nextcloud / server

lib/private/OCS/Provider.php

Indentation +81 added lines, -81 removed lines

@@ -24,92 +24,92 @@
 namespace OC\OCS;
 
 class Provider extends \OCP\AppFramework\Controller {
-	/** @var \OCP\App\IAppManager */
-	private $appManager;
+    /** @var \OCP\App\IAppManager */
+    private $appManager;
 
-	/**
-	 * @param string $appName
-	 * @param \OCP\IRequest $request
-	 * @param \OCP\App\IAppManager $appManager
-	 */
-	public function __construct($appName,
-								\OCP\IRequest $request,
-								\OCP\App\IAppManager $appManager) {
-		parent::__construct($appName, $request);
-		$this->appManager = $appManager;
-	}
+    /**
+     * @param string $appName
+     * @param \OCP\IRequest $request
+     * @param \OCP\App\IAppManager $appManager
+     */
+    public function __construct($appName,
+                                \OCP\IRequest $request,
+                                \OCP\App\IAppManager $appManager) {
+        parent::__construct($appName, $request);
+        $this->appManager = $appManager;
+    }
 
-	/**
-	 * @return \OCP\AppFramework\Http\JSONResponse
-	 */
-	public function buildProviderList() {
-		$services = [
-			'PRIVATE_DATA' => [
-				'version' => 1,
-				'endpoints' => [
-					'store' => '/ocs/v2.php/privatedata/setattribute',
-					'read' => '/ocs/v2.php/privatedata/getattribute',
-					'delete' => '/ocs/v2.php/privatedata/deleteattribute',
-				],
-			],
-		];
+    /**
+     * @return \OCP\AppFramework\Http\JSONResponse
+     */
+    public function buildProviderList() {
+        $services = [
+            'PRIVATE_DATA' => [
+                'version' => 1,
+                'endpoints' => [
+                    'store' => '/ocs/v2.php/privatedata/setattribute',
+                    'read' => '/ocs/v2.php/privatedata/getattribute',
+                    'delete' => '/ocs/v2.php/privatedata/deleteattribute',
+                ],
+            ],
+        ];
 
-		if($this->appManager->isEnabledForUser('files_sharing')) {
-			$services['SHARING'] = [
-				'version' => 1,
-				'endpoints' => [
-					'share' => '/ocs/v2.php/apps/files_sharing/api/v1/shares',
-				],
-			];
-			$services['FEDERATED_SHARING'] = [
-				'version' => 1,
-				'endpoints' => [
-					'share' => '/ocs/v2.php/cloud/shares',
-					'webdav' => '/public.php/webdav/',
-				],
-			];
-		}
+        if($this->appManager->isEnabledForUser('files_sharing')) {
+            $services['SHARING'] = [
+                'version' => 1,
+                'endpoints' => [
+                    'share' => '/ocs/v2.php/apps/files_sharing/api/v1/shares',
+                ],
+            ];
+            $services['FEDERATED_SHARING'] = [
+                'version' => 1,
+                'endpoints' => [
+                    'share' => '/ocs/v2.php/cloud/shares',
+                    'webdav' => '/public.php/webdav/',
+                ],
+            ];
+        }
 
-		if ($this->appManager->isEnabledForUser('federation')) {
-			if (isset($services['FEDERATED_SHARING'])) {
-				$services['FEDERATED_SHARING']['endpoints']['shared-secret'] = '/ocs/v2.php/cloud/shared-secret';
-				$services['FEDERATED_SHARING']['endpoints']['system-address-book'] = '/remote.php/dav/addressbooks/system/system/system';
-				$services['FEDERATED_SHARING']['endpoints']['carddav-user'] = 'system';
-			} else {
-				$services['FEDERATED_SHARING'] = [
-					'version' => 1,
-					'endpoints' => [
-						'shared-secret' => '/ocs/v2.php/cloud/shared-secret',
-						'system-address-book' => '/remote.php/dav/addressbooks/system/system/system',
-						'carddav-user' => 'system'
-					],
-				];
-			}
-		}
+        if ($this->appManager->isEnabledForUser('federation')) {
+            if (isset($services['FEDERATED_SHARING'])) {
+                $services['FEDERATED_SHARING']['endpoints']['shared-secret'] = '/ocs/v2.php/cloud/shared-secret';
+                $services['FEDERATED_SHARING']['endpoints']['system-address-book'] = '/remote.php/dav/addressbooks/system/system/system';
+                $services['FEDERATED_SHARING']['endpoints']['carddav-user'] = 'system';
+            } else {
+                $services['FEDERATED_SHARING'] = [
+                    'version' => 1,
+                    'endpoints' => [
+                        'shared-secret' => '/ocs/v2.php/cloud/shared-secret',
+                        'system-address-book' => '/remote.php/dav/addressbooks/system/system/system',
+                        'carddav-user' => 'system'
+                    ],
+                ];
+            }
+        }
 
-		if($this->appManager->isEnabledForUser('activity')) {
-			$services['ACTIVITY'] = [
-				'version' => 1,
-				'endpoints' => [
-					'list' => '/ocs/v2.php/cloud/activity',
-				],
-			];
-		}
+        if($this->appManager->isEnabledForUser('activity')) {
+            $services['ACTIVITY'] = [
+                'version' => 1,
+                'endpoints' => [
+                    'list' => '/ocs/v2.php/cloud/activity',
+                ],
+            ];
+        }
 
-		if($this->appManager->isEnabledForUser('provisioning_api')) {
-			$services['PROVISIONING'] = [
-				'version' => 1,
-				'endpoints' => [
-					'user' => '/ocs/v2.php/cloud/users',
-					'groups' => '/ocs/v2.php/cloud/groups',
-					'apps' => '/ocs/v2.php/cloud/apps',
-				],
-			];
-		}
+        if($this->appManager->isEnabledForUser('provisioning_api')) {
+            $services['PROVISIONING'] = [
+                'version' => 1,
+                'endpoints' => [
+                    'user' => '/ocs/v2.php/cloud/users',
+                    'groups' => '/ocs/v2.php/cloud/groups',
+                    'apps' => '/ocs/v2.php/cloud/apps',
+                ],
+            ];
+        }
 
