3 files changed, 41 insertions, 5 deletions

diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php
index fd91073b8de..b1af4676852 100644
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@@ -41,6 +41,39 @@ class Proxy extends \OC_FileProxy {
 	private static $fopenMode = array(); // remember the fopen mode
 	private static $enableEncryption = false; // Enable encryption for the given path
 
+
+	/**
+	 * check if path is excluded from encryption
+	 *
+	 * @param string $path relative to data/
+	 * @param string $uid user
+	 * @return boolean
+	 */
+	private function isExcludedPath($path, $uid) {
+
+		$view = new \OC\Files\View();
+
+		// files outside of the files-folder are excluded
+		if(strpos($path, '/' . $uid . '/files') !== 0) {
+			return true;
+		}
+
+		if (!$view->file_exists($path)) {
+			$path = dirname($path);
+		}
+
+		// we don't encrypt server-to-server shares
+		list($storage, ) = \OC\Files\Filesystem::resolvePath($path);
+		/**
+		 * @var \OCP\Files\Storage $storage
+		 */
+		if ($storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
+			return true;
+		}
+
+		return false;
+	}
+
 	/**
 	 * Check if a file requires encryption
 	 * @param string $path
@@ -50,7 +83,7 @@ class Proxy extends \OC_FileProxy {
 	 * Tests if server side encryption is enabled, and if we should call the
 	 * crypt stream wrapper for the given file
 	 */
-	private static function shouldEncrypt($path, $mode = 'w') {
+	private function shouldEncrypt($path, $mode = 'w') {
 
 		$userId = Helper::getUser($path);
 		$session = new Session(new \OC\Files\View());
@@ -59,7 +92,7 @@ class Proxy extends \OC_FileProxy {
 		if (
 				$session->getInitialized() !== Session::INIT_SUCCESSFUL // encryption successful initialized
 				|| Crypt::mode() !== 'server'   // we are not in server-side-encryption mode
-				|| strpos($path, '/' . $userId . '/files') !== 0 // path is not in files/
+				|| $this->isExcludedPath($path, $userId) // if path is excluded from encryption
 				|| substr($path, 0, 8) === 'crypt://' // we are already in crypt mode
 		) {
 			return false;
@@ -85,7 +118,7 @@ class Proxy extends \OC_FileProxy {
 	 */
 	public function preFile_put_contents($path, &$data) {
 
-		if (self::shouldEncrypt($path)) {
+		if ($this->shouldEncrypt($path)) {
 
 			if (!is_resource($data)) {
 
@@ -219,7 +252,7 @@ class Proxy extends \OC_FileProxy {
 	public function preFopen($path, $mode) {
 
 		self::$fopenMode[$path] = $mode;
-		self::$enableEncryption = self::shouldEncrypt($path, $mode);
+		self::$enableEncryption = $this->shouldEncrypt($path, $mode);
 
 	}
 
diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php
index 93be6691f96..ef18b924dd8 100644
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@@ -100,6 +100,8 @@ class Session {
 			$privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
 			$this->setPublicSharePrivateKey($privateKey);
 
+			$this->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
+
 			\OC_FileProxy::$enabled = $proxyStatus;
 		}
 	}
diff --git a/apps/files_encryption/tests/webdav.php b/apps/files_encryption/tests/webdav.php
index 84db54ff30b..73bc9ce08de 100755
--- a/apps/files_encryption/tests/webdav.php
+++ b/apps/files_encryption/tests/webdav.php
@@ -235,7 +235,8 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
 		$view = new \OC\Files\View($root);
 		$publicDir = new OC_Connector_Sabre_Directory($view, $view->getFileInfo(''));
 		$objectTree = new \OC\Connector\Sabre\ObjectTree();
-		$objectTree->init($publicDir, $view);
+		$mountManager = \OC\Files\Filesystem::getMountManager();
+		$objectTree->init($publicDir, $view, $mountManager);
 
 		// Fire up server
 		$server = new \Sabre\DAV\Server($publicDir);