From 71a532fc4d45fafa66ce748e1296f03f57c2ea75 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Tue, 28 May 2013 20:50:14 +0200 Subject: fixed if fopen returns false typically on external storage --- apps/files_encryption/lib/util.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 48485cf2e86..2452f4c6ae3 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -541,7 +541,7 @@ class Util { // we only need 24 byte from the last chunk $data = ''; $handle = $this->view->fopen($path, 'r'); - if (!fseek($handle, -24, SEEK_END)) { + if (is_resource($handle) && !fseek($handle, -24, SEEK_END)) { $data = fgets($handle); } -- cgit v1.2.3 From b44192f3668ae2e8e9685479fa62a78cfc5500ba Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 29 May 2013 13:10:26 +0200 Subject: check list of users with access to the file from the bottom to the top. This way we avoid calling getFileInfo() on every dir, which creates a lot of overhead, especially for external storages --- apps/files_encryption/lib/util.php | 4 ++-- lib/public/share.php | 20 +++++++++++++------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 2452f4c6ae3..0ff76e60580 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -1028,7 +1028,7 @@ class Util { if ($sharingEnabled) { // Find out who, if anyone, is sharing the file - $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner, true, true, true); + $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner, true); $userIds = $result['users']; if ($result['public']) { $userIds[] = $this->publicShareKeyId; @@ -1457,7 +1457,7 @@ class Util { // Find out who, if anyone, is sharing the file if ($sharingEnabled) { - $result = \OCP\Share::getUsersSharingFile($file, $this->userId, true, true, true); + $result = \OCP\Share::getUsersSharingFile($file, $this->userId, true); $userIds = $result['users']; $userIds[] = $this->recoveryKeyId; if ($result['public']) { diff --git a/lib/public/share.php b/lib/public/share.php index 03d662676c6..58e6131af58 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -133,17 +133,16 @@ class Share { * @note $path needs to be relative to user data dir, e.g. 'file.txt' * not '/admin/data/file.txt' */ - public static function getUsersSharingFile($path, $user, $includeOwner = false, $removeDuplicates = true) { + public static function getUsersSharingFile($path, $user, $includeOwner = false) { - $path_parts = explode(DIRECTORY_SEPARATOR, trim($path, DIRECTORY_SEPARATOR)); - $path = ''; $shares = array(); $publicShare = false; $view = new \OC\Files\View('/' . $user . '/files/'); - foreach ($path_parts as $p) { - $path .= '/' . $p; - $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); - $source = $meta['fileid']; + $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); + $source = $meta['fileid']; + $cache = new \OC\Files\Cache\Cache($meta['storage']); + + while ($path !== 'files') { // Fetch all shares of this file path from DB $query = \OC_DB::prepare( @@ -203,6 +202,13 @@ class Share { if ($result->fetchRow()) { $publicShare = true; } + + // let's get the parent for the next round + $meta = $cache->get((int)$source); + $parent = $meta['parent']; + $parentMeta = $cache->get((int)$parent); + $path = $parentMeta['path']; + $source = $parent; } // Include owner in list of users, if requested if ($includeOwner) { -- cgit v1.2.3 From 672811c103a352ecb4bc33c2071b9b4493398b30 Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 29 May 2013 13:12:30 +0200 Subject: if one public link share was found, we don't have to check it for the other folders --- lib/public/share.php | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index 58e6131af58..558efb49c0b 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -185,24 +185,26 @@ class Share { } //check for public link shares - $query = \OC_DB::prepare( - 'SELECT share_with + if (!$publicShare) { + $query = \OC_DB::prepare( + 'SELECT share_with FROM `*PREFIX*share` WHERE item_source = ? AND share_type = ?' - ); + ); - $result = $query->execute(array($source, self::SHARE_TYPE_LINK)); + $result = $query->execute(array($source, self::SHARE_TYPE_LINK)); - if (\OC_DB::isError($result)) { - \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); - } + if (\OC_DB::isError($result)) { + \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + } - if ($result->fetchRow()) { - $publicShare = true; + if ($result->fetchRow()) { + $publicShare = true; + } } - + // let's get the parent for the next round $meta = $cache->get((int)$source); $parent = $meta['parent']; -- cgit v1.2.3 From 893a1ed6f57966dcf5270837f121118c5e13c457 Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 29 May 2013 14:19:18 +0200 Subject: for external storages we never reach the path 'files', instead we need to leave the loop if no further parent exists --- lib/public/share.