-		return new \OCP\AppFramework\Http\JSONResponse([
-			'version' => 2,
-			'services' => $services,
-		]);
-	}
+        return new \OCP\AppFramework\Http\JSONResponse([
+            'version' => 2,
+            'services' => $services,
+        ]);
+    }
 }

lib/private/Preview/MP3.php

Indentation +28 added lines, -28 removed lines

@@ -29,38 +29,38 @@
 use ID3Parser\ID3Parser;
 
 class MP3 extends Provider {
-	/**
-	 * {@inheritDoc}
-	 */
-	public function getMimeType() {
-		return '/audio\/mpeg/';
-	}
+    /**
+     * {@inheritDoc}
+     */
+    public function getMimeType() {
+        return '/audio\/mpeg/';
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function getThumbnail($path, $maxX, $maxY, $scalingup, $fileview) {
-		$getID3 = new ID3Parser();
+    /**
+     * {@inheritDoc}
+     */
+    public function getThumbnail($path, $maxX, $maxY, $scalingup, $fileview) {
+        $getID3 = new ID3Parser();
 
-		$tmpPath = $fileview->toTmpFile($path);
-		$tags = $getID3->analyze($tmpPath);
-		unlink($tmpPath);
-		$picture = isset($tags['id3v2']['APIC'][0]['data']) ? $tags['id3v2']['APIC'][0]['data'] : null;
-		if(is_null($picture) && isset($tags['id3v2']['PIC'][0]['data'])) {
-			$picture = $tags['id3v2']['PIC'][0]['data'];
-		}
+        $tmpPath = $fileview->toTmpFile($path);
+        $tags = $getID3->analyze($tmpPath);
+        unlink($tmpPath);
+        $picture = isset($tags['id3v2']['APIC'][0]['data']) ? $tags['id3v2']['APIC'][0]['data'] : null;
+        if(is_null($picture) && isset($tags['id3v2']['PIC'][0]['data'])) {
+            $picture = $tags['id3v2']['PIC'][0]['data'];
+        }
 
-		if(!is_null($picture)) {
-			$image = new \OC_Image();
-			$image->loadFromData($picture);
+        if(!is_null($picture)) {
+            $image = new \OC_Image();
+            $image->loadFromData($picture);
 
-			if ($image->valid()) {
-				$image->scaleDownToFit($maxX, $maxY);
+            if ($image->valid()) {
+                $image->scaleDownToFit($maxX, $maxY);
 
-				return $image;
-			}
-		}
+                return $image;
+            }
+        }
 
-		return false;
-	}
+        return false;
+    }
 }

apps/federatedfilesharing/appinfo/routes.php

Indentation +14 added lines, -14 removed lines

@@ -23,18 +23,18 @@
  */
 
 return [
-	'routes' => [
-		['name' => 'MountPublicLink#createFederatedShare', 'url' => '/createFederatedShare', 'verb' => 'POST'],
-		['name' => 'MountPublicLink#askForFederatedShare', 'url' => '/askForFederatedShare', 'verb' => 'POST'],
-	],
-	'ocs' => [
-		['root' => '/cloud', 'name' => 'RequestHandler#createShare', 'url' => '/shares', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#reShare', 'url' => '/shares/{id}/reshare', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#updatePermissions', 'url' => '/shares/{id}/permissions', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#acceptShare', 'url' => '/shares/{id}/accept', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#declineShare', 'url' => '/shares/{id}/decline', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#unshare', 'url' => '/shares/{id}/unshare', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#revoke', 'url' => '/shares/{id}/revoke', 'verb' => 'POST'],
-		['root' => '/cloud', 'name' => 'RequestHandler#move', 'url' => '/shares/{id}/move', 'verb' => 'POST'],
-	],
+    'routes' => [
+        ['name' => 'MountPublicLink#createFederatedShare', 'url' => '/createFederatedShare', 'verb' => 'POST'],
+        ['name' => 'MountPublicLink#askForFederatedShare', 'url' => '/askForFederatedShare', 'verb' => 'POST'],
+    ],
+    'ocs' => [
+        ['root' => '/cloud', 'name' => 'RequestHandler#createShare', 'url' => '/shares', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#reShare', 'url' => '/shares/{id}/reshare', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#updatePermissions', 'url' => '/shares/{id}/permissions', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#acceptShare', 'url' => '/shares/{id}/accept', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#declineShare', 'url' => '/shares/{id}/decline', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#unshare', 'url' => '/shares/{id}/unshare', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#revoke', 'url' => '/shares/{id}/revoke', 'verb' => 'POST'],
+        ['root' => '/cloud', 'name' => 'RequestHandler#move', 'url' => '/shares/{id}/move', 'verb' => 'POST'],
+    ],
 ];

apps/federatedfilesharing/lib/Notifications.php

Indentation +276 added lines, -276 removed lines

@@ -33,280 +33,280 @@
 use OCP\OCS\IDiscoveryService;
 
