Encryption_Stream extends \PHPUnit_Framework_TestCase { } function testStreamSetBlocking() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper @@ -144,7 +144,7 @@ class Test_Encryption_Stream extends \PHPUnit_Framework_TestCase { * @medium */ function testStreamSetTimeout() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper @@ -163,7 +163,7 @@ class Test_Encryption_Stream extends \PHPUnit_Framework_TestCase { } function testStreamSetWriteBuffer() { - $filename = '/tmp-' . time(); + $filename = '/tmp-' . uniqid(); $view = new \OC\Files\View('/' . $this->userId . '/files'); // Save short data as encrypted file using stream wrapper @@ -180,4 +180,43 @@ class Test_Encryption_Stream extends \PHPUnit_Framework_TestCase { // tear down $view->unlink($filename); } + + /** + * @medium + * @brief test if stream wrapper can read files outside from the data folder + */ + function testStreamFromLocalFile() { + + $filename = '/' . $this->userId . '/files/' . 'tmp-' . uniqid().'.txt'; + + $tmpFilename = "/tmp/" . uniqid() . ".txt"; + + // write an encrypted file + $cryptedFile = $this->view->file_put_contents($filename, $this->dataShort); + + // Test that data was successfully written + $this->assertTrue(is_int($cryptedFile)); + + // create a copy outside of the data folder in /tmp + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + $encryptedContent = $this->view->file_get_contents($filename); + \OC_FileProxy::$enabled = $proxyStatus; + + file_put_contents($tmpFilename, $encryptedContent); + + \OCA\Encryption\Helper::addTmpFileToMapper($tmpFilename, $filename); + + // try to read the file from /tmp + $handle = fopen("crypt://".$tmpFilename, "r"); + $contentFromTmpFile = stream_get_contents($handle); + + // check if it was successful + $this->assertEquals($this->dataShort, $contentFromTmpFile); + + // clean up + unlink($tmpFilename); + $this->view->unlink($filename); + + } } diff --git a/apps/files_encryption/tests/trashbin.php b/apps/files_encryption/tests/trashbin.php index 2a41ace4015..2f9ecfd9d5d 100755 --- a/apps/files_encryption/tests/trashbin.php +++ b/apps/files_encryption/tests/trashbin.php @@ -119,7 +119,7 @@ class Test_Encryption_Trashbin extends \PHPUnit_Framework_TestCase { function testDeleteFile() { // generate filename - $filename = 'tmp-' . time() . '.txt'; + $filename = 'tmp-' . uniqid() . '.txt'; // save file with content $cryptedFile = file_put_contents('crypt:///' .\Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1. '/files/'. $filename, $this->dataShort); @@ -223,7 +223,7 @@ class Test_Encryption_Trashbin extends \PHPUnit_Framework_TestCase { function testPermanentDeleteFile() { // generate filename - $filename = 'tmp-' . time() . '.txt'; + $filename = 'tmp-' . uniqid() . '.txt'; // save file with content $cryptedFile = file_put_contents('crypt:///' .$this->userId. '/files/' . $filename, $this->dataShort); diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php index e8dfb74f3f3..97e3c518dac 100755 --- a/apps/files_encryption/tests/util.php +++ b/apps/files_encryption/tests/util.php @@ -134,6 +134,41 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { /** * @medium + * @brief test detection of encrypted files + */ + function testIsEncryptedPath() { + + $util = new Encryption\Util($this->view, $this->userId); + + self::loginHelper($this->userId); + + $unencryptedFile = '/tmpUnencrypted-' . uniqid() . '.txt'; + $encryptedFile = '/tmpEncrypted-' . uniqid() . '.txt'; + + // Disable encryption proxy to write a unencrypted file + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + + $this->view->file_put_contents($this->userId . '/files/' . $unencryptedFile, $this->dataShort); + + // Re-enable proxy - our work is done + \OC_FileProxy::$enabled = $proxyStatus; + + // write a encrypted file + $this->view->file_put_contents($this->userId . '/files/' . $encryptedFile, $this->dataShort); + + // test if both files are detected correctly + $this->assertFalse($util->isEncryptedPath($this->userId . '/files/' . $unencryptedFile)); + $this->assertTrue($util->isEncryptedPath($this->userId . '/files/' . $encryptedFile)); + + // cleanup + $this->view->unlink($this->userId . '/files/' . $unencryptedFile, $this->dataShort); + $this->view->unlink($this->userId . '/files/' . $encryptedFile, $this->dataShort); + + } + + /** + * @medium * @brief test setup of encryption directories */ function testSetupServerSide() { @@ -219,7 +254,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { \OC_User::setUserId(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1); - $filename = '/tmp-' . time() . '.test'; + $filename = '/tmp-' . uniqid() . '.test'; // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; @@ -247,7 +282,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { function testGetFileSize() { \Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1); - $filename = 'tmp-' . time(); + $filename = 'tmp-' . uniqid(); $externalFilename = '/' . $this->userId . '/files/' . $filename; // Test for 0 byte files @@ -283,7 +318,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { function testEncryptAll() { - $filename = "/encryptAll" . time() . ".txt"; + $filename = "/encryptAll" . uniqid() . ".txt"; $util = new Encryption\Util($this->view, $this->userId); // disable encryption to upload a unencrypted file @@ -315,7 +350,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { function testDecryptAll() { - $filename = "/decryptAll" . time() . ".txt"; + $filename = "/decryptAll" . uniqid() . ".txt"; $util = new Encryption\Util($this->view, $this->userId); $this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort); @@ -416,6 +451,12 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { OCA\Encryption\Hooks::login($params); } + public static function logoutHelper() { + \OC_Util::tearDownFS(); + \OC_User::setUserId(''); + \OC\Files\Filesystem::tearDown(); + } + /** * helper function to set migration status to the right value * to be able to test the migration path diff --git a/apps/files_encryption/tests/webdav.php b/apps/files_encryption/tests/webdav.php index a2a8ce6e34f..8e8b9c53cee 100755 --- a/apps/files_encryption/tests/webdav.php +++ b/apps/files_encryption/tests/webdav.php @@ -113,7 +113,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase { function testWebdavPUT() { // generate filename - $filename = '/tmp-' . time() . '.txt'; + $filename = '/tmp-' . uniqid() . '.txt'; // set server vars $_SERVER['REQUEST_METHOD'] = 'OPTIONS'; |