nextcloud /
server
@@ -30,48 +30,48 @@ |
||
| 30 | 30 | */ |
| 31 | 31 | abstract class ACreateEmpty { |
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * Unique id for the creator to filter templates |
|
| 35 | - * |
|
| 36 | - * e.g. document/spreadsheet/presentation |
|
| 37 | - * |
|
| 38 | - * @since 18.0.0 |
|
| 39 | - * @return string |
|
| 40 | - */ |
|
| 41 | - abstract public function getId(): string; |
|
| 33 | + /** |
|
| 34 | + * Unique id for the creator to filter templates |
|
| 35 | + * |
|
| 36 | + * e.g. document/spreadsheet/presentation |
|
| 37 | + * |
|
| 38 | + * @since 18.0.0 |
|
| 39 | + * @return string |
|
| 40 | + */ |
|
| 41 | + abstract public function getId(): string; |
|
| 42 | 42 | |
| 43 | - /** |
|
| 44 | - * Descriptive name for the create action |
|
| 45 | - * |
|
| 46 | - * e.g Create a new document |
|
| 47 | - * |
|
| 48 | - * @since 18.0.0 |
|
| 49 | - * @return string |
|
| 50 | - */ |
|
| 51 | - abstract public function getName(): string; |
|
| 43 | + /** |
|
| 44 | + * Descriptive name for the create action |
|
| 45 | + * |
|
| 46 | + * e.g Create a new document |
|
| 47 | + * |
|
| 48 | + * @since 18.0.0 |
|
| 49 | + * @return string |
|
| 50 | + */ |
|
| 51 | + abstract public function getName(): string; |
|
| 52 | 52 | |
| 53 | - /** |
|
| 54 | - * Default file extension for the new file |
|
| 55 | - * |
|
| 56 | - * @since 18.0.0 |
|
| 57 | - * @return string |
|
| 58 | - */ |
|
| 59 | - abstract public function getExtension(): string; |
|
| 53 | + /** |
|
| 54 | + * Default file extension for the new file |
|
| 55 | + * |
|
| 56 | + * @since 18.0.0 |
|
| 57 | + * @return string |
|
| 58 | + */ |
|
| 59 | + abstract public function getExtension(): string; |
|
| 60 | 60 | |
| 61 | - /** |
|
| 62 | - * Mimetype of the resulting created file |
|
| 63 | - * |
|
| 64 | - * @since 18.0.0 |
|
| 65 | - * @return string |
|
| 66 | - */ |
|
| 67 | - abstract public function getMimetype(): string; |
|
| 61 | + /** |
|
| 62 | + * Mimetype of the resulting created file |
|
| 63 | + * |
|
| 64 | + * @since 18.0.0 |
|
| 65 | + * @return string |
|
| 66 | + */ |
|
| 67 | + abstract public function getMimetype(): string; |
|
| 68 | 68 | |
| 69 | - /** |
|
| 70 | - * Add content when creating empty files |
|
| 71 | - * |
|
| 72 | - * @since 18.0.0 |
|
| 73 | - * @param File $file |
|
| 74 | - */ |
|
| 75 | - public function create(File $file, string $creatorId = null, string $templateId = null): void { |
|
| 76 | - } |
|
| 69 | + /** |
|
| 70 | + * Add content when creating empty files |
|
| 71 | + * |
|
| 72 | + * @since 18.0.0 |
|
| 73 | + * @param File $file |
|
| 74 | + */ |
|
| 75 | + public function create(File $file, string $creatorId = null, string $templateId = null): void { |
|
| 76 | + } |
|
| 77 | 77 | } |
@@ -33,27 +33,27 @@ |
||
| 33 | 33 | * @since 7.0.0 |
| 34 | 34 | */ |
| 35 | 35 | class RedirectResponse extends Response { |
| 36 | - private $redirectURL; |
|
| 36 | + private $redirectURL; |
|
| 37 | 37 | |
| 38 | - /** |
|
| 39 | - * Creates a response that redirects to a url |
|
| 40 | - * @param string $redirectURL the url to redirect to |
|
| 41 | - * @since 7.0.0 |
|
| 42 | - */ |
|
| 43 | - public function __construct($redirectURL) { |
|
| 44 | - parent::__construct(); |
|
| 38 | + /** |
|
| 39 | + * Creates a response that redirects to a url |
|
| 40 | + * @param string $redirectURL the url to redirect to |
|
| 41 | + * @since 7.0.0 |
|
| 42 | + */ |
|
| 43 | + public function __construct($redirectURL) { |
|
| 44 | + parent::__construct(); |
|
| 45 | 45 | |
| 46 | - $this->redirectURL = $redirectURL; |
|
| 47 | - $this->setStatus(Http::STATUS_SEE_OTHER); |
|
| 48 | - $this->addHeader('Location', $redirectURL); |
|
| 49 | - } |
|
| 46 | + $this->redirectURL = $redirectURL; |
|
| 47 | + $this->setStatus(Http::STATUS_SEE_OTHER); |
|
| 48 | + $this->addHeader('Location', $redirectURL); |
|
| 49 | + } |
|
| 50 | 50 | |
| 51 | 51 | |
| 52 | - /** |
|
| 53 | - * @return string the url to redirect |
|
| 54 | - * @since 7.0.0 |
|
| 55 | - */ |
|
| 56 | - public function getRedirectURL() { |
|
| 57 | - return $this->redirectURL; |
|
| 58 | - } |
|
| 52 | + /** |
|
| 53 | + * @return string the url to redirect |
|
| 54 | + * @since 7.0.0 |
|
| 55 | + */ |
|
| 56 | + public function getRedirectURL() { |
|
| 57 | + return $this->redirectURL; |
|
| 58 | + } |
|
| 59 | 59 | } |
@@ -34,57 +34,57 @@ |
||
| 34 | 34 | * @package OC\IntegrityCheck\Helpers |
| 35 | 35 | */ |
| 36 | 36 | class FileAccessHelper { |
| 37 | - /** |
|
| 38 | - * Wrapper around file_get_contents($filename, $data) |
|
| 39 | - * |
|
| 40 | - * @param string $filename |
|
| 41 | - * @return string|false |
|
| 42 | - */ |
|
| 43 | - public function file_get_contents(string $filename) { |
|
| 44 | - return file_get_contents($filename); |
|
| 45 | - } |
|
| 37 | + /** |
|
| 38 | + * Wrapper around file_get_contents($filename, $data) |
|
| 39 | + * |
|
| 40 | + * @param string $filename |
|
| 41 | + * @return string|false |
|
| 42 | + */ |
|
| 43 | + public function file_get_contents(string $filename) { |
|
| 44 | + return file_get_contents($filename); |
|
| 45 | + } |
|
| 46 | 46 | |
| 47 | - /** |
|
| 48 | - * Wrapper around file_exists($filename) |
|
| 49 | - * |
|
| 50 | - * @param string $filename |
|
| 51 | - * @return bool |
|
| 52 | - */ |
|
| 53 | - public function file_exists(string $filename): bool { |
|
| 54 | - return file_exists($filename); |
|
| 55 | - } |
|
| 47 | + /** |
|
| 48 | + * Wrapper around file_exists($filename) |
|
| 49 | + * |
|
| 50 | + * @param string $filename |
