nextcloud / server

lib/private/Encryption/Exceptions/ModuleAlreadyExistsException.php

Indentation +7 added lines, -7 removed lines

@@ -27,12 +27,12 @@
 
 class ModuleAlreadyExistsException extends GenericEncryptionException {
 
-	/**
-	 * @param string $id
-	 * @param string $name
-	 */
-	public function __construct($id, $name) {
-		parent::__construct('Id "' . $id . '" already used by encryption module "' . $name . '"');
-	}
+    /**
+     * @param string $id
+     * @param string $name
+     */
+    public function __construct($id, $name) {
+        parent::__construct('Id "' . $id . '" already used by encryption module "' . $name . '"');
+    }
 
 }

Spacing +1 added lines, -1 removed lines

@@ -32,7 +32,7 @@
 	 * @param string $name
 	 */
 	public function __construct($id, $name) {
-		parent::__construct('Id "' . $id . '" already used by encryption module "' . $name . '"');
+		parent::__construct('Id "'.$id.'" already used by encryption module "'.$name.'"');
 	}
 
 }

lib/private/Encryption/Exceptions/EncryptionHeaderToLargeException.php

Indentation +3 added lines, -3 removed lines

@@ -28,8 +28,8 @@
 
 class EncryptionHeaderToLargeException extends GenericEncryptionException {
 
-	public function __construct() {
-		parent::__construct('max header size exceeded');
-	}
+    public function __construct() {
+        parent::__construct('max header size exceeded');
+    }
 
 }

lib/private/Encryption/Exceptions/EncryptionHeaderKeyExistsException.php

Indentation +6 added lines, -6 removed lines

@@ -27,10 +27,10 @@
 
 class EncryptionHeaderKeyExistsException extends GenericEncryptionException {
 
-	/**
-	 * @param string $key
-	 */
-	public function __construct($key) {
-		parent::__construct('header key "'. $key . '" already reserved by ownCloud');
-	}
+    /**
+     * @param string $key
+     */
+    public function __construct($key) {
+        parent::__construct('header key "'. $key . '" already reserved by ownCloud');
+    }
 }

Spacing +1 added lines, -1 removed lines

@@ -31,6 +31,6 @@
 	 * @param string $key
 	 */
 	public function __construct($key) {
-		parent::__construct('header key "'. $key . '" already reserved by ownCloud');
+		parent::__construct('header key "'.$key.'" already reserved by ownCloud');
 	}
 }

lib/private/Encryption/Exceptions/EncryptionFailedException.php

Spacing +1 added lines, -1 removed lines

@@ -26,6 +26,6 @@
 
 use OCP\Encryption\Exceptions\GenericEncryptionException;
 
-class EncryptionFailedException extends GenericEncryptionException{
+class EncryptionFailedException extends GenericEncryptionException {
 
 }

lib/private/Encryption/Exceptions/EmptyEncryptionDataException.php

Spacing +1 added lines, -1 removed lines

@@ -26,6 +26,6 @@
 
 use OCP\Encryption\Exceptions\GenericEncryptionException;
 
-class EmptyEncryptionDataException extends GenericEncryptionException{
+class EmptyEncryptionDataException extends GenericEncryptionException {
 
