@@ -4,8 +4,8 @@ |
||
4 | 4 | |
5 | 5 | print_unescaped($l->t("Hey there,\n\nthe admin enabled server-side-encryption. Your files were encrypted using the password '%s'.\n\nPlease login to the web interface, go to the section 'basic encryption module' of your personal settings and update your encryption password by entering this password into the 'old log-in password' field and your current login-password.\n\n", array($_['password']))); |
6 | 6 | if ( isset($_['expiration']) ) { |
7 | - print_unescaped($l->t("The share will expire on %s.", array($_['expiration']))); |
|
8 | - print_unescaped("\n\n"); |
|
7 | + print_unescaped($l->t("The share will expire on %s.", array($_['expiration']))); |
|
8 | + print_unescaped("\n\n"); |
|
9 | 9 | } |
10 | 10 | // TRANSLATORS term at the end of a mail |
11 | 11 | p($l->t("Cheers!")); |
@@ -3,7 +3,7 @@ discard block |
||
3 | 3 | /** @var array $_ */ |
4 | 4 | |
5 | 5 | print_unescaped($l->t("Hey there,\n\nthe admin enabled server-side-encryption. Your files were encrypted using the password '%s'.\n\nPlease login to the web interface, go to the section 'basic encryption module' of your personal settings and update your encryption password by entering this password into the 'old log-in password' field and your current login-password.\n\n", array($_['password']))); |
6 | -if ( isset($_['expiration']) ) { |
|
6 | +if (isset($_['expiration'])) { |
|
7 | 7 | print_unescaped($l->t("The share will expire on %s.", array($_['expiration']))); |
8 | 8 | print_unescaped("\n\n"); |
9 | 9 | } |
@@ -12,5 +12,5 @@ discard block |
||
12 | 12 | ?> |
13 | 13 | |
14 | 14 | -- |
15 | -<?php p($theme->getName() . ' - ' . $theme->getSlogan()); ?> |
|
15 | +<?php p($theme->getName().' - '.$theme->getSlogan()); ?> |
|
16 | 16 | <?php print_unescaped("\n".$theme->getBaseUrl()); |
@@ -1,6 +1,6 @@ discard block |
||
1 | 1 | <?php |
2 | - /** @var array $_ */ |
|
3 | - /** @var \OCP\IL10N $l */ |
|
2 | + /** @var array $_ */ |
|
3 | + /** @var \OCP\IL10N $l */ |
|
4 | 4 | script('encryption', 'settings-personal'); |
5 | 5 | script('core', 'multiselect'); |
6 | 6 | ?> |
@@ -20,8 +20,8 @@ discard block |
||
20 | 20 | <br /> |
21 | 21 | <?php p( $l->t( "Set your old private key password to your current log-in password:" ) ); ?> |
22 | 22 | <?php if ( $_["recoveryEnabledForUser"] ): |
23 | - p( $l->t( " If you don't remember your old password you can ask your administrator to recover your files." ) ); |
|
24 | - endif; ?> |
|
23 | + p( $l->t( " If you don't remember your old password you can ask your administrator to recover your files." ) ); |
|
24 | + endif; ?> |
|
25 | 25 | <br /> |
26 | 26 | <input |
27 | 27 | type="password" |
@@ -7,57 +7,57 @@ discard block |
||
7 | 7 | <form id="ocDefaultEncryptionModule" class="section"> |
8 | 8 | <h2 data-anchor-name="basic-encryption-module"><?php p($l->t('Basic encryption module')); ?></h2> |
9 | 9 | |
10 | - <?php if ($_["initialized"] === \OCA\Encryption\Session::NOT_INITIALIZED ): ?> |
|
10 | + <?php if ($_["initialized"] === \OCA\Encryption\Session::NOT_INITIALIZED): ?> |
|
11 | 11 | |
12 | 12 | <?php p($l->t("Encryption App is enabled, but your keys are not initialized. Please log-out and log-in again.")); ?> |
13 | 13 | |
14 | - <?php elseif ( $_["initialized"] === \OCA\Encryption\Session::INIT_EXECUTED ): ?> |
|
14 | + <?php elseif ($_["initialized"] === \OCA\Encryption\Session::INIT_EXECUTED): ?> |
|
15 | 15 | <p> |
16 | 16 | <a name="changePKPasswd" /> |
17 | 17 | <label for="changePrivateKeyPasswd"> |
18 | - <em><?php p( $l->t( "Your private key password no longer matches your log-in password." ) ); ?></em> |
|
18 | + <em><?php p($l->t("Your private key password no longer matches your log-in password.")); ?></em> |
|
19 | 19 | </label> |
20 | 20 | <br /> |
21 | - <?php p( $l->t( "Set your old private key password to your current log-in password:" ) ); ?> |
|
22 | - <?php if ( $_["recoveryEnabledForUser"] ): |
|
23 | - p( $l->t( " If you don't remember your old password you can ask your administrator to recover your files." ) ); |
|
21 | + <?php p($l->t("Set your old private key password to your current log-in password:")); ?> |
|
22 | + <?php if ($_["recoveryEnabledForUser"]): |
|
23 | + p($l->t(" If you don't remember your old password you can ask your administrator to recover your files.")); |
|
24 | 24 | endif; ?> |
25 | 25 | <br /> |
26 | 26 | <input |
27 | 27 | type="password" |
28 | 28 | name="changePrivateKeyPassword" |
29 | 29 | id="oldPrivateKeyPassword" /> |
30 | - <label for="oldPrivateKeyPassword"><?php p($l->t( "Old log-in password" )); ?></label> |
|
30 | + <label for="oldPrivateKeyPassword"><?php p($l->t("Old log-in password")); ?></label> |
|
31 | 31 | <br /> |
32 | 32 | <input |
33 | 33 | type="password" |
34 | 34 | name="changePrivateKeyPassword" |
35 | 35 | id="newPrivateKeyPassword" /> |
36 | - <label for="newRecoveryPassword"><?php p($l->t( "Current log-in password" )); ?></label> |
|
36 | + <label for="newRecoveryPassword"><?php p($l->t("Current log-in password")); ?></label> |
|
37 | 37 | <br /> |
38 | 38 | <button |
39 | 39 | type="button" |
40 | 40 | name="submitChangePrivateKeyPassword" |
41 | - disabled><?php p($l->t( "Update Private Key Password" )); ?> |
|
41 | + disabled><?php p($l->t("Update Private Key Password")); ?> |
|
42 | 42 | </button> |
43 | 43 | <span class="msg"></span> |
44 | 44 | </p> |
45 | 45 | |
46 | - <?php elseif ( $_["recoveryEnabled"] && $_["privateKeySet"] && $_["initialized"] === \OCA\Encryption\Session::INIT_SUCCESSFUL ): ?> |
|
46 | + <?php elseif ($_["recoveryEnabled"] && $_["privateKeySet"] && $_["initialized"] === \OCA\Encryption\Session::INIT_SUCCESSFUL): ?> |
|
47 | 47 | <br /> |
48 | 48 | <p id="userEnableRecovery"> |
49 | - <label for="userEnableRecovery"><?php p( $l->t( "Enable password recovery:" ) ); ?></label> |
|
49 | + <label for="userEnableRecovery"><?php p($l->t("Enable password recovery:")); ?></label> |
|
50 | 50 | <span class="msg"></span> |
51 | 51 | <br /> |
52 | - <em><?php p( $l->t( "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" ) ); ?></em> |
|
52 | + <em><?php p($l->t("Enabling this option will allow you to reobtain access to your encrypted files in case of password loss")); ?></em> |
|
53 | 53 | <br /> |
54 | 54 | <input |
55 | 55 | type='radio' |
56 | 56 | id='userEnableRecoveryCheckbox' |
57 | 57 | name='userEnableRecovery' |
58 | 58 | value='1' |
59 | - <?php echo ( $_["recoveryEnabledForUser"] ? 'checked="checked"' : '' ); ?> /> |
|
60 | - <label for="userEnableRecoveryCheckbox"><?php p( $l->t( "Enabled" ) ); ?></label> |
|
59 | + <?php echo ($_["recoveryEnabledForUser"] ? 'checked="checked"' : ''); ?> /> |
|
60 | + <label for="userEnableRecoveryCheckbox"><?php p($l->t("Enabled")); ?></label> |
|
61 | 61 | <br /> |
62 | 62 | |
63 | 63 | <input |
@@ -65,8 +65,8 @@ discard block |
||
65 | 65 | id='userDisableRecoveryCheckbox' |
66 | 66 | name='userEnableRecovery' |
67 | 67 | value='0' |
68 | - <?php echo ( $_["recoveryEnabledForUser"] === false ? 'checked="checked"' : '' ); ?> /> |
|
69 | - <label for="userDisableRecoveryCheckbox"><?php p( $l->t( "Disabled" ) ); ?></label> |
|
68 | + <?php echo ($_["recoveryEnabledForUser"] === false ? 'checked="checked"' : ''); ?> /> |
|
69 | + <label for="userDisableRecoveryCheckbox"><?php p($l->t("Disabled")); ?></label> |
|
70 | 70 | </p> |
71 | 71 | <?php endif; ?> |
72 | 72 | </form> |
@@ -7,19 +7,19 @@ discard block |
||
7 | 7 | ?> |
8 | 8 | <form id="ocDefaultEncryptionModule" class="sub-section"> |
9 | 9 | <h3><?php p($l->t("Default encryption module")); ?></h3> |
10 | - <?php if(!$_["initStatus"]): ?> |
|
10 | + <?php if (!$_["initStatus"]): ?> |
|
11 | 11 | <?php p($l->t("Encryption app is enabled but your keys are not initialized, please log-out and log-in again")); ?> |
12 | 12 | <?php else: ?> |
13 | 13 | <p id="encryptHomeStorageSetting"> |
14 | 14 | <input type="checkbox" class="checkbox" name="encrypt_home_storage" id="encryptHomeStorage" |
15 | 15 | value="1" <?php if ($_['encryptHomeStorage']) print_unescaped('checked="checked"'); ?> /> |
16 | - <label for="encryptHomeStorage"><?php p($l->t('Encrypt the home storage'));?></label></br> |
|
17 | - <em><?php p( $l->t( "Enabling this option encrypts all files stored on the main storage, otherwise only files on external storage will be encrypted" ) ); ?></em> |
|
16 | + <label for="encryptHomeStorage"><?php p($l->t('Encrypt the home storage')); ?></label></br> |
|
17 | + <em><?php p($l->t("Enabling this option encrypts all files stored on the main storage, otherwise only files on external storage will be encrypted")); ?></em> |
|
18 | 18 | </p> |
19 | 19 | <br /> |
20 | - <?php if($_['masterKeyEnabled'] === false): ?> |
|
20 | + <?php if ($_['masterKeyEnabled'] === false): ?> |
|
21 | 21 | <p id="encryptionSetRecoveryKey"> |
22 | - <?php $_["recoveryEnabled"] === '0' ? p($l->t("Enable recovery key")) : p($l->t("Disable recovery key")); ?> |
|
22 | + <?php $_["recoveryEnabled"] === '0' ? p($l->t("Enable recovery key")) : p($l->t("Disable recovery key")); ?> |
|
23 | 23 | <span class="msg"></span> |
24 | 24 | <br/> |
25 | 25 | <em> |
@@ -38,11 +38,11 @@ discard block |
||
38 | 38 | name="enableRecoveryKey" |
39 | 39 | id="enableRecoveryKey" |
40 | 40 | status="<?php p($_["recoveryEnabled"]) ?>" |
41 | - value="<?php $_["recoveryEnabled"] === '0' ? p($l->t("Enable recovery key")) : p($l->t("Disable recovery key")); ?>"/> |
|
41 | + value="<?php $_["recoveryEnabled"] === '0' ? p($l->t("Enable recovery key")) : p($l->t("Disable recovery key")); ?>"/> |
|
42 | 42 | </p> |
43 | 43 | <br/><br/> |
44 | 44 | |
45 | - <p name="changeRecoveryPasswordBlock" id="encryptionChangeRecoveryKey" <?php if($_['recoveryEnabled'] === '0') print_unescaped('class="hidden"');?>> |
|
45 | + <p name="changeRecoveryPasswordBlock" id="encryptionChangeRecoveryKey" <?php if ($_['recoveryEnabled'] === '0') print_unescaped('class="hidden"'); ?>> |
|
46 | 46 | <?php p($l->t("Change recovery key password:")); ?> |
47 | 47 | <span class="msg"></span> |
48 | 48 | <br/> |
@@ -9,10 +9,13 @@ discard block |
||
9 | 9 | <h3><?php p($l->t("Default encryption module")); ?></h3> |
10 | 10 | <?php if(!$_["initStatus"]): ?> |
11 | 11 | <?php p($l->t("Encryption app is enabled but your keys are not initialized, please log-out and log-in again")); ?> |
12 | - <?php else: ?> |
|
12 | + <?php else { |
|
13 | + : ?> |
|
13 | 14 | <p id="encryptHomeStorageSetting"> |
14 | 15 | <input type="checkbox" class="checkbox" name="encrypt_home_storage" id="encryptHomeStorage" |
15 | - value="1" <?php if ($_['encryptHomeStorage']) print_unescaped('checked="checked"'); ?> /> |
|
16 | + value="1" <?php if ($_['encryptHomeStorage']) print_unescaped('checked="checked"'); |
|
17 | +} |
|
18 | +?> /> |
|
16 | 19 | <label for="encryptHomeStorage"><?php p($l->t('Encrypt the home storage'));?></label></br> |
17 | 20 | <em><?php p( $l->t( "Enabling this option encrypts all files stored on the main storage, otherwise only files on external storage will be encrypted" ) ); ?></em> |
18 | 21 | </p> |
@@ -42,7 +45,10 @@ discard block |
||
42 | 45 | </p> |
43 | 46 | <br/><br/> |
44 | 47 | |
45 | - <p name="changeRecoveryPasswordBlock" id="encryptionChangeRecoveryKey" <?php if($_['recoveryEnabled'] === '0') print_unescaped('class="hidden"');?>> |
|
48 | + <p name="changeRecoveryPasswordBlock" id="encryptionChangeRecoveryKey" <?php if($_['recoveryEnabled'] === '0') { |
|
49 | + print_unescaped('class="hidden"'); |
|
50 | +} |
|
51 | +?>> |
|
46 | 52 | <?php p($l->t("Change recovery key password:")); ?> |
47 | 53 | <span class="msg"></span> |
48 | 54 | <br/> |
@@ -15,10 +15,10 @@ |
||
15 | 15 | <td width="20px"> </td> |
16 | 16 | <td style="font-weight:normal; font-size:0.8em; line-height:1.2em; font-family:verdana,'arial',sans;"> |
