nextcloud / server

apps/federatedfilesharing/appinfo/app.php

Indentation +12 added lines, -12 removed lines

@@ -30,22 +30,22 @@
 
 $manager = \OC::$server->getNotificationManager();
 $manager->registerNotifier(function() {
-	return \OC::$server->query(Notifier::class);
+    return \OC::$server->query(Notifier::class);
 }, function() {
-	$l = \OC::$server->getL10N('files_sharing');
-	return [
-		'id' => 'files_sharing',
-		'name' => $l->t('Federated sharing'),
-	];
+    $l = \OC::$server->getL10N('files_sharing');
+    return [
+        'id' => 'files_sharing',
+        'name' => $l->t('Federated sharing'),
+    ];
 });
 
 $federatedShareProvider = $app->getFederatedShareProvider();
 
 $eventDispatcher->addListener(
-	'OCA\Files::loadAdditionalScripts',
-	function() use ($federatedShareProvider) {
-		if ($federatedShareProvider->isIncomingServer2serverShareEnabled()) {
-			\OCP\Util::addScript('federatedfilesharing', 'external');
-		}
-	}
+    'OCA\Files::loadAdditionalScripts',
+    function() use ($federatedShareProvider) {
+        if ($federatedShareProvider->isIncomingServer2serverShareEnabled()) {
+            \OCP\Util::addScript('federatedfilesharing', 'external');
+        }
+    }
 );

apps/federation/appinfo/routes.php

Indentation +46 added lines, -46 removed lines

@@ -23,50 +23,50 @@
 $application = new \OCA\Federation\AppInfo\Application();
 
 $application->registerRoutes(
-	$this,
-	[
-		'routes' => [
-			[
-				'name' => 'Settings#addServer',
-				'url' => '/trusted-servers',
-				'verb' => 'POST'
-			],
-			[
-				'name' => 'Settings#removeServer',
-				'url' => '/trusted-servers/{id}',
-				'verb' => 'DELETE'
-			],
-			[
-				'name' => 'Settings#autoAddServers',
-				'url' => '/auto-add-servers',
-				'verb' => 'POST'
-			],
-		],
-		'ocs' => [
-			// old endpoints, only used by Nextcloud and ownCloud
-			[
-				'name' => 'OCSAuthAPI#getSharedSecretLegacy',
-				'url' => '/api/v1/shared-secret',
-				'verb' => 'GET',
-			],
-			[
-				'name' => 'OCSAuthAPI#requestSharedSecretLegacy',
-				'url' => '/api/v1/request-shared-secret',
-				'verb' => 'POST',
-			],
-			// new endpoints, published as public api
-			[
-				'name' => 'OCSAuthAPI#getSharedSecret',
-				'root' => '/cloud',
-				'url' => '/shared-secret',
-				'verb' => 'GET',
-			],
-			[
-				'name' => 'OCSAuthAPI#requestSharedSecret',
-				'root' => '/cloud',
-				'url' => '/shared-secret',
-				'verb' => 'POST',
-			],
-		],
-	]
+    $this,
+    [
+        'routes' => [
+            [
+                'name' => 'Settings#addServer',
+                'url' => '/trusted-servers',
+                'verb' => 'POST'
+            ],
+            [
+                'name' => 'Settings#removeServer',
+                'url' => '/trusted-servers/{id}',
+                'verb' => 'DELETE'
+            ],
+            [
+                'name' => 'Settings#autoAddServers',
+                'url' => '/auto-add-servers',
+                'verb' => 'POST'
+            ],
+        ],
+        'ocs' => [
+            // old endpoints, only used by Nextcloud and ownCloud
+            [
+                'name' => 'OCSAuthAPI#getSharedSecretLegacy',
+                'url' => '/api/v1/shared-secret',
+                'verb' => 'GET',
+            ],
+            [
+                'name' => 'OCSAuthAPI#requestSharedSecretLegacy',
+                'url' => '/api/v1/request-shared-secret',
+                'verb' => 'POST',
+            ],
+            // new endpoints, published as public api
+            [
+                'name' => 'OCSAuthAPI#getSharedSecret',
+                'root' => '/cloud',
+                'url' => '/shared-secret',
+                'verb' => 'GET',
+            ],
+            [
+                'name' => 'OCSAuthAPI#requestSharedSecret',
+                'root' => '/cloud',
+                'url' => '/shared-secret',
+                'verb' => 'POST',
+            ],
+        ],
+    ]
 );

apps/federation/lib/SyncFederationAddressBooks.php

Indentation +53 added lines, -53 removed lines

@@ -30,64 +30,64 @@
 
 class SyncFederationAddressBooks {
 
-	/** @var DbHandler */
-	protected $dbHandler;
+    /** @var DbHandler */
+    protected $dbHandler;
 
-	/** @var SyncService */
-	private $syncService;
+    /** @var SyncService */
+    private $syncService;
 
-	/** @var  DiscoveryService */
-	private $ocsDiscoveryService;
+    /** @var  DiscoveryService */
+    private $ocsDiscoveryService;
 