 }

lib/private/Encryption/DecryptAll.php

Indentation +250 added lines, -250 removed lines

@@ -36,255 +36,255 @@
 
 class DecryptAll {
 
-	/** @var  OutputInterface */
-	protected $output;
-
-	/** @var  InputInterface */
-	protected $input;
-
-	/** @var  Manager */
-	protected $encryptionManager;
-
-	/** @var IUserManager */
-	protected $userManager;
-
-	/** @var View */
-	protected $rootView;
-
-	/** @var  array files which couldn't be decrypted */
-	protected $failed;
-
-	/**
-	 * @param Manager $encryptionManager
-	 * @param IUserManager $userManager
-	 * @param View $rootView
-	 */
-	public function __construct(
-		Manager $encryptionManager,
-		IUserManager $userManager,
-		View $rootView
-	) {
-		$this->encryptionManager = $encryptionManager;
-		$this->userManager = $userManager;
-		$this->rootView = $rootView;
-		$this->failed = [];
-	}
-
-	/**
-	 * start to decrypt all files
-	 *
-	 * @param InputInterface $input
-	 * @param OutputInterface $output
-	 * @param string $user which users data folder should be decrypted, default = all users
-	 * @return bool
-	 * @throws \Exception
-	 */
-	public function decryptAll(InputInterface $input, OutputInterface $output, $user = '') {
-
-		$this->input = $input;
-		$this->output = $output;
-
-		if ($user !== '' && $this->userManager->userExists($user) === false) {
-			$this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again');
-			return false;
-		}
-
-		$this->output->writeln('prepare encryption modules...');
-		if ($this->prepareEncryptionModules($user) === false) {
-			return false;
-		}
-		$this->output->writeln(' done.');
-
-		$this->decryptAllUsersFiles($user);
-
-		if (empty($this->failed)) {
-			$this->output->writeln('all files could be decrypted successfully!');
-		} else {
-			$this->output->writeln('Files for following users couldn\'t be decrypted, ');
-			$this->output->writeln('maybe the user is not set up in a way that supports this operation: ');
-			foreach ($this->failed as $uid => $paths) {
-				$this->output->writeln('    ' . $uid);
-			}
-			$this->output->writeln('');
-		}
-
-		return true;
-	}
-
-	/**
-	 * prepare encryption modules to perform the decrypt all function
-	 *
-	 * @param $user
-	 * @return bool
-	 */
-	protected function prepareEncryptionModules($user) {
-		// prepare all encryption modules for decrypt all
-		$encryptionModules = $this->encryptionManager->getEncryptionModules();
-		foreach ($encryptionModules as $moduleDesc) {
-			/** @var IEncryptionModule $module */
-			$module = call_user_func($moduleDesc['callback']);
-			$this->output->writeln('');
-			$this->output->writeln('Prepare "' . $module->getDisplayName() . '"');
-			$this->output->writeln('');
-			if ($module->prepareDecryptAll($this->input, $this->output, $user) === false) {
-				$this->output->writeln('Module "' . $moduleDesc['displayName'] . '" does not support the functionality to decrypt all files again or the initialization of the module failed!');
-				return false;
-			}
-		}
-
-		return true;
-	}
-
-	/**
-	 * iterate over all user and encrypt their files
-	 *
-	 * @param string $user which users files should be decrypted, default = all users
-	 */
-	protected function decryptAllUsersFiles($user = '') {
-
-		$this->output->writeln("\n");
-
-		$userList = [];
-		if ($user === '') {
-
-			$fetchUsersProgress = new ProgressBar($this->output);
-			$fetchUsersProgress->setFormat(" %message% \n [%bar%]");
-			$fetchUsersProgress->start();
-			$fetchUsersProgress->setMessage("Fetch list of users...");
-			$fetchUsersProgress->advance();
-
-			foreach ($this->userManager->getBackends() as $backend) {
-				$limit = 500;
-				$offset = 0;
-				do {
-					$users = $backend->getUsers('', $limit, $offset);
-					foreach ($users as $user) {
-						$userList[] = $user;
-					}
-					$offset += $limit;
-					$fetchUsersProgress->advance();
-				} while (count($users) >= $limit);
-				$fetchUsersProgress->setMessage("Fetch list of users... finished");
-				$fetchUsersProgress->finish();
-			}
-		} else {
-			$userList[] = $user;
-		}
-
-		$this->output->writeln("\n\n");
-
-		$progress = new ProgressBar($this->output);
-		$progress->setFormat(" %message% \n [%bar%]");
-		$progress->start();
-		$progress->setMessage("starting to decrypt files...");
-		$progress->advance();
-
-		$numberOfUsers = count($userList);
-		$userNo = 1;
-		foreach ($userList as $uid) {
-			$userCount = "$uid ($userNo of $numberOfUsers)";
-			$this->decryptUsersFiles($uid, $progress, $userCount);
-			$userNo++;
-		}
-
-		$progress->setMessage("starting to decrypt files... finished");
-		$progress->finish();
-
-		$this->output->writeln("\n\n");
-
-	}
-
-	/**
-	 * encrypt files from the given user
-	 *
-	 * @param string $uid
-	 * @param ProgressBar $progress
-	 * @param string $userCount
-	 */
-	protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) {
-
-		$this->setupUserFS($uid);
-		$directories = array();
-		$directories[] = '/' . $uid . '/files';
-
-		while ($root = array_pop($directories)) {
-			$content = $this->rootView->getDirectoryContent($root);
-			foreach ($content as $file) {
-				// only decrypt files owned by the user
-				if($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) {
-					continue;
-				}
-				$path = $root . '/' . $file['name'];
-				if ($this->rootView->is_dir($path)) {
-					$directories[] = $path;
-					continue;
-				} else {
-					try {
-						$progress->setMessage("decrypt files for user $userCount: $path");
-						$progress->advance();
-						if ($file->isEncrypted() === false) {
-							$progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
-							$progress->advance();
-						} else {
-							if ($this->decryptFile($path) === false) {
-								$progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
-								$progress->advance();
-							}
-						}
-					} catch (\Exception $e) {
-						if (isset($this->failed[$uid])) {
-							$this->failed[$uid][] = $path;
-						} else {
-							$this->failed[$uid] = [$path];
-						}
-					}
-				}
-			}
-		}
-	}
-
-	/**
-	 * encrypt file
-	 *
-	 * @param string $path
-	 * @return bool
-	 */
-	protected function decryptFile($path) {
-
-		$source = $path;
-		$target = $path . '.decrypted.' . $this->getTimestamp();
-
-		try {
-			$this->rootView->copy($source, $target);
-			$this->rootView->rename($target, $source);
-		} catch (DecryptionFailedException $e) {
-			if ($this->rootView->file_exists($target)) {
-				$this->rootView->unlink($target);
-			}
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * get current timestamp
-	 *
-	 * @return int
-	 */
-	protected function getTimestamp() {
-		return time();
-	}
-
-
-	/**
-	 * setup user file system
-	 *
-	 * @param string $uid
-	 */
-	protected function setupUserFS($uid) {
-		\OC_Util::tearDownFS();
-		\OC_Util::setupFS($uid);
-	}
+    /** @var  OutputInterface */
+    protected $output;
+
+    /** @var  InputInterface */
+    protected $input;
+
+    /** @var  Manager */
+    protected $encryptionManager;
+
+    /** @var IUserManager */
+    protected $userManager;
+
+    /** @var View */
+    protected $rootView;
+
+    /** @var  array files which couldn't be decrypted */
+    protected $failed;
+
+    /**
+     * @param Manager $encryptionManager
+     * @param IUserManager $userManager
+     * @param View $rootView
+     */
+    public function __construct(
+        Manager $encryptionManager,
+        IUserManager $userManager,
+        View $rootView
+    ) {