17 | 17 | <?php |
18 | - print_unescaped($l->t('Hey there,<br><br>the admin enabled server-side-encryption. Your files were encrypted using the password <strong>%s</strong>.<br><br>Please login to the web interface, go to the section "basic encryption module" of your personal settings and update your encryption password by entering this password into the "old log-in password" field and your current login-password.<br><br>', array($_['password']))); |
|
19 | - // TRANSLATORS term at the end of a mail |
|
20 | - p($l->t('Cheers!')); |
|
21 | - ?> |
|
18 | + print_unescaped($l->t('Hey there,<br><br>the admin enabled server-side-encryption. Your files were encrypted using the password <strong>%s</strong>.<br><br>Please login to the web interface, go to the section "basic encryption module" of your personal settings and update your encryption password by entering this password into the "old log-in password" field and your current login-password.<br><br>', array($_['password']))); |
|
19 | + // TRANSLATORS term at the end of a mail |
|
20 | + p($l->t('Cheers!')); |
|
21 | + ?> |
|
22 | 22 | </td> |
23 | 23 | </tr> |
24 | 24 | <tr><td colspan="2"> </td></tr> |
@@ -27,7 +27,7 @@ discard block |
||
27 | 27 | <tr><td> |
28 | 28 | <table cellspacing="0" cellpadding="0" border="0" width="600px"> |
29 | 29 | <tr> |
30 | - <td colspan="2" bgcolor="<?php p($theme->getColorPrimary());?>"> |
|
30 | + <td colspan="2" bgcolor="<?php p($theme->getColorPrimary()); ?>"> |
|
31 | 31 | <img src="<?php p(\OC::$server->getURLGenerator()->getAbsoluteURL(image_path('', 'logo-mail.png'))); ?>" alt="<?php p($theme->getName()); ?>"/> |
32 | 32 | </td> |
33 | 33 | </tr> |
@@ -52,7 +52,7 @@ discard block |
||
52 | 52 | <td style="font-weight:normal; font-size:0.8em; line-height:1.2em; font-family:verdana,'arial',sans;">--<br> |
53 | 53 | <?php p($theme->getName()); ?> - |
54 | 54 | <?php p($theme->getSlogan()); ?> |
55 | - <br><a href="<?php p($theme->getBaseUrl()); ?>"><?php p($theme->getBaseUrl());?></a> |
|
55 | + <br><a href="<?php p($theme->getBaseUrl()); ?>"><?php p($theme->getBaseUrl()); ?></a> |
|
56 | 56 | </td> |
57 | 57 | </tr> |
58 | 58 | <tr> |
@@ -32,359 +32,359 @@ |
||
32 | 32 | |
33 | 33 | class Migration { |
34 | 34 | |
35 | - private $moduleId; |
|
36 | - /** @var \OC\Files\View */ |
|
37 | - private $view; |
|
38 | - /** @var \OCP\IDBConnection */ |
|
39 | - private $connection; |
|
40 | - /** @var IConfig */ |
|
41 | - private $config; |
|
42 | - /** @var ILogger */ |
|
43 | - private $logger; |
|
44 | - /** @var string*/ |
|
45 | - protected $installedVersion; |
|
46 | - |
|
47 | - /** |
|
48 | - * @param IConfig $config |
|
49 | - * @param View $view |
|
50 | - * @param IDBConnection $connection |
|
51 | - * @param ILogger $logger |
|
52 | - */ |
|
53 | - public function __construct(IConfig $config, View $view, IDBConnection $connection, ILogger $logger) { |
|
54 | - $this->view = $view; |
|
55 | - $this->view->disableCacheUpdate(); |
|
56 | - $this->connection = $connection; |
|
57 | - $this->moduleId = \OCA\Encryption\Crypto\Encryption::ID; |
|
58 | - $this->config = $config; |
|
59 | - $this->logger = $logger; |
|
60 | - $this->installedVersion = $this->config->getAppValue('files_encryption', 'installed_version', '-1'); |
|
61 | - } |
|
62 | - |
|
63 | - public function finalCleanUp() { |
|
64 | - $this->view->deleteAll('files_encryption/public_keys'); |
|
65 | - $this->updateFileCache(); |
|
66 | - $this->config->deleteAppValue('files_encryption', 'installed_version'); |
|
67 | - } |
|
68 | - |
|
69 | - /** |
|
70 | - * update file cache, copy unencrypted_size to the 'size' column |
|
71 | - */ |
|
72 | - private function updateFileCache() { |
|
73 | - // make sure that we don't update the file cache multiple times |
|
74 | - // only update during the first run |
|
75 | - if ($this->installedVersion !== '-1') { |
|
76 | - $query = $this->connection->getQueryBuilder(); |
|
77 | - $query->update('filecache') |
|
78 | - ->set('size', 'unencrypted_size') |
|
79 | - ->where($query->expr()->eq('encrypted', $query->createParameter('encrypted'))) |
|
80 | - ->setParameter('encrypted', 1); |
|
81 | - $query->execute(); |
|
82 | - } |
|
83 | - } |
|
84 | - |
|
85 | - /** |
|
86 | - * iterate through users and reorganize the folder structure |
|
87 | - */ |
|
88 | - public function reorganizeFolderStructure() { |
|
89 | - $this->reorganizeSystemFolderStructure(); |
|
90 | - |
|
91 | - $limit = 500; |
|
92 | - $offset = 0; |
|
93 | - do { |
|
94 | - $users = \OCP\User::getUsers('', $limit, $offset); |
|
95 | - foreach ($users as $user) { |
|
96 | - $this->reorganizeFolderStructureForUser($user); |
|
97 | - } |
|
98 | - $offset += $limit; |
|
99 | - } while (count($users) >= $limit); |
|
100 | - } |
|
101 | - |
|
102 | - /** |
|
103 | - * reorganize system wide folder structure |
|
104 | - */ |
|
105 | - public function reorganizeSystemFolderStructure() { |
|
106 | - |
|
107 | - $this->createPathForKeys('/files_encryption'); |
|
108 | - |
|
109 | - // backup system wide folders |
|
110 | - $this->backupSystemWideKeys(); |
|
111 | - |
|
112 | - // rename system wide mount point |
|
113 | - $this->renameFileKeys('', '/files_encryption/keys'); |
|
114 | - |
|
115 | - // rename system private keys |
|
116 | - $this->renameSystemPrivateKeys(); |
|
117 | - |
|
118 | - $storage = $this->view->getMount('')->getStorage(); |
|
119 | - $storage->getScanner()->scan('files_encryption'); |
|
120 | - } |
|
121 | - |
|
122 | - |
|
123 | - /** |
|
124 | - * reorganize folder structure for user |
|
125 | - * |
|
126 | - * @param string $user |
|
127 | - */ |
|
128 | - public function reorganizeFolderStructureForUser($user) { |
|
129 | - // backup all keys |
|
130 | - \OC_Util::tearDownFS(); |
|
131 | - \OC_Util::setupFS($user); |
|
132 | - if ($this->backupUserKeys($user)) { |
|
133 | - // rename users private key |
|
134 | - $this->renameUsersPrivateKey($user); |
|
135 | - $this->renameUsersPublicKey($user); |
|
136 | - // rename file keys |
|
137 | - $path = '/files_encryption/keys'; |
|
138 | - $this->renameFileKeys($user, $path); |
|
139 | - $trashPath = '/files_trashbin/keys'; |
|
140 | - if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($user . '/' . $trashPath)) { |
|
141 | - $this->renameFileKeys($user, $trashPath, true); |
|
142 | - $this->view->deleteAll($trashPath); |
|
143 | - } |
|
144 | - // delete old folders |
|
145 | - $this->deleteOldKeys($user); |
|
146 | - $this->view->getMount('/' . $user)->getStorage()->getScanner()->scan('files_encryption'); |
|
147 | - } |
|
148 | - } |
|
149 | - |
|
150 | - /** |
|
151 | - * update database |
|
152 | - */ |
|
153 | - public function updateDB() { |
|
154 | - |
|
155 | - // make sure that we don't update the file cache multiple times |
|
156 | - // only update during the first run |
|
157 | - if ($this->installedVersion === '-1') { |
|
158 | - return; |
|
159 | - } |
|
160 | - |
|
161 | - // delete left-over from old encryption which is no longer needed |
|
162 | - $this->config->deleteAppValue('files_encryption', 'ocsid'); |
|
163 | - $this->config->deleteAppValue('files_encryption', 'types'); |
|
164 | - $this->config->deleteAppValue('files_encryption', 'enabled'); |
|
165 | - |
|
166 | - $oldAppValues = $this->connection->getQueryBuilder(); |
|
167 | - $oldAppValues->select('*') |
|
168 | - ->from('appconfig') |
|
169 | - ->where($oldAppValues->expr()->eq('appid', $oldAppValues->createParameter('appid'))) |
|
170 | - ->setParameter('appid', 'files_encryption'); |
|
171 | - $appSettings = $oldAppValues->execute(); |
|
172 | - |
|
173 | - while ($row = $appSettings->fetch()) { |
|
174 | - // 'installed_version' gets deleted at the end of the migration process |
|
175 | - if ($row['configkey'] !== 'installed_version' ) { |
|
176 | - $this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']); |
|
177 | - $this->config->deleteAppValue('files_encryption', $row['configkey']); |
|
178 | - } |
|
179 | - } |
|
180 | - |
|
181 | - $oldPreferences = $this->connection->getQueryBuilder(); |
|
182 | - $oldPreferences->select('*') |
|
183 | - ->from('preferences') |
|
184 | - ->where($oldPreferences->expr()->eq('appid', $oldPreferences->createParameter('appid'))) |
|
185 | - ->setParameter('appid', 'files_encryption'); |
|
186 | - $preferenceSettings = $oldPreferences->execute(); |
|
187 | - |
|
188 | - while ($row = $preferenceSettings->fetch()) { |
|
189 | - $this->config->setUserValue($row['userid'], 'encryption', $row['configkey'], $row['configvalue']); |
|
190 | - $this->config->deleteUserValue($row['userid'], 'files_encryption', $row['configkey']); |
|
191 | - } |
|
192 | - } |
|
193 | - |
|
194 | - /** |
|
195 | - * create backup of system-wide keys |
|
196 | - */ |
|
197 | - private function backupSystemWideKeys() { |
|
198 | - $backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s"); |
|
199 | - $this->view->mkdir($backupDir); |
|
200 | - $this->view->copy('files_encryption', $backupDir . '/files_encryption'); |
|
201 | - } |
|
202 | - |
|
203 | - /** |
|
204 | - * create backup of user specific keys |
|
205 | - * |
|
206 | - * @param string $user |
|
207 | - * @return bool |
|
208 | - */ |
|
209 | - private function backupUserKeys($user) { |
|
210 | - $encryptionDir = $user . '/files_encryption'; |
|
211 | - if ($this->view->is_dir($encryptionDir)) { |
|
212 | - $backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s"); |
|
213 | - $this->view->mkdir($backupDir); |
|
214 | - $this->view->copy($encryptionDir, $backupDir); |
|
215 | - return true; |
|
216 | - } |
|
217 | - return false; |
|
218 | - } |
|
219 | - |
|
220 | - /** |
|
221 | - * rename system-wide private keys |
|
222 | - */ |
|
223 | - private function renameSystemPrivateKeys() { |
|
224 | - $dh = $this->view->opendir('files_encryption'); |
|
225 | - $this->createPathForKeys('/files_encryption/' . $this->moduleId ); |
|
226 | - if (is_resource($dh)) { |
|
227 | - while (($privateKey = readdir($dh)) !== false) { |
|
228 | - if (!\OC\Files\Filesystem::isIgnoredDir($privateKey) ) { |
|
229 | - if (!$this->view->is_dir('/files_encryption/' . $privateKey)) { |
|
230 | - $this->view->rename('files_encryption/' . $privateKey, 'files_encryption/' . $this->moduleId . '/' . $privateKey); |
|
231 | - $this->renameSystemPublicKey($privateKey); |
|
232 | - } |
|
233 | - } |
|
234 | - } |
|
235 | - closedir($dh); |
|
236 | - } |
|
237 | - } |
|
238 | - |
|
239 | - /** |
|
240 | - * rename system wide public key |
|
241 | - * |
|
242 | - * @param string $privateKey private key for which we want to rename the corresponding public key |
|
243 | - */ |
|
244 | - private function renameSystemPublicKey($privateKey) { |
|
245 | - $publicKey = substr($privateKey,0 , strrpos($privateKey, '.privateKey')) . '.publicKey'; |
|
246 | - $this->view->rename('files_encryption/public_keys/' . $publicKey, 'files_encryption/' . $this->moduleId . '/' . $publicKey); |
|
247 | - } |
|
248 | - |
|
249 | - /** |
|
250 | - * rename user-specific private keys |
|
251 | - * |
|
252 | - * @param string $user |
|
253 | - */ |
|
254 | - private function renameUsersPrivateKey($user) { |
|
255 | - $oldPrivateKey = $user . '/files_encryption/' . $user . '.privateKey'; |
|
256 | - $newPrivateKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.privateKey'; |
|
257 | - if ($this->view->file_exists($oldPrivateKey)) { |
|
258 | - $this->createPathForKeys(dirname($newPrivateKey)); |
|
259 | - $this->view->rename($oldPrivateKey, $newPrivateKey); |
|
260 | - } |
|
261 | - } |
|
262 | - |
|
263 | - /** |
|
264 | - * rename user-specific public keys |
|
265 | - * |
|
266 | - * @param string $user |
|
267 | - */ |
|
268 | - private function renameUsersPublicKey($user) { |
|