 class Notifications {
-	const RESPONSE_FORMAT = 'json'; // default response format for ocs calls
-
-	/** @var AddressHandler */
-	private $addressHandler;
-
-	/** @var IClientService */
-	private $httpClientService;
-
-	/** @var IDiscoveryService */
-	private $discoveryService;
-
-	/** @var IJobList  */
-	private $jobList;
-
-	/**
-	 * @param AddressHandler $addressHandler
-	 * @param IClientService $httpClientService
-	 * @param IDiscoveryService $discoveryService
-	 * @param IJobList $jobList
-	 */
-	public function __construct(
-		AddressHandler $addressHandler,
-		IClientService $httpClientService,
-		IDiscoveryService $discoveryService,
-		IJobList $jobList
-	) {
-		$this->addressHandler = $addressHandler;
-		$this->httpClientService = $httpClientService;
-		$this->discoveryService = $discoveryService;
-		$this->jobList = $jobList;
-	}
-
-	/**
-	 * send server-to-server share to remote server
-	 *
-	 * @param string $token
-	 * @param string $shareWith
-	 * @param string $name
-	 * @param int $remote_id
-	 * @param string $owner
-	 * @param string $ownerFederatedId
-	 * @param string $sharedBy
-	 * @param string $sharedByFederatedId
-	 * @return bool
-	 * @throws \OC\HintException
-	 * @throws \OC\ServerNotAvailableException
-	 */
-	public function sendRemoteShare($token, $shareWith, $name, $remote_id, $owner, $ownerFederatedId, $sharedBy, $sharedByFederatedId) {
-
-		list($user, $remote) = $this->addressHandler->splitUserRemote($shareWith);
-
-		if ($user && $remote) {
-			$local = $this->addressHandler->generateRemoteURL();
-
-			$fields = array(
-				'shareWith' => $user,
-				'token' => $token,
-				'name' => $name,
-				'remoteId' => $remote_id,
-				'owner' => $owner,
-				'ownerFederatedId' => $ownerFederatedId,
-				'sharedBy' => $sharedBy,
-				'sharedByFederatedId' => $sharedByFederatedId,
-				'remote' => $local,
-			);
-
-			$result = $this->tryHttpPostToShareEndpoint($remote, '', $fields);
-			$status = json_decode($result['result'], true);
-
-			if ($result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200)) {
-				\OC_Hook::emit('OCP\Share', 'federated_share_added', ['server' => $remote]);
-				return true;
-			}
-
-		}
-
-		return false;
-	}
-
-	/**
-	 * ask owner to re-share the file with the given user
-	 *
-	 * @param string $token
-	 * @param int $id remote Id
-	 * @param int $shareId internal share Id
-	 * @param string $remote remote address of the owner
-	 * @param string $shareWith
-	 * @param int $permission
-	 * @return bool
-	 * @throws \OC\HintException
-	 * @throws \OC\ServerNotAvailableException
-	 */
-	public function requestReShare($token, $id, $shareId, $remote, $shareWith, $permission) {
-
-		$fields = array(
-			'shareWith' => $shareWith,
-			'token' => $token,
-			'permission' => $permission,
-			'remoteId' => $shareId
-		);
-
-		$result = $this->tryHttpPostToShareEndpoint(rtrim($remote, '/'), '/' . $id . '/reshare', $fields);
-		$status = json_decode($result['result'], true);
-
-		$httpRequestSuccessful = $result['success'];
-		$ocsCallSuccessful = $status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200;
-		$validToken = isset($status['ocs']['data']['token']) && is_string($status['ocs']['data']['token']);
-		$validRemoteId = isset($status['ocs']['data']['remoteId']);
-
-		if ($httpRequestSuccessful && $ocsCallSuccessful && $validToken && $validRemoteId) {
-			return [
-				$status['ocs']['data']['token'],
-				(int)$status['ocs']['data']['remoteId']
-			];
-		}
-
-		return false;
-	}
-
-	/**
-	 * send server-to-server unshare to remote server
-	 *
-	 * @param string $remote url
-	 * @param int $id share id
-	 * @param string $token
-	 * @return bool
-	 */
-	public function sendRemoteUnShare($remote, $id, $token) {
-		$this->sendUpdateToRemote($remote, $id, $token, 'unshare');
-	}
-
-	/**
-	 * send server-to-server unshare to remote server
-	 *
-	 * @param string $remote url
-	 * @param int $id share id
-	 * @param string $token
-	 * @return bool
-	 */
-	public function sendRevokeShare($remote, $id, $token) {
-		$this->sendUpdateToRemote($remote, $id, $token, 'revoke');
-	}
-
-	/**
-	 * send notification to remote server if the permissions was changed
-	 *
-	 * @param string $remote
-	 * @param int $remoteId
-	 * @param string $token
-	 * @param int $permissions
-	 * @return bool
-	 */
-	public function sendPermissionChange($remote, $remoteId, $token, $permissions) {
-		$this->sendUpdateToRemote($remote, $remoteId, $token, 'permissions', ['permissions' => $permissions]);
-	}
-
-	/**
-	 * forward accept reShare to remote server
-	 *
-	 * @param string $remote
-	 * @param int $remoteId
-	 * @param string $token
-	 */
-	public function sendAcceptShare($remote, $remoteId, $token) {
-		$this->sendUpdateToRemote($remote, $remoteId, $token, 'accept');
-	}
-
-	/**
-	 * forward decline reShare to remote server
-	 *
-	 * @param string $remote
-	 * @param int $remoteId
-	 * @param string $token
-	 */
-	public function sendDeclineShare($remote, $remoteId, $token) {
-		$this->sendUpdateToRemote($remote, $remoteId, $token, 'decline');
-	}
-
-	/**
-	 * inform remote server whether server-to-server share was accepted/declined
-	 *
-	 * @param string $remote
-	 * @param string $token
-	 * @param int $remoteId Share id on the remote host
-	 * @param string $action possible actions: accept, decline, unshare, revoke, permissions
-	 * @param array $data
-	 * @param int $try
-	 * @return boolean
-	 */
-	public function sendUpdateToRemote($remote, $remoteId, $token, $action, $data = [], $try = 0) {
-
-		$fields = array('token' => $token);
-		foreach ($data as $key => $value) {
-			$fields[$key] = $value;
-		}
-
-		$result = $this->tryHttpPostToShareEndpoint(rtrim($remote, '/'), '/' . $remoteId . '/' . $action, $fields);
-		$status = json_decode($result['result'], true);
-
-		if ($result['success'] &&
-			($status['ocs']['meta']['statuscode'] === 100 ||
-				$status['ocs']['meta']['statuscode'] === 200
-			)
-		) {
-			return true;
-		} elseif ($try === 0) {
-			// only add new job on first try
-			$this->jobList->add('OCA\FederatedFileSharing\BackgroundJob\RetryJob',
-				[
-					'remote' => $remote,
-					'remoteId' => $remoteId,
-					'token' => $token,
-					'action' => $action,
-					'data' => json_encode($data),
-					'try' => $try,
-					'lastRun' => $this->getTimestamp()
-				]
-			);
-		}
-
-		return false;
-	}
-
-
-	/**
-	 * return current timestamp
-	 *
-	 * @return int
-	 */
-	protected function getTimestamp() {
-		return time();
-	}
-
-	/**
-	 * try http post with the given protocol, if no protocol is given we pick
-	 * the secure one (https)
-	 *
-	 * @param string $remoteDomain
-	 * @param string $urlSuffix
-	 * @param array $fields post parameters
-	 * @return array
-	 * @throws \Exception
-	 */
-	protected function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields) {
-		$client = $this->httpClientService->newClient();
-
-		if ($this->addressHandler->urlContainProtocol($remoteDomain) === false) {
-			$remoteDomain = 'https://' . $remoteDomain;
-		}
-
-		$result = [
-			'success' => false,
-			'result' => '',
-		];
-
-		$federationEndpoints = $this->discoveryService->discover($remoteDomain, 'FEDERATED_SHARING');
-		$endpoint = isset($federationEndpoints['share']) ? $federationEndpoints['share'] : '/ocs/v2.php/cloud/shares';
-		try {
-			$response = $client->post($remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT, [
-				'body' => $fields,
-				'timeout' => 10,
-				'connect_timeout' => 10,
-			]);
-			$result['result'] = $response->getBody();
-			$result['success'] = true;
-		} catch (\Exception $e) {
-			// if flat re-sharing is not supported by the remote server
-			// we re-throw the exception and fall back to the old behaviour.
-			// (flat re-shares has been introduced in Nextcloud 9.1)
-			if ($e->getCode() === Http::STATUS_INTERNAL_SERVER_ERROR) {
-				throw $e;
-			}
-		}
-
-		return $result;
-	}
+    const RESPONSE_FORMAT = 'json'; // default response format for ocs calls
+
+    /** @var AddressHandler */
+    private $addressHandler;
+
+    /** @var IClientService */
+    private $httpClientService;
+
+    /** @var IDiscoveryService */
+    private $discoveryService;
+
+    /** @var IJobList  */
+    private $jobList;
+
+    /**
+     * @param AddressHandler $addressHandler
+     * @param IClientService $httpClientService
+     * @param IDiscoveryService $discoveryService
+     * @param IJobList $jobList
+     */
+    public function __construct(
+        AddressHandler $addressHandler,
+        IClientService $httpClientService,