-	/**
-	 * @param DbHandler $dbHandler
-	 * @param SyncService $syncService
-	 * @param IDiscoveryService $ocsDiscoveryService
-	 */
-	public function __construct(DbHandler $dbHandler,
-								SyncService $syncService,
-								IDiscoveryService $ocsDiscoveryService
-	) {
-		$this->syncService = $syncService;
-		$this->dbHandler = $dbHandler;
-		$this->ocsDiscoveryService = $ocsDiscoveryService;
-	}
+    /**
+     * @param DbHandler $dbHandler
+     * @param SyncService $syncService
+     * @param IDiscoveryService $ocsDiscoveryService
+     */
+    public function __construct(DbHandler $dbHandler,
+                                SyncService $syncService,
+                                IDiscoveryService $ocsDiscoveryService
+    ) {
+        $this->syncService = $syncService;
+        $this->dbHandler = $dbHandler;
+        $this->ocsDiscoveryService = $ocsDiscoveryService;
+    }
 
-	/**
-	 * @param \Closure $callback
-	 */
-	public function syncThemAll(\Closure $callback) {
+    /**
+     * @param \Closure $callback
+     */
+    public function syncThemAll(\Closure $callback) {
 
-		$trustedServers = $this->dbHandler->getAllServer();
-		foreach ($trustedServers as $trustedServer) {
-			$url = $trustedServer['url'];
-			$callback($url, null);
-			$sharedSecret = $trustedServer['shared_secret'];
-			$syncToken = $trustedServer['sync_token'];
+        $trustedServers = $this->dbHandler->getAllServer();
+        foreach ($trustedServers as $trustedServer) {
+            $url = $trustedServer['url'];
+            $callback($url, null);
+            $sharedSecret = $trustedServer['shared_secret'];
+            $syncToken = $trustedServer['sync_token'];
 
-			$endPoints = $this->ocsDiscoveryService->discover($url, 'FEDERATED_SHARING');
-			$cardDavUser = isset($endPoints['carddav-user']) ? $endPoints['carddav-user'] : 'system';
-			$addressBookUrl = isset($endPoints['system-address-book']) ? trim($endPoints['system-address-book'], '/') : 'remote.php/dav/addressbooks/system/system/system';
+            $endPoints = $this->ocsDiscoveryService->discover($url, 'FEDERATED_SHARING');
+            $cardDavUser = isset($endPoints['carddav-user']) ? $endPoints['carddav-user'] : 'system';
+            $addressBookUrl = isset($endPoints['system-address-book']) ? trim($endPoints['system-address-book'], '/') : 'remote.php/dav/addressbooks/system/system/system';
 
-			if (is_null($sharedSecret)) {
-				continue;
-			}
-			$targetBookId = $trustedServer['url_hash'];
-			$targetPrincipal = "principals/system/system";
-			$targetBookProperties = [
-					'{DAV:}displayname' => $url
-			];
-			try {
-				$newToken = $this->syncService->syncRemoteAddressBook($url, $cardDavUser, $addressBookUrl, $sharedSecret, $syncToken, $targetBookId, $targetPrincipal, $targetBookProperties);
-				if ($newToken !== $syncToken) {
-					$this->dbHandler->setServerStatus($url, TrustedServers::STATUS_OK, $newToken);
-				}
-			} catch (\Exception $ex) {
-				if ($ex->getCode() === Http::STATUS_UNAUTHORIZED) {
-					$this->dbHandler->setServerStatus($url, TrustedServers::STATUS_ACCESS_REVOKED);
-				}
-				$callback($url, $ex);
-			}
-		}
-	}
+            if (is_null($sharedSecret)) {
+                continue;
+            }
+            $targetBookId = $trustedServer['url_hash'];
+            $targetPrincipal = "principals/system/system";
+            $targetBookProperties = [
+                    '{DAV:}displayname' => $url
+            ];
+            try {
+                $newToken = $this->syncService->syncRemoteAddressBook($url, $cardDavUser, $addressBookUrl, $sharedSecret, $syncToken, $targetBookId, $targetPrincipal, $targetBookProperties);
+                if ($newToken !== $syncToken) {
+                    $this->dbHandler->setServerStatus($url, TrustedServers::STATUS_OK, $newToken);
+                }
+            } catch (\Exception $ex) {
+                if ($ex->getCode() === Http::STATUS_UNAUTHORIZED) {
+                    $this->dbHandler->setServerStatus($url, TrustedServers::STATUS_ACCESS_REVOKED);
+                }
+                $callback($url, $ex);
+            }
+        }
+    }
 }