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/public/share.php b/lib/public/share.php index 558efb49c0b..19f7b2a20a9 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -140,9 +140,10 @@ class Share { $view = new \OC\Files\View('/' . $user . '/files/'); $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); $source = $meta['fileid']; + $parent = $meta['parent']; $cache = new \OC\Files\Cache\Cache($meta['storage']); - while ($path !== 'files') { + while ($path !== 'files' && $parent !== '-1') { // Fetch all shares of this file path from DB $query = \OC_DB::prepare( -- cgit v1.2.3 From 63a2bec6e53e0a7db70599334914625a72015f08 Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 29 May 2013 14:40:47 +0200 Subject: use public API for error handling; improved while condition --- lib/public/share.php | 43 ++++++++++++++++++++----------------------- 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index 19f7b2a20a9..2b7bf59219f 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -143,7 +143,7 @@ class Share { $parent = $meta['parent']; $cache = new \OC\Files\Cache\Cache($meta['storage']); - while ($path !== 'files' && $parent !== '-1') { + while ($parent !== '-1') { // Fetch all shares of this file path from DB $query = \OC_DB::prepare( @@ -156,14 +156,13 @@ class Share { $result = $query->execute(array($source, self::SHARE_TYPE_USER)); - if (\OC_DB::isError($result)) { - \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); - } - - while ($row = $result->fetchRow()) { - $shares[] = $row['share_with']; + if (\OCP\DB::isError($result)) { + \OCP\Util::writeLog('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + } else { + while ($row = $result->fetchRow()) { + $shares[] = $row['share_with']; + } } - // We also need to take group shares into account $query = \OC_DB::prepare( @@ -176,13 +175,13 @@ class Share { $result = $query->execute(array($source, self::SHARE_TYPE_GROUP)); - if (\OC_DB::isError($result)) { - \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); - } - - while ($row = $result->fetchRow()) { - $usersInGroup = \OC_Group::usersInGroup($row['share_with']); - $shares = array_merge($shares, $usersInGroup); + if (\OCP\DB::isError($result)) { + \OCP\Util::writeLog('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + } else { + while ($row = $result->fetchRow()) { + $usersInGroup = \OC_Group::usersInGroup($row['share_with']); + $shares = array_merge($shares, $usersInGroup); + } } //check for public link shares @@ -197,20 +196,18 @@ class Share { $result = $query->execute(array($source, self::SHARE_TYPE_LINK)); - if (\OC_DB::isError($result)) { - \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); - } - - if ($result->fetchRow()) { - $publicShare = true; + if (\OCP\DB::isError($result)) { + \OCP\Util::writeLog('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + } else { + if ($result->fetchRow()) { + $publicShare = true; + } } } // let's get the parent for the next round $meta = $cache->get((int)$source); $parent = $meta['parent']; - $parentMeta = $cache->get((int)$parent); - $path = $parentMeta['path']; $source = $parent; } // Include owner in list of users, if requested -- cgit v1.2.3 From 8587f565d2a7f72ec0244e508370447810199bfe Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 29 May 2013 15:14:15 +0200 Subject: remove unnecessary variable --- lib/public/share.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index 2b7bf59219f..8508eb96e5e 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -207,8 +207,7 @@ class Share { // let's get the parent for the next round $meta = $cache->get((int)$source); - $parent = $meta['parent']; - $source = $parent; + $source = $meta['parent']; } // Include owner in list of users, if requested if ($includeOwner) { -- cgit v1.2.3 From ae0f37e9e20a540ed93b99814f4eb066bd26aa88 Mon Sep 17 00:00:00 2001 From: Björn Schießle Date: Wed, 29 May 2013 15:37:27 +0200 Subject: fix indention --- lib/public/share.