nextcloud / server

apps/twofactor_backupcodes/lib/Service/BackupCodeStorage.php

Indentation +128 added lines, -128 removed lines

@@ -33,133 +33,133 @@
 
 class BackupCodeStorage {
 
-	private static $CODE_LENGTH = 16;
-
-	/** @var BackupCodeMapper */
-	private $mapper;
-
-	/** @var IHasher */
-	private $hasher;
-
-	/** @var ISecureRandom */
-	private $random;
-
-	/** @var IManager */
-	private $activityManager;
-
-	/** @var ILogger */
-	private $logger;
-
-	/**
-	 * @param BackupCodeMapper $mapper
-	 * @param ISecureRandom $random
-	 * @param IHasher $hasher
-	 * @param IManager $activityManager
-	 * @param ILogger $logger
-	 */
-	public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher,
-		IManager $activityManager, ILogger $logger) {
-		$this->mapper = $mapper;
-		$this->hasher = $hasher;
-		$this->random = $random;
-		$this->activityManager = $activityManager;
-		$this->logger = $logger;
-	}
-
-	/**
-	 * @param IUser $user
-	 * @return string[]
-	 */
-	public function createCodes(IUser $user, $number = 10) {
-		$result = [];
-
-		// Delete existing ones
-		$this->mapper->deleteCodes($user);
-
-		$uid = $user->getUID();
-		foreach (range(1, min([$number, 20])) as $i) {
-			$code = $this->random->generate(self::$CODE_LENGTH, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
-
-			$dbCode = new BackupCode();
-			$dbCode->setUserId($uid);
-			$dbCode->setCode($this->hasher->hash($code));
-			$dbCode->setUsed(0);
-			$this->mapper->insert($dbCode);
-
-			array_push($result, $code);
-		}
-
-		$this->publishEvent($user, 'codes_generated');
-
-		return $result;
-	}
-
-	/**
-	 * Push an event the user's activity stream
-	 *
-	 * @param IUser $user
-	 * @param string $event
-	 */
-	private function publishEvent(IUser $user, $event) {
-		$activity = $this->activityManager->generateEvent();
-		$activity->setApp('twofactor_backupcodes')
-			->setType('twofactor')
-			->setAuthor($user->getUID())
-			->setAffectedUser($user->getUID())
-			->setSubject($event);
-		try {
-			$this->activityManager->publish($activity);
-		} catch (BadMethodCallException $e) {
-			$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
-			$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
-		}
-	}
-
-	/**
-	 * @param IUser $user
-	 * @return bool
-	 */
-	public function hasBackupCodes(IUser $user) {
-		$codes = $this->mapper->getBackupCodes($user);
-		return count($codes) > 0;
-	}
-
-	/**
-	 * @param IUser $user
-	 * @return array
-	 */
-	public function getBackupCodesState(IUser $user) {
-		$codes = $this->mapper->getBackupCodes($user);
-		$total = count($codes);
-		$used = 0;
-		array_walk($codes, function (BackupCode $code) use (&$used) {
-			if (1 === (int) $code->getUsed()) {
-				$used++;
-			}
-		});
-		return [
-			'enabled' => $total > 0,
-			'total' => $total,
-			'used' => $used,
-		];
-	}
-
-	/**
-	 * @param IUser $user
-	 * @param string $code
-	 * @return bool
-	 */
-	public function validateCode(IUser $user, $code) {
-		$dbCodes = $this->mapper->getBackupCodes($user);
-
-		foreach ($dbCodes as $dbCode) {
-			if (0 === (int) $dbCode->getUsed() && $this->hasher->verify($code, $dbCode->getCode())) {
-				$dbCode->setUsed(1);
-				$this->mapper->update($dbCode);
-				return true;
-			}
-		}
-		return false;
-	}
+    private static $CODE_LENGTH = 16;
+
+    /** @var BackupCodeMapper */
+    private $mapper;
+
+    /** @var IHasher */
+    private $hasher;
+
+    /** @var ISecureRandom */
+    private $random;
+
+    /** @var IManager */
+    private $activityManager;
+
+    /** @var ILogger */
+    private $logger;
+
+    /**
+     * @param BackupCodeMapper $mapper
+     * @param ISecureRandom $random
+     * @param IHasher $hasher
+     * @param IManager $activityManager
+     * @param ILogger $logger
+     */
+    public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher,
+        IManager $activityManager, ILogger $logger) {
+        $this->mapper = $mapper;
+        $this->hasher = $hasher;
+        $this->random = $random;
+        $this->activityManager = $activityManager;
+        $this->logger = $logger;
+    }
+
+    /**
+     * @param IUser $user
+     * @return string[]
+     */
+    public function createCodes(IUser $user, $number = 10) {
+        $result = [];
+
+        // Delete existing ones
+        $this->mapper->deleteCodes($user);
+
+        $uid = $user->getUID();
+        foreach (range(1, min([$number, 20])) as $i) {
+            $code = $this->random->generate(self::$CODE_LENGTH, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
+
+            $dbCode = new BackupCode();
+            $dbCode->setUserId($uid);
+            $dbCode->setCode($this->hasher->hash($code));
+            $dbCode->setUsed(0);
+            $this->mapper->insert($dbCode);
+
+            array_push($result, $code);
+        }
+
+        $this->publishEvent($user, 'codes_generated');
+
+        return $result;
+    }
+
+    /**
+     * Push an event the user's activity stream
+     *
+     * @param IUser $user
+     * @param string $event
+     */
+    private function publishEvent(IUser $user, $event) {
+        $activity = $this->activityManager->generateEvent();
+        $activity->setApp('twofactor_backupcodes')
+            ->setType('twofactor')
+            ->setAuthor($user->getUID())
+            ->setAffectedUser($user->getUID())
+            ->setSubject($event);
+        try {
+            $this->activityManager->publish($activity);
+        } catch (BadMethodCallException $e) {
+            $this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
+            $this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
+        }
+    }
+
+    /**
+     * @param IUser $user
+     * @return bool
+     */
+    public function hasBackupCodes(IUser $user) {
+        $codes = $this->mapper->getBackupCodes($user);
+        return count($codes) > 0;
+    }
+
+    /**
+     * @param IUser $user
+     * @return array
+     */
+    public function getBackupCodesState(IUser $user) {
+        $codes = $this->mapper->getBackupCodes($user);
+        $total = count($codes);
+        $used = 0;
+        array_walk($codes, function (BackupCode $code) use (&$used) {
+            if (1 === (int) $code->getUsed()) {
+                $used++;
+            }
+        });
+        return [
+            'enabled' => $total > 0,
+            'total' => $total,
+            'used' => $used,
+        ];
+    }
+
+    /**
+     * @param IUser $user
+     * @param string $code
+     * @return bool
+     */
+    public function validateCode(IUser $user, $code) {
+        $dbCodes = $this->mapper->getBackupCodes($user);
+
+        foreach ($dbCodes as $dbCode) {
+            if (0 === (int) $dbCode->getUsed() && $this->hasher->verify($code, $dbCode->getCode())) {
+                $dbCode->setUsed(1);
+                $this->mapper->update($dbCode);
+                return true;
+            }
+        }
+        return false;
+    }
 