lib/private/Encryption/Keys/Storage.php

Indentation +340 added lines, -340 removed lines

@@ -32,345 +32,345 @@
 
 class Storage implements IStorage {
 
-	// hidden file which indicate that the folder is a valid key storage
-	const KEY_STORAGE_MARKER = '.oc_key_storage';
-
-	/** @var View */
-	private $view;
-
-	/** @var Util */
-	private $util;
-
-	// base dir where all the file related keys are stored
-	/** @var string */
-	private $keys_base_dir;
-
-	// root of the key storage default is empty which means that we use the data folder
-	/** @var string */
-	private $root_dir;
-
-	/** @var string */
-	private $encryption_base_dir;
-
-	/** @var string */
-	private $backup_base_dir;
-
-	/** @var array */
-	private $keyCache = [];
-
-	/**
-	 * @param View $view
-	 * @param Util $util
-	 */
-	public function __construct(View $view, Util $util) {
-		$this->view = $view;
-		$this->util = $util;
-
-		$this->encryption_base_dir = '/files_encryption';
-		$this->keys_base_dir = $this->encryption_base_dir .'/keys';
-		$this->backup_base_dir = $this->encryption_base_dir .'/backup';
-		$this->root_dir = $this->util->getKeyStorageRoot();
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getUserKey($uid, $keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->getKey($path);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getFileKey($path, $keyId, $encryptionModuleId) {
-		$realFile = $this->util->stripPartialFileExtension($path);
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
-		$key = $this->getKey($keyDir . $keyId);
-
-		if ($key === '' && $realFile !== $path) {
-			// Check if the part file has keys and use them, if no normal keys
-			// exist. This is required to fix copyBetweenStorage() when we
-			// rename a .part file over storage borders.
-			$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-			$key = $this->getKey($keyDir . $keyId);
-		}
-
-		return $key;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSystemUserKey($keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->getKey($path);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->setKey($path, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return $this->setKey($keyDir . $keyId, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->setKey($path, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
-		try {
-			$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-			return !$this->view->file_exists($path) || $this->view->unlink($path);
-		} catch (NoUserException $e) {
-			// this exception can come from initMountPoints() from setupUserMounts()
-			// for a deleted user.
-			//
-			// It means, that:
-			// - we are not running in alternative storage mode because we don't call
-			// initMountPoints() in that mode
-			// - the keys were in the user's home but since the user was deleted, the
-			// user's home is gone and so are the keys
-			//
-			// So there is nothing to do, just ignore.
-		}
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteFileKey($path, $keyId, $encryptionModuleId) {
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteAllFileKeys($path) {
-		$keyDir = $this->getFileKeyDir('', $path);
-		return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteSystemUserKey($keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return !$this->view->file_exists($path) || $this->view->unlink($path);
-	}
-
-	/**
-	 * construct path to users key
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $keyId
-	 * @param string $uid
-	 * @return string
-	 */
-	protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
-
-		if ($uid === null) {
-			$path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
-		} else {
-			$path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
-				. $encryptionModuleId . '/' . $uid . '.' . $keyId;
-		}
-
-		return \OC\Files\Filesystem::normalizePath($path);
-	}
-
-	/**
-	 * read key from hard disk
-	 *
-	 * @param string $path to key
-	 * @return string
-	 */
-	private function getKey($path) {
-
-		$key = '';
-
-		if ($this->view->file_exists($path)) {
-			if (isset($this->keyCache[$path])) {
-				$key =  $this->keyCache[$path];
-			} else {
-				$key = $this->view->file_get_contents($path);
-				$this->keyCache[$path] = $key;
-			}
-		}
-
-		return $key;
-	}
-
-	/**
-	 * write key to disk
-	 *
-	 *
-	 * @param string $path path to key directory
-	 * @param string $key key
-	 * @return bool
-	 */
-	private function setKey($path, $key) {
-		$this->keySetPreparation(dirname($path));
-
-		$result = $this->view->file_put_contents($path, $key);
-
-		if (is_int($result) && $result > 0) {
-			$this->keyCache[$path] = $key;
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * get path to key folder for a given file
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $path path to the file, relative to data/
-	 * @return string
-	 */
-	private function getFileKeyDir($encryptionModuleId, $path) {
-
-		list($owner, $filename) = $this->util->getUidAndFilename($path);
-
-		// in case of system wide mount points the keys are stored directly in the data directory
-		if ($this->util->isSystemWideMountPoint($filename, $owner)) {
-			$keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
-		} else {
-			$keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
-		}
-
-		return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
-	}
-
-	/**
-	 * move keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 */
-	public function renameKeys($source, $target) {
-
-		$sourcePath = $this->getPathToKeys($source);
-		$targetPath = $this->getPathToKeys($target);
-
-		if ($this->view->file_exists($sourcePath)) {
-			$this->keySetPreparation(dirname($targetPath));
-			$this->view->rename($sourcePath, $targetPath);
-
-			return true;
-		}
-
-		return false;
-	}
-
-
-	/**
-	 * copy keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 */
-	public function copyKeys($source, $target) {
-
-		$sourcePath = $this->getPathToKeys($source);
-		$targetPath = $this->getPathToKeys($target);
-
-		if ($this->view->file_exists($sourcePath)) {
-			$this->keySetPreparation(dirname($targetPath));
-			$this->view->copy($sourcePath, $targetPath);
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * backup keys of a given encryption module
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $purpose
-	 * @param string $uid
-	 * @return bool
-	 * @since 12.0.0
-	 */
-	public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
-		$source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
-		$backupDir = $uid . $this->backup_base_dir;
-		if (!$this->view->file_exists($backupDir)) {
-			$this->view->mkdir($backupDir);
-		}
-
-		$backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
-		$this->view->mkdir($backupDir);
-
-		return $this->view->copy($source, $backupDir);
-	}
-
-	/**
-	 * get the current timestamp
-	 *
-	 * @return int
-	 */
-	protected function getTimestamp() {
-		return time();
-	}
-
-	/**
-	 * get system wide path and detect mount points
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	protected function getPathToKeys($path) {
-		list($owner, $relativePath) = $this->util->getUidAndFilename($path);
-		$systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
-
-		if ($systemWideMountPoint) {
-			$systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
-		} else {
-			$systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
-		}
-
-		return  Filesystem::normalizePath($systemPath, false);
-	}
-
-	/**
-	 * Make preparations to filesystem for saving a key file
-	 *
-	 * @param string $path relative to the views root
-	 */
-	protected function keySetPreparation($path) {
-		// If the file resides within a subdirectory, create it
-		if (!$this->view->file_exists($path)) {
-			$sub_dirs = explode('/', ltrim($path, '/'));
-			$dir = '';
-			foreach ($sub_dirs as $sub_dir) {
-				$dir .= '/' . $sub_dir;
-				if (!$this->view->is_dir($dir)) {
-					$this->view->mkdir($dir);
-				}
-			}
-		}
-	}
+    // hidden file which indicate that the folder is a valid key storage
+    const KEY_STORAGE_MARKER = '.oc_key_storage';
+
+    /** @var View */
+    private $view;
+
+    /** @var Util */
+    private $util;
+
+    // base dir where all the file related keys are stored
+    /** @var string */
+    private $keys_base_dir;
+
+    // root of the key storage default is empty which means that we use the data folder
+    /** @var string */
+    private $root_dir;
+
+    /** @var string */
+    private $encryption_base_dir;
+
+    /** @var string */