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index 8508eb96e5e..f7ab92ef018 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -187,11 +187,11 @@ class Share { //check for public link shares if (!$publicShare) { $query = \OC_DB::prepare( - 'SELECT share_with - FROM - `*PREFIX*share` - WHERE - item_source = ? AND share_type = ?' + 'SELECT share_with + FROM + `*PREFIX*share` + WHERE + item_source = ? AND share_type = ?' ); $result = $query->execute(array($source, self::SHARE_TYPE_LINK)); -- cgit v1.2.3 From d2652645425777c1a97f8421e51aad9bdcf39684 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 29 May 2013 19:11:39 +0200 Subject: fix for share folder on external storage --- apps/files_encryption/hooks/hooks.php | 15 ++++++++++++++- apps/files_encryption/lib/util.php | 20 +++++++++++++++++++- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 9af1f2c6459..4fc8fa75709 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -327,6 +327,13 @@ class Hooks { // if a folder was shared, get a list of all (sub-)folders if ($params['itemType'] === 'folder') { + + // get the path including mount point only if not a shared folder + if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) { + // get path including the the storage mount point + $path = $util->getPathWithMountPoint($params['itemSource']); + } + $allFiles = $util->getAllFiles($path); } else { $allFiles = array($path); @@ -402,7 +409,13 @@ class Hooks { // if we unshare a folder we need a list of all (sub-)files if ( $params['itemType'] === 'folder' ) { - + + // get the path including mount point only if not a shared folder + if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) { + // get path including the the storage mount point + $path = $util->getPathWithMountPoint($params['itemSource']); + } + $allFiles = $util->getAllFiles( $path ); } else { diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 0ff76e60580..64d7e9e5842 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -1199,7 +1199,7 @@ class Util { $result = array(); - $content = $this->view->getDirectoryContent($this->userFilesDir . $dir); + $content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath($this->userFilesDir . '/' . $dir)); // handling for re shared folders $path_split = explode('/', $dir); @@ -1531,4 +1531,22 @@ class Util { $this->recoverAllFiles('/', $privateKey); } + /** + * Get the path including the storage mount point + * @param int $id + * @return string the path including the mount point like AmazonS3/folder/file.txt + */ + public function getPathWithMountPoint($id) { + list($storage, $internalPath) = \OC\Files\Cache\Cache::getById($id); + $mount = \OC\Files\Filesystem::getMountByStorageId($storage); + $mountPoint = $mount[0]->getMountPoint(); + $path = \OC\Files\Filesystem::normalizePath($mountPoint.'/'.$internalPath); + + // reformat the path to be relative e.g. /user/files/folder becomes /folder/ + $pathSplit = explode( '/', $path ); + $relativePath = implode( '/', array_slice( $pathSplit, 3 ) ); + + return $relativePath; + } + } -- cgit v1.2.3 From c8d1cd224ddb7cd3c554d0a601e1215968817be4 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 29 May 2013 19:58:05 +0200 Subject: fix $parent/$source typo --- lib/public/share.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index f7ab92ef018..bc0e3f15c53 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -140,10 +140,9 @@ class Share { $view = new \OC\Files\View('/' . $user . '/files/'); $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); $source = $meta['fileid']; - $parent = $meta['parent']; $cache = new \OC\Files\Cache\Cache($meta['storage']); - while ($parent !== '-1') { + while ($source !== '-1') { // Fetch all shares of this file path from DB $query = \OC_DB::prepare( -- cgit v1.2.3 From 353d19d183b00132204de8a1798aa7f9d9caa4d9 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 29 May 2013 20:11:13 +0200 Subject: fixes if cache returns false --- lib/public/share.php | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index bc0e3f15c53..9a24192b4c8 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -123,25 +123,31 @@ class Share { return $path; } - + /** * @brief Find which users can access a shared item * @param $path to the file * @param $user owner of the file * @param include owner to the list of users with access to the file * @return array - * @note $path needs to be relative to user data dir, e.g. 