 }

apps/twofactor_backupcodes/lib/Controller/SettingsController.php

Indentation +37 added lines, -37 removed lines

@@ -30,46 +30,46 @@
 
 class SettingsController extends Controller {
 
-	/** @var BackupCodeStorage */
-	private $storage;
+    /** @var BackupCodeStorage */
+    private $storage;
 
-	/** @var IUserSession */
-	private $userSession;
+    /** @var IUserSession */
+    private $userSession;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param BackupCodeStorage $storage
-	 * @param IUserSession $userSession
-	 */
-	public function __construct($appName, IRequest $request, BackupCodeStorage $storage, IUserSession $userSession) {
-		parent::__construct($appName, $request);
-		$this->userSession = $userSession;
-		$this->storage = $storage;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param BackupCodeStorage $storage
+     * @param IUserSession $userSession
+     */
+    public function __construct($appName, IRequest $request, BackupCodeStorage $storage, IUserSession $userSession) {
+        parent::__construct($appName, $request);
+        $this->userSession = $userSession;
+        $this->storage = $storage;
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @return JSONResponse
-	 */
-	public function state() {
-		$user = $this->userSession->getUser();
-		return $this->storage->getBackupCodesState($user);
-	}
+    /**
+     * @NoAdminRequired
+     * @return JSONResponse
+     */
+    public function state() {
+        $user = $this->userSession->getUser();
+        return $this->storage->getBackupCodesState($user);
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @return JSONResponse
-	 */
-	public function createCodes() {
-		$user = $this->userSession->getUser();
-		$codes = $this->storage->createCodes($user);
-		return new JSONResponse([
-			'codes' => $codes,
-			'state' => $this->storage->getBackupCodesState($user),
-		]);
-	}
+    /**
+     * @NoAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @return JSONResponse
+     */
+    public function createCodes() {
+        $user = $this->userSession->getUser();
+        $codes = $this->storage->createCodes($user);
+        return new JSONResponse([
+            'codes' => $codes,
+            'state' => $this->storage->getBackupCodesState($user),
+        ]);
+    }
 
 }

apps/twofactor_backupcodes/lib/Db/BackupCodeMapper.php

Indentation +27 added lines, -27 removed lines

@@ -27,38 +27,38 @@
 
 class BackupCodeMapper extends Mapper {
 
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'twofactor_backup_codes');
-	}
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'twofactor_backup_codes');
+    }
 
-	/**
-	 * @param IUser $user
-	 * @return BackupCode[]
-	 */
-	public function getBackupCodes(IUser $user) {
-		/* @var IQueryBuilder $qb */
-		$qb = $this->db->getQueryBuilder();
+    /**
+     * @param IUser $user
+     * @return BackupCode[]
+     */
+    public function getBackupCodes(IUser $user) {
+        /* @var IQueryBuilder $qb */
+        $qb = $this->db->getQueryBuilder();
 