+    private $backup_base_dir;
+
+    /** @var array */
+    private $keyCache = [];
+
+    /**
+     * @param View $view
+     * @param Util $util
+     */
+    public function __construct(View $view, Util $util) {
+        $this->view = $view;
+        $this->util = $util;
+
+        $this->encryption_base_dir = '/files_encryption';
+        $this->keys_base_dir = $this->encryption_base_dir .'/keys';
+        $this->backup_base_dir = $this->encryption_base_dir .'/backup';
+        $this->root_dir = $this->util->getKeyStorageRoot();
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getUserKey($uid, $keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+        return $this->getKey($path);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getFileKey($path, $keyId, $encryptionModuleId) {
+        $realFile = $this->util->stripPartialFileExtension($path);
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
+        $key = $this->getKey($keyDir . $keyId);
+
+        if ($key === '' && $realFile !== $path) {
+            // Check if the part file has keys and use them, if no normal keys
+            // exist. This is required to fix copyBetweenStorage() when we
+            // rename a .part file over storage borders.
+            $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+            $key = $this->getKey($keyDir . $keyId);
+        }
+
+        return $key;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSystemUserKey($keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return $this->getKey($path);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+        return $this->setKey($path, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+        return $this->setKey($keyDir . $keyId, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return $this->setKey($path, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
+        try {
+            $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+            return !$this->view->file_exists($path) || $this->view->unlink($path);
+        } catch (NoUserException $e) {
+            // this exception can come from initMountPoints() from setupUserMounts()
+            // for a deleted user.
+            //
+            // It means, that:
+            // - we are not running in alternative storage mode because we don't call
+            // initMountPoints() in that mode
+            // - the keys were in the user's home but since the user was deleted, the
+            // user's home is gone and so are the keys
+            //
+            // So there is nothing to do, just ignore.
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteFileKey($path, $keyId, $encryptionModuleId) {
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+        return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteAllFileKeys($path) {
+        $keyDir = $this->getFileKeyDir('', $path);
+        return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteSystemUserKey($keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return !$this->view->file_exists($path) || $this->view->unlink($path);
+    }
+
+    /**
+     * construct path to users key
+     *
+     * @param string $encryptionModuleId
+     * @param string $keyId
+     * @param string $uid
+     * @return string
+     */
+    protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
+
+        if ($uid === null) {
+            $path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
+        } else {
+            $path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
+                . $encryptionModuleId . '/' . $uid . '.' . $keyId;
+        }
+
+        return \OC\Files\Filesystem::normalizePath($path);
+    }
+
+    /**
+     * read key from hard disk
+     *
+     * @param string $path to key
+     * @return string
+     */
+    private function getKey($path) {
+
+        $key = '';
+
+        if ($this->view->file_exists($path)) {
+            if (isset($this->keyCache[$path])) {
+                $key =  $this->keyCache[$path];
+            } else {
+                $key = $this->view->file_get_contents($path);
+                $this->keyCache[$path] = $key;
+            }
+        }
+
+        return $key;
+    }
+
+    /**
+     * write key to disk
+     *
+     *
+     * @param string $path path to key directory
+     * @param string $key key
+     * @return bool
+     */
+    private function setKey($path, $key) {
+        $this->keySetPreparation(dirname($path));
+
+        $result = $this->view->file_put_contents($path, $key);
+
+        if (is_int($result) && $result > 0) {
+            $this->keyCache[$path] = $key;
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * get path to key folder for a given file
+     *
+     * @param string $encryptionModuleId
+     * @param string $path path to the file, relative to data/
+     * @return string
+     */
+    private function getFileKeyDir($encryptionModuleId, $path) {
+
+        list($owner, $filename) = $this->util->getUidAndFilename($path);
+
+        // in case of system wide mount points the keys are stored directly in the data directory
+        if ($this->util->isSystemWideMountPoint($filename, $owner)) {
+            $keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
+        } else {
+            $keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
+        }
+
+        return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
+    }
+
+    /**
+     * move keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     */
+    public function renameKeys($source, $target) {
+
+        $sourcePath = $this->getPathToKeys($source);
+        $targetPath = $this->getPathToKeys($target);
+
+        if ($this->view->file_exists($sourcePath)) {
+            $this->keySetPreparation(dirname($targetPath));
+            $this->view->rename($sourcePath, $targetPath);
+
+            return true;
+        }
+
+        return false;
+    }
+
+
+    /**
+     * copy keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     */
+    public function copyKeys($source, $target) {
+
+        $sourcePath = $this->getPathToKeys($source);
+        $targetPath = $this->getPathToKeys($target);
+
+        if ($this->view->file_exists($sourcePath)) {
+            $this->keySetPreparation(dirname($targetPath));
+            $this->view->copy($sourcePath, $targetPath);
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * backup keys of a given encryption module
+     *
+     * @param string $encryptionModuleId
+     * @param string $purpose
+     * @param string $uid
+     * @return bool
+     * @since 12.0.0
+     */
+    public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
+        $source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
+        $backupDir = $uid . $this->backup_base_dir;
+        if (!$this->view->file_exists($backupDir)) {
+            $this->view->mkdir($backupDir);
+        }
+
+        $backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
+        $this->view->mkdir($backupDir);
+
+        return $this->view->copy($source, $backupDir);
+    }
+
+    /**
+     * get the current timestamp
+     *
+     * @return int
+     */
+    protected function getTimestamp() {
+        return time();
+    }
+
+    /**
+     * get system wide path and detect mount points
+     *
+     * @param string $path
+     * @return string
+     */
+    protected function getPathToKeys($path) {
+        list($owner, $relativePath) = $this->util->getUidAndFilename($path);
+        $systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
+
+        if ($systemWideMountPoint) {
+            $systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
+        } else {
+            $systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
+        }
+
+        return  Filesystem::normalizePath($systemPath, false);
+    }
+
+    /**
+     * Make preparations to filesystem for saving a key file
+     *
+     * @param string $path relative to the views root
+     */
+    protected function keySetPreparation($path) {
+        // If the file resides within a subdirectory, create it
+        if (!$this->view->file_exists($path)) {
+            $sub_dirs = explode('/', ltrim($path, '/'));
+            $dir = '';
+            foreach ($sub_dirs as $sub_dir) {
+                $dir .= '/' . $sub_dir;
+                if (!$this->view->is_dir($dir)) {
+                    $this->view->mkdir($dir);
+                }
+            }
+        }
+    }
 