'file.txt' + * @note $path needs to be relative to user data dir, e.g. 'file.txt' * not '/admin/data/file.txt' */ public static function getUsersSharingFile($path, $user, $includeOwner = false) { $shares = array(); $publicShare = false; + $source = '-1'; + $cache = false; + $view = new \OC\Files\View('/' . $user . '/files/'); $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); - $source = $meta['fileid']; - $cache = new \OC\Files\Cache\Cache($meta['storage']); - + + if($meta !== false) { + $source = $meta['fileid']; + $cache = new \OC\Files\Cache\Cache($meta['storage']); + } + while ($source !== '-1') { // Fetch all shares of this file path from DB @@ -206,7 +212,11 @@ class Share { // let's get the parent for the next round $meta = $cache->get((int)$source); - $source = $meta['parent']; + if($meta !== false) { + $source = $meta['parent']; + } else { + $source = '-1'; + } } // Include owner in list of users, if requested if ($includeOwner) { -- cgit v1.2.3 From df41a60c50842e1d28c62e350b769c46095129b0 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 29 May 2013 20:11:53 +0200 Subject: fixed typo --- apps/files_encryption/tests/webdav.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files_encryption/tests/webdav.php b/apps/files_encryption/tests/webdav.php index 94d3ec3fa55..3c3aa3dfa9f 100755 --- a/apps/files_encryption/tests/webdav.php +++ b/apps/files_encryption/tests/webdav.php @@ -216,7 +216,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase { * * @param bool $body * - * @note this init procedure is copied from /apps/files/remote.php + * @note this init procedure is copied from /apps/files/appinfo/remote.php */ function handleWebdavRequest($body = false) { // Backends -- cgit v1.2.3 From f1b884aa5db1fe81eb97a9d9dcd1323c8a18bd4b Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 29 May 2013 20:15:04 +0200 Subject: changed deprecated class --- lib/public/share.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/public/share.php b/lib/public/share.php index 9a24192b4c8..1eb0faf0973 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -141,7 +141,7 @@ class Share { $cache = false; $view = new \OC\Files\View('/' . $user . '/files/'); - $meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); + $meta = $view->getFileInfo(\OC\Files\Filesystem::normalizePath($path)); if($meta !== false) { $source = $meta['fileid']; -- cgit v1.2.3 From 1337f48d64cd6ac99b28a0d6bfc20509ea9e6bff Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 29 May 2013 20:41:07 +0200 Subject: fixes for pgsql --- lib/public/share.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index 1eb0faf0973..6c93139b107 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -137,7 +137,7 @@ class Share { $shares = array(); $publicShare = false; - $source = '-1'; + $source = -1; $cache = false; $view = new \OC\Files\View('/' . $user . '/files/'); @@ -148,7 +148,7 @@ class Share { $cache = new \OC\Files\Cache\Cache($meta['storage']); } - while ($source !== '-1') { + while ($source !== -1) { // Fetch all shares of this file path from DB $query = \OC_DB::prepare( @@ -213,9 +213,9 @@ class Share { // let's get the parent for the next round $meta = $cache->get((int)$source); if($meta !== false) { - $source = $meta['parent']; + $source = (int)$meta['parent']; } else { - $source = '-1'; + $source = -1; } } // Include owner in list of users, if requested -- cgit v1.2.3 From 8c17f2622633af1ee3251383cb353abc197f7603 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Thu, 30 May 2013 01:13:22 +0200 Subject: fixed problems with file_get_contents and file_put_contents this problem was related to text editor with big text files --- apps/files_encryption/lib/helper.php | 14 ++++ apps/files_encryption/lib/proxy.php | 158 +++++++++++++---------------------- apps/files_encryption/lib/util.php | 47 +++++------ 3 files changed, 92 insertions(+), 127 deletions(-) diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 1b3e5b1a642..e078ab35541 100755 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -186,4 +186,18 @@ class Helper { return false; } } + + /** + * @brief Format a path to be relative to the /user/files/ directory + * @param string $path the absolute path + * @return string e.g. turns '/admin/files/test.txt' into 'test.txt' + */ + public static function stripUserFilesPath($path) { + $trimmed = ltrim($path, '/'); + $split = explode('/', $trimmed); + $sliced = array_slice($split, 2); + $relPath = implode('/', $sliced); + + return $relPath; + } } \ No newline at end of file diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 11308612daf..2e18f7f9201 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -104,78 +104,40 @@ class Proxy extends \OC_FileProxy { if (self::shouldEncrypt($path)) { - // Stream put contents should have been converted to fopen if (!is_resource($data)) { - $userId = \OCP\USER::getUser(); + // get root view $view = new \OC_FilesystemView('/'); - $util = new Util($view, $userId); - $session = new \OCA\Encryption\Session($view); - $privateKey = $session->getPrivateKey(); - $filePath = $util->stripUserFilesPath($path); - // Set the filesize for userland, before encrypting - $size = strlen($data); - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); - // Check if there is an existing key we can reuse - if ($encKeyfile = Keymanager::getFileKey($view, $userId, $filePath)) { - - // Fetch shareKey - $shareKey = Keymanager::getShareKey($view, $userId, $filePath); - - // Decrypt the keyfile - $plainKey = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey); - - } else { - - // Make a new key - $plainKey = Crypt::generateKey(); - - } - - // Encrypt data - $encData = Crypt::symmetricEncryptFileContent($data, $plainKey); - - $sharingEnabled = \OCP\Share::isEnabled(); - - // if file exists try to get sharing users - if ($view->file_exists($path)) { - $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $filePath, $userId); - } else { - $uniqueUserIds[] = $userId; + if (!isset($relativePath)) { + return true; } - // Fetch public keys for all users who will share the file - $publicKeys = Keymanager::getPublicKeys($view, $uniqueUserIds); + $handle = fopen('crypt://' . $relativePath . '.part', 'w'); + if (is_resource($handle)) { - // Encrypt plain keyfile to multiple sharefiles - $multiEncrypted = Crypt::multiKeyEncrypt($plainKey, $publicKeys); + // write data to stream + fwrite($handle, $data); - // Save sharekeys to user folders - Keymanager::setShareKeys($view, $filePath, $multiEncrypted['keys']); + // close stream + fclose($handle); - // Set encrypted keyfile as common varname - $encKey = $multiEncrypted['data']; + // disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; - // Save keyfile for newly encrypted file in parallel directory tree - Keymanager::setFileKey($view, $filePath, $userId, $encKey); + // get encrypted content + $data = $view->file_get_contents($path . '.part'); - // Replace plain content with encrypted content by reference - $data = $encData; - - // Update the file cache with file info - \OC\Files\Filesystem::putFileInfo($filePath, array( - 'encrypted' => true, - 'size' => strlen($data), - 'unencrypted_size' => $size - ), ''); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; + // remove our temp file + $view->unlink($path . '.part'); + // re-enable proxy - our work is done + \OC_FileProxy::$enabled = $proxyStatus; + } } } @@ -189,15 +151,11 @@ class Proxy extends \OC_FileProxy { */ public function postFile_get_contents($path, $data) { - $userId = \OCP\USER::getUser(); + $plainData = null; $view = new \OC_FilesystemView('/'); - $util = new Util($view, $userId); - $relPath = $util->stripUserFilesPath($path); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); // init session $session = new \OCA\Encryption\Session($view); @@ -208,28 +166,27 @@ class Proxy extends \OC_FileProxy { && Crypt::isCatfileContent($data) ) { - $privateKey = $session->getPrivateKey($userId); - - // Get the encrypted keyfile - $encKeyfile = Keymanager::getFileKey($view, $userId, $relPath); - - // Attempt to fetch the user's shareKey - $shareKey = Keymanager::getShareKey($view, $userId, $relPath); - - // Decrypt keyfile with shareKey - $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey); + $handle = fopen('crypt://' . $relativePath, 'r'); - $plainData = Crypt::symmetricDecryptFileContent($data, $plainKeyfile); + if (is_resource($handle)) { + while (($plainDataChunk = fgets($handle, 8192)) !== false) { + $plainData .