269 | - $oldPublicKey = '/files_encryption/public_keys/' . $user . '.publicKey'; |
|
270 | - $newPublicKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.publicKey'; |
|
271 | - if ($this->view->file_exists($oldPublicKey)) { |
|
272 | - $this->createPathForKeys(dirname($newPublicKey)); |
|
273 | - $this->view->rename($oldPublicKey, $newPublicKey); |
|
274 | - } |
|
275 | - } |
|
276 | - |
|
277 | - /** |
|
278 | - * rename file keys |
|
279 | - * |
|
280 | - * @param string $user |
|
281 | - * @param string $path |
|
282 | - * @param bool $trash |
|
283 | - */ |
|
284 | - private function renameFileKeys($user, $path, $trash = false) { |
|
285 | - |
|
286 | - if ($this->view->is_dir($user . '/' . $path) === false) { |
|
287 | - $this->logger->info('Skip dir /' . $user . '/' . $path . ': does not exist'); |
|
288 | - return; |
|
289 | - } |
|
290 | - |
|
291 | - $dh = $this->view->opendir($user . '/' . $path); |
|
292 | - |
|
293 | - if (is_resource($dh)) { |
|
294 | - while (($file = readdir($dh)) !== false) { |
|
295 | - if (!\OC\Files\Filesystem::isIgnoredDir($file)) { |
|
296 | - if ($this->view->is_dir($user . '/' . $path . '/' . $file)) { |
|
297 | - $this->renameFileKeys($user, $path . '/' . $file, $trash); |
|
298 | - } else { |
|
299 | - $target = $this->getTargetDir($user, $path, $file, $trash); |
|
300 | - if ($target !== false) { |
|
301 | - $this->createPathForKeys(dirname($target)); |
|
302 | - $this->view->rename($user . '/' . $path . '/' . $file, $target); |
|
303 | - } else { |
|
304 | - $this->logger->warning( |
|
305 | - 'did not move key "' . $file |
|
306 | - . '" could not find the corresponding file in /data/' . $user . '/files.' |
|
307 | - . 'Most likely the key was already moved in a previous migration run and is already on the right place.'); |
|
308 | - } |
|
309 | - } |
|
310 | - } |
|
311 | - } |
|
312 | - closedir($dh); |
|
313 | - } |
|
314 | - } |
|
315 | - |
|
316 | - /** |
|
317 | - * get system mount points |
|
318 | - * wrap static method so that it can be mocked for testing |
|
319 | - * |
|
320 | - * @internal |
|
321 | - * @return array |
|
322 | - */ |
|
323 | - protected function getSystemMountPoints() { |
|
324 | - return \OC_Mount_Config::getSystemMountPoints(); |
|
325 | - } |
|
326 | - |
|
327 | - /** |
|
328 | - * generate target directory |
|
329 | - * |
|
330 | - * @param string $user |
|
331 | - * @param string $keyPath |
|
332 | - * @param string $filename |
|
333 | - * @param bool $trash |
|
334 | - * @return string |
|
335 | - */ |
|
336 | - private function getTargetDir($user, $keyPath, $filename, $trash) { |
|
337 | - if ($trash) { |
|
338 | - $filePath = substr($keyPath, strlen('/files_trashbin/keys/')); |
|
339 | - $targetDir = $user . '/files_encryption/keys/files_trashbin/' . $filePath . '/' . $this->moduleId . '/' . $filename; |
|
340 | - } else { |
|
341 | - $filePath = substr($keyPath, strlen('/files_encryption/keys/')); |
|
342 | - $targetDir = $user . '/files_encryption/keys/files/' . $filePath . '/' . $this->moduleId . '/' . $filename; |
|
343 | - } |
|
344 | - |
|
345 | - if ($user === '') { |
|
346 | - // for system wide mounts we need to check if the mount point really exists |
|
347 | - $normalized = \OC\Files\Filesystem::normalizePath($filePath); |
|
348 | - $systemMountPoints = $this->getSystemMountPoints(); |
|
349 | - foreach ($systemMountPoints as $mountPoint) { |
|
350 | - $normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/'; |
|
351 | - if (strpos($normalized, $normalizedMountPoint) === 0) |
|
352 | - return $targetDir; |
|
353 | - } |
|
354 | - } else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) { |
|
355 | - return $targetDir; |
|
356 | - } else if ($trash === true && $this->view->file_exists('/' . $user. '/files_trashbin/' . $filePath)) { |
|
357 | - return $targetDir; |
|
358 | - } |
|
359 | - |
|
360 | - return false; |
|
361 | - } |
|
362 | - |
|
363 | - /** |
|
364 | - * delete old keys |
|
365 | - * |
|
366 | - * @param string $user |
|
367 | - */ |
|
368 | - private function deleteOldKeys($user) { |
|
369 | - $this->view->deleteAll($user . '/files_encryption/keyfiles'); |
|
370 | - $this->view->deleteAll($user . '/files_encryption/share-keys'); |
|
371 | - } |
|
372 | - |
|
373 | - /** |
|
374 | - * create directories for the keys recursively |
|
375 | - * |
|
376 | - * @param string $path |
|
377 | - */ |
|
378 | - private function createPathForKeys($path) { |
|
379 | - if (!$this->view->file_exists($path)) { |
|
380 | - $sub_dirs = explode('/', $path); |
|
381 | - $dir = ''; |
|
382 | - foreach ($sub_dirs as $sub_dir) { |
|
383 | - $dir .= '/' . $sub_dir; |
|
384 | - if (!$this->view->is_dir($dir)) { |
|
385 | - $this->view->mkdir($dir); |
|
386 | - } |
|
387 | - } |
|
388 | - } |
|
389 | - } |
|
35 | + private $moduleId; |
|
36 | + /** @var \OC\Files\View */ |
|
37 | + private $view; |
|
38 | + /** @var \OCP\IDBConnection */ |
|
39 | + private $connection; |
|
40 | + /** @var IConfig */ |
|
41 | + private $config; |
|
42 | + /** @var ILogger */ |
|
43 | + private $logger; |
|
44 | + /** @var string*/ |
|
45 | + protected $installedVersion; |
|
46 | + |
|
47 | + /** |
|
48 | + * @param IConfig $config |
|
49 | + * @param View $view |
|
50 | + * @param IDBConnection $connection |
|
51 | + * @param ILogger $logger |
|
52 | + */ |
|
53 | + public function __construct(IConfig $config, View $view, IDBConnection $connection, ILogger $logger) { |
|
54 | + $this->view = $view; |
|
55 | + $this->view->disableCacheUpdate(); |
|
56 | + $this->connection = $connection; |
|
57 | + $this->moduleId = \OCA\Encryption\Crypto\Encryption::ID; |
|
58 | + $this->config = $config; |
|
59 | + $this->logger = $logger; |
|
60 | + $this->installedVersion = $this->config->getAppValue('files_encryption', 'installed_version', '-1'); |
|
61 | + } |
|
62 | + |
|
63 | + public function finalCleanUp() { |
|
64 | + $this->view->deleteAll('files_encryption/public_keys'); |
|
65 | + $this->updateFileCache(); |
|
66 | + $this->config->deleteAppValue('files_encryption', 'installed_version'); |
|
67 | + } |
|
68 | + |
|
69 | + /** |
|
70 | + * update file cache, copy unencrypted_size to the 'size' column |
|
71 | + */ |
|
72 | + private function updateFileCache() { |
|
73 | + // make sure that we don't update the file cache multiple times |
|
74 | + // only update during the first run |
|
75 | + if ($this->installedVersion !== '-1') { |
|
76 | + $query = $this->connection->getQueryBuilder(); |
|
77 | + $query->update('filecache') |
|
78 | + ->set('size', 'unencrypted_size') |
|
79 | + ->where($query->expr()->eq('encrypted', $query->createParameter('encrypted'))) |
|
80 | + ->setParameter('encrypted', 1); |
|
81 | + $query->execute(); |
|
82 | + } |
|
83 | + } |
|
84 | + |
|
85 | + /** |
|
86 | + * iterate through users and reorganize the folder structure |
|
87 | + */ |
|
88 | + public function reorganizeFolderStructure() { |
|
89 | + $this->reorganizeSystemFolderStructure(); |
|
90 | + |
|
91 | + $limit = 500; |
|
92 | + $offset = 0; |
|
93 | + do { |
|
94 | + $users = \OCP\User::getUsers('', $limit, $offset); |
|
95 | + foreach ($users as $user) { |
|
96 | + $this->reorganizeFolderStructureForUser($user); |
|
97 | + } |
|
98 | + $offset += $limit; |
|
99 | + } while (count($users) >= $limit); |
|
100 | + } |
|
101 | + |
|
102 | + /** |
|
103 | + * reorganize system wide folder structure |
|
104 | + */ |
|
105 | + public function reorganizeSystemFolderStructure() { |
|
106 | + |
|
107 | + $this->createPathForKeys('/files_encryption'); |
|
108 | + |
|
109 | + // backup system wide folders |
|
110 | + $this->backupSystemWideKeys(); |
|
111 | + |
|
112 | + // rename system wide mount point |
|
113 | + $this->renameFileKeys('', '/files_encryption/keys'); |
|
114 | + |
|
115 | + // rename system private keys |
|
116 | + $this->renameSystemPrivateKeys(); |
|
117 | + |
|
118 | + $storage = $this->view->getMount('')->getStorage(); |
|
119 | + $storage->getScanner()->scan('files_encryption'); |
|
120 | + } |
|
121 | + |
|
122 | + |
|
123 | + /** |
|
124 | + * reorganize folder structure for user |
|
125 | + * |
|
126 | + * @param string $user |
|
127 | + */ |
|
128 | + public function reorganizeFolderStructureForUser($user) { |
|
129 | + // backup all keys |
|
130 | + \OC_Util::tearDownFS(); |
|
131 | + \OC_Util::setupFS($user); |
|
132 | + if ($this->backupUserKeys($user)) { |
|
133 | + // rename users private key |
|
134 | + $this->renameUsersPrivateKey($user); |
|
135 | + $this->renameUsersPublicKey($user); |
|
136 | + // rename file keys |
|
137 | + $path = '/files_encryption/keys'; |
|
138 | + $this->renameFileKeys($user, $path); |
|
139 | + $trashPath = '/files_trashbin/keys'; |
|
140 | + if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($user . '/' . $trashPath)) { |
|
141 | + $this->renameFileKeys($user, $trashPath, true); |
|
142 | + $this->view->deleteAll($trashPath); |
|
143 | + } |
|
144 | + // delete old folders |
|
145 | + $this->deleteOldKeys($user); |
|
146 | + $this->view->getMount('/' . $user)->getStorage()->getScanner()->scan('files_encryption'); |
|
147 | + } |
|
148 | + } |
|
149 | + |
|
150 | + /** |
|
151 | + * update database |
|
152 | + */ |
|
153 | + public function updateDB() { |
|
154 | + |
|
155 | + // make sure that we don't update the file cache multiple times |
|
156 | + // only update during the first run |
|
157 | + if ($this->installedVersion === '-1') { |
|
158 | + return; |
|
159 | + } |
|
160 | + |
|
161 | + // delete left-over from old encryption which is no longer needed |
|
162 | + $this->config->deleteAppValue('files_encryption', 'ocsid'); |
|
163 | + $this->config->deleteAppValue('files_encryption', 'types'); |
|
164 | + $this->config->deleteAppValue('files_encryption', 'enabled'); |
|
165 | + |
|
166 | + $oldAppValues = $this->connection->getQueryBuilder(); |
|
167 | + $oldAppValues->select('*') |
|
168 | + ->from('appconfig') |
|
169 | + ->where($oldAppValues->expr()->eq('appid', $oldAppValues->createParameter('appid'))) |
|
170 | + ->setParameter('appid', 'files_encryption'); |
|
171 | + $appSettings = $oldAppValues->execute(); |
|
172 | + |
|
173 | + while ($row = $appSettings->fetch()) { |
|
174 | + // 'installed_version' gets deleted at the end of the migration process |
|
175 | + if ($row['configkey'] !== 'installed_version' ) { |
|
176 | + $this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']); |
|
177 | + $this->config->deleteAppValue('files_encryption', $row['configkey']); |
|
178 | + } |
|
179 | + } |
|
180 | + |
|
181 | + $oldPreferences = $this->connection->getQueryBuilder(); |
|
182 | + $oldPreferences->select('*') |
|
183 | + ->from('preferences') |
|
184 | + ->where($oldPreferences->expr()->eq('appid', $oldPreferences->createParameter('appid'))) |
|
185 | + ->setParameter('appid', 'files_encryption'); |
|
186 | + $preferenceSettings = $oldPreferences->execute(); |
|
187 | + |
|
188 | + while ($row = $preferenceSettings->fetch()) { |
|
189 | + $this->config->setUserValue($row['userid'], 'encryption', $row['configkey'], $row['configvalue']); |
|
190 | + $this->config->deleteUserValue($row['userid'], 'files_encryption', $row['configkey']); |
|
191 | + } |
|
192 | + } |
|
193 | + |
|
194 | + /** |
|
195 | + * create backup of system-wide keys |
|
196 | + */ |
|
197 | + private function backupSystemWideKeys() { |
|
198 | + $backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s"); |
|
199 | + $this->view->mkdir($backupDir); |
|
200 | + $this->view->copy('files_encryption', $backupDir . '/files_encryption'); |
|
201 | + } |
|
202 | + |
|
203 | + /** |
|
204 | + * create backup of user specific keys |
|
205 | + * |
|
206 | + * @param string $user |
|
207 | + * @return bool |
|
208 | + */ |
|
209 | + private function backupUserKeys($user) { |
|