|
| 51 | + * @return bool |
|
| 52 | + */ |
|
| 53 | + public function file_exists(string $filename): bool { |
|
| 54 | + return file_exists($filename); |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - /** |
|
| 58 | - * Wrapper around file_put_contents($filename, $data) |
|
| 59 | - * |
|
| 60 | - * @param string $filename |
|
| 61 | - * @param string $data |
|
| 62 | - * @return int |
|
| 63 | - * @throws \Exception |
|
| 64 | - */ |
|
| 65 | - public function file_put_contents(string $filename, string $data): int { |
|
| 66 | - $bytesWritten = @file_put_contents($filename, $data); |
|
| 67 | - if ($bytesWritten === false || $bytesWritten !== \strlen($data)) { |
|
| 68 | - throw new \Exception('Failed to write into ' . $filename); |
|
| 69 | - } |
|
| 70 | - return $bytesWritten; |
|
| 71 | - } |
|
| 57 | + /** |
|
| 58 | + * Wrapper around file_put_contents($filename, $data) |
|
| 59 | + * |
|
| 60 | + * @param string $filename |
|
| 61 | + * @param string $data |
|
| 62 | + * @return int |
|
| 63 | + * @throws \Exception |
|
| 64 | + */ |
|
| 65 | + public function file_put_contents(string $filename, string $data): int { |
|
| 66 | + $bytesWritten = @file_put_contents($filename, $data); |
|
| 67 | + if ($bytesWritten === false || $bytesWritten !== \strlen($data)) { |
|
| 68 | + throw new \Exception('Failed to write into ' . $filename); |
|
| 69 | + } |
|
| 70 | + return $bytesWritten; |
|
| 71 | + } |
|
| 72 | 72 | |
| 73 | - /** |
|
| 74 | - * @param string $path |
|
| 75 | - * @return bool |
|
| 76 | - */ |
|
| 77 | - public function is_writable(string $path): bool { |
|
| 78 | - return is_writable($path); |
|
| 79 | - } |
|
| 73 | + /** |
|
| 74 | + * @param string $path |
|
| 75 | + * @return bool |
|
| 76 | + */ |
|
| 77 | + public function is_writable(string $path): bool { |
|
| 78 | + return is_writable($path); |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | - /** |
|
| 82 | - * @param string $path |
|
| 83 | - * @throws \Exception |
|
| 84 | - */ |
|
| 85 | - public function assertDirectoryExists(string $path) { |
|
| 86 | - if (!is_dir($path)) { |
|
| 87 | - throw new \Exception('Directory ' . $path . ' does not exist.'); |
|
| 88 | - } |
|
| 89 | - } |
|
| 81 | + /** |
|
| 82 | + * @param string $path |
|
| 83 | + * @throws \Exception |
|
| 84 | + */ |
|
| 85 | + public function assertDirectoryExists(string $path) { |
|
| 86 | + if (!is_dir($path)) { |
|
| 87 | + throw new \Exception('Directory ' . $path . ' does not exist.'); |
|
| 88 | + } |
|
| 89 | + } |
|
| 90 | 90 | } |
@@ -34,27 +34,27 @@ |
||
| 34 | 34 | * @package OC\IntegrityCheck\Helpers |
| 35 | 35 | */ |
| 36 | 36 | class AppLocator { |
| 37 | - /** |
|
| 38 | - * Provides \OC_App::getAppPath($appId) |
|
| 39 | - * |
|
| 40 | - * @param string $appId |
|
| 41 | - * @return string |
|
| 42 | - * @throws \Exception If the app cannot be found |
|
| 43 | - */ |
|
| 44 | - public function getAppPath(string $appId): string { |
|
| 45 | - $path = \OC_App::getAppPath($appId); |
|
| 46 | - if ($path === false) { |
|
| 47 | - throw new \Exception('App not found'); |
|
| 48 | - } |
|
| 49 | - return $path; |
|
| 50 | - } |
|
| 37 | + /** |
|
| 38 | + * Provides \OC_App::getAppPath($appId) |
|
| 39 | + * |
|
| 40 | + * @param string $appId |
|
| 41 | + * @return string |
|
| 42 | + * @throws \Exception If the app cannot be found |
|
| 43 | + */ |
|
| 44 | + public function getAppPath(string $appId): string { |
|
| 45 | + $path = \OC_App::getAppPath($appId); |
|
| 46 | + if ($path === false) { |
|
| 47 | + throw new \Exception('App not found'); |
|
| 48 | + } |
|
| 49 | + return $path; |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - /** |
|
| 53 | - * Providers \OC_App::getAllApps() |
|
| 54 | - * |
|
| 55 | - * @return array |
|
| 56 | - */ |
|
| 57 | - public function getAllApps(): array { |
|
| 58 | - return \OC_App::getAllApps(); |
|
| 59 | - } |
|
| 52 | + /** |
|
| 53 | + * Providers \OC_App::getAllApps() |
|
| 54 | + * |
|
| 55 | + * @return array |
|
| 56 | + */ |
|
| 57 | + public function getAllApps(): array { |
|
| 58 | + return \OC_App::getAllApps(); |
|
| 59 | + } |
|
| 60 | 60 | } |
@@ -39,259 +39,259 @@ |
||
| 39 | 39 | |
| 40 | 40 | class DecryptAll { |
| 41 | 41 | |
| 42 | - /** @var OutputInterface */ |
|
| 43 | - protected $output; |
|
| 44 | - |
|
| 45 | - /** @var InputInterface */ |
|
| 46 | - protected $input; |
|
| 47 | - |
|
| 48 | - /** @var Manager */ |
|
| 49 | - protected $encryptionManager; |
|
| 50 | - |
|
| 51 | - /** @var IUserManager */ |
|
| 52 | - protected $userManager; |
|
| 53 | - |
|
| 54 | - /** @var View */ |
|
| 55 | - protected $rootView; |
|
| 56 | - |
|
| 57 | - /** @var array files which couldn't be decrypted */ |
|
| 58 | - protected $failed; |
|
| 59 | - |
|
| 60 | - /** |
|
| 61 | - * @param Manager $encryptionManager |
|
| 62 | - * @param IUserManager $userManager |
|
| 63 | - * @param View $rootView |
|
| 64 | - */ |
|
| 65 | - public function __construct( |
|
| 66 | - Manager $encryptionManager, |
|
| 67 | - IUserManager $userManager, |
|
| 68 | - View $rootView |
|
| 69 | - ) { |
|
| 70 | - $this->encryptionManager = $encryptionManager; |
|
| 71 | - $this->userManager = $userManager; |
|
| 72 | - $this->rootView = $rootView; |
|
| 73 | - $this->failed = []; |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * start to decrypt all files |
|
| 78 | - * |
|
| 79 | - * @param InputInterface $input |
|
| 80 | - * @param OutputInterface $output |
|
| 81 | - * @param string $user which users data folder should be decrypted, default = all users |