= $plainDataChunk; + } + } } elseif ( Crypt::mode() == 'server' && \OC::$session->exists('legacyenckey') && Crypt::isEncryptedMeta($path) ) { + // Disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + $plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey()); - } - \OC_FileProxy::$enabled = $proxyStatus; + \OC_FileProxy::$enabled = $proxyStatus; + } if (!isset($plainData)) { @@ -261,10 +218,10 @@ class Proxy extends \OC_FileProxy { $util = new Util($view, $userId); - // Format path to be relative to user files dir - $relPath = $util->stripUserFilesPath($path); + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); - list($owner, $ownerPath) = $util->getUidAndFilename($relPath); + list($owner, $ownerPath) = $util->getUidAndFilename($relativePath); // Delete keyfile & shareKey so it isn't orphaned if (!Keymanager::deleteFileKey($view, $owner, $ownerPath)) { @@ -305,12 +262,14 @@ class Proxy extends \OC_FileProxy { } - // Reformat path for use with OC_FSV - $path_split = explode('/', $path); - $path_f = implode('/', array_slice($path_split, 3)); + // split the path parts + $pathParts = explode('/', $path); + + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); // FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted - if (isset($path_split) && $path_split[2] === 'cache') { + if (isset($pathParts[2]) && $pathParts[2] === 'cache') { return $result; } @@ -335,14 +294,14 @@ class Proxy extends \OC_FileProxy { // Open the file using the crypto stream wrapper // protocol and let it do the decryption work instead - $result = fopen('crypt://' . $path_f, $meta['mode']); + $result = fopen('crypt://' . $relativePath, $meta['mode']); } elseif ( self::shouldEncrypt($path) and $meta ['mode'] !== 'r' and $meta['mode'] !== 'rb' ) { - $result = fopen('crypt://' . $path_f, $meta['mode']); + $result = fopen('crypt://' . $relativePath, $meta['mode']); } // Re-enable the proxy @@ -390,12 +349,11 @@ class Proxy extends \OC_FileProxy { return $size; } - // Reformat path for use with OC_FSV - $path_split = explode('/', $path); - $path_f = implode('/', array_slice($path_split, 3)); + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); // if path is empty we cannot resolve anything - if (empty($path_f)) { + if (empty($relativePath)) { return $size; } @@ -424,7 +382,7 @@ class Proxy extends \OC_FileProxy { $fileInfo['unencrypted_size'] = $size; // put file info if not .part file - if (!Keymanager::isPartialFilePath($path_f)) { + if (!Keymanager::isPartialFilePath($relativePath)) { $view->putFileInfo($path, $fileInfo); } } @@ -447,21 +405,23 @@ class Proxy extends \OC_FileProxy { $userId = \OCP\User::getUser(); $util = new Util($view, $userId); - // Reformat path for use with OC_FSV - $path_split = explode('/', $path); - $path_f = implode('/', array_slice($path_split, 3)); + // split the path parts + $pathParts = explode('/', $path); + + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); // only if file is on 'files' folder fix file size and sharing - if (isset($path_split) && $path_split[2] === 'files' && $util->fixFileSize($path)) { + if (isset($pathParts[2]) && $pathParts[2] === 'files' && $util->fixFileSize($path)) { // get sharing app state $sharingEnabled = \OCP\Share::isEnabled(); // get users - $usersSharing = $util->getSharingUsersArray($sharingEnabled, $path_f); + $usersSharing = $util->getSharingUsersArray($sharingEnabled, $relativePath); // update sharing-keys - $util->setSharedFileKeyfiles($session, $usersSharing, $path_f); + $util->setSharedFileKeyfiles($session, $usersSharing, $relativePath); } \OC_FileProxy::$enabled = $proxyStatus; diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 0c1421a471b..04bd4dc8aca 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -188,7 +188,9 @@ class Util { /** * @brief Sets up user folders and keys for serverside encryption - * @param string $passphrase passphrase to encrypt server-stored private key with + * + * @param string $passphrase to encrypt server-stored private key with + * @return bool */ public function setupServerSide($passphrase = null) { @@ -403,7 +405,7 @@ class Util { ) { $filePath = $directory . '/' . $this->view->getRelativePath('/' . $file); - $relPath = $this->stripUserFilesPath($filePath); + $relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath); // If the path is a directory, search // its contents @@ -528,7 +530,7 @@ class Util { /** * @brief Check if a given path identifies an encrypted file - * @param $path + * @param string $path * @return boolean */ public function