210 | + $encryptionDir = $user . '/files_encryption'; |
|
211 | + if ($this->view->is_dir($encryptionDir)) { |
|
212 | + $backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s"); |
|
213 | + $this->view->mkdir($backupDir); |
|
214 | + $this->view->copy($encryptionDir, $backupDir); |
|
215 | + return true; |
|
216 | + } |
|
217 | + return false; |
|
218 | + } |
|
219 | + |
|
220 | + /** |
|
221 | + * rename system-wide private keys |
|
222 | + */ |
|
223 | + private function renameSystemPrivateKeys() { |
|
224 | + $dh = $this->view->opendir('files_encryption'); |
|
225 | + $this->createPathForKeys('/files_encryption/' . $this->moduleId ); |
|
226 | + if (is_resource($dh)) { |
|
227 | + while (($privateKey = readdir($dh)) !== false) { |
|
228 | + if (!\OC\Files\Filesystem::isIgnoredDir($privateKey) ) { |
|
229 | + if (!$this->view->is_dir('/files_encryption/' . $privateKey)) { |
|
230 | + $this->view->rename('files_encryption/' . $privateKey, 'files_encryption/' . $this->moduleId . '/' . $privateKey); |
|
231 | + $this->renameSystemPublicKey($privateKey); |
|
232 | + } |
|
233 | + } |
|
234 | + } |
|
235 | + closedir($dh); |
|
236 | + } |
|
237 | + } |
|
238 | + |
|
239 | + /** |
|
240 | + * rename system wide public key |
|
241 | + * |
|
242 | + * @param string $privateKey private key for which we want to rename the corresponding public key |
|
243 | + */ |
|
244 | + private function renameSystemPublicKey($privateKey) { |
|
245 | + $publicKey = substr($privateKey,0 , strrpos($privateKey, '.privateKey')) . '.publicKey'; |
|
246 | + $this->view->rename('files_encryption/public_keys/' . $publicKey, 'files_encryption/' . $this->moduleId . '/' . $publicKey); |
|
247 | + } |
|
248 | + |
|
249 | + /** |
|
250 | + * rename user-specific private keys |
|
251 | + * |
|
252 | + * @param string $user |
|
253 | + */ |
|
254 | + private function renameUsersPrivateKey($user) { |
|
255 | + $oldPrivateKey = $user . '/files_encryption/' . $user . '.privateKey'; |
|
256 | + $newPrivateKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.privateKey'; |
|
257 | + if ($this->view->file_exists($oldPrivateKey)) { |
|
258 | + $this->createPathForKeys(dirname($newPrivateKey)); |
|
259 | + $this->view->rename($oldPrivateKey, $newPrivateKey); |
|
260 | + } |
|
261 | + } |
|
262 | + |
|
263 | + /** |
|
264 | + * rename user-specific public keys |
|
265 | + * |
|
266 | + * @param string $user |
|
267 | + */ |
|
268 | + private function renameUsersPublicKey($user) { |
|
269 | + $oldPublicKey = '/files_encryption/public_keys/' . $user . '.publicKey'; |
|
270 | + $newPublicKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.publicKey'; |
|
271 | + if ($this->view->file_exists($oldPublicKey)) { |
|
272 | + $this->createPathForKeys(dirname($newPublicKey)); |
|
273 | + $this->view->rename($oldPublicKey, $newPublicKey); |
|
274 | + } |
|
275 | + } |
|
276 | + |
|
277 | + /** |
|
278 | + * rename file keys |
|
279 | + * |
|
280 | + * @param string $user |
|
281 | + * @param string $path |
|
282 | + * @param bool $trash |
|
283 | + */ |
|
284 | + private function renameFileKeys($user, $path, $trash = false) { |
|
285 | + |
|
286 | + if ($this->view->is_dir($user . '/' . $path) === false) { |
|
287 | + $this->logger->info('Skip dir /' . $user . '/' . $path . ': does not exist'); |
|
288 | + return; |
|
289 | + } |
|
290 | + |
|
291 | + $dh = $this->view->opendir($user . '/' . $path); |
|
292 | + |
|
293 | + if (is_resource($dh)) { |
|
294 | + while (($file = readdir($dh)) !== false) { |
|
295 | + if (!\OC\Files\Filesystem::isIgnoredDir($file)) { |
|
296 | + if ($this->view->is_dir($user . '/' . $path . '/' . $file)) { |
|
297 | + $this->renameFileKeys($user, $path . '/' . $file, $trash); |
|
298 | + } else { |
|
299 | + $target = $this->getTargetDir($user, $path, $file, $trash); |
|
300 | + if ($target !== false) { |
|
301 | + $this->createPathForKeys(dirname($target)); |
|
302 | + $this->view->rename($user . '/' . $path . '/' . $file, $target); |
|
303 | + } else { |
|
304 | + $this->logger->warning( |
|
305 | + 'did not move key "' . $file |
|
306 | + . '" could not find the corresponding file in /data/' . $user . '/files.' |
|
307 | + . 'Most likely the key was already moved in a previous migration run and is already on the right place.'); |
|
308 | + } |
|
309 | + } |
|
310 | + } |
|
311 | + } |
|
312 | + closedir($dh); |
|
313 | + } |
|
314 | + } |
|
315 | + |
|
316 | + /** |
|
317 | + * get system mount points |
|
318 | + * wrap static method so that it can be mocked for testing |
|
319 | + * |
|
320 | + * @internal |
|
321 | + * @return array |
|
322 | + */ |
|
323 | + protected function getSystemMountPoints() { |
|
324 | + return \OC_Mount_Config::getSystemMountPoints(); |
|
325 | + } |
|
326 | + |
|
327 | + /** |
|
328 | + * generate target directory |
|
329 | + * |
|
330 | + * @param string $user |
|
331 | + * @param string $keyPath |
|
332 | + * @param string $filename |
|
333 | + * @param bool $trash |
|
334 | + * @return string |
|
335 | + */ |
|
336 | + private function getTargetDir($user, $keyPath, $filename, $trash) { |
|
337 | + if ($trash) { |
|
338 | + $filePath = substr($keyPath, strlen('/files_trashbin/keys/')); |
|
339 | + $targetDir = $user . '/files_encryption/keys/files_trashbin/' . $filePath . '/' . $this->moduleId . '/' . $filename; |
|
340 | + } else { |
|
341 | + $filePath = substr($keyPath, strlen('/files_encryption/keys/')); |
|
342 | + $targetDir = $user . '/files_encryption/keys/files/' . $filePath . '/' . $this->moduleId . '/' . $filename; |
|
343 | + } |
|
344 | + |
|
345 | + if ($user === '') { |
|
346 | + // for system wide mounts we need to check if the mount point really exists |
|
347 | + $normalized = \OC\Files\Filesystem::normalizePath($filePath); |
|
348 | + $systemMountPoints = $this->getSystemMountPoints(); |
|
349 | + foreach ($systemMountPoints as $mountPoint) { |
|
350 | + $normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/'; |
|
351 | + if (strpos($normalized, $normalizedMountPoint) === 0) |
|
352 | + return $targetDir; |
|
353 | + } |
|
354 | + } else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) { |
|
355 | + return $targetDir; |
|
356 | + } else if ($trash === true && $this->view->file_exists('/' . $user. '/files_trashbin/' . $filePath)) { |
|
357 | + return $targetDir; |
|
358 | + } |
|
359 | + |
|
360 | + return false; |
|
361 | + } |
|
362 | + |
|
363 | + /** |
|
364 | + * delete old keys |
|
365 | + * |
|
366 | + * @param string $user |
|
367 | + */ |
|
368 | + private function deleteOldKeys($user) { |
|
369 | + $this->view->deleteAll($user . '/files_encryption/keyfiles'); |
|
370 | + $this->view->deleteAll($user . '/files_encryption/share-keys'); |
|
371 | + } |
|
372 | + |
|
373 | + /** |
|
374 | + * create directories for the keys recursively |
|
375 | + * |
|
376 | + * @param string $path |
|
377 | + */ |
|
378 | + private function createPathForKeys($path) { |
|
379 | + if (!$this->view->file_exists($path)) { |
|
380 | + $sub_dirs = explode('/', $path); |
|
381 | + $dir = ''; |
|
382 | + foreach ($sub_dirs as $sub_dir) { |
|
383 | + $dir .= '/' . $sub_dir; |
|
384 | + if (!$this->view->is_dir($dir)) { |
|
385 | + $this->view->mkdir($dir); |
|
386 | + } |
|
387 | + } |
|
388 | + } |
|
389 | + } |
|
390 | 390 | } |
@@ -137,13 +137,13 @@ discard block |
||
137 | 137 | $path = '/files_encryption/keys'; |
138 | 138 | $this->renameFileKeys($user, $path); |
139 | 139 | $trashPath = '/files_trashbin/keys'; |
140 | - if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($user . '/' . $trashPath)) { |
|
140 | + if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($user.'/'.$trashPath)) { |
|
141 | 141 | $this->renameFileKeys($user, $trashPath, true); |
142 | 142 | $this->view->deleteAll($trashPath); |
143 | 143 | } |
144 | 144 | // delete old folders |
145 | 145 | $this->deleteOldKeys($user); |
146 | - $this->view->getMount('/' . $user)->getStorage()->getScanner()->scan('files_encryption'); |
|
146 | + $this->view->getMount('/'.$user)->getStorage()->getScanner()->scan('files_encryption'); |
|
147 | 147 | } |
148 | 148 | } |
149 | 149 | |
@@ -172,7 +172,7 @@ discard block |
||
172 | 172 | |
173 | 173 | while ($row = $appSettings->fetch()) { |
174 | 174 | // 'installed_version' gets deleted at the end of the migration process |
175 | - if ($row['configkey'] !== 'installed_version' ) { |
|
175 | + if ($row['configkey'] !== 'installed_version') { |
|
176 | 176 | $this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']); |
177 | 177 | $this->config->deleteAppValue('files_encryption', $row['configkey']); |
178 | 178 | } |
@@ -195,9 +195,9 @@ discard block |
||
195 | 195 | * create backup of system-wide keys |
196 | 196 | */ |
197 | 197 | private function backupSystemWideKeys() { |
198 | - $backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s"); |
|
198 | + $backupDir = 'encryption_migration_backup_'.date("Y-m-d_H-i-s"); |
|
199 | 199 | $this->view->mkdir($backupDir); |
200 | - $this->view->copy('files_encryption', $backupDir . '/files_encryption'); |
|
200 | + $this->view->copy('files_encryption', $backupDir.'/files_encryption'); |
|
201 | 201 | } |
202 | 202 | |
203 | 203 | /** |
@@ -207,9 +207,9 @@ discard block |
||
207 | 207 | * @return bool |
208 | 208 | */ |
209 | 209 | private function backupUserKeys($user) { |
210 | - $encryptionDir = $user . '/files_encryption'; |
|
210 | + $encryptionDir = $user.'/files_encryption'; |
|
211 | 211 | if ($this->view->is_dir($encryptionDir)) { |
212 | - $backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s"); |
|
212 | + $backupDir = $user.'/encryption_migration_backup_'.date("Y-m-d_H-i-s"); |
|
213 | 213 | $this->view->mkdir($backupDir); |
214 | 214 | $this->view->copy($encryptionDir, $backupDir); |
215 | 215 | return true; |
@@ -222,12 +222,12 @@ discard block |
||
222 | 222 | */ |
223 | 223 | private function renameSystemPrivateKeys() { |
224 | 224 | $dh = $this->view->opendir('files_encryption'); |
225 | - $this->createPathForKeys('/files_encryption/' . $this->moduleId ); |
|
225 | + $this->createPathForKeys('/files_encryption/'.$this->moduleId); |
|
226 | 226 | if (is_resource($dh)) { |
227 | 227 | while (($privateKey = readdir($dh)) !== false) { |
228 | - if (!\OC\Files\Filesystem::isIgnoredDir($privateKey) ) { |
|
229 | - if (!$this->view->is_dir('/files_encryption/' . $privateKey)) { |
|
230 | - $this->view->rename('files_encryption/' . $privateKey, 'files_encryption/' . $this->moduleId . '/' . $privateKey); |
|
228 | + if (!\OC\Files\Filesystem::isIgnoredDir($privateKey)) { |
|
229 | + if (!$this->view->is_dir('/files_encryption/'.$privateKey)) { |
|
230 | + $this->view->rename('files_encryption/'.$privateKey, 'files_encryption/'.$this->moduleId.'/'.$privateKey); |
|
231 | 231 | $this->renameSystemPublicKey($privateKey); |
232 | 232 | } |
233 | 233 | } |
@@ -242,8 +242,8 @@ discard block |
||
242 | 242 | * @param string $privateKey private key for which we want to rename the corresponding public key |
243 | 243 | */ |
244 | 244 | private function renameSystemPublicKey($privateKey) { |
245 | - $publicKey = substr($privateKey,0 , strrpos($privateKey, '.privateKey')) . '.publicKey'; |
|
246 | - $this->view->rename('files_encryption/public_keys/' . $publicKey, 'files_encryption/' . $this->moduleId . '/' . $publicKey); |
|
245 | + $publicKey = substr($privateKey, 0, strrpos($privateKey, '.privateKey')).'.publicKey'; |
|
246 | + $this->view->rename('files_encryption/public_keys/'.$publicKey, 'files_encryption/'.$this->moduleId.'/'.$publicKey); |
|
247 | 247 | } |
248 | 248 | |
249 | 249 | /** |
@@ -252,8 +252,8 @@ discard block |
||
252 | 252 | * @param string $user |
253 | 253 | */ |
254 | 254 | private function renameUsersPrivateKey($user) { |
255 | - $oldPrivateKey = $user . '/files_encryption/' . $user . '.privateKey'; |