|
| 82 | - * @return bool |
|
| 83 | - * @throws \Exception |
|
| 84 | - */ |
|
| 85 | - public function decryptAll(InputInterface $input, OutputInterface $output, $user = '') { |
|
| 86 | - $this->input = $input; |
|
| 87 | - $this->output = $output; |
|
| 88 | - |
|
| 89 | - if ($user !== '' && $this->userManager->userExists($user) === false) { |
|
| 90 | - $this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again'); |
|
| 91 | - return false; |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - $this->output->writeln('prepare encryption modules...'); |
|
| 95 | - if ($this->prepareEncryptionModules($user) === false) { |
|
| 96 | - return false; |
|
| 97 | - } |
|
| 98 | - $this->output->writeln(' done.'); |
|
| 99 | - |
|
| 100 | - $this->decryptAllUsersFiles($user); |
|
| 101 | - |
|
| 102 | - if (empty($this->failed)) { |
|
| 103 | - $this->output->writeln('all files could be decrypted successfully!'); |
|
| 104 | - } else { |
|
| 105 | - $this->output->writeln('Files for following users couldn\'t be decrypted, '); |
|
| 106 | - $this->output->writeln('maybe the user is not set up in a way that supports this operation: '); |
|
| 107 | - foreach ($this->failed as $uid => $paths) { |
|
| 108 | - $this->output->writeln(' ' . $uid); |
|
| 109 | - foreach ($paths as $path) { |
|
| 110 | - $this->output->writeln(' ' . $path); |
|
| 111 | - } |
|
| 112 | - } |
|
| 113 | - $this->output->writeln(''); |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - return true; |
|
| 117 | - } |
|
| 118 | - |
|
| 119 | - /** |
|
| 120 | - * prepare encryption modules to perform the decrypt all function |
|
| 121 | - * |
|
| 122 | - * @param $user |
|
| 123 | - * @return bool |
|
| 124 | - */ |
|
| 125 | - protected function prepareEncryptionModules($user) { |
|
| 126 | - // prepare all encryption modules for decrypt all |
|
| 127 | - $encryptionModules = $this->encryptionManager->getEncryptionModules(); |
|
| 128 | - foreach ($encryptionModules as $moduleDesc) { |
|
| 129 | - /** @var IEncryptionModule $module */ |
|
| 130 | - $module = call_user_func($moduleDesc['callback']); |
|
| 131 | - $this->output->writeln(''); |
|
| 132 | - $this->output->writeln('Prepare "' . $module->getDisplayName() . '"'); |
|
| 133 | - $this->output->writeln(''); |
|
| 134 | - if ($module->prepareDecryptAll($this->input, $this->output, $user) === false) { |
|
| 135 | - $this->output->writeln('Module "' . $moduleDesc['displayName'] . '" does not support the functionality to decrypt all files again or the initialization of the module failed!'); |
|
| 136 | - return false; |
|
| 137 | - } |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - return true; |
|
| 141 | - } |
|
| 142 | - |
|
| 143 | - /** |
|
| 144 | - * iterate over all user and encrypt their files |
|
| 145 | - * |
|
| 146 | - * @param string $user which users files should be decrypted, default = all users |
|
| 147 | - */ |
|
| 148 | - protected function decryptAllUsersFiles($user = '') { |
|
| 149 | - $this->output->writeln("\n"); |
|
| 150 | - |
|
| 151 | - $userList = []; |
|
| 152 | - if ($user === '') { |
|
| 153 | - $fetchUsersProgress = new ProgressBar($this->output); |
|
| 154 | - $fetchUsersProgress->setFormat(" %message% \n [%bar%]"); |
|
| 155 | - $fetchUsersProgress->start(); |
|
| 156 | - $fetchUsersProgress->setMessage("Fetch list of users..."); |
|
| 157 | - $fetchUsersProgress->advance(); |
|
| 158 | - |
|
| 159 | - foreach ($this->userManager->getBackends() as $backend) { |
|
| 160 | - $limit = 500; |
|
| 161 | - $offset = 0; |
|
| 162 | - do { |
|
| 163 | - $users = $backend->getUsers('', $limit, $offset); |
|
| 164 | - foreach ($users as $user) { |
|
| 165 | - $userList[] = $user; |
|
| 166 | - } |
|
| 167 | - $offset += $limit; |
|
| 168 | - $fetchUsersProgress->advance(); |
|
| 169 | - } while (count($users) >= $limit); |
|
| 170 | - $fetchUsersProgress->setMessage("Fetch list of users... finished"); |
|
| 171 | - $fetchUsersProgress->finish(); |
|
| 172 | - } |
|
| 173 | - } else { |
|
| 174 | - $userList[] = $user; |
|
| 175 | - } |
|
| 176 | - |
|
| 177 | - $this->output->writeln("\n\n"); |
|
| 178 | - |
|
| 179 | - $progress = new ProgressBar($this->output); |
|
| 180 | - $progress->setFormat(" %message% \n [%bar%]"); |
|
| 181 | - $progress->start(); |
|
| 182 | - $progress->setMessage("starting to decrypt files..."); |
|
| 183 | - $progress->advance(); |
|
| 184 | - |
|
| 185 | - $numberOfUsers = count($userList); |
|
| 186 | - $userNo = 1; |
|
| 187 | - foreach ($userList as $uid) { |
|
| 188 | - $userCount = "$uid ($userNo of $numberOfUsers)"; |
|
| 189 | - $this->decryptUsersFiles($uid, $progress, $userCount); |
|
| 190 | - $userNo++; |
|
| 191 | - } |
|
| 192 | - |
|
| 193 | - $progress->setMessage("starting to decrypt files... finished"); |
|
| 194 | - $progress->finish(); |
|
| 195 | - |
|
| 196 | - $this->output->writeln("\n\n"); |
|
| 197 | - } |
|
| 198 | - |
|
| 199 | - /** |
|
| 200 | - * encrypt files from the given user |
|
| 201 | - * |
|
| 202 | - * @param string $uid |
|
| 203 | - * @param ProgressBar $progress |
|
| 204 | - * @param string $userCount |
|
| 205 | - */ |
|
| 206 | - protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) { |
|
| 207 | - $this->setupUserFS($uid); |
|
| 208 | - $directories = []; |
|
| 209 | - $directories[] = '/' . $uid . '/files'; |
|
| 210 | - |
|
| 211 | - while ($root = array_pop($directories)) { |
|
| 212 | - $content = $this->rootView->getDirectoryContent($root); |
|
| 213 | - foreach ($content as $file) { |
|
| 214 | - // only decrypt files owned by the user |