+        $this->encryptionManager = $encryptionManager;
+        $this->userManager = $userManager;
+        $this->rootView = $rootView;
+        $this->failed = [];
+    }
+
+    /**
+     * start to decrypt all files
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output
+     * @param string $user which users data folder should be decrypted, default = all users
+     * @return bool
+     * @throws \Exception
+     */
+    public function decryptAll(InputInterface $input, OutputInterface $output, $user = '') {
+
+        $this->input = $input;
+        $this->output = $output;
+
+        if ($user !== '' && $this->userManager->userExists($user) === false) {
+            $this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again');
+            return false;
+        }
+
+        $this->output->writeln('prepare encryption modules...');
+        if ($this->prepareEncryptionModules($user) === false) {
+            return false;
+        }
+        $this->output->writeln(' done.');
+
+        $this->decryptAllUsersFiles($user);
+
+        if (empty($this->failed)) {
+            $this->output->writeln('all files could be decrypted successfully!');
+        } else {
+            $this->output->writeln('Files for following users couldn\'t be decrypted, ');
+            $this->output->writeln('maybe the user is not set up in a way that supports this operation: ');
+            foreach ($this->failed as $uid => $paths) {
+                $this->output->writeln('    ' . $uid);
+            }
+            $this->output->writeln('');
+        }
+
+        return true;
+    }
+
+    /**
+     * prepare encryption modules to perform the decrypt all function
+     *
+     * @param $user
+     * @return bool
+     */
+    protected function prepareEncryptionModules($user) {
+        // prepare all encryption modules for decrypt all
+        $encryptionModules = $this->encryptionManager->getEncryptionModules();
+        foreach ($encryptionModules as $moduleDesc) {
+            /** @var IEncryptionModule $module */
+            $module = call_user_func($moduleDesc['callback']);
+            $this->output->writeln('');
+            $this->output->writeln('Prepare "' . $module->getDisplayName() . '"');
+            $this->output->writeln('');
+            if ($module->prepareDecryptAll($this->input, $this->output, $user) === false) {
+                $this->output->writeln('Module "' . $moduleDesc['displayName'] . '" does not support the functionality to decrypt all files again or the initialization of the module failed!');
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * iterate over all user and encrypt their files
+     *
+     * @param string $user which users files should be decrypted, default = all users
+     */
+    protected function decryptAllUsersFiles($user = '') {
+
+        $this->output->writeln("\n");
+
+        $userList = [];
+        if ($user === '') {
+
+            $fetchUsersProgress = new ProgressBar($this->output);
+            $fetchUsersProgress->setFormat(" %message% \n [%bar%]");
+            $fetchUsersProgress->start();
+            $fetchUsersProgress->setMessage("Fetch list of users...");
+            $fetchUsersProgress->advance();
+
+            foreach ($this->userManager->getBackends() as $backend) {
+                $limit = 500;
+                $offset = 0;
+                do {
+                    $users = $backend->getUsers('', $limit, $offset);
+                    foreach ($users as $user) {
+                        $userList[] = $user;
+                    }
+                    $offset += $limit;
+                    $fetchUsersProgress->advance();
+                } while (count($users) >= $limit);
+                $fetchUsersProgress->setMessage("Fetch list of users... finished");
+                $fetchUsersProgress->finish();
+            }
+        } else {
+            $userList[] = $user;
+        }
+
+        $this->output->writeln("\n\n");
+
+        $progress = new ProgressBar($this->output);
+        $progress->setFormat(" %message% \n [%bar%]");
+        $progress->start();
+        $progress->setMessage("starting to decrypt files...");
+        $progress->advance();
+
+        $numberOfUsers = count($userList);
+        $userNo = 1;
+        foreach ($userList as $uid) {
+            $userCount = "$uid ($userNo of $numberOfUsers)";
+            $this->decryptUsersFiles($uid, $progress, $userCount);
+            $userNo++;
+        }
+
+        $progress->setMessage("starting to decrypt files... finished");
+        $progress->finish();
+
+        $this->output->writeln("\n\n");
+
+    }
+
+    /**
+     * encrypt files from the given user
+     *
+     * @param string $uid
+     * @param ProgressBar $progress
+     * @param string $userCount
+     */
+    protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) {
+
+        $this->setupUserFS($uid);
+        $directories = array();
+        $directories[] = '/' . $uid . '/files';
+
+        while ($root = array_pop($directories)) {
+            $content = $this->rootView->getDirectoryContent($root);
+            foreach ($content as $file) {
+                // only decrypt files owned by the user
+                if($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) {
+                    continue;
+                }
+                $path = $root . '/' . $file['name'];
+                if ($this->rootView->is_dir($path)) {
+                    $directories[] = $path;
+                    continue;
+                } else {
+                    try {
+                        $progress->setMessage("decrypt files for user $userCount: $path");
+                        $progress->advance();
+                        if ($file->isEncrypted() === false) {
+                            $progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
+                            $progress->advance();
+                        } else {
+                            if ($this->decryptFile($path) === false) {
+                                $progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
+                                $progress->advance();
+                            }
+                        }
+                    } catch (\Exception $e) {
+                        if (isset($this->failed[$uid])) {
+                            $this->failed[$uid][] = $path;
+                        } else {
+                            $this->failed[$uid] = [$path];
+                        }
+                    }
+                }
+            }
+        }
+    }
+
+    /**
+     * encrypt file
+     *
+     * @param string $path
+     * @return bool
+     */
+    protected function decryptFile($path) {
+
+        $source = $path;
+        $target = $path . '.decrypted.' . $this->getTimestamp();
+
+        try {
+            $this->rootView->copy($source, $target);
+            $this->rootView->rename($target, $source);
+        } catch (DecryptionFailedException $e) {
+            if ($this->rootView->file_exists($target)) {
+                $this->rootView->unlink($target);
+            }
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * get current timestamp
+     *
+     * @return int
+     */
+    protected function getTimestamp() {
+        return time();
+    }
+
+
+    /**
+     * setup user file system
+     *
+     * @param string $uid
+     */
+    protected function setupUserFS($uid) {
+        \OC_Util::tearDownFS();
+        \OC_Util::setupFS($uid);
+    }
 