 }

core/Command/Check.php

Indentation +26 added lines, -26 removed lines

@@ -28,35 +28,35 @@
 use Symfony\Component\Console\Output\OutputInterface;
 
 class Check extends Base {
-	/**
-	 * @var SystemConfig
-	 */
-	private $config;
+    /**
+     * @var SystemConfig
+     */
+    private $config;
 
-	public function __construct(SystemConfig $config) {
-		parent::__construct();
-		$this->config = $config;
-	}
+    public function __construct(SystemConfig $config) {
+        parent::__construct();
+        $this->config = $config;
+    }
 
-	protected function configure() {
-		parent::configure();
+    protected function configure() {
+        parent::configure();
 
-		$this
-			->setName('check')
-			->setDescription('check dependencies of the server environment')
-		;
-	}
+        $this
+            ->setName('check')
+            ->setDescription('check dependencies of the server environment')
+        ;
+    }
 
-	protected function execute(InputInterface $input, OutputInterface $output) {
-		$errors = \OC_Util::checkServer($this->config);
-		if (!empty($errors)) {
-			$errors = array_map(function($item) {
-				return (string) $item['error'];
-			}, $errors);
+    protected function execute(InputInterface $input, OutputInterface $output) {
+        $errors = \OC_Util::checkServer($this->config);
+        if (!empty($errors)) {
+            $errors = array_map(function($item) {
+                return (string) $item['error'];
+            }, $errors);
 
-			$this->writeArrayInOutputFormat($input, $output, $errors);
-			return 1;
-		}
-		return 0;
-	}
+            $this->writeArrayInOutputFormat($input, $output, $errors);
+            return 1;
+        }
+        return 0;
+    }
 }

apps/dav/lib/Connector/Sabre/DummyGetResponsePlugin.php

Indentation +25 added lines, -25 removed lines

@@ -39,33 +39,33 @@
  * @package OCA\DAV\Connector\Sabre
  */
 class DummyGetResponsePlugin extends \Sabre\DAV\ServerPlugin {
-	/** @var \Sabre\DAV\Server */
-	protected $server;
+    /** @var \Sabre\DAV\Server */
+    protected $server;
 
-	/**
-	 * @param \Sabre\DAV\Server $server
-	 * @return void
-	 */
-	function initialize(\Sabre\DAV\Server $server) {
-		$this->server = $server;
-		$this->server->on('method:GET', [$this, 'httpGet'], 200);
-	}
+    /**
+     * @param \Sabre\DAV\Server $server
+     * @return void
+     */
+    function initialize(\Sabre\DAV\Server $server) {
+        $this->server = $server;
+        $this->server->on('method:GET', [$this, 'httpGet'], 200);
+    }
 