|
| 215 | - if ($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) { |
|
| 216 | - continue; |
|
| 217 | - } |
|
| 218 | - $path = $root . '/' . $file['name']; |
|
| 219 | - if ($this->rootView->is_dir($path)) { |
|
| 220 | - $directories[] = $path; |
|
| 221 | - continue; |
|
| 222 | - } else { |
|
| 223 | - try { |
|
| 224 | - $progress->setMessage("decrypt files for user $userCount: $path"); |
|
| 225 | - $progress->advance(); |
|
| 226 | - if ($file->isEncrypted() === false) { |
|
| 227 | - $progress->setMessage("decrypt files for user $userCount: $path (already decrypted)"); |
|
| 228 | - $progress->advance(); |
|
| 229 | - } else { |
|
| 230 | - if ($this->decryptFile($path) === false) { |
|
| 231 | - $progress->setMessage("decrypt files for user $userCount: $path (already decrypted)"); |
|
| 232 | - $progress->advance(); |
|
| 233 | - } |
|
| 234 | - } |
|
| 235 | - } catch (\Exception $e) { |
|
| 236 | - if (isset($this->failed[$uid])) { |
|
| 237 | - $this->failed[$uid][] = $path; |
|
| 238 | - } else { |
|
| 239 | - $this->failed[$uid] = [$path]; |
|
| 240 | - } |
|
| 241 | - } |
|
| 242 | - } |
|
| 243 | - } |
|
| 244 | - } |
|
| 245 | - } |
|
| 246 | - |
|
| 247 | - /** |
|
| 248 | - * encrypt file |
|
| 249 | - * |
|
| 250 | - * @param string $path |
|
| 251 | - * @return bool |
|
| 252 | - */ |
|
| 253 | - protected function decryptFile($path) { |
|
| 254 | - |
|
| 255 | - // skip already decrypted files |
|
| 256 | - $fileInfo = $this->rootView->getFileInfo($path); |
|
| 257 | - if ($fileInfo !== false && !$fileInfo->isEncrypted()) { |
|
| 258 | - return true; |
|
| 259 | - } |
|
| 260 | - |
|
| 261 | - $source = $path; |
|
| 262 | - $target = $path . '.decrypted.' . $this->getTimestamp(); |
|
| 263 | - |
|
| 264 | - try { |
|
| 265 | - $this->rootView->copy($source, $target); |
|
| 266 | - $this->rootView->touch($target, $fileInfo->getMTime()); |
|
| 267 | - $this->rootView->rename($target, $source); |
|
| 268 | - } catch (DecryptionFailedException $e) { |
|
| 269 | - if ($this->rootView->file_exists($target)) { |
|
| 270 | - $this->rootView->unlink($target); |
|
| 271 | - } |
|
| 272 | - return false; |
|
| 273 | - } |
|
| 274 | - |
|
| 275 | - return true; |
|
| 276 | - } |
|
| 277 | - |
|
| 278 | - /** |
|
| 279 | - * get current timestamp |
|
| 280 | - * |
|
| 281 | - * @return int |
|
| 282 | - */ |
|
| 283 | - protected function getTimestamp() { |
|
| 284 | - return time(); |
|
| 285 | - } |
|
| 286 | - |
|
| 287 | - |
|
| 288 | - /** |
|
| 289 | - * setup user file system |
|
| 290 | - * |
|
| 291 | - * @param string $uid |
|
| 292 | - */ |
|
| 293 | - protected function setupUserFS($uid) { |
|
| 294 | - \OC_Util::tearDownFS(); |
|
| 295 | - \OC_Util::setupFS($uid); |
|
| 296 | - } |
|
| 42 | + /** @var OutputInterface */ |
|
| 43 | + protected $output; |
|
| 44 | + |
|
| 45 | + /** @var InputInterface */ |
|
| 46 | + protected $input; |
|
| 47 | + |
|
| 48 | + /** @var Manager */ |
|
| 49 | + protected $encryptionManager; |
|
| 50 | + |
|
| 51 | + /** @var IUserManager */ |
|
| 52 | + protected $userManager; |
|
| 53 | + |
|
| 54 | + /** @var View */ |
|
| 55 | + protected $rootView; |
|
| 56 | + |
|
| 57 | + /** @var array files which couldn't be decrypted */ |
|
| 58 | + protected $failed; |
|
| 59 | + |
|
| 60 | + /** |
|
| 61 | + * @param Manager $encryptionManager |
|
| 62 | + * @param IUserManager $userManager |
|
| 63 | + * @param View $rootView |
|
| 64 | + */ |
|
| 65 | + public function __construct( |
|
| 66 | + Manager $encryptionManager, |
|
| 67 | + IUserManager $userManager, |
|
| 68 | + View $rootView |
|
| 69 | + ) { |
|
| 70 | + $this->encryptionManager = $encryptionManager; |
|
| 71 | + $this->userManager = $userManager; |
|
| 72 | + $this->rootView = $rootView; |
|
| 73 | + $this->failed = []; |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * start to decrypt all files |
|
| 78 | + * |
|
| 79 | + * @param InputInterface $input |
|
| 80 | + * @param OutputInterface $output |
|
| 81 | + * @param string $user which users data folder should be decrypted, default = all users |
|
| 82 | + * @return bool |
|
| 83 | + * @throws \Exception |
|
| 84 | + */ |
|
| 85 | + public function decryptAll(InputInterface $input, OutputInterface $output, $user = '') { |
|
| 86 | + $this->input = $input; |
|
| 87 | + $this->output = $output; |
|
| 88 | + |
|
| 89 | + if ($user !== '' && $this->userManager->userExists($user) === false) { |
|
| 90 | + $this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again'); |
|
| 91 | + return false; |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + $this->output->writeln('prepare encryption modules...'); |
|
| 95 | + if ($this->prepareEncryptionModules($user) === false) { |
|
| 96 | + return false; |
|
| 97 | + } |
|
| 98 | + $this->output->writeln(' done.'); |
|
| 99 | + |
|
| 100 | + $this->decryptAllUsersFiles($user); |
|
| 101 | + |
|
| 102 | + if (empty($this->failed)) { |
|
| 103 | + $this->output->writeln('all files could be decrypted successfully!'); |
|
| 104 | + } else { |
|
| 105 | + $this->output->writeln('Files for following users couldn\'t be decrypted, '); |
|
| 106 | + $this->output->writeln('maybe the user is not set up in a way that supports this operation: '); |
|
| 107 | + foreach ($this->failed as $uid => $paths) { |
|
| 108 | + $this->output->writeln(' ' . $uid); |
|
| 109 | + foreach ($paths as $path) { |
|
| 110 | + $this->output->writeln(' ' . $path); |
|
| 111 | + } |
|
| 112 | + } |
|
| 113 | + $this->output->writeln(''); |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + return true; |