|
256 | - $newPrivateKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.privateKey'; |
|
255 | + $oldPrivateKey = $user.'/files_encryption/'.$user.'.privateKey'; |
|
256 | + $newPrivateKey = $user.'/files_encryption/'.$this->moduleId.'/'.$user.'.privateKey'; |
|
257 | 257 | if ($this->view->file_exists($oldPrivateKey)) { |
258 | 258 | $this->createPathForKeys(dirname($newPrivateKey)); |
259 | 259 | $this->view->rename($oldPrivateKey, $newPrivateKey); |
@@ -266,8 +266,8 @@ discard block |
||
266 | 266 | * @param string $user |
267 | 267 | */ |
268 | 268 | private function renameUsersPublicKey($user) { |
269 | - $oldPublicKey = '/files_encryption/public_keys/' . $user . '.publicKey'; |
|
270 | - $newPublicKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.publicKey'; |
|
269 | + $oldPublicKey = '/files_encryption/public_keys/'.$user.'.publicKey'; |
|
270 | + $newPublicKey = $user.'/files_encryption/'.$this->moduleId.'/'.$user.'.publicKey'; |
|
271 | 271 | if ($this->view->file_exists($oldPublicKey)) { |
272 | 272 | $this->createPathForKeys(dirname($newPublicKey)); |
273 | 273 | $this->view->rename($oldPublicKey, $newPublicKey); |
@@ -283,27 +283,27 @@ discard block |
||
283 | 283 | */ |
284 | 284 | private function renameFileKeys($user, $path, $trash = false) { |
285 | 285 | |
286 | - if ($this->view->is_dir($user . '/' . $path) === false) { |
|
287 | - $this->logger->info('Skip dir /' . $user . '/' . $path . ': does not exist'); |
|
286 | + if ($this->view->is_dir($user.'/'.$path) === false) { |
|
287 | + $this->logger->info('Skip dir /'.$user.'/'.$path.': does not exist'); |
|
288 | 288 | return; |
289 | 289 | } |
290 | 290 | |
291 | - $dh = $this->view->opendir($user . '/' . $path); |
|
291 | + $dh = $this->view->opendir($user.'/'.$path); |
|
292 | 292 | |
293 | 293 | if (is_resource($dh)) { |
294 | 294 | while (($file = readdir($dh)) !== false) { |
295 | 295 | if (!\OC\Files\Filesystem::isIgnoredDir($file)) { |
296 | - if ($this->view->is_dir($user . '/' . $path . '/' . $file)) { |
|
297 | - $this->renameFileKeys($user, $path . '/' . $file, $trash); |
|
296 | + if ($this->view->is_dir($user.'/'.$path.'/'.$file)) { |
|
297 | + $this->renameFileKeys($user, $path.'/'.$file, $trash); |
|
298 | 298 | } else { |
299 | 299 | $target = $this->getTargetDir($user, $path, $file, $trash); |
300 | 300 | if ($target !== false) { |
301 | 301 | $this->createPathForKeys(dirname($target)); |
302 | - $this->view->rename($user . '/' . $path . '/' . $file, $target); |
|
302 | + $this->view->rename($user.'/'.$path.'/'.$file, $target); |
|
303 | 303 | } else { |
304 | 304 | $this->logger->warning( |
305 | - 'did not move key "' . $file |
|
306 | - . '" could not find the corresponding file in /data/' . $user . '/files.' |
|
305 | + 'did not move key "'.$file |
|
306 | + . '" could not find the corresponding file in /data/'.$user.'/files.' |
|
307 | 307 | . 'Most likely the key was already moved in a previous migration run and is already on the right place.'); |
308 | 308 | } |
309 | 309 | } |
@@ -336,10 +336,10 @@ discard block |
||
336 | 336 | private function getTargetDir($user, $keyPath, $filename, $trash) { |
337 | 337 | if ($trash) { |
338 | 338 | $filePath = substr($keyPath, strlen('/files_trashbin/keys/')); |
339 | - $targetDir = $user . '/files_encryption/keys/files_trashbin/' . $filePath . '/' . $this->moduleId . '/' . $filename; |
|
339 | + $targetDir = $user.'/files_encryption/keys/files_trashbin/'.$filePath.'/'.$this->moduleId.'/'.$filename; |
|
340 | 340 | } else { |
341 | 341 | $filePath = substr($keyPath, strlen('/files_encryption/keys/')); |
342 | - $targetDir = $user . '/files_encryption/keys/files/' . $filePath . '/' . $this->moduleId . '/' . $filename; |
|
342 | + $targetDir = $user.'/files_encryption/keys/files/'.$filePath.'/'.$this->moduleId.'/'.$filename; |
|
343 | 343 | } |
344 | 344 | |
345 | 345 | if ($user === '') { |
@@ -347,13 +347,13 @@ discard block |
||
347 | 347 | $normalized = \OC\Files\Filesystem::normalizePath($filePath); |
348 | 348 | $systemMountPoints = $this->getSystemMountPoints(); |
349 | 349 | foreach ($systemMountPoints as $mountPoint) { |
350 | - $normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/'; |
|
350 | + $normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']).'/'; |
|
351 | 351 | if (strpos($normalized, $normalizedMountPoint) === 0) |
352 | 352 | return $targetDir; |
353 | 353 | } |
354 | - } else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) { |
|
354 | + } else if ($trash === false && $this->view->file_exists('/'.$user.'/files/'.$filePath)) { |
|
355 | 355 | return $targetDir; |
356 | - } else if ($trash === true && $this->view->file_exists('/' . $user. '/files_trashbin/' . $filePath)) { |
|
356 | + } else if ($trash === true && $this->view->file_exists('/'.$user.'/files_trashbin/'.$filePath)) { |
|
357 | 357 | return $targetDir; |
358 | 358 | } |
359 | 359 | |
@@ -366,8 +366,8 @@ discard block |
||
366 | 366 | * @param string $user |
367 | 367 | */ |
368 | 368 | private function deleteOldKeys($user) { |
369 | - $this->view->deleteAll($user . '/files_encryption/keyfiles'); |
|
370 | - $this->view->deleteAll($user . '/files_encryption/share-keys'); |
|
369 | + $this->view->deleteAll($user.'/files_encryption/keyfiles'); |
|
370 | + $this->view->deleteAll($user.'/files_encryption/share-keys'); |
|
371 | 371 | } |
372 | 372 | |
373 | 373 | /** |
@@ -380,7 +380,7 @@ discard block |
||
380 | 380 | $sub_dirs = explode('/', $path); |
381 | 381 | $dir = ''; |
382 | 382 | foreach ($sub_dirs as $sub_dir) { |
383 | - $dir .= '/' . $sub_dir; |
|
383 | + $dir .= '/'.$sub_dir; |
|
384 | 384 | if (!$this->view->is_dir($dir)) { |
385 | 385 | $this->view->mkdir($dir); |
386 | 386 | } |
@@ -348,8 +348,9 @@ |
||
348 | 348 | $systemMountPoints = $this->getSystemMountPoints(); |
349 | 349 | foreach ($systemMountPoints as $mountPoint) { |
350 | 350 | $normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/'; |
351 | - if (strpos($normalized, $normalizedMountPoint) === 0) |
|
352 | - return $targetDir; |
|
351 | + if (strpos($normalized, $normalizedMountPoint) === 0) { |
|
352 | + return $targetDir; |
|
353 | + } |
|
353 | 354 | } |
354 | 355 | } else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) { |
355 | 356 | return $targetDir; |
@@ -36,167 +36,167 @@ |
||
36 | 36 | use OCP\PreConditionNotMetException; |
37 | 37 | |
38 | 38 | class Util { |
39 | - /** |
|
40 | - * @var View |
|
41 | - */ |
|
42 | - private $files; |
|
43 | - /** |
|
44 | - * @var Crypt |
|
45 | - */ |
|
46 | - private $crypt; |
|
47 | - /** |
|
48 | - * @var ILogger |
|
49 | - */ |
|
50 | - private $logger; |
|
51 | - /** |
|
52 | - * @var bool|IUser |
|
53 | - */ |
|
54 | - private $user; |
|
55 | - /** |
|
56 | - * @var IConfig |
|
57 | - */ |
|
58 | - private $config; |
|
59 | - /** |
|
60 | - * @var IUserManager |
|
61 | - */ |
|
62 | - private $userManager; |
|
63 | - |
|
64 | - /** |
|
65 | - * Util constructor. |
|
66 | - * |
|
67 | - * @param View $files |
|
68 | - * @param Crypt $crypt |
|
69 | - * @param ILogger $logger |
|
70 | - * @param IUserSession $userSession |
|
71 | - * @param IConfig $config |
|
72 | - * @param IUserManager $userManager |
|
73 | - */ |
|
74 | - public function __construct(View $files, |
|
75 | - Crypt $crypt, |
|
76 | - ILogger $logger, |
|
77 | - IUserSession $userSession, |
|
78 | - IConfig $config, |
|
79 | - IUserManager $userManager |
|
80 | - ) { |
|
81 | - $this->files = $files; |
|
82 | - $this->crypt = $crypt; |
|
83 | - $this->logger = $logger; |
|
84 | - $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; |
|
85 | - $this->config = $config; |
|
86 | - $this->userManager = $userManager; |
|
87 | - } |
|
88 | - |
|
89 | - /** |
|
90 | - * check if recovery key is enabled for user |
|
91 | - * |
|
92 | - * @param string $uid |
|
93 | - * @return bool |
|
94 | - */ |
|
95 | - public function isRecoveryEnabledForUser($uid) { |
|
96 | - $recoveryMode = $this->config->getUserValue($uid, |
|
97 | - 'encryption', |
|
98 | - 'recoveryEnabled', |
|
99 | - '0'); |
|
100 | - |
|
101 | - return ($recoveryMode === '1'); |
|
102 | - } |
|
103 | - |
|
104 | - /** |
|
105 | - * check if the home storage should be encrypted |
|
106 | - * |
|
107 | - * @return bool |
|
108 | - */ |
|
109 | - public function shouldEncryptHomeStorage() { |
|
110 | - $encryptHomeStorage = $this->config->getAppValue( |
|
111 | - 'encryption', |
|
112 | - 'encryptHomeStorage', |
|
113 | - '1' |
|
114 | - ); |
|
115 | - |
|
116 | - return ($encryptHomeStorage === '1'); |
|
117 | - } |
|
118 | - |
|
119 | - /** |
|
120 | - * set the home storage encryption on/off |
|
121 | - * |
|
122 | - * @param bool $encryptHomeStorage |
|
123 | - */ |
|
124 | - public function setEncryptHomeStorage($encryptHomeStorage) { |
|
125 | - $value = $encryptHomeStorage ? '1' : '0'; |
|
126 | - $this->config->setAppValue( |
|
127 | - 'encryption', |
|
128 | - 'encryptHomeStorage', |
|
129 | - $value |
|
130 | - ); |
|
131 | - } |
|
132 | - |
|
133 | - /** |
|
134 | - * check if master key is enabled |
|
135 | - * |
|
136 | - * @return bool |
|
137 | - */ |
|
138 | - public function isMasterKeyEnabled() { |
|
139 | - $userMasterKey = $this->config->getAppValue('encryption', 'useMasterKey', '0'); |
|
140 | - return ($userMasterKey === '1'); |
|
141 | - } |
|
142 | - |
|
143 | - /** |
|
144 | - * @param $enabled |
|
145 | - * @return bool |
|
146 | - */ |
|
147 | - public function setRecoveryForUser($enabled) { |
|
148 | - $value = $enabled ? '1' : '0'; |
|
149 | - |
|
150 | - try { |
|
151 | - $this->config->setUserValue($this->user->getUID(), |
|
152 | - 'encryption', |
|
153 | - 'recoveryEnabled', |
|
154 | - $value); |
|
155 | - return true; |
|
156 | - } catch (PreConditionNotMetException $e) { |
|
157 | - return false; |
|
158 | - } |
|
159 | - } |
|
160 | - |
|
161 | - /** |
|
162 | - * @param string $uid |
|
163 | - * @return bool |
|
164 | - */ |
|
165 | - public function userHasFiles($uid) { |
|
166 | - return $this->files->file_exists($uid . '/files'); |
|
167 | - } |
|
168 | - |
|
169 | - /** |
|
170 | - * get owner from give path, path relative to data/ expected |
|
171 | - * |
|
172 | - * @param string $path relative to data/ |
|
173 | - * @return string |
|
174 | - * @throws \BadMethodCallException |
|
175 | - */ |
|
176 | - public function getOwner($path) { |
|
177 | - $owner = ''; |
|
178 | - $parts = explode('/', $path, 3); |
|
179 | - if (count($parts) > 1) { |
|
180 | - $owner = $parts[1]; |
|
181 | - if ($this->userManager->userExists($owner) === false) { |
|
182 | - throw new \BadMethodCallException('Unknown user: ' . |
|
183 | - 'method expects path to a user folder relative to the data folder'); |
|
184 | - } |
|
185 | - |
|
186 | - } |
|
187 | - |
|
188 | - return $owner; |
|
189 | - } |
|
190 | - |
|
191 | - /** |
|
192 | - * get storage of path |
|
193 | - * |
|
194 | - * @param string $path |
|
195 | - * @return \OC\Files\Storage\Storage |
|
196 | - */ |
|
197 | - public function getStorage($path) { |
|
198 | - $storage = $this->files->getMount($path)->getStorage(); |
|
199 | - return $storage; |
|
200 | - } |
|
39 | + /** |
|
40 | + * @var View |
|
41 | + */ |
|
42 | + private $files; |
|
43 | + /** |
|
44 | + * @var Crypt |
|
45 | + */ |
|
46 | + private $crypt; |
|
47 | + /** |
|
48 | + * @var ILogger |
|
49 | + */ |
|
50 | + private $logger; |
|
51 | + /** |
|
52 | + * @var bool|IUser |
|
53 | + */ |
|
54 | + private $user; |
|
55 | + /** |
|
56 | + * @var IConfig |
|
57 | + */ |
|
58 | + private $config; |
|
59 | + /** |
|
60 | + * @var IUserManager |
|
61 | + */ |
|
62 | + private $userManager; |
|
63 | + |
|
64 | + /** |
|
65 | + * Util constructor. |
|
66 | + * |
|
67 | + * @param View $files |
|