-		$qb->select('id', 'user_id', 'code', 'used')
-			->from('twofactor_backup_codes')
-			->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user->getUID())));
-		$result = $qb->execute();
+        $qb->select('id', 'user_id', 'code', 'used')
+            ->from('twofactor_backup_codes')
+            ->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user->getUID())));
+        $result = $qb->execute();
 
-		$rows = $result->fetchAll();
-		$result->closeCursor();
+        $rows = $result->fetchAll();
+        $result->closeCursor();
 
-		return array_map(function ($row) {
-			return BackupCode::fromRow($row);
-		}, $rows);
-	}
+        return array_map(function ($row) {
+            return BackupCode::fromRow($row);
+        }, $rows);
+    }
 
-	public function deleteCodes(IUser $user) {
-		/* @var IQueryBuilder $qb */
-		$qb = $this->db->getQueryBuilder();
+    public function deleteCodes(IUser $user) {
+        /* @var IQueryBuilder $qb */
+        $qb = $this->db->getQueryBuilder();
 
-		$qb->delete('twofactor_backup_codes')
-			->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user->getUID())));
-		$qb->execute();
-	}
+        $qb->delete('twofactor_backup_codes')
+            ->where($qb->expr()->eq('user_id', $qb->createNamedParameter($user->getUID())));
+        $qb->execute();
+    }
 
 }

apps/twofactor_backupcodes/lib/Db/BackupCode.php

Indentation +6 added lines, -6 removed lines

@@ -34,13 +34,13 @@
  */
 class BackupCode extends Entity {
 
-	/** @var string */
-	protected $userId;
+    /** @var string */
+    protected $userId;
 
-	/** @var string */
-	protected $code;
+    /** @var string */
+    protected $code;
 
-	/** @var int */
-	protected $used;
+    /** @var int */
+    protected $used;
 
 }

apps/twofactor_backupcodes/appinfo/routes.php

Indentation +12 added lines, -12 removed lines

@@ -21,17 +21,17 @@
  */
 // @codeCoverageIgnoreStart
 return [
-	'routes' => [
-		[
-			'name' => 'settings#state',
-			'url' => '/settings/state',
-			'verb' => 'GET'
-		],
-		[
-			'name' => 'settings#createCodes',
-			'url' => '/settings/create',
-			'verb' => 'POST'
-		],
-	]
+    'routes' => [
+        [
+            'name' => 'settings#state',
+            'url' => '/settings/state',
+            'verb' => 'GET'
+        ],
+        [
+            'name' => 'settings#createCodes',
+            'url' => '/settings/create',
+            'verb' => 'POST'
+        ],
+    ]
 ];
 // @codeCoverageIgnoreEnd

apps/encryption/templates/altmail.php

Indentation +2 added lines, -2 removed lines

@@ -4,8 +4,8 @@
 
 print_unescaped($l->t("Hey there,\n\nthe admin enabled server-side-encryption. Your files were encrypted using the password '%s'.\n\nPlease login to the web interface, go to the section 'basic encryption module' of your personal settings and update your encryption password by entering this password into the 'old log-in password' field and your current login-password.\n\n", array($_['password'])));
 if ( isset($_['expiration']) ) {
-	print_unescaped($l->t("The share will expire on %s.", array($_['expiration'])));
-	print_unescaped("\n\n");
+    print_unescaped($l->t("The share will expire on %s.", array($_['expiration'])));
+    print_unescaped("\n\n");
 }
 // TRANSLATORS term at the end of a mail
 p($l->t("Cheers!"));

apps/encryption/templates/settings-personal.php

Indentation +4 added lines, -4 removed lines

@@ -1,6 +1,6 @@ 
 <?php
-	/** @var array $_ */
-	/** @var \OCP\IL10N $l */
+    /** @var array $_ */
+    /** @var \OCP\IL10N $l */
 script('encryption', 'settings-personal');
 script('core', 'multiselect');
 ?>
@@ -20,8 +20,8 @@ 
 			<br />
 			<?php p( $l->t( "Set your old private key password to your current log-in password:" ) ); ?>
 			<?php if (  $_["recoveryEnabledForUser"] ):
-					p( $l->t( " If you don't remember your old password you can ask your administrator to recover your files." ) );
-			endif; ?>
+                    p( $l->t( " If you don't remember your old password you can ask your administrator to recover your files." ) );
+            endif; ?>
 			<br />
 			<input
 				type="password"