+        IDiscoveryService $discoveryService,
+        IJobList $jobList
+    ) {
+        $this->addressHandler = $addressHandler;
+        $this->httpClientService = $httpClientService;
+        $this->discoveryService = $discoveryService;
+        $this->jobList = $jobList;
+    }
+
+    /**
+     * send server-to-server share to remote server
+     *
+     * @param string $token
+     * @param string $shareWith
+     * @param string $name
+     * @param int $remote_id
+     * @param string $owner
+     * @param string $ownerFederatedId
+     * @param string $sharedBy
+     * @param string $sharedByFederatedId
+     * @return bool
+     * @throws \OC\HintException
+     * @throws \OC\ServerNotAvailableException
+     */
+    public function sendRemoteShare($token, $shareWith, $name, $remote_id, $owner, $ownerFederatedId, $sharedBy, $sharedByFederatedId) {
+
+        list($user, $remote) = $this->addressHandler->splitUserRemote($shareWith);
+
+        if ($user && $remote) {
+            $local = $this->addressHandler->generateRemoteURL();
+
+            $fields = array(
+                'shareWith' => $user,
+                'token' => $token,
+                'name' => $name,
+                'remoteId' => $remote_id,
+                'owner' => $owner,
+                'ownerFederatedId' => $ownerFederatedId,
+                'sharedBy' => $sharedBy,
+                'sharedByFederatedId' => $sharedByFederatedId,
+                'remote' => $local,
+            );
+
+            $result = $this->tryHttpPostToShareEndpoint($remote, '', $fields);
+            $status = json_decode($result['result'], true);
+
+            if ($result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200)) {
+                \OC_Hook::emit('OCP\Share', 'federated_share_added', ['server' => $remote]);
+                return true;
+            }
+
+        }
+
+        return false;
+    }
+
+    /**
+     * ask owner to re-share the file with the given user
+     *
+     * @param string $token
+     * @param int $id remote Id
+     * @param int $shareId internal share Id
+     * @param string $remote remote address of the owner
+     * @param string $shareWith
+     * @param int $permission
+     * @return bool
+     * @throws \OC\HintException
+     * @throws \OC\ServerNotAvailableException
+     */
+    public function requestReShare($token, $id, $shareId, $remote, $shareWith, $permission) {
+
+        $fields = array(
+            'shareWith' => $shareWith,
+            'token' => $token,
+            'permission' => $permission,
+            'remoteId' => $shareId
+        );
+
+        $result = $this->tryHttpPostToShareEndpoint(rtrim($remote, '/'), '/' . $id . '/reshare', $fields);
+        $status = json_decode($result['result'], true);
+
+        $httpRequestSuccessful = $result['success'];
+        $ocsCallSuccessful = $status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200;
+        $validToken = isset($status['ocs']['data']['token']) && is_string($status['ocs']['data']['token']);
+        $validRemoteId = isset($status['ocs']['data']['remoteId']);
+
+        if ($httpRequestSuccessful && $ocsCallSuccessful && $validToken && $validRemoteId) {
+            return [
+                $status['ocs']['data']['token'],
+                (int)$status['ocs']['data']['remoteId']
+            ];
+        }
+
+        return false;
+    }
+
+    /**
+     * send server-to-server unshare to remote server
+     *
+     * @param string $remote url
+     * @param int $id share id
+     * @param string $token
+     * @return bool
+     */
+    public function sendRemoteUnShare($remote, $id, $token) {
+        $this->sendUpdateToRemote($remote, $id, $token, 'unshare');
+    }
+
+    /**
+     * send server-to-server unshare to remote server
+     *
+     * @param string $remote url
+     * @param int $id share id
+     * @param string $token
+     * @return bool
+     */
+    public function sendRevokeShare($remote, $id, $token) {
+        $this->sendUpdateToRemote($remote, $id, $token, 'revoke');
+    }
+
+    /**
+     * send notification to remote server if the permissions was changed
+     *
+     * @param string $remote
+     * @param int $remoteId
+     * @param string $token
+     * @param int $permissions
+     * @return bool
+     */
+    public function sendPermissionChange($remote, $remoteId, $token, $permissions) {
+        $this->sendUpdateToRemote($remote, $remoteId, $token, 'permissions', ['permissions' => $permissions]);
+    }
+
+    /**
+     * forward accept reShare to remote server
+     *
+     * @param string $remote
+     * @param int $remoteId
+     * @param string $token
+     */
+    public function sendAcceptShare($remote, $remoteId, $token) {
+        $this->sendUpdateToRemote($remote, $remoteId, $token, 'accept');
+    }
+
+    /**
+     * forward decline reShare to remote server
+     *
+     * @param string $remote
+     * @param int $remoteId
+     * @param string $token
+     */
+    public function sendDeclineShare($remote, $remoteId, $token) {
+        $this->sendUpdateToRemote($remote, $remoteId, $token, 'decline');
+    }
+
+    /**
+     * inform remote server whether server-to-server share was accepted/declined
+     *
+     * @param string $remote
+     * @param string $token
+     * @param int $remoteId Share id on the remote host
+     * @param string $action possible actions: accept, decline, unshare, revoke, permissions
+     * @param array $data
+     * @param int $try
+     * @return boolean
+     */
+    public function sendUpdateToRemote($remote, $remoteId, $token, $action, $data = [], $try = 0) {
+
+        $fields = array('token' => $token);
+        foreach ($data as $key => $value) {
+            $fields[$key] = $value;
+        }
+
+        $result = $this->tryHttpPostToShareEndpoint(rtrim($remote, '/'), '/' . $remoteId . '/' . $action, $fields);
+        $status = json_decode($result['result'], true);
+
+        if ($result['success'] &&
+            ($status['ocs']['meta']['statuscode'] === 100 ||
+                $status['ocs']['meta']['statuscode'] === 200
+            )
+        ) {
+            return true;
+        } elseif ($try === 0) {
+            // only add new job on first try
+            $this->jobList->add('OCA\FederatedFileSharing\BackgroundJob\RetryJob',
+                [
+                    'remote' => $remote,
+                    'remoteId' => $remoteId,
+                    'token' => $token,
+                    'action' => $action,
+                    'data' => json_encode($data),
+                    'try' => $try,
+                    'lastRun' => $this->getTimestamp()
+                ]
+            );
+        }
+
+        return false;
+    }
+
+
+    /**
+     * return current timestamp
+     *
+     * @return int
+     */
+    protected function getTimestamp() {
+        return time();
+    }
+
+    /**
+     * try http post with the given protocol, if no protocol is given we pick
+     * the secure one (https)
+     *
+     * @param string $remoteDomain
+     * @param string $urlSuffix
+     * @param array $fields post parameters
+     * @return array
+     * @throws \Exception
+     */
+    protected function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields) {
+        $client = $this->httpClientService->newClient();
+
+        if ($this->addressHandler->urlContainProtocol($remoteDomain) === false) {
+            $remoteDomain = 'https://' . $remoteDomain;
+        }
+
+        $result = [
+            'success' => false,
+            'result' => '',
+        ];
+
+        $federationEndpoints = $this->discoveryService->discover($remoteDomain, 'FEDERATED_SHARING');
+        $endpoint = isset($federationEndpoints['share']) ? $federationEndpoints['share'] : '/ocs/v2.php/cloud/shares';
+        try {
+            $response = $client->post($remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT, [
+                'body' => $fields,
+                'timeout' => 10,
+                'connect_timeout' => 10,
+            ]);
+            $result['result'] = $response->getBody();
+            $result['success'] = true;
+        } catch (\Exception $e) {
+            // if flat re-sharing is not supported by the remote server
+            // we re-throw the exception and fall back to the old behaviour.
+            // (flat re-shares has been introduced in Nextcloud 9.1)
+            if ($e->getCode() === Http::STATUS_INTERNAL_SERVER_ERROR) {
+                throw $e;
+            }
+        }
+
+        return $result;
+    }
 }