68 | + * @param Crypt $crypt |
|
69 | + * @param ILogger $logger |
|
70 | + * @param IUserSession $userSession |
|
71 | + * @param IConfig $config |
|
72 | + * @param IUserManager $userManager |
|
73 | + */ |
|
74 | + public function __construct(View $files, |
|
75 | + Crypt $crypt, |
|
76 | + ILogger $logger, |
|
77 | + IUserSession $userSession, |
|
78 | + IConfig $config, |
|
79 | + IUserManager $userManager |
|
80 | + ) { |
|
81 | + $this->files = $files; |
|
82 | + $this->crypt = $crypt; |
|
83 | + $this->logger = $logger; |
|
84 | + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; |
|
85 | + $this->config = $config; |
|
86 | + $this->userManager = $userManager; |
|
87 | + } |
|
88 | + |
|
89 | + /** |
|
90 | + * check if recovery key is enabled for user |
|
91 | + * |
|
92 | + * @param string $uid |
|
93 | + * @return bool |
|
94 | + */ |
|
95 | + public function isRecoveryEnabledForUser($uid) { |
|
96 | + $recoveryMode = $this->config->getUserValue($uid, |
|
97 | + 'encryption', |
|
98 | + 'recoveryEnabled', |
|
99 | + '0'); |
|
100 | + |
|
101 | + return ($recoveryMode === '1'); |
|
102 | + } |
|
103 | + |
|
104 | + /** |
|
105 | + * check if the home storage should be encrypted |
|
106 | + * |
|
107 | + * @return bool |
|
108 | + */ |
|
109 | + public function shouldEncryptHomeStorage() { |
|
110 | + $encryptHomeStorage = $this->config->getAppValue( |
|
111 | + 'encryption', |
|
112 | + 'encryptHomeStorage', |
|
113 | + '1' |
|
114 | + ); |
|
115 | + |
|
116 | + return ($encryptHomeStorage === '1'); |
|
117 | + } |
|
118 | + |
|
119 | + /** |
|
120 | + * set the home storage encryption on/off |
|
121 | + * |
|
122 | + * @param bool $encryptHomeStorage |
|
123 | + */ |
|
124 | + public function setEncryptHomeStorage($encryptHomeStorage) { |
|
125 | + $value = $encryptHomeStorage ? '1' : '0'; |
|
126 | + $this->config->setAppValue( |
|
127 | + 'encryption', |
|
128 | + 'encryptHomeStorage', |
|
129 | + $value |
|
130 | + ); |
|
131 | + } |
|
132 | + |
|
133 | + /** |
|
134 | + * check if master key is enabled |
|
135 | + * |
|
136 | + * @return bool |
|
137 | + */ |
|
138 | + public function isMasterKeyEnabled() { |
|
139 | + $userMasterKey = $this->config->getAppValue('encryption', 'useMasterKey', '0'); |
|
140 | + return ($userMasterKey === '1'); |
|
141 | + } |
|
142 | + |
|
143 | + /** |
|
144 | + * @param $enabled |
|
145 | + * @return bool |
|
146 | + */ |
|
147 | + public function setRecoveryForUser($enabled) { |
|
148 | + $value = $enabled ? '1' : '0'; |
|
149 | + |
|
150 | + try { |
|
151 | + $this->config->setUserValue($this->user->getUID(), |
|
152 | + 'encryption', |
|
153 | + 'recoveryEnabled', |
|
154 | + $value); |
|
155 | + return true; |
|
156 | + } catch (PreConditionNotMetException $e) { |
|
157 | + return false; |
|
158 | + } |
|
159 | + } |
|
160 | + |
|
161 | + /** |
|
162 | + * @param string $uid |
|
163 | + * @return bool |
|
164 | + */ |
|
165 | + public function userHasFiles($uid) { |
|
166 | + return $this->files->file_exists($uid . '/files'); |
|
167 | + } |
|
168 | + |
|
169 | + /** |
|
170 | + * get owner from give path, path relative to data/ expected |
|
171 | + * |
|
172 | + * @param string $path relative to data/ |
|
173 | + * @return string |
|
174 | + * @throws \BadMethodCallException |
|
175 | + */ |
|
176 | + public function getOwner($path) { |
|
177 | + $owner = ''; |
|
178 | + $parts = explode('/', $path, 3); |
|
179 | + if (count($parts) > 1) { |
|
180 | + $owner = $parts[1]; |
|
181 | + if ($this->userManager->userExists($owner) === false) { |
|
182 | + throw new \BadMethodCallException('Unknown user: ' . |
|
183 | + 'method expects path to a user folder relative to the data folder'); |
|
184 | + } |
|
185 | + |
|
186 | + } |
|
187 | + |
|
188 | + return $owner; |
|
189 | + } |
|
190 | + |
|
191 | + /** |
|
192 | + * get storage of path |
|
193 | + * |
|
194 | + * @param string $path |
|
195 | + * @return \OC\Files\Storage\Storage |
|
196 | + */ |
|
197 | + public function getStorage($path) { |
|
198 | + $storage = $this->files->getMount($path)->getStorage(); |
|
199 | + return $storage; |
|
200 | + } |
|
201 | 201 | |
202 | 202 | } |
@@ -163,7 +163,7 @@ discard block |
||
163 | 163 | * @return bool |
164 | 164 | */ |
165 | 165 | public function userHasFiles($uid) { |
166 | - return $this->files->file_exists($uid . '/files'); |
|
166 | + return $this->files->file_exists($uid.'/files'); |
|
167 | 167 | } |
168 | 168 | |
169 | 169 | /** |
@@ -179,7 +179,7 @@ discard block |
||
179 | 179 | if (count($parts) > 1) { |
180 | 180 | $owner = $parts[1]; |
181 | 181 | if ($this->userManager->userExists($owner) === false) { |
182 | - throw new \BadMethodCallException('Unknown user: ' . |
|
182 | + throw new \BadMethodCallException('Unknown user: '. |
|
183 | 183 | 'method expects path to a user folder relative to the data folder'); |
184 | 184 | } |
185 | 185 |
@@ -32,58 +32,58 @@ |
||
32 | 32 | use OCP\IUserSession; |
33 | 33 | |
34 | 34 | class Setup { |
35 | - /** |
|
36 | - * @var Crypt |
|
37 | - */ |
|
38 | - private $crypt; |
|
39 | - /** |
|
40 | - * @var KeyManager |
|
41 | - */ |
|
42 | - private $keyManager; |
|
43 | - /** |
|
44 | - * @var ILogger |
|
45 | - */ |
|
46 | - private $logger; |
|
47 | - /** |
|
48 | - * @var bool|string |
|
49 | - */ |
|
50 | - private $user; |
|
35 | + /** |
|
36 | + * @var Crypt |
|
37 | + */ |
|
38 | + private $crypt; |
|
39 | + /** |
|
40 | + * @var KeyManager |
|
41 | + */ |
|
42 | + private $keyManager; |
|
43 | + /** |
|
44 | + * @var ILogger |
|
45 | + */ |
|
46 | + private $logger; |
|
47 | + /** |
|
48 | + * @var bool|string |
|
49 | + */ |
|
50 | + private $user; |
|
51 | 51 | |
52 | 52 | |
53 | - /** |
|
54 | - * @param ILogger $logger |
|
55 | - * @param IUserSession $userSession |
|
56 | - * @param Crypt $crypt |
|
57 | - * @param KeyManager $keyManager |
|
58 | - */ |
|
59 | - public function __construct(ILogger $logger, |
|
60 | - IUserSession $userSession, |
|
61 | - Crypt $crypt, |
|
62 | - KeyManager $keyManager) { |
|
63 | - $this->logger = $logger; |
|
64 | - $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; |
|
65 | - $this->crypt = $crypt; |
|
66 | - $this->keyManager = $keyManager; |
|
67 | - } |
|
53 | + /** |
|
54 | + * @param ILogger $logger |
|
55 | + * @param IUserSession $userSession |
|
56 | + * @param Crypt $crypt |
|
57 | + * @param KeyManager $keyManager |
|
58 | + */ |
|
59 | + public function __construct(ILogger $logger, |
|
60 | + IUserSession $userSession, |
|
61 | + Crypt $crypt, |
|
62 | + KeyManager $keyManager) { |
|
63 | + $this->logger = $logger; |
|
64 | + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; |
|
65 | + $this->crypt = $crypt; |
|
66 | + $this->keyManager = $keyManager; |
|
67 | + } |
|
68 | 68 | |
69 | - /** |
|
70 | - * @param string $uid user id |
|
71 | - * @param string $password user password |
|
72 | - * @return bool |
|
73 | - */ |
|
74 | - public function setupUser($uid, $password) { |
|
75 | - if (!$this->keyManager->userHasKeys($uid)) { |
|
76 | - return $this->keyManager->storeKeyPair($uid, $password, |
|
77 | - $this->crypt->createKeyPair()); |
|
78 | - } |
|
79 | - return true; |
|
80 | - } |
|
69 | + /** |
|
70 | + * @param string $uid user id |
|
71 | + * @param string $password user password |
|
72 | + * @return bool |
|
73 | + */ |
|
74 | + public function setupUser($uid, $password) { |
|
75 | + if (!$this->keyManager->userHasKeys($uid)) { |
|
76 | + return $this->keyManager->storeKeyPair($uid, $password, |
|
77 | + $this->crypt->createKeyPair()); |
|
78 | + } |
|
79 | + return true; |
|
80 | + } |
|
81 | 81 | |
82 | - /** |
|
83 | - * make sure that all system keys exists |
|
84 | - */ |
|
85 | - public function setupSystem() { |
|
86 | - $this->keyManager->validateShareKey(); |
|
87 | - $this->keyManager->validateMasterKey(); |
|
88 | - } |
|
82 | + /** |
|
83 | + * make sure that all system keys exists |
|
84 | + */ |
|
85 | + public function setupSystem() { |
|
86 | + $this->keyManager->validateShareKey(); |
|
87 | + $this->keyManager->validateMasterKey(); |
|
88 | + } |
|
89 | 89 | } |
@@ -38,129 +38,129 @@ |
||
38 | 38 | |
39 | 39 | class SettingsController extends Controller { |
40 | 40 | |
41 | - /** @var IL10N */ |
|
42 | - private $l; |
|
43 | - |
|
44 | - /** @var IUserManager */ |
|
45 | - private $userManager; |
|
46 | - |
|
47 | - /** @var IUserSession */ |
|
48 | - private $userSession; |
|
49 | - |
|
50 | - /** @var KeyManager */ |
|
51 | - private $keyManager; |
|
52 | - |
|
53 | - /** @var Crypt */ |
|
54 | - private $crypt; |
|
55 | - |
|
56 | - /** @var Session */ |
|
57 | - private $session; |
|
58 | - |
|
59 | - /** @var ISession */ |
|
60 | - private $ocSession; |
|
61 | - |
|
62 | - /** @var Util */ |
|
63 | - private $util; |
|
64 | - |
|
65 | - /** |
|
66 | - * @param string $AppName |
|
67 | - * @param IRequest $request |
|
68 | - * @param IL10N $l10n |
|
69 | - * @param IUserManager $userManager |
|
70 | - * @param IUserSession $userSession |
|
71 | - * @param KeyManager $keyManager |
|
72 | - * @param Crypt $crypt |
|
73 | - * @param Session $session |
|
74 | - * @param ISession $ocSession |
|
75 | - * @param Util $util |
|
76 | - */ |
|
77 | - public function __construct($AppName, |
|
78 | - IRequest $request, |
|
79 | - IL10N $l10n, |
|
80 | - IUserManager $userManager, |
|
81 | - IUserSession $userSession, |
|
82 | - KeyManager $keyManager, |
|
83 | - Crypt $crypt, |
|
84 | - Session $session, |
|
85 | - ISession $ocSession, |
|
86 | - Util $util |
|
41 | + /** @var IL10N */ |
|
42 | + private $l; |
|
43 | + |
|
44 | + /** @var IUserManager */ |
|
45 | + private $userManager; |
|
46 | + |
|
47 | + /** @var IUserSession */ |
|
48 | + private $userSession; |
|
49 | + |
|
50 | + /** @var KeyManager */ |
|
51 | + private $keyManager; |
|
52 | + |
|
53 | + /** @var Crypt */ |
|
54 | + private $crypt; |
|
55 | + |
|
56 | + /** @var Session */ |
|
57 | + private $session; |
|
58 | + |
|
59 | + /** @var ISession */ |
|
60 | + private $ocSession; |
|
61 | + |
|
62 | + /** @var Util */ |
|
63 | + private $util; |
|
64 | + |
|
65 | + /** |
|
66 | + * @param string $AppName |
|
67 | + * @param IRequest $request |
|
68 | + * @param IL10N $l10n |
|
69 | + * @param IUserManager $userManager |
|
70 | + * @param IUserSession $userSession |
|
71 | + * @param KeyManager $keyManager |
|
72 | + * @param Crypt $crypt |
|
73 | + * @param Session $session |
|
74 | + * @param ISession $ocSession |
|
75 | + * @param Util $util |
|
76 | + */ |
|
77 | + public function __construct($AppName, |
|
78 | + IRequest $request, |
|
79 | + IL10N $l10n, |
|
80 | + IUserManager $userManager, |
|
81 | + IUserSession $userSession, |
|
82 | + KeyManager $keyManager, |
|
83 | + Crypt $crypt, |
|
84 | + Session $session, |
|
85 | + ISession $ocSession, |
|
86 | + Util $util |
|
87 | 87 | ) { |
88 | - parent::__construct($AppName, $request); |
|
89 | - $this->l = $l10n; |
|
90 | - $this->userSession = $userSession; |
|
91 | - $this->userManager = $userManager; |
|
92 | - $this->keyManager = $keyManager; |
|
93 | - $this->crypt = $crypt; |
|
94 | - $this->session = $session; |
|
95 | - $this->ocSession = $ocSession; |
|
96 | - $this->util = $util; |
|
97 | - } |
|
98 | - |
|
99 | - |
|
100 | - /** |
|
101 | - * @NoAdminRequired |
|
102 | - * @UseSession |
|
103 | - * |
|
104 | - * @param string $oldPassword |
|
105 | - * @param string $newPassword |
|
106 | - * @return DataResponse |
|
107 | - */ |
|
108 | - public function updatePrivateKeyPassword($oldPassword, $newPassword) { |
|
109 | - $result = false; |
|
110 | - $uid = $this->userSession->getUser()->getUID(); |
|
111 | - $errorMessage = $this->l->t('Could not update the private key password.'); |
|
112 | - |
|
113 | - //check if password is correct |
|