 }

Spacing +8 added lines, -8 removed lines

@@ -85,7 +85,7 @@ 
 		$this->output = $output;
 
 		if ($user !== '' && $this->userManager->userExists($user) === false) {
-			$this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again');
+			$this->output->writeln('User "'.$user.'" does not exist. Please check the username and try again');
 			return false;
 		}
 
@@ -103,7 +103,7 @@ 
 			$this->output->writeln('Files for following users couldn\'t be decrypted, ');
 			$this->output->writeln('maybe the user is not set up in a way that supports this operation: ');
 			foreach ($this->failed as $uid => $paths) {
-				$this->output->writeln('    ' . $uid);
+				$this->output->writeln('    '.$uid);
 			}
 			$this->output->writeln('');
 		}
@@ -124,10 +124,10 @@ 
 			/** @var IEncryptionModule $module */
 			$module = call_user_func($moduleDesc['callback']);
 			$this->output->writeln('');
-			$this->output->writeln('Prepare "' . $module->getDisplayName() . '"');
+			$this->output->writeln('Prepare "'.$module->getDisplayName().'"');
 			$this->output->writeln('');
 			if ($module->prepareDecryptAll($this->input, $this->output, $user) === false) {
-				$this->output->writeln('Module "' . $moduleDesc['displayName'] . '" does not support the functionality to decrypt all files again or the initialization of the module failed!');
+				$this->output->writeln('Module "'.$moduleDesc['displayName'].'" does not support the functionality to decrypt all files again or the initialization of the module failed!');
 				return false;
 			}
 		}
@@ -205,16 +205,16 @@ 
 
 		$this->setupUserFS($uid);
 		$directories = array();
-		$directories[] = '/' . $uid . '/files';
+		$directories[] = '/'.$uid.'/files';
 
 		while ($root = array_pop($directories)) {
 			$content = $this->rootView->getDirectoryContent($root);
 			foreach ($content as $file) {
 				// only decrypt files owned by the user
-				if($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) {
+				if ($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) {
 					continue;
 				}
-				$path = $root . '/' . $file['name'];
+				$path = $root.'/'.$file['name'];
 				if ($this->rootView->is_dir($path)) {
 					$directories[] = $path;
 					continue;
@@ -252,7 +252,7 @@ 
 	protected function decryptFile($path) {
 
 		$source = $path;
-		$target = $path . '.decrypted.' . $this->getTimestamp();
+		$target = $path.'.decrypted.'.$this->getTimestamp();
 
 		try {
 			$this->rootView->copy($source, $target);

lib/private/Encryption/File.php

Spacing +1 added lines, -1 removed lines

@@ -58,7 +58,7 @@
 		// always add owner to the list of users with access to the file
 		$userIds = array($owner);
 
-		if (!$this->util->isFile($owner . '/' . $ownerPath)) {
+		if (!$this->util->isFile($owner.'/'.$ownerPath)) {
 			return array('users' => $userIds, 'public' => false);
 		}
 