isEncryptedPath($path) { @@ -565,11 +567,13 @@ class Util { $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; - // Reformat path for use with OC_FSV - $pathSplit = explode('/', $path); - $pathRelative = implode('/', array_slice($pathSplit, 3)); + // split the path parts + $pathParts = explode('/', $path); + + // get relative path + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); - if (isset($pathSplit[2]) && $pathSplit[2] === 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) { + if (isset($pathParts[2]) && $pathParts[2] === 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) { // get the size from filesystem $fullPath = $this->view->getLocalFile($path); @@ -579,7 +583,7 @@ class Util { $lastChunkNr = floor($size / 8192); // open stream - $stream = fopen('crypt://' . $pathRelative, "r"); + $stream = fopen('crypt://' . $relativePath, "r"); if (is_resource($stream)) { // calculate last chunk position @@ -639,21 +643,7 @@ class Util { return $result; } - /** - * @brief Format a path to be relative to the /user/files/ directory - * @note e.g. turns '/admin/files/test.txt' into 'test.txt' - */ - public function stripUserFilesPath($path) { - - $trimmed = ltrim($path, '/'); - $split = explode('/', $trimmed); - $sliced = array_slice($split, 2); - $relPath = implode('/', $sliced); - - return $relPath; - - } - + /** * @param $path * @return bool @@ -748,7 +738,7 @@ class Util { $recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKeys ); $rawPath = $legacyFile['path']; - $relPath = $this->stripUserFilesPath($rawPath); + $relPath = \OCA\Encryption\Helper::stripUserFilesPath($rawPath); // Save keyfile Keymanager::setFileKey($this->view, $relPath, $this->userId, $recrypted['filekey']); @@ -903,6 +893,7 @@ class Util { * @param string $filePath * @param string $fileOwner * @param string $privateKey + * @return bool|string * @note Checks whether file was encrypted with openssl_seal or * openssl_encrypt, and decrypts accrdingly * @note This was used when 2 types of encryption for keyfiles was used, @@ -1136,6 +1127,7 @@ class Util { /** * @brief get uid of the owners of the file and the path to the file * @param string $path Path of the file to check + * @throws \Exception * @note $shareFilePath must be relative to data/UID/files. Files * relative to /Shared are also acceptable * @return array @@ -1202,11 +1194,11 @@ class Util { $content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath($this->userFilesDir . '/' . $dir)); // handling for re shared folders - $path_split = explode('/', $dir); + $pathSplit = explode('/', $dir); foreach ($content as $c) { - $sharedPart = $path_split[sizeof($path_split) - 1]; + $sharedPart = $pathSplit[sizeof($pathSplit) - 1]; $targetPathSplit = array_reverse(explode('/', $c['path'])); $path = ''; @@ -1547,8 +1539,7 @@ class Util { $path = \OC\Files\Filesystem::normalizePath($mountPoint.'/'.$internalPath); // reformat the path to be relative e.g. /user/files/folder becomes /folder/ - $pathSplit = explode( '/', $path ); - $relativePath = implode( '/', array_slice( $pathSplit, 3 ) ); + $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path); return $relativePath; } -- cgit v1.2.3 From 6d94b393bf501ead44281cd4c2ce2483e18ed47f Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Thu, 30 May 2013 01:38:11 +0200 Subject: fix share and un-share for single file --- apps/files_encryption/hooks/hooks.php | 36 +++++++++++++---------------------- 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 9893cecc94e..eb9a2600d70 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -327,15 +327,14 @@ class Hooks { $sharingEnabled = \OCP\Share::isEnabled(); + // get the path including mount point only if not a shared folder + if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) { + // get path including the the storage mount point + $path = $util->getPathWithMountPoint($params['itemSource']); + } + // if a folder was shared, get a list of all (sub-)folders if ($params['itemType'] === 'folder') { - - // get the path including mount point only if not a shared folder - if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) { - // get path including the the storage mount point - $path = $util->getPathWithMountPoint($params['itemSource']); - } - $allFiles = $util->getAllFiles($path); } else { $allFiles = array($path); @@ -383,17 +382,11 @@ class Hooks { // rebuild path foreach ($targetPathSplit as $pathPart) { - if ($pathPart !