-	/**
-	 * @param RequestInterface $request
-	 * @param ResponseInterface $response
-	 * @return false
-	 */
-	function httpGet(RequestInterface $request, ResponseInterface $response) {
-		$string = 'This is the WebDAV interface. It can only be accessed by ' .
-			'WebDAV clients such as the Nextcloud desktop sync client.';
-		$stream = fopen('php://memory','r+');
-		fwrite($stream, $string);
-		rewind($stream);
+    /**
+     * @param RequestInterface $request
+     * @param ResponseInterface $response
+     * @return false
+     */
+    function httpGet(RequestInterface $request, ResponseInterface $response) {
+        $string = 'This is the WebDAV interface. It can only be accessed by ' .
+            'WebDAV clients such as the Nextcloud desktop sync client.';
+        $stream = fopen('php://memory','r+');
+        fwrite($stream, $string);
+        rewind($stream);
 
-		$response->setStatus(200);
-		$response->setBody($stream);
+        $response->setStatus(200);
+        $response->setBody($stream);
 
-		return false;
-	}
+        return false;
+    }
 }

lib/private/Migration/ConsoleOutput.php

Indentation +46 added lines, -46 removed lines

@@ -37,57 +37,57 @@
  */
 class ConsoleOutput implements IOutput {
 
-	/** @var OutputInterface */
-	private $output;
+    /** @var OutputInterface */
+    private $output;
 
-	/** @var ProgressBar */
-	private $progressBar;
+    /** @var ProgressBar */
+    private $progressBar;
 
-	public function __construct(OutputInterface $output) {
-		$this->output = $output;
-	}
+    public function __construct(OutputInterface $output) {
+        $this->output = $output;
+    }
 
-	/**
-	 * @param string $message
-	 */
-	public function info($message) {
-		$this->output->writeln("<info>$message</info>");
-	}
+    /**
+     * @param string $message
+     */
+    public function info($message) {
+        $this->output->writeln("<info>$message</info>");
+    }
 
-	/**
-	 * @param string $message
-	 */
-	public function warning($message) {
-		$this->output->writeln("<comment>$message</comment>");
-	}
+    /**
+     * @param string $message
+     */
+    public function warning($message) {
+        $this->output->writeln("<comment>$message</comment>");
+    }
 
-	/**
-	 * @param int $max
-	 */
-	public function startProgress($max = 0) {
-		if (!is_null($this->progressBar)) {
-			$this->progressBar->finish();
-		}
-		$this->progressBar = new ProgressBar($this->output);
-		$this->progressBar->start($max);
-	}
+    /**
+     * @param int $max
+     */
+    public function startProgress($max = 0) {
+        if (!is_null($this->progressBar)) {
+            $this->progressBar->finish();
+        }
+        $this->progressBar = new ProgressBar($this->output);
+        $this->progressBar->start($max);
+    }
 
-	/**
-	 * @param int $step
-	 * @param string $description
-	 */
-	public function advance($step = 1, $description = '') {
-		if (!is_null($this->progressBar)) {
-			$this->progressBar = new ProgressBar($this->output);
-			$this->progressBar->start();
-		}
-		$this->progressBar->advance($step);
-	}
+    /**
+     * @param int $step
+     * @param string $description
+     */
+    public function advance($step = 1, $description = '') {
+        if (!is_null($this->progressBar)) {
+            $this->progressBar = new ProgressBar($this->output);
+            $this->progressBar->start();
+        }
+        $this->progressBar->advance($step);
+    }
 
-	public function finishProgress() {
-		if (is_null($this->progressBar)) {
-			return;
-		}
-		$this->progressBar->finish();
-	}
+    public function finishProgress() {
+        if (is_null($this->progressBar)) {
+            return;
+        }
+        $this->progressBar->finish();
+    }
 }