114 | - $passwordCorrect = $this->userManager->checkPassword($uid, $newPassword); |
|
115 | - if ($passwordCorrect === false) { |
|
116 | - // if check with uid fails we need to check the password with the login name |
|
117 | - // e.g. in the ldap case. For local user we need to check the password with |
|
118 | - // the uid because in this case the login name is case insensitive |
|
119 | - $loginName = $this->ocSession->get('loginname'); |
|
120 | - $passwordCorrect = $this->userManager->checkPassword($loginName, $newPassword); |
|
121 | - } |
|
122 | - |
|
123 | - if ($passwordCorrect !== false) { |
|
124 | - $encryptedKey = $this->keyManager->getPrivateKey($uid); |
|
125 | - $decryptedKey = $this->crypt->decryptPrivateKey($encryptedKey, $oldPassword, $uid); |
|
126 | - |
|
127 | - if ($decryptedKey) { |
|
128 | - $encryptedKey = $this->crypt->encryptPrivateKey($decryptedKey, $newPassword, $uid); |
|
129 | - $header = $this->crypt->generateHeader(); |
|
130 | - if ($encryptedKey) { |
|
131 | - $this->keyManager->setPrivateKey($uid, $header . $encryptedKey); |
|
132 | - $this->session->setPrivateKey($decryptedKey); |
|
133 | - $result = true; |
|
134 | - } |
|
135 | - } else { |
|
136 | - $errorMessage = $this->l->t('The old password was not correct, please try again.'); |
|
137 | - } |
|
138 | - } else { |
|
139 | - $errorMessage = $this->l->t('The current log-in password was not correct, please try again.'); |
|
140 | - } |
|
141 | - |
|
142 | - if ($result === true) { |
|
143 | - $this->session->setStatus(Session::INIT_SUCCESSFUL); |
|
144 | - return new DataResponse( |
|
145 | - ['message' => (string) $this->l->t('Private key password successfully updated.')] |
|
146 | - ); |
|
147 | - } else { |
|
148 | - return new DataResponse( |
|
149 | - ['message' => (string) $errorMessage], |
|
150 | - Http::STATUS_BAD_REQUEST |
|
151 | - ); |
|
152 | - } |
|
153 | - |
|
154 | - } |
|
155 | - |
|
156 | - /** |
|
157 | - * @UseSession |
|
158 | - * |
|
159 | - * @param bool $encryptHomeStorage |
|
160 | - * @return DataResponse |
|
161 | - */ |
|
162 | - public function setEncryptHomeStorage($encryptHomeStorage) { |
|
163 | - $this->util->setEncryptHomeStorage($encryptHomeStorage); |
|
164 | - return new DataResponse(); |
|
165 | - } |
|
88 | + parent::__construct($AppName, $request); |
|
89 | + $this->l = $l10n; |
|
90 | + $this->userSession = $userSession; |
|
91 | + $this->userManager = $userManager; |
|
92 | + $this->keyManager = $keyManager; |
|
93 | + $this->crypt = $crypt; |
|
94 | + $this->session = $session; |
|
95 | + $this->ocSession = $ocSession; |
|
96 | + $this->util = $util; |
|
97 | + } |
|
98 | + |
|
99 | + |
|
100 | + /** |
|
101 | + * @NoAdminRequired |
|
102 | + * @UseSession |
|
103 | + * |
|
104 | + * @param string $oldPassword |
|
105 | + * @param string $newPassword |
|
106 | + * @return DataResponse |
|
107 | + */ |
|
108 | + public function updatePrivateKeyPassword($oldPassword, $newPassword) { |
|
109 | + $result = false; |
|
110 | + $uid = $this->userSession->getUser()->getUID(); |
|
111 | + $errorMessage = $this->l->t('Could not update the private key password.'); |
|
112 | + |
|
113 | + //check if password is correct |
|
114 | + $passwordCorrect = $this->userManager->checkPassword($uid, $newPassword); |
|
115 | + if ($passwordCorrect === false) { |
|
116 | + // if check with uid fails we need to check the password with the login name |
|
117 | + // e.g. in the ldap case. For local user we need to check the password with |
|
118 | + // the uid because in this case the login name is case insensitive |
|
119 | + $loginName = $this->ocSession->get('loginname'); |
|
120 | + $passwordCorrect = $this->userManager->checkPassword($loginName, $newPassword); |
|
121 | + } |
|
122 | + |
|
123 | + if ($passwordCorrect !== false) { |
|
124 | + $encryptedKey = $this->keyManager->getPrivateKey($uid); |
|
125 | + $decryptedKey = $this->crypt->decryptPrivateKey($encryptedKey, $oldPassword, $uid); |
|
126 | + |
|
127 | + if ($decryptedKey) { |
|
128 | + $encryptedKey = $this->crypt->encryptPrivateKey($decryptedKey, $newPassword, $uid); |
|
129 | + $header = $this->crypt->generateHeader(); |
|
130 | + if ($encryptedKey) { |
|
131 | + $this->keyManager->setPrivateKey($uid, $header . $encryptedKey); |
|
132 | + $this->session->setPrivateKey($decryptedKey); |
|
133 | + $result = true; |
|
134 | + } |
|
135 | + } else { |
|
136 | + $errorMessage = $this->l->t('The old password was not correct, please try again.'); |
|
137 | + } |
|
138 | + } else { |
|
139 | + $errorMessage = $this->l->t('The current log-in password was not correct, please try again.'); |
|
140 | + } |
|
141 | + |
|
142 | + if ($result === true) { |
|
143 | + $this->session->setStatus(Session::INIT_SUCCESSFUL); |
|
144 | + return new DataResponse( |
|
145 | + ['message' => (string) $this->l->t('Private key password successfully updated.')] |
|
146 | + ); |
|
147 | + } else { |
|
148 | + return new DataResponse( |
|
149 | + ['message' => (string) $errorMessage], |
|
150 | + Http::STATUS_BAD_REQUEST |
|
151 | + ); |
|
152 | + } |
|
153 | + |
|
154 | + } |
|
155 | + |
|
156 | + /** |
|
157 | + * @UseSession |
|
158 | + * |
|
159 | + * @param bool $encryptHomeStorage |
|
160 | + * @return DataResponse |
|
161 | + */ |
|
162 | + public function setEncryptHomeStorage($encryptHomeStorage) { |
|
163 | + $this->util->setEncryptHomeStorage($encryptHomeStorage); |
|
164 | + return new DataResponse(); |
|
165 | + } |
|
166 | 166 | } |
@@ -128,7 +128,7 @@ |
||
128 | 128 | $encryptedKey = $this->crypt->encryptPrivateKey($decryptedKey, $newPassword, $uid); |
129 | 129 | $header = $this->crypt->generateHeader(); |
130 | 130 | if ($encryptedKey) { |
131 | - $this->keyManager->setPrivateKey($uid, $header . $encryptedKey); |
|
131 | + $this->keyManager->setPrivateKey($uid, $header.$encryptedKey); |
|
132 | 132 | $this->session->setPrivateKey($decryptedKey); |
133 | 133 | $result = true; |
134 | 134 | } |
@@ -34,160 +34,160 @@ |
||
34 | 34 | use OCP\AppFramework\Http\DataResponse; |
35 | 35 | |
36 | 36 | class RecoveryController extends Controller { |
37 | - /** |
|
38 | - * @var IConfig |
|
39 | - */ |
|
40 | - private $config; |
|
41 | - /** |
|
42 | - * @var IL10N |
|
43 | - */ |
|
44 | - private $l; |
|
45 | - /** |
|
46 | - * @var Recovery |
|
47 | - */ |
|
48 | - private $recovery; |
|
49 | - |
|
50 | - /** |
|
51 | - * @param string $AppName |
|
52 | - * @param IRequest $request |
|
53 | - * @param IConfig $config |
|
54 | - * @param IL10N $l10n |
|
55 | - * @param Recovery $recovery |
|
56 | - */ |
|
57 | - public function __construct($AppName, |
|
58 | - IRequest $request, |
|
59 | - IConfig $config, |
|
60 | - IL10N $l10n, |
|
61 | - Recovery $recovery) { |
|
62 | - parent::__construct($AppName, $request); |
|
63 | - $this->config = $config; |
|
64 | - $this->l = $l10n; |
|
65 | - $this->recovery = $recovery; |
|
66 | - } |
|
67 | - |
|
68 | - /** |
|
69 | - * @param string $recoveryPassword |
|
70 | - * @param string $confirmPassword |
|
71 | - * @param string $adminEnableRecovery |
|
72 | - * @return DataResponse |
|
73 | - */ |
|
74 | - public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { |
|
75 | - // Check if both passwords are the same |
|
76 | - if (empty($recoveryPassword)) { |
|
77 | - $errorMessage = (string)$this->l->t('Missing recovery key password'); |
|
78 | - return new DataResponse(['data' => ['message' => $errorMessage]], |
|
79 | - Http::STATUS_BAD_REQUEST); |
|
80 | - } |
|
81 | - |
|
82 | - if (empty($confirmPassword)) { |
|
83 | - $errorMessage = (string)$this->l->t('Please repeat the recovery key password'); |
|
84 | - return new DataResponse(['data' => ['message' => $errorMessage]], |
|
85 | - Http::STATUS_BAD_REQUEST); |
|
86 | - } |
|
87 | - |
|
88 | - if ($recoveryPassword !== $confirmPassword) { |
|
89 | - $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
90 | - return new DataResponse(['data' => ['message' => $errorMessage]], |
|
91 | - Http::STATUS_BAD_REQUEST); |
|
92 | - } |
|
93 | - |
|
94 | - if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { |
|
95 | - if ($this->recovery->enableAdminRecovery($recoveryPassword)) { |
|
96 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully enabled')]]); |
|
97 | - } |
|
98 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
99 | - } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { |
|
100 | - if ($this->recovery->disableAdminRecovery($recoveryPassword)) { |
|
101 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully disabled')]]); |
|
102 | - } |
|
103 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
104 | - } |
|
105 | - // this response should never be sent but just in case. |
|
106 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST); |
|
107 | - } |
|
108 | - |
|
109 | - /** |
|
110 | - * @param string $newPassword |
|
111 | - * @param string $oldPassword |
|
112 | - * @param string $confirmPassword |
|
113 | - * @return DataResponse |
|
114 | - */ |
|
115 | - public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { |
|
116 | - //check if both passwords are the same |
|
117 | - if (empty($oldPassword)) { |
|
118 | - $errorMessage = (string)$this->l->t('Please provide the old recovery password'); |
|
119 | - return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
120 | - } |
|
121 | - |
|
122 | - if (empty($newPassword)) { |
|
123 | - $errorMessage = (string)$this->l->t('Please provide a new recovery password'); |
|
124 | - return new DataResponse (['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
125 | - } |
|
126 | - |
|
127 | - if (empty($confirmPassword)) { |
|
128 | - $errorMessage = (string)$this->l->t('Please repeat the new recovery password'); |
|
129 | - return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
130 | - } |
|
131 | - |
|
132 | - if ($newPassword !== $confirmPassword) { |
|
133 | - $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
134 | - return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
135 | - } |
|
136 | - |
|
137 | - $result = $this->recovery->changeRecoveryKeyPassword($newPassword, |
|
138 | - $oldPassword); |
|
139 | - |
|
140 | - if ($result) { |
|
141 | - return new DataResponse( |
|
142 | - [ |
|
143 | - 'data' => [ |
|
144 | - 'message' => (string)$this->l->t('Password successfully changed.')] |
|
145 | - ] |
|
146 | - ); |
|
147 | - } |
|
148 | - return new DataResponse( |
|
149 | - [ |
|
150 | - 'data' => [ |
|
151 | - 'message' => (string)$this->l->t('Could not change the password. Maybe the old password was not correct.') |
|
152 | - ] |
|
153 | - ], Http::STATUS_BAD_REQUEST); |
|
154 | - } |
|
155 | - |
|
156 | - /** |
|
157 | - * @NoAdminRequired |
|
158 | - * |
|
159 | - * @param string $userEnableRecovery |
|
160 | - * @return DataResponse |
|
161 | - */ |
|
162 | - public function userSetRecovery($userEnableRecovery) { |
|
163 | - if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { |
|
164 | - |
|
165 | - $result = $this->recovery->setRecoveryForUser($userEnableRecovery); |
|
166 | - |
|
167 | - if ($result) { |
|
168 | - if ($userEnableRecovery === '0') { |
|
169 | - return new DataResponse( |
|
170 | - [ |
|
171 | - 'data' => [ |
|
172 | - 'message' => (string)$this->l->t('Recovery Key disabled')] |
|
173 | - ] |
|
174 | - ); |
|
175 | - } |
|
176 | - return new DataResponse( |
|
177 | - [ |
|
178 | - 'data' => [ |
|
179 | - 'message' => (string)$this->l->t('Recovery Key enabled')] |
|
180 | - ] |
|
181 | - ); |
|
182 | - } |
|
183 | - |
|
184 | - } |
|
185 | - return new DataResponse( |
|
186 | - [ |
|
187 | - 'data' => [ |
|
188 | - 'message' => (string)$this->l->t('Could not enable the recovery key, please try again or contact your administrator') |
|
189 | - ] |
|
190 | - ], Http::STATUS_BAD_REQUEST); |
|
191 | - } |
|
37 | + /** |