|
| 117 | + } |
|
| 118 | + |
|
| 119 | + /** |
|
| 120 | + * prepare encryption modules to perform the decrypt all function |
|
| 121 | + * |
|
| 122 | + * @param $user |
|
| 123 | + * @return bool |
|
| 124 | + */ |
|
| 125 | + protected function prepareEncryptionModules($user) { |
|
| 126 | + // prepare all encryption modules for decrypt all |
|
| 127 | + $encryptionModules = $this->encryptionManager->getEncryptionModules(); |
|
| 128 | + foreach ($encryptionModules as $moduleDesc) { |
|
| 129 | + /** @var IEncryptionModule $module */ |
|
| 130 | + $module = call_user_func($moduleDesc['callback']); |
|
| 131 | + $this->output->writeln(''); |
|
| 132 | + $this->output->writeln('Prepare "' . $module->getDisplayName() . '"'); |
|
| 133 | + $this->output->writeln(''); |
|
| 134 | + if ($module->prepareDecryptAll($this->input, $this->output, $user) === false) { |
|
| 135 | + $this->output->writeln('Module "' . $moduleDesc['displayName'] . '" does not support the functionality to decrypt all files again or the initialization of the module failed!'); |
|
| 136 | + return false; |
|
| 137 | + } |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + return true; |
|
| 141 | + } |
|
| 142 | + |
|
| 143 | + /** |
|
| 144 | + * iterate over all user and encrypt their files |
|
| 145 | + * |
|
| 146 | + * @param string $user which users files should be decrypted, default = all users |
|
| 147 | + */ |
|
| 148 | + protected function decryptAllUsersFiles($user = '') { |
|
| 149 | + $this->output->writeln("\n"); |
|
| 150 | + |
|
| 151 | + $userList = []; |
|
| 152 | + if ($user === '') { |
|
| 153 | + $fetchUsersProgress = new ProgressBar($this->output); |
|
| 154 | + $fetchUsersProgress->setFormat(" %message% \n [%bar%]"); |
|
| 155 | + $fetchUsersProgress->start(); |
|
| 156 | + $fetchUsersProgress->setMessage("Fetch list of users..."); |
|
| 157 | + $fetchUsersProgress->advance(); |
|
| 158 | + |
|
| 159 | + foreach ($this->userManager->getBackends() as $backend) { |
|
| 160 | + $limit = 500; |
|
| 161 | + $offset = 0; |
|
| 162 | + do { |
|
| 163 | + $users = $backend->getUsers('', $limit, $offset); |
|
| 164 | + foreach ($users as $user) { |
|
| 165 | + $userList[] = $user; |
|
| 166 | + } |
|
| 167 | + $offset += $limit; |
|
| 168 | + $fetchUsersProgress->advance(); |
|
| 169 | + } while (count($users) >= $limit); |
|
| 170 | + $fetchUsersProgress->setMessage("Fetch list of users... finished"); |
|
| 171 | + $fetchUsersProgress->finish(); |
|
| 172 | + } |
|
| 173 | + } else { |
|
| 174 | + $userList[] = $user; |
|
| 175 | + } |
|
| 176 | + |
|
| 177 | + $this->output->writeln("\n\n"); |
|
| 178 | + |
|
| 179 | + $progress = new ProgressBar($this->output); |
|
| 180 | + $progress->setFormat(" %message% \n [%bar%]"); |
|
| 181 | + $progress->start(); |
|
| 182 | + $progress->setMessage("starting to decrypt files..."); |
|
| 183 | + $progress->advance(); |
|
| 184 | + |
|
| 185 | + $numberOfUsers = count($userList); |
|
| 186 | + $userNo = 1; |
|
| 187 | + foreach ($userList as $uid) { |
|
| 188 | + $userCount = "$uid ($userNo of $numberOfUsers)"; |
|
| 189 | + $this->decryptUsersFiles($uid, $progress, $userCount); |
|
| 190 | + $userNo++; |
|
| 191 | + } |
|
| 192 | + |
|
| 193 | + $progress->setMessage("starting to decrypt files... finished"); |
|
| 194 | + $progress->finish(); |
|
| 195 | + |
|
| 196 | + $this->output->writeln("\n\n"); |
|
| 197 | + } |
|
| 198 | + |
|
| 199 | + /** |
|
| 200 | + * encrypt files from the given user |
|
| 201 | + * |
|
| 202 | + * @param string $uid |
|
| 203 | + * @param ProgressBar $progress |
|
| 204 | + * @param string $userCount |
|
| 205 | + */ |
|
| 206 | + protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) { |
|
| 207 | + $this->setupUserFS($uid); |
|
| 208 | + $directories = []; |
|
| 209 | + $directories[] = '/' . $uid . '/files'; |
|
| 210 | + |
|
| 211 | + while ($root = array_pop($directories)) { |
|
| 212 | + $content = $this->rootView->getDirectoryContent($root); |
|
| 213 | + foreach ($content as $file) { |
|
| 214 | + // only decrypt files owned by the user |
|
| 215 | + if ($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) { |
|
| 216 | + continue; |
|
| 217 | + } |
|
| 218 | + $path = $root . '/' . $file['name']; |
|
| 219 | + if ($this->rootView->is_dir($path)) { |
|
| 220 | + $directories[] = $path; |
|
| 221 | + continue; |
|
| 222 | + } else { |
|
| 223 | + try { |
|
| 224 | + $progress->setMessage("decrypt files for user $userCount: $path"); |
|
| 225 | + $progress->advance(); |
|
| 226 | + if ($file->isEncrypted() === false) { |
|
| 227 | + $progress->setMessage("decrypt files for user $userCount: $path (already decrypted)"); |
|
| 228 | + $progress->advance(); |
|
| 229 | + } else { |
|
| 230 | + if ($this->decryptFile($path) === false) { |
|
| 231 | + $progress->setMessage("decrypt files for user $userCount: $path (already decrypted)"); |
|
| 232 | + $progress->advance(); |
|
| 233 | + } |
|
| 234 | + } |
|
| 235 | + } catch (\Exception $e) { |
|
| 236 | + if (isset($this->failed[$uid])) { |
|
| 237 | + $this->failed[$uid][] = $path; |
|
| 238 | + } else { |
|
| 239 | + $this->failed[$uid] = [$path]; |
|
| 240 | + } |
|
| 241 | + } |
|
| 242 | + } |
|
| 243 | + } |
|
| 244 | + } |
|
| 245 | + } |
|
| 246 | + |
|
| 247 | + /** |
|
| 248 | + * encrypt file |
|
| 249 | + * |
|
| 250 | + * @param string $path |
|
| 251 | + * @return bool |
|
| 252 | + */ |
|
| 253 | + protected function decryptFile($path) { |
|
| 254 | + |
|
| 255 | + // skip already decrypted files |
|
| 256 | + $fileInfo = $this->rootView->getFileInfo($path); |