core/Command/Encryption/EncryptAll.php

Indentation +97 added lines, -97 removed lines

@@ -34,102 +34,102 @@
 
 class EncryptAll extends Command {
 
-	/** @var IManager */
-	protected $encryptionManager;
-
-	/** @var  IAppManager */
-	protected $appManager;
-
-	/** @var IConfig */
-	protected $config;
-
-	/** @var  QuestionHelper */
-	protected $questionHelper;
-
-	/** @var bool */
-	protected $wasTrashbinEnabled;
-
-	/** @var  bool */
-	protected $wasMaintenanceModeEnabled;
-
-	/**
-	 * @param IManager $encryptionManager
-	 * @param IAppManager $appManager
-	 * @param IConfig $config
-	 * @param QuestionHelper $questionHelper
-	 */
-	public function __construct(
-		IManager $encryptionManager,
-		IAppManager $appManager,
-		IConfig $config,
-		QuestionHelper $questionHelper
-	) {
-		parent::__construct();
-		$this->appManager = $appManager;
-		$this->encryptionManager = $encryptionManager;
-		$this->config = $config;
-		$this->questionHelper = $questionHelper;
-	}
-
-	/**
-	 * Set maintenance mode and disable the trashbin app
-	 */
-	protected function forceMaintenanceAndTrashbin() {
-		$this->wasTrashbinEnabled = $this->appManager->isEnabledForUser('files_trashbin');
-		$this->wasMaintenanceModeEnabled = $this->config->getSystemValue('maintenance', false);
-		$this->config->setSystemValue('maintenance', true);
-		$this->appManager->disableApp('files_trashbin');
-	}
-
-	/**
-	 * Reset the maintenance mode and re-enable the trashbin app
-	 */
-	protected function resetMaintenanceAndTrashbin() {
-		$this->config->setSystemValue('maintenance', $this->wasMaintenanceModeEnabled);
-		if ($this->wasTrashbinEnabled) {
-			$this->appManager->enableApp('files_trashbin');
-		}
-	}
-
-	protected function configure() {
-		parent::configure();
-
-		$this->setName('encryption:encrypt-all');
-		$this->setDescription('Encrypt all files for all users');
-		$this->setHelp(
-			'This will encrypt all files for all users. '
-			. 'Please make sure that no user access his files during this process!'
-		);
-	}
-
-	protected function execute(InputInterface $input, OutputInterface $output) {
-
-		if ($this->encryptionManager->isEnabled() === false) {
-			throw new \Exception('Server side encryption is not enabled');
-		}
-
-		$output->writeln("\n");
-		$output->writeln('You are about to encrypt all files stored in your Nextcloud installation.');
-		$output->writeln('Depending on the number of available files, and their size, this may take quite some time.');
-		$output->writeln('Please ensure that no user accesses their files during this time!');
-		$output->writeln('Note: The encryption module you use determines which files get encrypted.');
-		$output->writeln('');
-		$question = new ConfirmationQuestion('Do you really want to continue? (y/n) ', false);
-		if ($this->questionHelper->ask($input, $output, $question)) {
-			$this->forceMaintenanceAndTrashbin();
-
-			try {
-				$defaultModule = $this->encryptionManager->getEncryptionModule();
-				$defaultModule->encryptAll($input, $output);
-			} catch (\Exception $ex) {
-				$this->resetMaintenanceAndTrashbin();
-				throw $ex;
-			}
-
-			$this->resetMaintenanceAndTrashbin();
-		} else {
-			$output->writeln('aborted');
-		}
-	}
+    /** @var IManager */
+    protected $encryptionManager;
+
+    /** @var  IAppManager */
+    protected $appManager;
+
+    /** @var IConfig */
+    protected $config;
+
+    /** @var  QuestionHelper */
+    protected $questionHelper;
+
+    /** @var bool */
+    protected $wasTrashbinEnabled;
+
+    /** @var  bool */
+    protected $wasMaintenanceModeEnabled;
+
+    /**
+     * @param IManager $encryptionManager
+     * @param IAppManager $appManager
+     * @param IConfig $config
+     * @param QuestionHelper $questionHelper
+     */
+    public function __construct(
+        IManager $encryptionManager,
+        IAppManager $appManager,
+        IConfig $config,
+        QuestionHelper $questionHelper
+    ) {
+        parent::__construct();
+        $this->appManager = $appManager;
+        $this->encryptionManager = $encryptionManager;
+        $this->config = $config;
+        $this->questionHelper = $questionHelper;
+    }
+
+    /**
+     * Set maintenance mode and disable the trashbin app
+     */
+    protected function forceMaintenanceAndTrashbin() {
+        $this->wasTrashbinEnabled = $this->appManager->isEnabledForUser('files_trashbin');
+        $this->wasMaintenanceModeEnabled = $this->config->getSystemValue('maintenance', false);
+        $this->config->setSystemValue('maintenance', true);
+        $this->appManager->disableApp('files_trashbin');
+    }
+
+    /**
+     * Reset the maintenance mode and re-enable the trashbin app
+     */
+    protected function resetMaintenanceAndTrashbin() {
+        $this->config->setSystemValue('maintenance', $this->wasMaintenanceModeEnabled);
+        if ($this->wasTrashbinEnabled) {
+            $this->appManager->enableApp('files_trashbin');
+        }
+    }
+
+    protected function configure() {
+        parent::configure();
+
+        $this->setName('encryption:encrypt-all');
+        $this->setDescription('Encrypt all files for all users');
+        $this->setHelp(
+            'This will encrypt all files for all users. '
+            . 'Please make sure that no user access his files during this process!'
+        );
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output) {
+
+        if ($this->encryptionManager->isEnabled() === false) {
+            throw new \Exception('Server side encryption is not enabled');
+        }
+
+        $output->writeln("\n");
+        $output->writeln('You are about to encrypt all files stored in your Nextcloud installation.');
+        $output->writeln('Depending on the number of available files, and their size, this may take quite some time.');
+        $output->writeln('Please ensure that no user accesses their files during this time!');
+        $output->writeln('Note: The encryption module you use determines which files get encrypted.');
+        $output->writeln('');
+        $question = new ConfirmationQuestion('Do you really want to continue? (y/n) ', false);
+        if ($this->questionHelper->ask($input, $output, $question)) {
+            $this->forceMaintenanceAndTrashbin();
+
+            try {
+                $defaultModule = $this->encryptionManager->getEncryptionModule();
+                $defaultModule->encryptAll($input, $output);
+            } catch (\Exception $ex) {
+                $this->resetMaintenanceAndTrashbin();
+                throw $ex;
+            }
+
+            $this->resetMaintenanceAndTrashbin();
+        } else {
+            $output->writeln('aborted');
+        }
+    }
 