apps/dav/appinfo/v2/remote.php

Indentation +1 added lines, -1 removed lines

@@ -21,7 +21,7 @@
  */
 // no php execution timeout for webdav
 if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-	@set_time_limit(0);
+    @set_time_limit(0);
 }
 ignore_user_abort(true);
 

apps/federatedfilesharing/appinfo/app.php

Indentation +12 added lines, -12 removed lines

@@ -30,22 +30,22 @@
 
 $manager = \OC::$server->getNotificationManager();
 $manager->registerNotifier(function() {
-	return \OC::$server->query(Notifier::class);
+    return \OC::$server->query(Notifier::class);
 }, function() {
-	$l = \OC::$server->getL10N('files_sharing');
-	return [
-		'id' => 'files_sharing',
-		'name' => $l->t('Federated sharing'),
-	];
+    $l = \OC::$server->getL10N('files_sharing');
+    return [
+        'id' => 'files_sharing',
+        'name' => $l->t('Federated sharing'),
+    ];
 });
 
 $federatedShareProvider = $app->getFederatedShareProvider();
 
 $eventDispatcher->addListener(
-	'OCA\Files::loadAdditionalScripts',
-	function() use ($federatedShareProvider) {
-		if ($federatedShareProvider->isIncomingServer2serverShareEnabled()) {
-			\OCP\Util::addScript('federatedfilesharing', 'external');
-		}
-	}
+    'OCA\Files::loadAdditionalScripts',
+    function() use ($federatedShareProvider) {
+        if ($federatedShareProvider->isIncomingServer2serverShareEnabled()) {
+            \OCP\Util::addScript('federatedfilesharing', 'external');
+        }
+    }
 );

apps/federation/appinfo/routes.php

Indentation +46 added lines, -46 removed lines

@@ -23,50 +23,50 @@
 $application = new \OCA\Federation\AppInfo\Application();
 
 $application->registerRoutes(
-	$this,
-	[
-		'routes' => [
-			[
-				'name' => 'Settings#addServer',
-				'url' => '/trusted-servers',
-				'verb' => 'POST'
-			],
-			[
-				'name' => 'Settings#removeServer',
-				'url' => '/trusted-servers/{id}',
-				'verb' => 'DELETE'
-			],
-			[
-				'name' => 'Settings#autoAddServers',
-				'url' => '/auto-add-servers',
-				'verb' => 'POST'
-			],
-		],
-		'ocs' => [
-			// old endpoints, only used by Nextcloud and ownCloud
-			[
-				'name' => 'OCSAuthAPI#getSharedSecretLegacy',
-				'url' => '/api/v1/shared-secret',
-				'verb' => 'GET',
-			],
-			[
-				'name' => 'OCSAuthAPI#requestSharedSecretLegacy',
-				'url' => '/api/v1/request-shared-secret',
-				'verb' => 'POST',
-			],
-			// new endpoints, published as public api
-			[
-				'name' => 'OCSAuthAPI#getSharedSecret',
-				'root' => '/cloud',
-				'url' => '/shared-secret',
-				'verb' => 'GET',
-			],
-			[
-				'name' => 'OCSAuthAPI#requestSharedSecret',
-				'root' => '/cloud',
-				'url' => '/shared-secret',
-				'verb' => 'POST',
-			],
-		],
-	]
+    $this,
+    [
+        'routes' => [
+            [
+                'name' => 'Settings#addServer',
+                'url' => '/trusted-servers',
+                'verb' => 'POST'
+            ],
+            [
+                'name' => 'Settings#removeServer',
+                'url' => '/trusted-servers/{id}',
+                'verb' => 'DELETE'
+            ],
+            [
+                'name' => 'Settings#autoAddServers',
+                'url' => '/auto-add-servers',
+                'verb' => 'POST'
+            ],
+        ],
+        'ocs' => [
+            // old endpoints, only used by Nextcloud and ownCloud
+            [
+                'name' => 'OCSAuthAPI#getSharedSecretLegacy',
+                'url' => '/api/v1/shared-secret',
+                'verb' => 'GET',
+            ],
+            [
+                'name' => 'OCSAuthAPI#requestSharedSecretLegacy',
+                'url' => '/api/v1/request-shared-secret',
+                'verb' => 'POST',
+            ],
+            // new endpoints, published as public api
+            [
+                'name' => 'OCSAuthAPI#getSharedSecret',
+                'root' => '/cloud',
+                'url' => '/shared-secret',
+                'verb' => 'GET',
+            ],
+            [
+                'name' => 'OCSAuthAPI#requestSharedSecret',
+                'root' => '/cloud',
+                'url' => '/shared-secret',
+                'verb' => 'POST',
+            ],
+        ],
+    ]
 );

apps/federation/lib/SyncFederationAddressBooks.php

Indentation +53 added lines, -53 removed lines

@@ -30,64 +30,64 @@
 
 class SyncFederationAddressBooks {
 
-	/** @var DbHandler */
-	protected $dbHandler;
+    /** @var DbHandler */
+    protected $dbHandler;
 