Indentation +90 added lines, -90 removed lines

@@ -31,95 +31,95 @@
 
 class File implements \OCP\Encryption\IFile {
 
-	/** @var Util */
-	protected $util;
-
-	/** @var IRootFolder */
-	private $rootFolder;
-
-	/** @var IManager */
-	private $shareManager;
-
-	/**
-	 * cache results of already checked folders
-	 *
-	 * @var array
-	 */
-	protected $cache;
-
-	public function __construct(Util $util,
-								IRootFolder $rootFolder,
-								IManager $shareManager) {
-		$this->util = $util;
-		$this->cache = new CappedMemoryCache();
-		$this->rootFolder = $rootFolder;
-		$this->shareManager = $shareManager;
-	}
-
-
-	/**
-	 * get list of users with access to the file
-	 *
-	 * @param string $path to the file
-	 * @return array  ['users' => $uniqueUserIds, 'public' => $public]
-	 */
-	public function getAccessList($path) {
-
-		// Make sure that a share key is generated for the owner too
-		list($owner, $ownerPath) = $this->util->getUidAndFilename($path);
-
-		// always add owner to the list of users with access to the file
-		$userIds = array($owner);
-
-		if (!$this->util->isFile($owner . '/' . $ownerPath)) {
-			return array('users' => $userIds, 'public' => false);
-		}
-
-		$ownerPath = substr($ownerPath, strlen('/files'));
-		$userFolder = $this->rootFolder->getUserFolder($owner);
-		try {
-			$file = $userFolder->get($ownerPath);
-		} catch (NotFoundException $e) {
-			$file = null;
-		}
-		$ownerPath = $this->util->stripPartialFileExtension($ownerPath);
-
-		// first get the shares for the parent and cache the result so that we don't
-		// need to check all parents for every file
-		$parent = dirname($ownerPath);
-		$parentNode = $userFolder->get($parent);
-		if (isset($this->cache[$parent])) {
-			$resultForParents = $this->cache[$parent];
-		} else {
-			$resultForParents = $this->shareManager->getAccessList($parentNode);
-			$this->cache[$parent] = $resultForParents;
-		}
-		$userIds = array_merge($userIds, $resultForParents['users']);
-		$public = $resultForParents['public'] || $resultForParents['remote'];
-
-
-		// Find out who, if anyone, is sharing the file
-		if ($file !== null) {
-			$resultForFile = $this->shareManager->getAccessList($file, false);
-			$userIds = array_merge($userIds, $resultForFile['users']);
-			$public = $resultForFile['public'] || $resultForFile['remote'] || $public;
-		}
-
-		// check if it is a group mount
-		if (\OCP\App::isEnabled("files_external")) {
-			$mounts = \OC_Mount_Config::getSystemMountPoints();
-			foreach ($mounts as $mount) {
-				if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) {
-					$mountedFor = $this->util->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']);
-					$userIds = array_merge($userIds, $mountedFor);
-				}
-			}
-		}
-
-		// Remove duplicate UIDs
-		$uniqueUserIds = array_unique($userIds);
-
-		return array('users' => $uniqueUserIds, 'public' => $public);
-	}
+    /** @var Util */
+    protected $util;
+
+    /** @var IRootFolder */
+    private $rootFolder;
+
+    /** @var IManager */
+    private $shareManager;
+
+    /**
+     * cache results of already checked folders
+     *
+     * @var array
+     */
+    protected $cache;
+
+    public function __construct(Util $util,
+                                IRootFolder $rootFolder,
+                                IManager $shareManager) {
+        $this->util = $util;
+        $this->cache = new CappedMemoryCache();
+        $this->rootFolder = $rootFolder;
+        $this->shareManager = $shareManager;
+    }
+
+
+    /**
+     * get list of users with access to the file
+     *
+     * @param string $path to the file
+     * @return array  ['users' => $uniqueUserIds, 'public' => $public]
+     */
+    public function getAccessList($path) {
+
+        // Make sure that a share key is generated for the owner too
+        list($owner, $ownerPath) = $this->util->getUidAndFilename($path);
+
+        // always add owner to the list of users with access to the file
+        $userIds = array($owner);
+
+        if (!$this->util->isFile($owner . '/' . $ownerPath)) {
+            return array('users' => $userIds, 'public' => false);
+        }
+
+        $ownerPath = substr($ownerPath, strlen('/files'));
+        $userFolder = $this->rootFolder->getUserFolder($owner);
+        try {
+            $file = $userFolder->get($ownerPath);
+        } catch (NotFoundException $e) {
+            $file = null;
+        }
+        $ownerPath = $this->util->stripPartialFileExtension($ownerPath);
+
+        // first get the shares for the parent and cache the result so that we don't
+        // need to check all parents for every file
+        $parent = dirname($ownerPath);
+        $parentNode = $userFolder->get($parent);
+        if (isset($this->cache[$parent])) {
+            $resultForParents = $this->cache[$parent];
+        } else {
+            $resultForParents = $this->shareManager->getAccessList($parentNode);
+            $this->cache[$parent] = $resultForParents;
+        }
+        $userIds = array_merge($userIds, $resultForParents['users']);
+        $public = $resultForParents['public'] || $resultForParents['remote'];
+
+
+        // Find out who, if anyone, is sharing the file
+        if ($file !== null) {
+            $resultForFile = $this->shareManager->getAccessList($file, false);
+            $userIds = array_merge($userIds, $resultForFile['users']);
+            $public = $resultForFile['public'] || $resultForFile['remote'] || $public;
+        }
+
+        // check if it is a group mount
+        if (\OCP\App::isEnabled("files_external")) {
+            $mounts = \OC_Mount_Config::getSystemMountPoints();
+            foreach ($mounts as $mount) {
+                if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) {
+                    $mountedFor = $this->util->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']);
+                    $userIds = array_merge($userIds, $mountedFor);
+                }
+            }
+        }
+
+        // Remove duplicate UIDs
+        $uniqueUserIds = array_unique($userIds);
+
+        return array('users' => $uniqueUserIds, 'public' => $public);
+    }
 