apps/encryption/templates/mail.php

Indentation +4 added lines, -4 removed lines

@@ -15,10 +15,10 @@
 					<td width="20px">&nbsp;</td>
 					<td style="font-weight:normal; font-size:0.8em; line-height:1.2em; font-family:verdana,'arial',sans;">
 						<?php
-						print_unescaped($l->t('Hey there,<br><br>the admin enabled server-side-encryption. Your files were encrypted using the password <strong>%s</strong>.<br><br>Please login to the web interface, go to the section "basic encryption module" of your personal settings and update your encryption password by entering this password into the "old log-in password" field and your current login-password.<br><br>', array($_['password'])));
-						// TRANSLATORS term at the end of a mail
-						p($l->t('Cheers!'));
-						?>
+                        print_unescaped($l->t('Hey there,<br><br>the admin enabled server-side-encryption. Your files were encrypted using the password <strong>%s</strong>.<br><br>Please login to the web interface, go to the section "basic encryption module" of your personal settings and update your encryption password by entering this password into the "old log-in password" field and your current login-password.<br><br>', array($_['password'])));
+                        // TRANSLATORS term at the end of a mail
+                        p($l->t('Cheers!'));
+                        ?>
 					</td>
 				</tr>
 				<tr><td colspan="2">&nbsp;</td></tr>