== $sharedPart) { - $path = '/' . $pathPart . $path; - } else { - break; - } - } // prefix path with Shared @@ -411,19 +404,16 @@ class Hooks { } } - // if we unshare a folder we need a list of all (sub-)files - if ( $params['itemType'] === 'folder' ) { - - // get the path including mount point only if not a shared folder - if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) { - // get path including the the storage mount point - $path = $util->getPathWithMountPoint($params['itemSource']); - } + // get the path including mount point only if not a shared folder + if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) { + // get path including the the storage mount point + $path = $util->getPathWithMountPoint($params['itemSource']); + } + // if we unshare a folder we need a list of all (sub-)files + if ($params['itemType'] === 'folder') { $allFiles = $util->getAllFiles( $path ); - } else { - $allFiles = array($path); } -- cgit v1.2.3 From b3834b49c3a98e5b7adbb64983f489f0d992c83c Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Thu, 30 May 2013 22:05:52 +0200 Subject: prevent files_versions from calling file proxy which calls files_encryption and do unnecessary load and file operations --- apps/files_versions/lib/versions.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/apps/files_versions/lib/versions.php b/apps/files_versions/lib/versions.php index 5fdbef27743..4beb9e0fe5c 100644 --- a/apps/files_versions/lib/versions.php +++ b/apps/files_versions/lib/versions.php @@ -113,8 +113,16 @@ class Storage { mkdir($versionsFolderName.'/'.$info['dirname'], 0750, true); } + // disable proxy to prevent multiple fopen calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + // store a new version of a file $users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename)); + + // reset proxy state + \OC_FileProxy::$enabled = $proxyStatus; + $versionsSize = self::getVersionsSize($uid); if ( $versionsSize === false || $versionsSize < 0 ) { $versionsSize = self::calculateSize($uid); @@ -195,7 +203,16 @@ class Storage { //first create a new version $version = 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename); if ( !$users_view->file_exists($version)) { + + // disable proxy to prevent multiple fopen calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + $users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename)); + + // reset proxy state + \OC_FileProxy::$enabled = $proxyStatus; + $versionCreated = true; } -- cgit v1.2.3 From eaa4f92275a5dea91743eab57423c2b698386e69 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Thu, 30 May 2013 22:07:36 +0200 Subject: added our own file extension .part will not work here if we use file_get_contents so we used our own extension '.etmp' --- apps/files_encryption/lib/keymanager.php | 4 ++-- apps/files_encryption/lib/proxy.php | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php index 9bb854325de..e911c1785df 100755 --- a/apps/files_encryption/lib/keymanager.php +++ b/apps/files_encryption/lib/keymanager.php @@ -169,7 +169,7 @@ class Keymanager { */ public static function fixPartialFilePath($path) { - if (preg_match('/\.part$/', $path)) { + if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) { $newLength = strlen($path) - 5; $fPath = substr($path, 0, $newLength); @@ -191,7 +191,7 @@ class Keymanager { */ public static function isPartialFilePath($path) { - if (preg_match('/\.part$/', $path)) { + if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) { return true; diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 2e18f7f9201..0df34a38bd7 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -116,7 +116,7 @@ class Proxy extends \OC_FileProxy { return true; } - $handle = fopen('crypt://' . $relativePath . '.part', 'w'); + $handle = fopen('crypt://' . $relativePath . '.etmp', 'w'); if (is_resource($handle)) { // write data to stream @@ -130,10 +130,10 @@ class Proxy extends \OC_FileProxy { \OC_FileProxy::$enabled = false; // get encrypted content - $data = $view->file_get_contents($path . '.part'); + $data = $view->file_get_contents($path . '.etmp'); // remove our temp file - $view->unlink($path . '.part'); + $view->unlink($path . '.etmp'); // re-enable proxy - our work is done \OC_FileProxy::$enabled = $proxyStatus; -- cgit v1.2.3