-	/** @var SyncService */
-	private $syncService;
+    /** @var SyncService */
+    private $syncService;
 
-	/** @var  DiscoveryService */
-	private $ocsDiscoveryService;
+    /** @var  DiscoveryService */
+    private $ocsDiscoveryService;
 
-	/**
-	 * @param DbHandler $dbHandler
-	 * @param SyncService $syncService
-	 * @param IDiscoveryService $ocsDiscoveryService
-	 */
-	public function __construct(DbHandler $dbHandler,
-								SyncService $syncService,
-								IDiscoveryService $ocsDiscoveryService
-	) {
-		$this->syncService = $syncService;
-		$this->dbHandler = $dbHandler;
-		$this->ocsDiscoveryService = $ocsDiscoveryService;
-	}
+    /**
+     * @param DbHandler $dbHandler
+     * @param SyncService $syncService
+     * @param IDiscoveryService $ocsDiscoveryService
+     */
+    public function __construct(DbHandler $dbHandler,
+                                SyncService $syncService,
+                                IDiscoveryService $ocsDiscoveryService
+    ) {
+        $this->syncService = $syncService;
+        $this->dbHandler = $dbHandler;
+        $this->ocsDiscoveryService = $ocsDiscoveryService;
+    }
 
-	/**
-	 * @param \Closure $callback
-	 */
-	public function syncThemAll(\Closure $callback) {
+    /**
+     * @param \Closure $callback
+     */
+    public function syncThemAll(\Closure $callback) {
 
-		$trustedServers = $this->dbHandler->getAllServer();
-		foreach ($trustedServers as $trustedServer) {
-			$url = $trustedServer['url'];
-			$callback($url, null);
-			$sharedSecret = $trustedServer['shared_secret'];
-			$syncToken = $trustedServer['sync_token'];
+        $trustedServers = $this->dbHandler->getAllServer();
+        foreach ($trustedServers as $trustedServer) {
+            $url = $trustedServer['url'];
+            $callback($url, null);
+            $sharedSecret = $trustedServer['shared_secret'];
+            $syncToken = $trustedServer['sync_token'];
 
-			$endPoints = $this->ocsDiscoveryService->discover($url, 'FEDERATED_SHARING');
-			$cardDavUser = isset($endPoints['carddav-user']) ? $endPoints['carddav-user'] : 'system';
-			$addressBookUrl = isset($endPoints['system-address-book']) ? trim($endPoints['system-address-book'], '/') : 'remote.php/dav/addressbooks/system/system/system';
+            $endPoints = $this->ocsDiscoveryService->discover($url, 'FEDERATED_SHARING');
+            $cardDavUser = isset($endPoints['carddav-user']) ? $endPoints['carddav-user'] : 'system';
+            $addressBookUrl = isset($endPoints['system-address-book']) ? trim($endPoints['system-address-book'], '/') : 'remote.php/dav/addressbooks/system/system/system';
 
-			if (is_null($sharedSecret)) {
-				continue;
-			}
-			$targetBookId = $trustedServer['url_hash'];
-			$targetPrincipal = "principals/system/system";
-			$targetBookProperties = [
-					'{DAV:}displayname' => $url
-			];
-			try {
-				$newToken = $this->syncService->syncRemoteAddressBook($url, $cardDavUser, $addressBookUrl, $sharedSecret, $syncToken, $targetBookId, $targetPrincipal, $targetBookProperties);
-				if ($newToken !== $syncToken) {
-					$this->dbHandler->setServerStatus($url, TrustedServers::STATUS_OK, $newToken);
-				}
-			} catch (\Exception $ex) {
-				if ($ex->getCode() === Http::STATUS_UNAUTHORIZED) {
-					$this->dbHandler->setServerStatus($url, TrustedServers::STATUS_ACCESS_REVOKED);
-				}
-				$callback($url, $ex);
-			}
-		}
-	}
+            if (is_null($sharedSecret)) {
+                continue;
+            }
+            $targetBookId = $trustedServer['url_hash'];
+            $targetPrincipal = "principals/system/system";
+            $targetBookProperties = [
+                    '{DAV:}displayname' => $url
+            ];
+            try {
+                $newToken = $this->syncService->syncRemoteAddressBook($url, $cardDavUser, $addressBookUrl, $sharedSecret, $syncToken, $targetBookId, $targetPrincipal, $targetBookProperties);
+                if ($newToken !== $syncToken) {
+                    $this->dbHandler->setServerStatus($url, TrustedServers::STATUS_OK, $newToken);
+                }
+            } catch (\Exception $ex) {
+                if ($ex->getCode() === Http::STATUS_UNAUTHORIZED) {
+                    $this->dbHandler->setServerStatus($url, TrustedServers::STATUS_ACCESS_REVOKED);
+                }
+                $callback($url, $ex);
+            }
+        }
+    }
 }