|
| 257 | + if ($fileInfo !== false && !$fileInfo->isEncrypted()) { |
|
| 258 | + return true; |
|
| 259 | + } |
|
| 260 | + |
|
| 261 | + $source = $path; |
|
| 262 | + $target = $path . '.decrypted.' . $this->getTimestamp(); |
|
| 263 | + |
|
| 264 | + try { |
|
| 265 | + $this->rootView->copy($source, $target); |
|
| 266 | + $this->rootView->touch($target, $fileInfo->getMTime()); |
|
| 267 | + $this->rootView->rename($target, $source); |
|
| 268 | + } catch (DecryptionFailedException $e) { |
|
| 269 | + if ($this->rootView->file_exists($target)) { |
|
| 270 | + $this->rootView->unlink($target); |
|
| 271 | + } |
|
| 272 | + return false; |
|
| 273 | + } |
|
| 274 | + |
|
| 275 | + return true; |
|
| 276 | + } |
|
| 277 | + |
|
| 278 | + /** |
|
| 279 | + * get current timestamp |
|
| 280 | + * |
|
| 281 | + * @return int |
|
| 282 | + */ |
|
| 283 | + protected function getTimestamp() { |
|
| 284 | + return time(); |
|
| 285 | + } |
|
| 286 | + |
|
| 287 | + |
|
| 288 | + /** |
|
| 289 | + * setup user file system |
|
| 290 | + * |
|
| 291 | + * @param string $uid |
|
| 292 | + */ |
|
| 293 | + protected function setupUserFS($uid) { |
|
| 294 | + \OC_Util::tearDownFS(); |
|
| 295 | + \OC_Util::setupFS($uid); |
|
| 296 | + } |
|
| 297 | 297 | } |
@@ -33,35 +33,35 @@ |
||
| 33 | 33 | * @since 14.0.0 |
| 34 | 34 | */ |
| 35 | 35 | class CloudFederationNotification implements ICloudFederationNotification { |
| 36 | - private $message = []; |
|
| 36 | + private $message = []; |
|
| 37 | 37 | |
| 38 | - /** |
|
| 39 | - * add a message to the notification |
|
| 40 | - * |
|
| 41 | - * @param string $notificationType (e.g. SHARE_ACCEPTED) |
|
| 42 | - * @param string $resourceType (e.g. file, calendar, contact,...) |
|
| 43 | - * @param string $providerId id of the share |
|
| 44 | - * @param array $notification payload of the notification |
|
| 45 | - * |
|
| 46 | - * @since 14.0.0 |
|
| 47 | - */ |
|
| 48 | - public function setMessage($notificationType, $resourceType, $providerId, array $notification) { |
|
| 49 | - $this->message = [ |
|
| 50 | - 'notificationType' => $notificationType, |
|
| 51 | - 'resourceType' => $resourceType, |
|
| 52 | - 'providerId' => $providerId, |
|
| 53 | - 'notification' => $notification, |
|
| 54 | - ]; |
|
| 55 | - } |
|
| 38 | + /** |
|
| 39 | + * add a message to the notification |
|
| 40 | + * |
|
| 41 | + * @param string $notificationType (e.g. SHARE_ACCEPTED) |
|
| 42 | + * @param string $resourceType (e.g. file, calendar, contact,...) |
|
| 43 | + * @param string $providerId id of the share |
|
| 44 | + * @param array $notification payload of the notification |
|
| 45 | + * |
|
| 46 | + * @since 14.0.0 |
|
| 47 | + */ |
|
| 48 | + public function setMessage($notificationType, $resourceType, $providerId, array $notification) { |
|
| 49 | + $this->message = [ |
|
| 50 | + 'notificationType' => $notificationType, |
|
| 51 | + 'resourceType' => $resourceType, |
|
| 52 | + 'providerId' => $providerId, |
|
| 53 | + 'notification' => $notification, |
|
| 54 | + ]; |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - /** |
|
| 58 | - * get message, ready to send out |
|
| 59 | - * |
|
| 60 | - * @return array |
|
| 61 | - * |
|
| 62 | - * @since 14.0.0 |
|
| 63 | - */ |
|
| 64 | - public function getMessage() { |
|
| 65 | - return $this->message; |
|
| 66 | - } |
|
| 57 | + /** |
|
| 58 | + * get message, ready to send out |
|
| 59 | + * |
|
| 60 | + * @return array |
|
| 61 | + * |
|
| 62 | + * @since 14.0.0 |
|
| 63 | + */ |
|
| 64 | + public function getMessage() { |
|
| 65 | + return $this->message; |
|
| 66 | + } |
|
| 67 | 67 | } |
@@ -30,56 +30,56 @@ |
||
| 30 | 30 | * @package OC\App\AppStore |
| 31 | 31 | */ |
| 32 | 32 | class VersionParser { |
| 33 | - /** |
|
| 34 | - * @param string $versionString |
|
| 35 | - * @return bool |
|
| 36 | - */ |
|
| 37 | - private function isValidVersionString($versionString) { |
|
| 38 | - return (bool)preg_match('/^[0-9.]+$/', $versionString); |
|
| 39 | - } |
|
| 33 | + /** |
|
| 34 | + * @param string $versionString |
|
| 35 | + * @return bool |
|
| 36 | + */ |
|
| 37 | + private function isValidVersionString($versionString) { |
|
| 38 | + return (bool)preg_match('/^[0-9.]+$/', $versionString); |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * Returns the version for a version string |
|
| 43 | - * |
|
| 44 | - * @param string $versionSpec |
|
| 45 | - * @return Version |
|
| 46 | - * @throws \Exception If the version cannot be parsed |
|
| 47 | - */ |
|
| 48 | - public function getVersion($versionSpec) { |
|
| 49 | - // * indicates that the version is compatible with all versions |
|
| 50 | - if ($versionSpec === '*') { |
|
| 51 | - return new Version('', ''); |
|
| 52 | - } |
|
| 41 | + /** |
|
| 42 | + * Returns the version for a version string |
|
| 43 | + * |
|
| 44 | + * @param string $versionSpec |
|
| 45 | + * @return Version |
|
| 46 | + * @throws \Exception If the version cannot be parsed |
|
| 47 | + */ |
|
| 48 | + public function getVersion($versionSpec) { |
|
| 49 | + // * indicates that the version is compatible with all versions |
|
| 50 | + if ($versionSpec === '*') { |
|
| 51 | + return new Version('', ''); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - // Count the amount of =, if it is one then it's either maximum or minimum |
|
| 55 | - // version. If it is two then it is maximum and minimum. |
|
| 56 | - $versionElements = explode(' ', $versionSpec); |
|
| 57 | - $firstVersion = isset($versionElements[0]) ? $versionElements[0] : ''; |
|