apps/encryption/lib/Migration.php

Indentation +355 added lines, -355 removed lines

@@ -32,359 +32,359 @@
 
 class Migration {
 
-	private $moduleId;
-	/** @var \OC\Files\View */
-	private $view;
-	/** @var \OCP\IDBConnection */
-	private $connection;
-	/** @var IConfig */
-	private $config;
-	/** @var  ILogger */
-	private $logger;
-	/** @var string*/
-	protected $installedVersion;
-
-	/**
-	 * @param IConfig $config
-	 * @param View $view
-	 * @param IDBConnection $connection
-	 * @param ILogger $logger
-	 */
-	public function __construct(IConfig $config, View $view, IDBConnection $connection, ILogger $logger) {
-		$this->view = $view;
-		$this->view->disableCacheUpdate();
-		$this->connection = $connection;
-		$this->moduleId = \OCA\Encryption\Crypto\Encryption::ID;
-		$this->config = $config;
-		$this->logger = $logger;
-		$this->installedVersion = $this->config->getAppValue('files_encryption', 'installed_version', '-1');
-	}
-
-	public function finalCleanUp() {
-		$this->view->deleteAll('files_encryption/public_keys');
-		$this->updateFileCache();
-		$this->config->deleteAppValue('files_encryption', 'installed_version');
-	}
-
-	/**
-	 * update file cache, copy unencrypted_size to the 'size' column
-	 */
-	private function updateFileCache() {
-		// make sure that we don't update the file cache multiple times
-		// only update during the first run
-		if ($this->installedVersion !== '-1') {
-			$query = $this->connection->getQueryBuilder();
-			$query->update('filecache')
-				->set('size', 'unencrypted_size')
-				->where($query->expr()->eq('encrypted', $query->createParameter('encrypted')))
-				->setParameter('encrypted', 1);
-			$query->execute();
-		}
-	}
-
-	/**
-	 * iterate through users and reorganize the folder structure
-	 */
-	public function reorganizeFolderStructure() {
-		$this->reorganizeSystemFolderStructure();
-
-		$limit = 500;
-		$offset = 0;
-		do {
-			$users = \OCP\User::getUsers('', $limit, $offset);
-			foreach ($users as $user) {
-				$this->reorganizeFolderStructureForUser($user);
-			}
-			$offset += $limit;
-		} while (count($users) >= $limit);
-	}
-
-	/**
-	 * reorganize system wide folder structure
-	 */
-	public function reorganizeSystemFolderStructure() {
-
-		$this->createPathForKeys('/files_encryption');
-
-		// backup system wide folders
-		$this->backupSystemWideKeys();
-
-		// rename system wide mount point
-		$this->renameFileKeys('', '/files_encryption/keys');
-
-		// rename system private keys
-		$this->renameSystemPrivateKeys();
-
-		$storage = $this->view->getMount('')->getStorage();
-		$storage->getScanner()->scan('files_encryption');
-	}
-
-
-	/**
-	 * reorganize folder structure for user
-	 *
-	 * @param string $user
-	 */
-	public function reorganizeFolderStructureForUser($user) {
-		// backup all keys
-		\OC_Util::tearDownFS();
-		\OC_Util::setupFS($user);
-		if ($this->backupUserKeys($user)) {
-			// rename users private key
-			$this->renameUsersPrivateKey($user);
-			$this->renameUsersPublicKey($user);
-			// rename file keys
-			$path = '/files_encryption/keys';
-			$this->renameFileKeys($user, $path);
-			$trashPath = '/files_trashbin/keys';
-			if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($user . '/' . $trashPath)) {
-				$this->renameFileKeys($user, $trashPath, true);
-				$this->view->deleteAll($trashPath);
-			}
-			// delete old folders
-			$this->deleteOldKeys($user);
-			$this->view->getMount('/' . $user)->getStorage()->getScanner()->scan('files_encryption');
-		}
-	}
-
-	/**
-	 * update database
-	 */
-	public function updateDB() {
-
-		// make sure that we don't update the file cache multiple times
-		// only update during the first run
-		if ($this->installedVersion === '-1') {
-			return;
-		}
-
-		// delete left-over from old encryption which is no longer needed
-		$this->config->deleteAppValue('files_encryption', 'ocsid');
-		$this->config->deleteAppValue('files_encryption', 'types');
-		$this->config->deleteAppValue('files_encryption', 'enabled');
-
-		$oldAppValues = $this->connection->getQueryBuilder();
-		$oldAppValues->select('*')
-			->from('appconfig')
-			->where($oldAppValues->expr()->eq('appid', $oldAppValues->createParameter('appid')))
-			->setParameter('appid', 'files_encryption');
-		$appSettings = $oldAppValues->execute();
-
-		while ($row = $appSettings->fetch()) {
-			// 'installed_version' gets deleted at the end of the migration process
-			if ($row['configkey'] !== 'installed_version' ) {
-				$this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']);
-				$this->config->deleteAppValue('files_encryption', $row['configkey']);
-			}
-		}
-
-		$oldPreferences = $this->connection->getQueryBuilder();
-		$oldPreferences->select('*')
-			->from('preferences')
-			->where($oldPreferences->expr()->eq('appid', $oldPreferences->createParameter('appid')))
-			->setParameter('appid', 'files_encryption');
-		$preferenceSettings = $oldPreferences->execute();
-
-		while ($row = $preferenceSettings->fetch()) {
-			$this->config->setUserValue($row['userid'], 'encryption', $row['configkey'], $row['configvalue']);
-			$this->config->deleteUserValue($row['userid'], 'files_encryption', $row['configkey']);
-		}
-	}
-
-	/**
-	 * create backup of system-wide keys
-	 */
-	private function backupSystemWideKeys() {
-		$backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s");
-		$this->view->mkdir($backupDir);
-		$this->view->copy('files_encryption', $backupDir . '/files_encryption');
-	}
-
-	/**
-	 * create backup of user specific keys
-	 *
-	 * @param string $user
-	 * @return bool
-	 */
-	private function backupUserKeys($user) {
-		$encryptionDir = $user . '/files_encryption';
-		if ($this->view->is_dir($encryptionDir)) {
-			$backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s");
-			$this->view->mkdir($backupDir);
-			$this->view->copy($encryptionDir, $backupDir);
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * rename system-wide private keys
-	 */
-	private function renameSystemPrivateKeys() {
-		$dh = $this->view->opendir('files_encryption');
-		$this->createPathForKeys('/files_encryption/' . $this->moduleId );
-		if (is_resource($dh)) {