lib/private/Encryption/Keys/Storage.php

Indentation +340 added lines, -340 removed lines

@@ -32,345 +32,345 @@
 
 class Storage implements IStorage {
 
-	// hidden file which indicate that the folder is a valid key storage
-	const KEY_STORAGE_MARKER = '.oc_key_storage';
-
-	/** @var View */
-	private $view;
-
-	/** @var Util */
-	private $util;
-
-	// base dir where all the file related keys are stored
-	/** @var string */
-	private $keys_base_dir;
-
-	// root of the key storage default is empty which means that we use the data folder
-	/** @var string */
-	private $root_dir;
-
-	/** @var string */
-	private $encryption_base_dir;
-
-	/** @var string */
-	private $backup_base_dir;
-
-	/** @var array */
-	private $keyCache = [];
-
-	/**
-	 * @param View $view
-	 * @param Util $util
-	 */
-	public function __construct(View $view, Util $util) {
-		$this->view = $view;
-		$this->util = $util;
-
-		$this->encryption_base_dir = '/files_encryption';
-		$this->keys_base_dir = $this->encryption_base_dir .'/keys';
-		$this->backup_base_dir = $this->encryption_base_dir .'/backup';
-		$this->root_dir = $this->util->getKeyStorageRoot();
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getUserKey($uid, $keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->getKey($path);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getFileKey($path, $keyId, $encryptionModuleId) {
-		$realFile = $this->util->stripPartialFileExtension($path);
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
-		$key = $this->getKey($keyDir . $keyId);
-
-		if ($key === '' && $realFile !== $path) {
-			// Check if the part file has keys and use them, if no normal keys
-			// exist. This is required to fix copyBetweenStorage() when we
-			// rename a .part file over storage borders.
-			$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-			$key = $this->getKey($keyDir . $keyId);
-		}
-
-		return $key;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSystemUserKey($keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->getKey($path);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->setKey($path, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return $this->setKey($keyDir . $keyId, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->setKey($path, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
-		try {
-			$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-			return !$this->view->file_exists($path) || $this->view->unlink($path);
-		} catch (NoUserException $e) {
-			// this exception can come from initMountPoints() from setupUserMounts()
-			// for a deleted user.
-			//
-			// It means, that:
-			// - we are not running in alternative storage mode because we don't call
-			// initMountPoints() in that mode
-			// - the keys were in the user's home but since the user was deleted, the
-			// user's home is gone and so are the keys
-			//
-			// So there is nothing to do, just ignore.
-		}
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteFileKey($path, $keyId, $encryptionModuleId) {
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteAllFileKeys($path) {
-		$keyDir = $this->getFileKeyDir('', $path);
-		return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteSystemUserKey($keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return !$this->view->file_exists($path) || $this->view->unlink($path);
-	}
-
-	/**
-	 * construct path to users key
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $keyId
-	 * @param string $uid
-	 * @return string
-	 */
-	protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
-
-		if ($uid === null) {
-			$path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
-		} else {
-			$path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
-				. $encryptionModuleId . '/' . $uid . '.' . $keyId;
-		}
-
-		return \OC\Files\Filesystem::normalizePath($path);
-	}
-
-	/**
-	 * read key from hard disk
-	 *
-	 * @param string $path to key
-	 * @return string
-	 */
-	private function getKey($path) {
-
-		$key = '';
-
-		if ($this->view->file_exists($path)) {
-			if (isset($this->keyCache[$path])) {
-				$key =  $this->keyCache[$path];
-			} else {
-				$key = $this->view->file_get_contents($path);
-				$this->keyCache[$path] = $key;
-			}
-		}
-
-		return $key;
-	}
-
-	/**
-	 * write key to disk
-	 *
-	 *
-	 * @param string $path path to key directory
-	 * @param string $key key
-	 * @return bool
-	 */
-	private function setKey($path, $key) {
-		$this->keySetPreparation(dirname($path));
-
-		$result = $this->view->file_put_contents($path, $key);
-
-		if (is_int($result) && $result > 0) {
-			$this->keyCache[$path] = $key;
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * get path to key folder for a given file
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $path path to the file, relative to data/
-	 * @return string
-	 */
-	private function getFileKeyDir($encryptionModuleId, $path) {
-
-		list($owner, $filename) = $this->util->getUidAndFilename($path);
-
-		// in case of system wide mount points the keys are stored directly in the data directory
-		if ($this->util->isSystemWideMountPoint($filename, $owner)) {
-			$keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
-		} else {
-			$keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
-		}
-
-		return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
-	}
-
-	/**
-	 * move keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 */
-	public function renameKeys($source, $target) {
-
-		$sourcePath = $this->getPathToKeys($source);
-		$targetPath = $this->getPathToKeys($target);
-
-		if ($this->view->file_exists($sourcePath)) {
-			$this->keySetPreparation(dirname($targetPath));
-			$this->view->rename($sourcePath, $targetPath);
-
-			return true;
-		}
-
-		return false;
-	}
-
-
-	/**
-	 * copy keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 */
-	public function copyKeys($source, $target) {
-
-		$sourcePath = $this->getPathToKeys($source);
-		$targetPath = $this->getPathToKeys($target);
-
-		if ($this->view->file_exists($sourcePath)) {
-			$this->keySetPreparation(dirname($targetPath));
-			$this->view->copy($sourcePath, $targetPath);
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * backup keys of a given encryption module
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $purpose
-	 * @param string $uid
-	 * @return bool
-	 * @since 12.0.0
-	 */
-	public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
-		$source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
-		$backupDir = $uid . $this->backup_base_dir;
-		if (!$this->view->file_exists($backupDir)) {
-			$this->view->mkdir($backupDir);
-		}
-
-		$backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
-		$this->view->mkdir($backupDir);
-
-		return $this->view->copy($source, $backupDir);
-	}
-
-	/**
-	 * get the current timestamp
-	 *
-	 * @return int
-	 */
-	protected function getTimestamp() {
-		return time();
-	}
-
-	/**
-	 * get system wide path and detect mount points
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	protected function getPathToKeys($path) {
-		list($owner, $relativePath) = $this->util->getUidAndFilename($path);
-		$systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
-
-		if ($systemWideMountPoint) {
-			$systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
-		} else {
-			$systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
-		}
-
-		return  Filesystem::normalizePath($systemPath, false);
-	}
-
-	/**
-	 * Make preparations to filesystem for saving a key file
-	 *
-	 * @param string $path relative to the views root
-	 */
-	protected function keySetPreparation($path) {
-		// If the file resides within a subdirectory, create it
-		if (!$this->view->file_exists($path)) {
-			$sub_dirs = explode('/', ltrim($path, '/'));
-			$dir = '';
-			foreach ($sub_dirs as $sub_dir) {
-				$dir .= '/' . $sub_dir;
-				if (!$this->view->is_dir($dir)) {
-					$this->view->mkdir($dir);
-				}
-			}
-		}
-	}
+    // hidden file which indicate that the folder is a valid key storage
+    const KEY_STORAGE_MARKER = '.oc_key_storage';
+
+    /** @var View */
+    private $view;
+
+    /** @var Util */
+    private $util;
+
+    // base dir where all the file related keys are stored
+    /** @var string */
+    private $keys_base_dir;
+
+    // root of the key storage default is empty which means that we use the data folder
+    /** @var string */
+    private $root_dir;
+
+    /** @var string */
+    private $encryption_base_dir;
+
+    /** @var string */