 }

lib/private/Encryption/EncryptionWrapper.php

Indentation +73 added lines, -73 removed lines

@@ -41,85 +41,85 @@
  */
 class EncryptionWrapper {
 
-	/** @var ArrayCache  */
-	private $arrayCache;
+    /** @var ArrayCache  */
+    private $arrayCache;
 
-	/** @var  Manager */
-	private $manager;
+    /** @var  Manager */
+    private $manager;
 
-	/** @var  ILogger */
-	private $logger;
+    /** @var  ILogger */
+    private $logger;
 
-	/**
-	 * EncryptionWrapper constructor.
-	 *
-	 * @param ArrayCache $arrayCache
-	 * @param Manager $manager
-	 * @param ILogger $logger
-	 */
-	public function __construct(ArrayCache $arrayCache,
-								Manager $manager,
-								ILogger $logger
-	) {
-		$this->arrayCache = $arrayCache;
-		$this->manager = $manager;
-		$this->logger = $logger;
-	}
+    /**
+     * EncryptionWrapper constructor.
+     *
+     * @param ArrayCache $arrayCache
+     * @param Manager $manager
+     * @param ILogger $logger
+     */
+    public function __construct(ArrayCache $arrayCache,
+                                Manager $manager,
+                                ILogger $logger
+    ) {
+        $this->arrayCache = $arrayCache;
+        $this->manager = $manager;
+        $this->logger = $logger;
+    }
 
-	/**
-	 * Wraps the given storage when it is not a shared storage
-	 *
-	 * @param string $mountPoint
-	 * @param Storage $storage
-	 * @param IMountPoint $mount
-	 * @return Encryption|Storage
-	 */
-	public function wrapStorage($mountPoint, Storage $storage, IMountPoint $mount) {
-		$parameters = [
-			'storage' => $storage,
-			'mountPoint' => $mountPoint,
-			'mount' => $mount
-		];
+    /**
+     * Wraps the given storage when it is not a shared storage
+     *
+     * @param string $mountPoint
+     * @param Storage $storage
+     * @param IMountPoint $mount
+     * @return Encryption|Storage
+     */
+    public function wrapStorage($mountPoint, Storage $storage, IMountPoint $mount) {
+        $parameters = [
+            'storage' => $storage,
+            'mountPoint' => $mountPoint,
+            'mount' => $mount
+        ];
 
-		if (!$storage->instanceOfStorage('OCA\Files_Sharing\SharedStorage')
-			&& !$storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')
-			&& !$storage->instanceOfStorage('OC\Files\Storage\OwnCloud')) {
+        if (!$storage->instanceOfStorage('OCA\Files_Sharing\SharedStorage')
+            && !$storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')
+            && !$storage->instanceOfStorage('OC\Files\Storage\OwnCloud')) {
 
-			$user = \OC::$server->getUserSession()->getUser();
-			$mountManager = Filesystem::getMountManager();
-			$uid = $user ? $user->getUID() : null;
-			$fileHelper = \OC::$server->getEncryptionFilesHelper();
-			$keyStorage = \OC::$server->getEncryptionKeyStorage();
+            $user = \OC::$server->getUserSession()->getUser();
+            $mountManager = Filesystem::getMountManager();
+            $uid = $user ? $user->getUID() : null;
+            $fileHelper = \OC::$server->getEncryptionFilesHelper();
+            $keyStorage = \OC::$server->getEncryptionKeyStorage();
 
-			$util = new Util(
-				new View(),
-				\OC::$server->getUserManager(),
-				\OC::$server->getGroupManager(),
-				\OC::$server->getConfig()
-			);
-			$update = new Update(
-				new View(),
-				$util,
-				Filesystem::getMountManager(),
-				$this->manager,
-				$fileHelper,
-				$uid
-			);
-			return new Encryption(
-				$parameters,
-				$this->manager,
-				$util,
-				$this->logger,
-				$fileHelper,
-				$uid,
-				$keyStorage,
-				$update,
-				$mountManager,
-				$this->arrayCache
-			);
-		} else {
-			return $storage;
-		}
-	}
+            $util = new Util(
+                new View(),
+                \OC::$server->getUserManager(),
+                \OC::$server->getGroupManager(),
+                \OC::$server->getConfig()
+            );
+            $update = new Update(
+                new View(),
+                $util,
+                Filesystem::getMountManager(),
+                $this->manager,
+                $fileHelper,
+                $uid
+            );
+            return new Encryption(
+                $parameters,
+                $this->manager,
+                $util,
+                $this->logger,
+                $fileHelper,
+                $uid,
+                $keyStorage,
+                $update,
+                $mountManager,
+                $this->arrayCache
+            );
+        } else {
+            return $storage;
+        }
+    }
 
 }

lib/private/Encryption/Keys/Storage.php

Spacing +19 added lines, -19 removed lines

@@ -66,8 +66,8 @@ 
 		$this->util = $util;
 
 		$this->encryption_base_dir = '/files_encryption';
-		$this->keys_base_dir = $this->encryption_base_dir .'/keys';
-		$this->backup_base_dir = $this->encryption_base_dir .'/backup';
+		$this->keys_base_dir = $this->encryption_base_dir.'/keys';
+		$this->backup_base_dir = $this->encryption_base_dir.'/backup';
 		$this->root_dir = $this->util->getKeyStorageRoot();
 	}
 