|
38 | + * @var IConfig |
|
39 | + */ |
|
40 | + private $config; |
|
41 | + /** |
|
42 | + * @var IL10N |
|
43 | + */ |
|
44 | + private $l; |
|
45 | + /** |
|
46 | + * @var Recovery |
|
47 | + */ |
|
48 | + private $recovery; |
|
49 | + |
|
50 | + /** |
|
51 | + * @param string $AppName |
|
52 | + * @param IRequest $request |
|
53 | + * @param IConfig $config |
|
54 | + * @param IL10N $l10n |
|
55 | + * @param Recovery $recovery |
|
56 | + */ |
|
57 | + public function __construct($AppName, |
|
58 | + IRequest $request, |
|
59 | + IConfig $config, |
|
60 | + IL10N $l10n, |
|
61 | + Recovery $recovery) { |
|
62 | + parent::__construct($AppName, $request); |
|
63 | + $this->config = $config; |
|
64 | + $this->l = $l10n; |
|
65 | + $this->recovery = $recovery; |
|
66 | + } |
|
67 | + |
|
68 | + /** |
|
69 | + * @param string $recoveryPassword |
|
70 | + * @param string $confirmPassword |
|
71 | + * @param string $adminEnableRecovery |
|
72 | + * @return DataResponse |
|
73 | + */ |
|
74 | + public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { |
|
75 | + // Check if both passwords are the same |
|
76 | + if (empty($recoveryPassword)) { |
|
77 | + $errorMessage = (string)$this->l->t('Missing recovery key password'); |
|
78 | + return new DataResponse(['data' => ['message' => $errorMessage]], |
|
79 | + Http::STATUS_BAD_REQUEST); |
|
80 | + } |
|
81 | + |
|
82 | + if (empty($confirmPassword)) { |
|
83 | + $errorMessage = (string)$this->l->t('Please repeat the recovery key password'); |
|
84 | + return new DataResponse(['data' => ['message' => $errorMessage]], |
|
85 | + Http::STATUS_BAD_REQUEST); |
|
86 | + } |
|
87 | + |
|
88 | + if ($recoveryPassword !== $confirmPassword) { |
|
89 | + $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
90 | + return new DataResponse(['data' => ['message' => $errorMessage]], |
|
91 | + Http::STATUS_BAD_REQUEST); |
|
92 | + } |
|
93 | + |
|
94 | + if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { |
|
95 | + if ($this->recovery->enableAdminRecovery($recoveryPassword)) { |
|
96 | + return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully enabled')]]); |
|
97 | + } |
|
98 | + return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
99 | + } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { |
|
100 | + if ($this->recovery->disableAdminRecovery($recoveryPassword)) { |
|
101 | + return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully disabled')]]); |
|
102 | + } |
|
103 | + return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
104 | + } |
|
105 | + // this response should never be sent but just in case. |
|
106 | + return new DataResponse(['data' => ['message' => (string)$this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST); |
|
107 | + } |
|
108 | + |
|
109 | + /** |
|
110 | + * @param string $newPassword |
|
111 | + * @param string $oldPassword |
|
112 | + * @param string $confirmPassword |
|
113 | + * @return DataResponse |
|
114 | + */ |
|
115 | + public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { |
|
116 | + //check if both passwords are the same |
|
117 | + if (empty($oldPassword)) { |
|
118 | + $errorMessage = (string)$this->l->t('Please provide the old recovery password'); |
|
119 | + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
120 | + } |
|
121 | + |
|
122 | + if (empty($newPassword)) { |
|
123 | + $errorMessage = (string)$this->l->t('Please provide a new recovery password'); |
|
124 | + return new DataResponse (['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
125 | + } |
|
126 | + |
|
127 | + if (empty($confirmPassword)) { |
|
128 | + $errorMessage = (string)$this->l->t('Please repeat the new recovery password'); |
|
129 | + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
130 | + } |
|
131 | + |
|
132 | + if ($newPassword !== $confirmPassword) { |
|
133 | + $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
134 | + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
135 | + } |
|
136 | + |
|
137 | + $result = $this->recovery->changeRecoveryKeyPassword($newPassword, |
|
138 | + $oldPassword); |
|
139 | + |
|
140 | + if ($result) { |
|
141 | + return new DataResponse( |
|
142 | + [ |
|
143 | + 'data' => [ |
|
144 | + 'message' => (string)$this->l->t('Password successfully changed.')] |
|
145 | + ] |
|
146 | + ); |
|
147 | + } |
|
148 | + return new DataResponse( |
|
149 | + [ |
|
150 | + 'data' => [ |
|
151 | + 'message' => (string)$this->l->t('Could not change the password. Maybe the old password was not correct.') |
|
152 | + ] |
|
153 | + ], Http::STATUS_BAD_REQUEST); |
|
154 | + } |
|
155 | + |
|
156 | + /** |
|
157 | + * @NoAdminRequired |
|
158 | + * |
|
159 | + * @param string $userEnableRecovery |
|
160 | + * @return DataResponse |
|
161 | + */ |
|
162 | + public function userSetRecovery($userEnableRecovery) { |
|
163 | + if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { |
|
164 | + |
|
165 | + $result = $this->recovery->setRecoveryForUser($userEnableRecovery); |
|
166 | + |
|
167 | + if ($result) { |
|
168 | + if ($userEnableRecovery === '0') { |
|
169 | + return new DataResponse( |
|
170 | + [ |
|
171 | + 'data' => [ |
|
172 | + 'message' => (string)$this->l->t('Recovery Key disabled')] |
|
173 | + ] |
|
174 | + ); |
|
175 | + } |
|
176 | + return new DataResponse( |
|
177 | + [ |
|
178 | + 'data' => [ |
|
179 | + 'message' => (string)$this->l->t('Recovery Key enabled')] |
|
180 | + ] |
|
181 | + ); |
|
182 | + } |
|
183 | + |
|
184 | + } |
|
185 | + return new DataResponse( |
|
186 | + [ |
|
187 | + 'data' => [ |
|
188 | + 'message' => (string)$this->l->t('Could not enable the recovery key, please try again or contact your administrator') |
|
189 | + ] |
|
190 | + ], Http::STATUS_BAD_REQUEST); |
|
191 | + } |
|
192 | 192 | |
193 | 193 | } |
@@ -74,36 +74,36 @@ discard block |
||
74 | 74 | public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { |
75 | 75 | // Check if both passwords are the same |
76 | 76 | if (empty($recoveryPassword)) { |
77 | - $errorMessage = (string)$this->l->t('Missing recovery key password'); |
|
77 | + $errorMessage = (string) $this->l->t('Missing recovery key password'); |
|
78 | 78 | return new DataResponse(['data' => ['message' => $errorMessage]], |
79 | 79 | Http::STATUS_BAD_REQUEST); |
80 | 80 | } |
81 | 81 | |
82 | 82 | if (empty($confirmPassword)) { |
83 | - $errorMessage = (string)$this->l->t('Please repeat the recovery key password'); |
|
83 | + $errorMessage = (string) $this->l->t('Please repeat the recovery key password'); |
|
84 | 84 | return new DataResponse(['data' => ['message' => $errorMessage]], |
85 | 85 | Http::STATUS_BAD_REQUEST); |
86 | 86 | } |
87 | 87 | |
88 | 88 | if ($recoveryPassword !== $confirmPassword) { |
89 | - $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
89 | + $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
90 | 90 | return new DataResponse(['data' => ['message' => $errorMessage]], |
91 | 91 | Http::STATUS_BAD_REQUEST); |
92 | 92 | } |
93 | 93 | |
94 | 94 | if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { |
95 | 95 | if ($this->recovery->enableAdminRecovery($recoveryPassword)) { |
96 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully enabled')]]); |
|
96 | + return new DataResponse(['data' => ['message' => (string) $this->l->t('Recovery key successfully enabled')]]); |
|
97 | 97 | } |
98 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
98 | + return new DataResponse(['data' => ['message' => (string) $this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
99 | 99 | } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { |
100 | 100 | if ($this->recovery->disableAdminRecovery($recoveryPassword)) { |
101 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully disabled')]]); |
|
101 | + return new DataResponse(['data' => ['message' => (string) $this->l->t('Recovery key successfully disabled')]]); |
|
102 | 102 | } |
103 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
103 | + return new DataResponse(['data' => ['message' => (string) $this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); |
|
104 | 104 | } |
105 | 105 | // this response should never be sent but just in case. |
106 | - return new DataResponse(['data' => ['message' => (string)$this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST); |
|
106 | + return new DataResponse(['data' => ['message' => (string) $this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST); |
|
107 | 107 | } |
108 | 108 | |
109 | 109 | /** |
@@ -115,22 +115,22 @@ discard block |
||
115 | 115 | public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { |
116 | 116 | //check if both passwords are the same |
117 | 117 | if (empty($oldPassword)) { |
118 | - $errorMessage = (string)$this->l->t('Please provide the old recovery password'); |
|
118 | + $errorMessage = (string) $this->l->t('Please provide the old recovery password'); |
|
119 | 119 | return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
120 | 120 | } |
121 | 121 | |
122 | 122 | if (empty($newPassword)) { |
123 | - $errorMessage = (string)$this->l->t('Please provide a new recovery password'); |
|
124 | - return new DataResponse (['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
123 | + $errorMessage = (string) $this->l->t('Please provide a new recovery password'); |
|
124 | + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
|
125 | 125 | } |
126 | 126 | |
127 | 127 | if (empty($confirmPassword)) { |
128 | - $errorMessage = (string)$this->l->t('Please repeat the new recovery password'); |
|
128 | + $errorMessage = (string) $this->l->t('Please repeat the new recovery password'); |
|
129 | 129 | return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
130 | 130 | } |
131 | 131 | |
132 | 132 | if ($newPassword !== $confirmPassword) { |
133 | - $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
133 | + $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); |
|
134 | 134 | return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); |
135 | 135 | } |
136 | 136 | |
@@ -141,14 +141,14 @@ discard block |
||
141 | 141 | return new DataResponse( |
142 | 142 | [ |
143 | 143 | 'data' => [ |
144 | - 'message' => (string)$this->l->t('Password successfully changed.')] |
|
144 | + 'message' => (string) $this->l->t('Password successfully changed.')] |
|
145 | 145 | ] |
146 | 146 | ); |
147 | 147 | } |
148 | 148 | return new DataResponse( |
149 | 149 | [ |
150 | 150 | 'data' => [ |
151 | - 'message' => (string)$this->l->t('Could not change the password. Maybe the old password was not correct.') |
|
151 | + 'message' => (string) $this->l->t('Could not change the password. Maybe the old password was not correct.') |
|
152 | 152 | ] |
153 | 153 | ], Http::STATUS_BAD_REQUEST); |
154 | 154 | } |
@@ -169,14 +169,14 @@ discard block |
||
169 | 169 | return new DataResponse( |
170 | 170 | [ |
171 | 171 | 'data' => [ |
172 | - 'message' => (string)$this->l->t('Recovery Key disabled')] |
|
172 | + 'message' => (string) $this->l->t('Recovery Key disabled')] |
|
173 | 173 | ] |
174 | 174 | ); |
175 | 175 | } |
176 | 176 | return new DataResponse( |
177 | 177 | [ |
178 | 178 | 'data' => [ |
179 | - 'message' => (string)$this->l->t('Recovery Key enabled')] |
|
179 | + 'message' => (string) $this->l->t('Recovery Key enabled')] |
|
180 | 180 | ] |
181 | 181 | ); |
182 | 182 | } |
@@ -185,7 +185,7 @@ discard block |
||
185 | 185 | return new DataResponse( |
186 | 186 | [ |
187 | 187 | 'data' => [ |
188 | - 'message' => (string)$this->l->t('Could not enable the recovery key, please try again or contact your administrator') |
|
188 | + 'message' => (string) $this->l->t('Could not enable the recovery key, please try again or contact your administrator') |
|
189 | 189 | ] |
190 | 190 | ], Http::STATUS_BAD_REQUEST); |
191 | 191 | } |