| 58 | - $firstVersionNumber = substr($firstVersion, 2); |
|
| 59 | - $secondVersion = isset($versionElements[1]) ? $versionElements[1] : ''; |
|
| 60 | - $secondVersionNumber = substr($secondVersion, 2); |
|
| 54 | + // Count the amount of =, if it is one then it's either maximum or minimum |
|
| 55 | + // version. If it is two then it is maximum and minimum. |
|
| 56 | + $versionElements = explode(' ', $versionSpec); |
|
| 57 | + $firstVersion = isset($versionElements[0]) ? $versionElements[0] : ''; |
|
| 58 | + $firstVersionNumber = substr($firstVersion, 2); |
|
| 59 | + $secondVersion = isset($versionElements[1]) ? $versionElements[1] : ''; |
|
| 60 | + $secondVersionNumber = substr($secondVersion, 2); |
|
| 61 | 61 | |
| 62 | - switch (count($versionElements)) { |
|
| 63 | - case 1: |
|
| 64 | - if (!$this->isValidVersionString($firstVersionNumber)) { |
|
| 65 | - break; |
|
| 66 | - } |
|
| 67 | - if (strpos($firstVersion, '>') === 0) { |
|
| 68 | - return new Version($firstVersionNumber, ''); |
|
| 69 | - } |
|
| 70 | - return new Version('', $firstVersionNumber); |
|
| 71 | - case 2: |
|
| 72 | - if (!$this->isValidVersionString($firstVersionNumber) || !$this->isValidVersionString($secondVersionNumber)) { |
|
| 73 | - break; |
|
| 74 | - } |
|
| 75 | - return new Version($firstVersionNumber, $secondVersionNumber); |
|
| 76 | - } |
|
| 62 | + switch (count($versionElements)) { |
|
| 63 | + case 1: |
|
| 64 | + if (!$this->isValidVersionString($firstVersionNumber)) { |
|
| 65 | + break; |
|
| 66 | + } |
|
| 67 | + if (strpos($firstVersion, '>') === 0) { |
|
| 68 | + return new Version($firstVersionNumber, ''); |
|
| 69 | + } |
|
| 70 | + return new Version('', $firstVersionNumber); |
|
| 71 | + case 2: |
|
| 72 | + if (!$this->isValidVersionString($firstVersionNumber) || !$this->isValidVersionString($secondVersionNumber)) { |
|
| 73 | + break; |
|
| 74 | + } |
|
| 75 | + return new Version($firstVersionNumber, $secondVersionNumber); |
|
| 76 | + } |
|
| 77 | 77 | |
| 78 | - throw new \Exception( |
|
| 79 | - sprintf( |
|
| 80 | - 'Version cannot be parsed: %s', |
|
| 81 | - $versionSpec |
|
| 82 | - ) |
|
| 83 | - ); |
|
| 84 | - } |
|
| 78 | + throw new \Exception( |
|
| 79 | + sprintf( |
|
| 80 | + 'Version cannot be parsed: %s', |
|
| 81 | + $versionSpec |
|
| 82 | + ) |
|
| 83 | + ); |
|
| 84 | + } |
|
| 85 | 85 | } |
@@ -27,51 +27,51 @@ |
||
| 27 | 27 | namespace OC\Security\FeaturePolicy; |
| 28 | 28 | |
| 29 | 29 | class FeaturePolicy extends \OCP\AppFramework\Http\FeaturePolicy { |
| 30 | - public function getAutoplayDomains(): array { |
|
| 31 | - return $this->autoplayDomains; |
|
| 32 | - } |
|
| 30 | + public function getAutoplayDomains(): array { |
|
| 31 | + return $this->autoplayDomains; |
|
| 32 | + } |
|
| 33 | 33 | |
| 34 | - public function setAutoplayDomains(array $autoplayDomains): void { |
|
| 35 | - $this->autoplayDomains = $autoplayDomains; |
|
| 36 | - } |
|
| 34 | + public function setAutoplayDomains(array $autoplayDomains): void { |
|
| 35 | + $this->autoplayDomains = $autoplayDomains; |
|
| 36 | + } |
|
| 37 | 37 | |
| 38 | - public function getCameraDomains(): array { |
|
| 39 | - return $this->cameraDomains; |
|
| 40 | - } |
|
| 38 | + public function getCameraDomains(): array { |
|
| 39 | + return $this->cameraDomains; |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | - public function setCameraDomains(array $cameraDomains): void { |
|
| 43 | - $this->cameraDomains = $cameraDomains; |
|
| 44 | - } |
|
| 42 | + public function setCameraDomains(array $cameraDomains): void { |
|
| 43 | + $this->cameraDomains = $cameraDomains; |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | - public function getFullscreenDomains(): array { |
|
| 47 | - return $this->fullscreenDomains; |
|
| 48 | - } |
|
| 46 | + public function getFullscreenDomains(): array { |
|
| 47 | + return $this->fullscreenDomains; |
|
| 48 | + } |
|
| 49 | 49 | |
| 50 | - public function setFullscreenDomains(array $fullscreenDomains): void { |
|
| 51 | - $this->fullscreenDomains = $fullscreenDomains; |
|
| 52 | - } |
|
| 50 | + public function setFullscreenDomains(array $fullscreenDomains): void { |
|
| 51 | + $this->fullscreenDomains = $fullscreenDomains; |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - public function getGeolocationDomains(): array { |
|
| 55 | - return $this->geolocationDomains; |
|
| 56 | - } |
|
| 54 | + public function getGeolocationDomains(): array { |
|
| 55 | + return $this->geolocationDomains; |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | - public function setGeolocationDomains(array $geolocationDomains): void { |
|
| 59 | - $this->geolocationDomains = $geolocationDomains; |
|
| 60 | - } |
|
| 58 | + public function setGeolocationDomains(array $geolocationDomains): void { |
|
| 59 | + $this->geolocationDomains = $geolocationDomains; |
|
| 60 | + } |
|
| 61 | 61 | |
| 62 | - public function getMicrophoneDomains(): array { |
|
| 63 | - return $this->microphoneDomains; |
|
| 64 | - } |
|
| 62 | + public function getMicrophoneDomains(): array { |
|
| 63 | + return $this->microphoneDomains; |
|
| 64 | + } |
|
| 65 | 65 | |
| 66 | - public function setMicrophoneDomains(array $microphoneDomains): void { |
|
| 67 | - $this->microphoneDomains = $microphoneDomains; |
|
| 68 | - } |
|
| 66 | + public function setMicrophoneDomains(array $microphoneDomains): void { |
|
| 67 | + $this->microphoneDomains = $microphoneDomains; |
|
| 68 | + } |
|
| 69 | 69 | |
| 70 | - public function getPaymentDomains(): array { |
|
| 71 | - return $this->paymentDomains; |
|
| 72 | - } |
|