@@ -85,14 +85,14 @@ 
 	public function getFileKey($path, $keyId, $encryptionModuleId) {
 		$realFile = $this->util->stripPartialFileExtension($path);
 		$keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
-		$key = $this->getKey($keyDir . $keyId);
+		$key = $this->getKey($keyDir.$keyId);
 
 		if ($key === '' && $realFile !== $path) {
 			// Check if the part file has keys and use them, if no normal keys
 			// exist. This is required to fix copyBetweenStorage() when we
 			// rename a .part file over storage borders.
 			$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-			$key = $this->getKey($keyDir . $keyId);
+			$key = $this->getKey($keyDir.$keyId);
 		}
 
 		return $key;
@@ -119,7 +119,7 @@ 
 	 */
 	public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
 		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return $this->setKey($keyDir . $keyId, $key);
+		return $this->setKey($keyDir.$keyId, $key);
 	}
 
 	/**
@@ -143,7 +143,7 @@ 
 	 */
 	public function deleteFileKey($path, $keyId, $encryptionModuleId) {
 		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
+		return !$this->view->file_exists($keyDir.$keyId) || $this->view->unlink($keyDir.$keyId);
 	}
 
 	/**
@@ -173,10 +173,10 @@ 
 	protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
 
 		if ($uid === null) {
-			$path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
+			$path = $this->root_dir.'/'.$this->encryption_base_dir.'/'.$encryptionModuleId.'/'.$keyId;
 		} else {
-			$path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
-				. $encryptionModuleId . '/' . $uid . '.' . $keyId;
+			$path = $this->root_dir.'/'.$uid.$this->encryption_base_dir.'/'
+				. $encryptionModuleId.'/'.$uid.'.'.$keyId;
 		}
 
 		return \OC\Files\Filesystem::normalizePath($path);
@@ -194,7 +194,7 @@ 
 
 		if ($this->view->file_exists($path)) {
 			if (isset($this->keyCache[$path])) {
-				$key =  $this->keyCache[$path];
+				$key = $this->keyCache[$path];
 			} else {
 				$key = $this->view->file_get_contents($path);
 				$this->keyCache[$path] = $key;
@@ -238,12 +238,12 @@ 
 
 		// in case of system wide mount points the keys are stored directly in the data directory
 		if ($this->util->isSystemWideMountPoint($filename, $owner)) {
-			$keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
+			$keyPath = $this->root_dir.'/'.$this->keys_base_dir.$filename.'/';
 		} else {
-			$keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
+			$keyPath = $this->root_dir.'/'.$owner.$this->keys_base_dir.$filename.'/';
 		}
 
-		return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
+		return Filesystem::normalizePath($keyPath.$encryptionModuleId.'/', false);
 	}
 
 	/**
@@ -300,13 +300,13 @@ 
 	 * @since 12.0.0
 	 */
 	public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
-		$source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
-		$backupDir = $uid . $this->backup_base_dir;
+		$source = $uid.$this->encryption_base_dir.'/'.$encryptionModuleId;
+		$backupDir = $uid.$this->backup_base_dir;
 		if (!$this->view->file_exists($backupDir)) {
 			$this->view->mkdir($backupDir);
 		}
 
-		$backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
+		$backupDir = $backupDir.'/'.$purpose.'.'.$encryptionModuleId.'.'.$this->getTimestamp();
 		$this->view->mkdir($backupDir);
 
 		return $this->view->copy($source, $backupDir);
@@ -332,9 +332,9 @@ 
 		$systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
 
 		if ($systemWideMountPoint) {
-			$systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
+			$systemPath = $this->root_dir.'/'.$this->keys_base_dir.$relativePath.'/';
 		} else {
-			$systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
+			$systemPath = $this->root_dir.'/'.$owner.$this->keys_base_dir.$relativePath.'/';
 		}
 
 		return  Filesystem::normalizePath($systemPath, false);
@@ -351,7 +351,7 @@ 
 			$sub_dirs = explode('/', ltrim($path, '/'));
 			$dir = '';
 			foreach ($sub_dirs as $sub_dir) {
-				$dir .= '/' . $sub_dir;
+				$dir .= '/'.$sub_dir;
 				if (!$this->view->is_dir($dir)) {
 					$this->view->mkdir($dir);
 				}