+    private $backup_base_dir;
+
+    /** @var array */
+    private $keyCache = [];
+
+    /**
+     * @param View $view
+     * @param Util $util
+     */
+    public function __construct(View $view, Util $util) {
+        $this->view = $view;
+        $this->util = $util;
+
+        $this->encryption_base_dir = '/files_encryption';
+        $this->keys_base_dir = $this->encryption_base_dir .'/keys';
+        $this->backup_base_dir = $this->encryption_base_dir .'/backup';
+        $this->root_dir = $this->util->getKeyStorageRoot();
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getUserKey($uid, $keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+        return $this->getKey($path);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getFileKey($path, $keyId, $encryptionModuleId) {
+        $realFile = $this->util->stripPartialFileExtension($path);
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
+        $key = $this->getKey($keyDir . $keyId);
+
+        if ($key === '' && $realFile !== $path) {
+            // Check if the part file has keys and use them, if no normal keys
+            // exist. This is required to fix copyBetweenStorage() when we
+            // rename a .part file over storage borders.
+            $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+            $key = $this->getKey($keyDir . $keyId);
+        }
+
+        return $key;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSystemUserKey($keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return $this->getKey($path);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+        return $this->setKey($path, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+        return $this->setKey($keyDir . $keyId, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return $this->setKey($path, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
+        try {
+            $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+            return !$this->view->file_exists($path) || $this->view->unlink($path);
+        } catch (NoUserException $e) {
+            // this exception can come from initMountPoints() from setupUserMounts()
+            // for a deleted user.
+            //
+            // It means, that:
+            // - we are not running in alternative storage mode because we don't call
+            // initMountPoints() in that mode
+            // - the keys were in the user's home but since the user was deleted, the
+            // user's home is gone and so are the keys
+            //
+            // So there is nothing to do, just ignore.
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteFileKey($path, $keyId, $encryptionModuleId) {
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+        return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteAllFileKeys($path) {
+        $keyDir = $this->getFileKeyDir('', $path);
+        return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteSystemUserKey($keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return !$this->view->file_exists($path) || $this->view->unlink($path);
+    }
+
+    /**
+     * construct path to users key
+     *
+     * @param string $encryptionModuleId
+     * @param string $keyId
+     * @param string $uid
+     * @return string
+     */
+    protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
+
+        if ($uid === null) {
+            $path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
+        } else {
+            $path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
+                . $encryptionModuleId . '/' . $uid . '.' . $keyId;
+        }
+
+        return \OC\Files\Filesystem::normalizePath($path);
+    }
+
+    /**
+     * read key from hard disk
+     *
+     * @param string $path to key
+     * @return string
+     */
+    private function getKey($path) {
+
+        $key = '';
+
+        if ($this->view->file_exists($path)) {
+            if (isset($this->keyCache[$path])) {
+                $key =  $this->keyCache[$path];
+            } else {
+                $key = $this->view->file_get_contents($path);
+                $this->keyCache[$path] = $key;
+            }
+        }
+
+        return $key;
+    }
+
+    /**
+     * write key to disk
+     *
+     *
+     * @param string $path path to key directory
+     * @param string $key key
+     * @return bool
+     */
+    private function setKey($path, $key) {
+        $this->keySetPreparation(dirname($path));
+
+        $result = $this->view->file_put_contents($path, $key);
+
+        if (is_int($result) && $result > 0) {
+            $this->keyCache[$path] = $key;
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * get path to key folder for a given file
+     *
+     * @param string $encryptionModuleId
+     * @param string $path path to the file, relative to data/
+     * @return string
+     */
+    private function getFileKeyDir($encryptionModuleId, $path) {
+
+        list($owner, $filename) = $this->util->getUidAndFilename($path);
+
+        // in case of system wide mount points the keys are stored directly in the data directory
+        if ($this->util->isSystemWideMountPoint($filename, $owner)) {
+            $keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
+        } else {
+            $keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
+        }
+
+        return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
+    }
+
+    /**
+     * move keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     */
+    public function renameKeys($source, $target) {
+
+        $sourcePath = $this->getPathToKeys($source);
+        $targetPath = $this->getPathToKeys($target);
+
+        if ($this->view->file_exists($sourcePath)) {
+            $this->keySetPreparation(dirname($targetPath));
+            $this->view->rename($sourcePath, $targetPath);
+
+            return true;
+        }
+
+        return false;
+    }
+
+
+    /**
+     * copy keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     */
+    public function copyKeys($source, $target) {
+
+        $sourcePath = $this->getPathToKeys($source);
+        $targetPath = $this->getPathToKeys($target);
+
+        if ($this->view->file_exists($sourcePath)) {
+            $this->keySetPreparation(dirname($targetPath));
+            $this->view->copy($sourcePath, $targetPath);
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * backup keys of a given encryption module
+     *
+     * @param string $encryptionModuleId
+     * @param string $purpose
+     * @param string $uid
+     * @return bool
+     * @since 12.0.0
+     */
+    public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
+        $source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
+        $backupDir = $uid . $this->backup_base_dir;
+        if (!$this->view->file_exists($backupDir)) {
+            $this->view->mkdir($backupDir);
+        }
+
+        $backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
+        $this->view->mkdir($backupDir);
+
+        return $this->view->copy($source, $backupDir);
+    }
+
+    /**
+     * get the current timestamp
+     *
+     * @return int
+     */
+    protected function getTimestamp() {
+        return time();
+    }
+
+    /**
+     * get system wide path and detect mount points
+     *
+     * @param string $path
+     * @return string
+     */
+    protected function getPathToKeys($path) {
+        list($owner, $relativePath) = $this->util->getUidAndFilename($path);
+        $systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
+
+        if ($systemWideMountPoint) {
+            $systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
+        } else {
+            $systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
+        }
+
+        return  Filesystem::normalizePath($systemPath, false);
+    }
+
+    /**
+     * Make preparations to filesystem for saving a key file
+     *
+     * @param string $path relative to the views root
+     */
+    protected function keySetPreparation($path) {
+        // If the file resides within a subdirectory, create it
+        if (!$this->view->file_exists($path)) {
+            $sub_dirs = explode('/', ltrim($path, '/'));
+            $dir = '';
+            foreach ($sub_dirs as $sub_dir) {
+                $dir .= '/' . $sub_dir;
+                if (!$this->view->is_dir($dir)) {
+                    $this->view->mkdir($dir);
+                }
+            }
+        }
+    }
 
 }