-			while (($privateKey = readdir($dh)) !== false) {
-				if (!\OC\Files\Filesystem::isIgnoredDir($privateKey) ) {
-					if (!$this->view->is_dir('/files_encryption/' . $privateKey)) {
-						$this->view->rename('files_encryption/' . $privateKey, 'files_encryption/' . $this->moduleId . '/' . $privateKey);
-						$this->renameSystemPublicKey($privateKey);
-					}
-				}
-			}
-			closedir($dh);
-		}
-	}
-
-	/**
-	 * rename system wide public key
-	 *
-	 * @param string $privateKey private key for which we want to rename the corresponding public key
-	 */
-	private function renameSystemPublicKey($privateKey) {
-		$publicKey = substr($privateKey,0 , strrpos($privateKey, '.privateKey')) . '.publicKey';
-		$this->view->rename('files_encryption/public_keys/' . $publicKey, 'files_encryption/' . $this->moduleId . '/' . $publicKey);
-	}
-
-	/**
-	 * rename user-specific private keys
-	 *
-	 * @param string $user
-	 */
-	private function renameUsersPrivateKey($user) {
-		$oldPrivateKey = $user . '/files_encryption/' . $user . '.privateKey';
-		$newPrivateKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.privateKey';
-		if ($this->view->file_exists($oldPrivateKey)) {
-			$this->createPathForKeys(dirname($newPrivateKey));
-			$this->view->rename($oldPrivateKey, $newPrivateKey);
-		}
-	}
-
-	/**
-	 * rename user-specific public keys
-	 *
-	 * @param string $user
-	 */
-	private function renameUsersPublicKey($user) {
-		$oldPublicKey = '/files_encryption/public_keys/' . $user . '.publicKey';
-		$newPublicKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.publicKey';
-		if ($this->view->file_exists($oldPublicKey)) {
-			$this->createPathForKeys(dirname($newPublicKey));
-			$this->view->rename($oldPublicKey, $newPublicKey);
-		}
-	}
-
-	/**
-	 * rename file keys
-	 *
-	 * @param string $user
-	 * @param string $path
-	 * @param bool $trash
-	 */
-	private function renameFileKeys($user, $path, $trash = false) {
-
-		if ($this->view->is_dir($user . '/' . $path) === false) {
-			$this->logger->info('Skip dir /' . $user . '/' . $path . ': does not exist');
-			return;
-		}
-
-		$dh = $this->view->opendir($user . '/' . $path);
-
-		if (is_resource($dh)) {
-			while (($file = readdir($dh)) !== false) {
-				if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
-					if ($this->view->is_dir($user . '/' . $path . '/' . $file)) {
-						$this->renameFileKeys($user, $path . '/' . $file, $trash);
-					} else {
-						$target = $this->getTargetDir($user, $path, $file, $trash);
-						if ($target !== false) {
-							$this->createPathForKeys(dirname($target));
-							$this->view->rename($user . '/' . $path . '/' . $file, $target);
-						} else {
-							$this->logger->warning(
-								'did not move key "' . $file
-								. '" could not find the corresponding file in /data/' . $user . '/files.'
-							. 'Most likely the key was already moved in a previous migration run and is already on the right place.');
-						}
-					}
-				}
-			}
-			closedir($dh);
-		}
-	}
-
-	/**
-	 * get system mount points
-	 * wrap static method so that it can be mocked for testing
-	 *
-	 * @internal
-	 * @return array
-	 */
-	protected function getSystemMountPoints() {
-		return \OC_Mount_Config::getSystemMountPoints();
-	}
-
-	/**
-	 * generate target directory
-	 *
-	 * @param string $user
-	 * @param string $keyPath
-	 * @param string $filename
-	 * @param bool $trash
-	 * @return string
-	 */
-	private function getTargetDir($user, $keyPath, $filename, $trash) {
-		if ($trash) {
-			$filePath = substr($keyPath, strlen('/files_trashbin/keys/'));
-			$targetDir = $user . '/files_encryption/keys/files_trashbin/' . $filePath . '/' . $this->moduleId . '/' . $filename;
-		} else {
-			$filePath = substr($keyPath, strlen('/files_encryption/keys/'));
-			$targetDir = $user . '/files_encryption/keys/files/' . $filePath . '/' . $this->moduleId . '/' . $filename;
-		}
-
-		if ($user === '') {
-			// for system wide mounts we need to check if the mount point really exists
-			$normalized = \OC\Files\Filesystem::normalizePath($filePath);
-			$systemMountPoints = $this->getSystemMountPoints();
-			foreach ($systemMountPoints as $mountPoint) {
-				$normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/';
-				if (strpos($normalized, $normalizedMountPoint) === 0)
-					return $targetDir;
-			}
-		} else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) {
-			return $targetDir;
-		} else if ($trash === true && $this->view->file_exists('/' . $user. '/files_trashbin/' . $filePath)) {
-				return $targetDir;
-			}
-
-		return false;
-	}
-
-	/**
-	 * delete old keys
-	 *
-	 * @param string $user
-	 */
-	private function deleteOldKeys($user) {
-		$this->view->deleteAll($user . '/files_encryption/keyfiles');
-		$this->view->deleteAll($user . '/files_encryption/share-keys');
-	}
-
-	/**
-	 * create directories for the keys recursively
-	 *
-	 * @param string $path
-	 */
-	private function createPathForKeys($path) {
-		if (!$this->view->file_exists($path)) {
-			$sub_dirs = explode('/', $path);
-			$dir = '';
-			foreach ($sub_dirs as $sub_dir) {
-				$dir .= '/' . $sub_dir;
-				if (!$this->view->is_dir($dir)) {
-					$this->view->mkdir($dir);
-				}
-			}
-		}
-	}
+    private $moduleId;
+    /** @var \OC\Files\View */
+    private $view;
+    /** @var \OCP\IDBConnection */
+    private $connection;
+    /** @var IConfig */
+    private $config;
+    /** @var  ILogger */
+    private $logger;
+    /** @var string*/
+    protected $installedVersion;
+
+    /**
+     * @param IConfig $config
+     * @param View $view
+     * @param IDBConnection $connection
+     * @param ILogger $logger
+     */
+    public function __construct(IConfig $config, View $view, IDBConnection $connection, ILogger $logger) {
+        $this->view = $view;
+        $this->view->disableCacheUpdate();
+        $this->connection = $connection;
+        $this->moduleId = \OCA\Encryption\Crypto\Encryption::ID;
+        $this->config = $config;
+        $this->logger = $logger;
+        $this->installedVersion = $this->config->getAppValue('files_encryption', 'installed_version', '-1');
+    }
+
+    public function finalCleanUp() {