 }

core/Command/User/ResetPassword.php

Indentation +94 added lines, -94 removed lines

@@ -39,98 +39,98 @@
 
 class ResetPassword extends Command {
 
-	/** @var IUserManager */
-	protected $userManager;
-
-	public function __construct(IUserManager $userManager) {
-		$this->userManager = $userManager;
-		parent::__construct();
-	}
-
-	protected function configure() {
-		$this
-			->setName('user:resetpassword')
-			->setDescription('Resets the password of the named user')
-			->addArgument(
-				'user',
-				InputArgument::REQUIRED,
-				'Username to reset password'
-			)
-			->addOption(
-				'password-from-env',
-				null,
-				InputOption::VALUE_NONE,
-				'read password from environment variable OC_PASS'
-			)
-		;
-	}
-
-	protected function execute(InputInterface $input, OutputInterface $output) {
-		$username = $input->getArgument('user');
-
-		/** @var $user \OCP\IUser */
-		$user = $this->userManager->get($username);
-		if (is_null($user)) {
-			$output->writeln('<error>User does not exist</error>');
-			return 1;
-		}
-
-		if ($input->getOption('password-from-env')) {
-			$password = getenv('OC_PASS');
-			if (!$password) {
-				$output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>');
-				return 1;
-			}
-		} elseif ($input->isInteractive()) {
-			/** @var QuestionHelper $helper */
-			$helper = $this->getHelper('question');
-
-			if (\OCP\App::isEnabled('encryption')) {
-				$output->writeln(
-					'<error>Warning: Resetting the password when using encryption will result in data loss!</error>'
-				);
-
-				$question = new ConfirmationQuestion('Do you want to continue?');
-				if (!$helper->ask($input, $output, $question)) {
-					return 1;
-				}
-			}
-
-			$question = new Question('Enter a new password: ');
-			$question->setHidden(true);
-			$password = $helper->ask($input, $output, $question);
-
-			if ($password === null) {
-				$output->writeln("<error>Password cannot be empty!</error>");
-				return 1;
-			}
-
-			$question = new Question('Confirm the new password: ');
-			$question->setHidden(true);
-			$confirm = $helper->ask($input, $output, $question);
-
-			if ($password !== $confirm) {
-				$output->writeln("<error>Passwords did not match!</error>");
-				return 1;
-			}
-		} else {
-			$output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>");
-			return 1;
-		}
-
-
-		try {
-			$success = $user->setPassword($password);
-		} catch (\Exception $e) {
-			$output->writeln('<error>' . $e->getMessage() . '</error>');
-			return 1;
-		}
-
-		if ($success) {
-			$output->writeln("<info>Successfully reset password for " . $username . "</info>");
-		} else {
-			$output->writeln("<error>Error while resetting password!</error>");
-			return 1;
-		}
-	}
+    /** @var IUserManager */
+    protected $userManager;
+
+    public function __construct(IUserManager $userManager) {
+        $this->userManager = $userManager;
+        parent::__construct();
+    }
+
+    protected function configure() {
+        $this
+            ->setName('user:resetpassword')
+            ->setDescription('Resets the password of the named user')
+            ->addArgument(
+                'user',
+                InputArgument::REQUIRED,
+                'Username to reset password'
+            )
+            ->addOption(
+                'password-from-env',
+                null,
+                InputOption::VALUE_NONE,
+                'read password from environment variable OC_PASS'
+            )
+        ;
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output) {
+        $username = $input->getArgument('user');
+
+        /** @var $user \OCP\IUser */
+        $user = $this->userManager->get($username);
+        if (is_null($user)) {
+            $output->writeln('<error>User does not exist</error>');
+            return 1;
+        }
+
+        if ($input->getOption('password-from-env')) {
+            $password = getenv('OC_PASS');
+            if (!$password) {
+                $output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>');
+                return 1;
+            }
+        } elseif ($input->isInteractive()) {
+            /** @var QuestionHelper $helper */
+            $helper = $this->getHelper('question');
+
+            if (\OCP\App::isEnabled('encryption')) {
+                $output->writeln(
+                    '<error>Warning: Resetting the password when using encryption will result in data loss!</error>'
+                );
+
+                $question = new ConfirmationQuestion('Do you want to continue?');
+                if (!$helper->ask($input, $output, $question)) {
+                    return 1;
+                }
+            }
+
+            $question = new Question('Enter a new password: ');
+            $question->setHidden(true);
+            $password = $helper->ask($input, $output, $question);
+
+            if ($password === null) {
+                $output->writeln("<error>Password cannot be empty!</error>");
+                return 1;
+            }
+
+            $question = new Question('Confirm the new password: ');
+            $question->setHidden(true);
+            $confirm = $helper->ask($input, $output, $question);
+
+            if ($password !== $confirm) {
+                $output->writeln("<error>Passwords did not match!</error>");
+                return 1;
+            }
+        } else {
+            $output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>");
+            return 1;
+        }
+
+
+        try {
+            $success = $user->setPassword($password);
+        } catch (\Exception $e) {
+            $output->writeln('<error>' . $e->getMessage() . '</error>');
+            return 1;
+        }
+
+        if ($success) {
+            $output->writeln("<info>Successfully reset password for " . $username . "</info>");
+        } else {
+            $output->writeln("<error>Error while resetting password!</error>");
+            return 1;
+        }
+    }
 }