| 70 | + public function getPaymentDomains(): array { |
|
| 71 | + return $this->paymentDomains; |
|
| 72 | + } |
|
| 73 | 73 | |
| 74 | - public function setPaymentDomains(array $paymentDomains): void { |
|
| 75 | - $this->paymentDomains = $paymentDomains; |
|
| 76 | - } |
|
| 74 | + public function setPaymentDomains(array $paymentDomains): void { |
|
| 75 | + $this->paymentDomains = $paymentDomains; |
|
| 76 | + } |
|
| 77 | 77 | } |
@@ -32,76 +32,76 @@ |
||
| 32 | 32 | use OCP\IUserManager; |
| 33 | 33 | |
| 34 | 34 | class Signer { |
| 35 | - /** @var Manager */ |
|
| 36 | - private $keyManager; |
|
| 37 | - /** @var ITimeFactory */ |
|
| 38 | - private $timeFactory; |
|
| 39 | - /** @var IUserManager */ |
|
| 40 | - private $userManager; |
|
| 35 | + /** @var Manager */ |
|
| 36 | + private $keyManager; |
|
| 37 | + /** @var ITimeFactory */ |
|
| 38 | + private $timeFactory; |
|
| 39 | + /** @var IUserManager */ |
|
| 40 | + private $userManager; |
|
| 41 | 41 | |
| 42 | - /** |
|
| 43 | - * @param Manager $keyManager |
|
| 44 | - * @param ITimeFactory $timeFactory |
|
| 45 | - * @param IUserManager $userManager |
|
| 46 | - */ |
|
| 47 | - public function __construct(Manager $keyManager, |
|
| 48 | - ITimeFactory $timeFactory, |
|
| 49 | - IUserManager $userManager) { |
|
| 50 | - $this->keyManager = $keyManager; |
|
| 51 | - $this->timeFactory = $timeFactory; |
|
| 52 | - $this->userManager = $userManager; |
|
| 53 | - } |
|
| 42 | + /** |
|
| 43 | + * @param Manager $keyManager |
|
| 44 | + * @param ITimeFactory $timeFactory |
|
| 45 | + * @param IUserManager $userManager |
|
| 46 | + */ |
|
| 47 | + public function __construct(Manager $keyManager, |
|
| 48 | + ITimeFactory $timeFactory, |
|
| 49 | + IUserManager $userManager) { |
|
| 50 | + $this->keyManager = $keyManager; |
|
| 51 | + $this->timeFactory = $timeFactory; |
|
| 52 | + $this->userManager = $userManager; |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * Returns a signed blob for $data |
|
| 57 | - * |
|
| 58 | - * @param string $type |
|
| 59 | - * @param array $data |
|
| 60 | - * @param IUser $user |
|
| 61 | - * @return array ['message', 'signature'] |
|
| 62 | - */ |
|
| 63 | - public function sign(string $type, array $data, IUser $user): array { |
|
| 64 | - $privateKey = $this->keyManager->getKey($user)->getPrivate(); |
|
| 65 | - $data = [ |
|
| 66 | - 'data' => $data, |
|
| 67 | - 'type' => $type, |
|
| 68 | - 'signer' => $user->getCloudId(), |
|
| 69 | - 'timestamp' => $this->timeFactory->getTime(), |
|
| 70 | - ]; |
|
| 71 | - openssl_sign(json_encode($data), $signature, $privateKey, OPENSSL_ALGO_SHA512); |
|
| 55 | + /** |
|
| 56 | + * Returns a signed blob for $data |
|
| 57 | + * |
|
| 58 | + * @param string $type |
|
| 59 | + * @param array $data |
|
| 60 | + * @param IUser $user |
|
| 61 | + * @return array ['message', 'signature'] |
|
| 62 | + */ |
|
| 63 | + public function sign(string $type, array $data, IUser $user): array { |
|
| 64 | + $privateKey = $this->keyManager->getKey($user)->getPrivate(); |
|
| 65 | + $data = [ |
|
| 66 | + 'data' => $data, |
|
| 67 | + 'type' => $type, |
|
| 68 | + 'signer' => $user->getCloudId(), |
|
| 69 | + 'timestamp' => $this->timeFactory->getTime(), |
|
| 70 | + ]; |
|
| 71 | + openssl_sign(json_encode($data), $signature, $privateKey, OPENSSL_ALGO_SHA512); |
|
| 72 | 72 | |
| 73 | - return [ |
|
| 74 | - 'message' => $data, |
|
| 75 | - 'signature' => base64_encode($signature), |
|
| 76 | - ]; |
|
| 77 | - } |
|
| 73 | + return [ |
|
| 74 | + 'message' => $data, |
|
| 75 | + 'signature' => base64_encode($signature), |
|
| 76 | + ]; |
|
| 77 | + } |
|
| 78 | 78 | |
| 79 | - /** |
|
| 80 | - * Whether the data is signed properly |
|
| 81 | - * |
|
| 82 | - * @param array $data |
|
| 83 | - * @return bool |
|
| 84 | - */ |
|
| 85 | - public function verify(array $data): bool { |
|
| 86 | - if (isset($data['message']) |
|
| 87 | - && isset($data['signature']) |
|
| 88 | - && isset($data['message']['signer']) |
|
| 89 | - ) { |
|
| 90 | - $location = strrpos($data['message']['signer'], '@'); |
|
| 91 | - $userId = substr($data['message']['signer'], 0, $location); |
|
| 79 | + /** |
|
| 80 | + * Whether the data is signed properly |
|
| 81 | + * |
|
| 82 | + * @param array $data |
|
| 83 | + * @return bool |
|
| 84 | + */ |
|
| 85 | + public function verify(array $data): bool { |
|
| 86 | + if (isset($data['message']) |
|
| 87 | + && isset($data['signature']) |
|
| 88 | + && isset($data['message']['signer']) |
|
| 89 | + ) { |
|
| 90 | + $location = strrpos($data['message']['signer'], '@'); |
|
| 91 | + $userId = substr($data['message']['signer'], 0, $location); |
|
| 92 | 92 | |
| 93 | - $user = $this->userManager->get($userId); |
|
| 94 | - if ($user !== null) { |
|
| 95 | - $key = $this->keyManager->getKey($user); |
|
| 96 | - return (bool)openssl_verify( |
|
| 97 | - json_encode($data['message']), |
|
| 98 | - base64_decode($data['signature']), |
|
| 99 | - $key->getPublic(), |
|
| 100 | - OPENSSL_ALGO_SHA512 |
|
| 101 | - ); |
|
| 102 | - } |
|
| 103 | - } |
|
| 93 | + $user = $this->userManager->get($userId); |
|
| 94 | + if ($user !== null) { |
|
| 95 | + $key = $this->keyManager->getKey($user); |
|
| 96 | + return (bool)openssl_verify( |
|
| 97 | + json_encode($data['message']), |
|
| 98 | + base64_decode($data['signature']), |
|
| 99 | + $key->getPublic(), |
|
| 100 | + OPENSSL_ALGO_SHA512 |
|
| 101 | + ); |
|
| 102 | + } |
|
| 103 | + } |
|
| 104 | 104 | |
| 105 | - return false; |
|
| 106 | - } |
|
| 105 | + return false; |
|
| 106 | + } |
|
| 107 | 107 | } |