+        $this->view->deleteAll('files_encryption/public_keys');
+        $this->updateFileCache();
+        $this->config->deleteAppValue('files_encryption', 'installed_version');
+    }
+
+    /**
+     * update file cache, copy unencrypted_size to the 'size' column
+     */
+    private function updateFileCache() {
+        // make sure that we don't update the file cache multiple times
+        // only update during the first run
+        if ($this->installedVersion !== '-1') {
+            $query = $this->connection->getQueryBuilder();
+            $query->update('filecache')
+                ->set('size', 'unencrypted_size')
+                ->where($query->expr()->eq('encrypted', $query->createParameter('encrypted')))
+                ->setParameter('encrypted', 1);
+            $query->execute();
+        }
+    }
+
+    /**
+     * iterate through users and reorganize the folder structure
+     */
+    public function reorganizeFolderStructure() {
+        $this->reorganizeSystemFolderStructure();
+
+        $limit = 500;
+        $offset = 0;
+        do {
+            $users = \OCP\User::getUsers('', $limit, $offset);
+            foreach ($users as $user) {
+                $this->reorganizeFolderStructureForUser($user);
+            }
+            $offset += $limit;
+        } while (count($users) >= $limit);
+    }
+
+    /**
+     * reorganize system wide folder structure
+     */
+    public function reorganizeSystemFolderStructure() {
+
+        $this->createPathForKeys('/files_encryption');
+
+        // backup system wide folders
+        $this->backupSystemWideKeys();
+
+        // rename system wide mount point
+        $this->renameFileKeys('', '/files_encryption/keys');
+
+        // rename system private keys
+        $this->renameSystemPrivateKeys();
+
+        $storage = $this->view->getMount('')->getStorage();
+        $storage->getScanner()->scan('files_encryption');
+    }
+
+
+    /**
+     * reorganize folder structure for user
+     *
+     * @param string $user
+     */
+    public function reorganizeFolderStructureForUser($user) {
+        // backup all keys
+        \OC_Util::tearDownFS();
+        \OC_Util::setupFS($user);
+        if ($this->backupUserKeys($user)) {
+            // rename users private key
+            $this->renameUsersPrivateKey($user);
+            $this->renameUsersPublicKey($user);
+            // rename file keys
+            $path = '/files_encryption/keys';
+            $this->renameFileKeys($user, $path);
+            $trashPath = '/files_trashbin/keys';
+            if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($user . '/' . $trashPath)) {
+                $this->renameFileKeys($user, $trashPath, true);
+                $this->view->deleteAll($trashPath);
+            }
+            // delete old folders
+            $this->deleteOldKeys($user);
+            $this->view->getMount('/' . $user)->getStorage()->getScanner()->scan('files_encryption');
+        }
+    }
+
+    /**
+     * update database
+     */
+    public function updateDB() {
+
+        // make sure that we don't update the file cache multiple times
+        // only update during the first run
+        if ($this->installedVersion === '-1') {
+            return;
+        }
+
+        // delete left-over from old encryption which is no longer needed
+        $this->config->deleteAppValue('files_encryption', 'ocsid');
+        $this->config->deleteAppValue('files_encryption', 'types');
+        $this->config->deleteAppValue('files_encryption', 'enabled');
+
+        $oldAppValues = $this->connection->getQueryBuilder();
+        $oldAppValues->select('*')
+            ->from('appconfig')
+            ->where($oldAppValues->expr()->eq('appid', $oldAppValues->createParameter('appid')))
+            ->setParameter('appid', 'files_encryption');
+        $appSettings = $oldAppValues->execute();
+
+        while ($row = $appSettings->fetch()) {
+            // 'installed_version' gets deleted at the end of the migration process
+            if ($row['configkey'] !== 'installed_version' ) {
+                $this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']);
+                $this->config->deleteAppValue('files_encryption', $row['configkey']);
+            }
+        }
+
+        $oldPreferences = $this->connection->getQueryBuilder();
+        $oldPreferences->select('*')
+            ->from('preferences')
+            ->where($oldPreferences->expr()->eq('appid', $oldPreferences->createParameter('appid')))
+            ->setParameter('appid', 'files_encryption');
+        $preferenceSettings = $oldPreferences->execute();
+
+        while ($row = $preferenceSettings->fetch()) {
+            $this->config->setUserValue($row['userid'], 'encryption', $row['configkey'], $row['configvalue']);
+            $this->config->deleteUserValue($row['userid'], 'files_encryption', $row['configkey']);
+        }
+    }
+
+    /**
+     * create backup of system-wide keys
+     */
+    private function backupSystemWideKeys() {
+        $backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s");
+        $this->view->mkdir($backupDir);
+        $this->view->copy('files_encryption', $backupDir . '/files_encryption');
+    }
+
+    /**
+     * create backup of user specific keys
+     *
+     * @param string $user
+     * @return bool
+     */
+    private function backupUserKeys($user) {
+        $encryptionDir = $user . '/files_encryption';
+        if ($this->view->is_dir($encryptionDir)) {
+            $backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s");
+            $this->view->mkdir($backupDir);
+            $this->view->copy($encryptionDir, $backupDir);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * rename system-wide private keys
+     */
+    private function renameSystemPrivateKeys() {
+        $dh = $this->view->opendir('files_encryption');
+        $this->createPathForKeys('/files_encryption/' . $this->moduleId );
+        if (is_resource($dh)) {
+            while (($privateKey = readdir($dh)) !== false) {
+                if (!\OC\Files\Filesystem::isIgnoredDir($privateKey) ) {
+                    if (!$this->view->is_dir('/files_encryption/' . $privateKey)) {
+                        $this->view->rename('files_encryption/' . $privateKey, 'files_encryption/' . $this->moduleId . '/' . $privateKey);
+                        $this->renameSystemPublicKey($privateKey);
+                    }
+                }
+            }
+            closedir($dh);
+        }
+    }
+
+    /**
+     * rename system wide public key
+     *
+     * @param string $privateKey private key for which we want to rename the corresponding public key
+     */
+    private function renameSystemPublicKey($privateKey) {
+        $publicKey = substr($privateKey,0 , strrpos($privateKey, '.privateKey')) . '.publicKey';
+        $this->view->rename('files_encryption/public_keys/' . $publicKey, 'files_encryption/' . $this->moduleId . '/' . $publicKey);
+    }
+
+    /**
+     * rename user-specific private keys
+     *
+     * @param string $user
+     */
+    private function renameUsersPrivateKey($user) {
+        $oldPrivateKey = $user . '/files_encryption/' . $user . '.privateKey';
+        $newPrivateKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.privateKey';
+        if ($this->view->file_exists($oldPrivateKey)) {
+            $this->createPathForKeys(dirname($newPrivateKey));
+            $this->view->rename($oldPrivateKey, $newPrivateKey);
+        }
+    }
+
+    /**
+     * rename user-specific public keys
+     *
+     * @param string $user
+     */
+    private function renameUsersPublicKey($user) {
+        $oldPublicKey = '/files_encryption/public_keys/' . $user . '.publicKey';
+        $newPublicKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.publicKey';
+        if ($this->view->file_exists($oldPublicKey)) {
+            $this->createPathForKeys(dirname($newPublicKey));
+            $this->view->rename($oldPublicKey, $newPublicKey);
+        }
+    }
+
+    /**
+     * rename file keys
+     *
+     * @param string $user
+     * @param string $path
+     * @param bool $trash
+     */
+    private function renameFileKeys($user, $path, $trash = false) {
+
+        if ($this->view->is_dir($user . '/' . $path) === false) {
+            $this->logger->info('Skip dir /' . $user . '/' . $path . ': does not exist');
+            return;
+        }
+
+        $dh = $this->view->opendir($user . '/' . $path);
+
+        if (is_resource($dh)) {
+            while (($file = readdir($dh)) !== false) {
+                if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+                    if ($this->view->is_dir($user . '/' . $path . '/' . $file)) {
+                        $this->renameFileKeys($user, $path . '/' . $file, $trash);
+                    } else {
+                        $target = $this->getTargetDir($user, $path, $file, $trash);
+                        if ($target !== false) {
+                            $this->createPathForKeys(dirname($target));
+                            $this->view->rename($user . '/' . $path . '/' . $file, $target);
+                        } else {
+                            $this->logger->warning(
+                                'did not move key "' . $file
+                                . '" could not find the corresponding file in /data/' . $user . '/files.'
+                            . 'Most likely the key was already moved in a previous migration run and is already on the right place.');
+                        }
+                    }
+                }
+            }
+            closedir($dh);
+        }
+    }
+
+    /**
+     * get system mount points
+     * wrap static method so that it can be mocked for testing
+     *
+     * @internal
+     * @return array
+     */
+    protected function getSystemMountPoints() {
+        return \OC_Mount_Config::getSystemMountPoints();
+    }
+
+    /**
+     * generate target directory
+     *
+     * @param string $user
+     * @param string $keyPath
+     * @param string $filename
+     * @param bool $trash
+     * @return string
+     */
+    private function getTargetDir($user, $keyPath, $filename, $trash) {
+        if ($trash) {
+            $filePath = substr($keyPath, strlen('/files_trashbin/keys/'));
+            $targetDir = $user . '/files_encryption/keys/files_trashbin/' . $filePath . '/' . $this->moduleId . '/' . $filename;
+        } else {
+            $filePath = substr($keyPath, strlen('/files_encryption/keys/'));
+            $targetDir = $user . '/files_encryption/keys/files/' . $filePath . '/' . $this->moduleId . '/' . $filename;
+        }
+
+        if ($user === '') {
+            // for system wide mounts we need to check if the mount point really exists
+            $normalized = \OC\Files\Filesystem::normalizePath($filePath);
+            $systemMountPoints = $this->getSystemMountPoints();
+            foreach ($systemMountPoints as $mountPoint) {
+                $normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/';
+                if (strpos($normalized, $normalizedMountPoint) === 0)
+                    return $targetDir;
+            }
+        } else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) {
+            return $targetDir;
+        } else if ($trash === true && $this->view->file_exists('/' . $user. '/files_trashbin/' . $filePath)) {
+                return $targetDir;
+            }
+
+        return false;
+    }
+
+    /**
+     * delete old keys
+     *
+     * @param string $user
+     */
+    private function deleteOldKeys($user) {
+        $this->view->deleteAll($user . '/files_encryption/keyfiles');
+        $this->view->deleteAll($user . '/files_encryption/share-keys');
+    }
+
+    /**
+     * create directories for the keys recursively
+     *
+     * @param string $path
+     */
+    private function createPathForKeys($path) {
+        if (!$this->view->file_exists($path)) {
+            $sub_dirs = explode('/', $path);
+            $dir = '';
+            foreach ($sub_dirs as $sub_dir) {
+                $dir .= '/' . $sub_dir;
+                if (!$this->view->is_dir($dir)) {
+                    $this->view->mkdir($dir);
+                }
+            }
+        }
+    }
 }