Indentation +340 added lines, -340 removed lines

@@ -32,345 +32,345 @@
 
 class Storage implements IStorage {
 
-	// hidden file which indicate that the folder is a valid key storage
-	const KEY_STORAGE_MARKER = '.oc_key_storage';
-
-	/** @var View */
-	private $view;
-
-	/** @var Util */
-	private $util;
-
-	// base dir where all the file related keys are stored
-	/** @var string */
-	private $keys_base_dir;
-
-	// root of the key storage default is empty which means that we use the data folder
-	/** @var string */
-	private $root_dir;
-
-	/** @var string */
-	private $encryption_base_dir;
-
-	/** @var string */
-	private $backup_base_dir;
-
-	/** @var array */
-	private $keyCache = [];
-
-	/**
-	 * @param View $view
-	 * @param Util $util
-	 */
-	public function __construct(View $view, Util $util) {
-		$this->view = $view;
-		$this->util = $util;
-
-		$this->encryption_base_dir = '/files_encryption';
-		$this->keys_base_dir = $this->encryption_base_dir .'/keys';
-		$this->backup_base_dir = $this->encryption_base_dir .'/backup';
-		$this->root_dir = $this->util->getKeyStorageRoot();
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getUserKey($uid, $keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->getKey($path);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getFileKey($path, $keyId, $encryptionModuleId) {
-		$realFile = $this->util->stripPartialFileExtension($path);
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
-		$key = $this->getKey($keyDir . $keyId);
-
-		if ($key === '' && $realFile !== $path) {
-			// Check if the part file has keys and use them, if no normal keys
-			// exist. This is required to fix copyBetweenStorage() when we
-			// rename a .part file over storage borders.
-			$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-			$key = $this->getKey($keyDir . $keyId);
-		}
-
-		return $key;
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function getSystemUserKey($keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->getKey($path);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->setKey($path, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return $this->setKey($keyDir . $keyId, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->setKey($path, $key);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
-		try {
-			$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-			return !$this->view->file_exists($path) || $this->view->unlink($path);
-		} catch (NoUserException $e) {
-			// this exception can come from initMountPoints() from setupUserMounts()
-			// for a deleted user.
-			//
-			// It means, that:
-			// - we are not running in alternative storage mode because we don't call
-			// initMountPoints() in that mode
-			// - the keys were in the user's home but since the user was deleted, the
-			// user's home is gone and so are the keys
-			//
-			// So there is nothing to do, just ignore.
-		}
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteFileKey($path, $keyId, $encryptionModuleId) {
-		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteAllFileKeys($path) {
-		$keyDir = $this->getFileKeyDir('', $path);
-		return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function deleteSystemUserKey($keyId, $encryptionModuleId) {
-		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return !$this->view->file_exists($path) || $this->view->unlink($path);
-	}
-
-	/**
-	 * construct path to users key
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $keyId
-	 * @param string $uid
-	 * @return string
-	 */
-	protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
-
-		if ($uid === null) {
-			$path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
-		} else {
-			$path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
-				. $encryptionModuleId . '/' . $uid . '.' . $keyId;
-		}
-
-		return \OC\Files\Filesystem::normalizePath($path);
-	}
-
-	/**
-	 * read key from hard disk
-	 *
-	 * @param string $path to key
-	 * @return string
-	 */
-	private function getKey($path) {
-
-		$key = '';
-
-		if ($this->view->file_exists($path)) {
-			if (isset($this->keyCache[$path])) {
-				$key =  $this->keyCache[$path];
-			} else {
-				$key = $this->view->file_get_contents($path);
-				$this->keyCache[$path] = $key;
-			}
-		}
-
-		return $key;
-	}
-
-	/**
-	 * write key to disk
-	 *
-	 *
-	 * @param string $path path to key directory
-	 * @param string $key key
-	 * @return bool
-	 */
-	private function setKey($path, $key) {
-		$this->keySetPreparation(dirname($path));
-
-		$result = $this->view->file_put_contents($path, $key);
-
-		if (is_int($result) && $result > 0) {
-			$this->keyCache[$path] = $key;
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * get path to key folder for a given file
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $path path to the file, relative to data/
-	 * @return string
-	 */
-	private function getFileKeyDir($encryptionModuleId, $path) {
-
-		list($owner, $filename) = $this->util->getUidAndFilename($path);
-
-		// in case of system wide mount points the keys are stored directly in the data directory
-		if ($this->util->isSystemWideMountPoint($filename, $owner)) {
-			$keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
-		} else {
-			$keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
-		}
-
-		return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
-	}
-
-	/**
-	 * move keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 */
-	public function renameKeys($source, $target) {
-
-		$sourcePath = $this->getPathToKeys($source);
-		$targetPath = $this->getPathToKeys($target);
-
-		if ($this->view->file_exists($sourcePath)) {
-			$this->keySetPreparation(dirname($targetPath));
-			$this->view->rename($sourcePath, $targetPath);
-
-			return true;
-		}
-
-		return false;
-	}
-
-
-	/**
-	 * copy keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 */
-	public function copyKeys($source, $target) {
-
-		$sourcePath = $this->getPathToKeys($source);
-		$targetPath = $this->getPathToKeys($target);
-
-		if ($this->view->file_exists($sourcePath)) {
-			$this->keySetPreparation(dirname($targetPath));
-			$this->view->copy($sourcePath, $targetPath);
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * backup keys of a given encryption module
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $purpose
-	 * @param string $uid
-	 * @return bool
-	 * @since 12.0.0
-	 */
-	public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
-		$source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
-		$backupDir = $uid . $this->backup_base_dir;
-		if (!$this->view->file_exists($backupDir)) {
-			$this->view->mkdir($backupDir);
-		}
-
-		$backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
-		$this->view->mkdir($backupDir);
-
-		return $this->view->copy($source, $backupDir);
-	}
-
-	/**
-	 * get the current timestamp
-	 *
-	 * @return int
-	 */
-	protected function getTimestamp() {
-		return time();
-	}
-
-	/**
-	 * get system wide path and detect mount points
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	protected function getPathToKeys($path) {
-		list($owner, $relativePath) = $this->util->getUidAndFilename($path);
-		$systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
-
-		if ($systemWideMountPoint) {
-			$systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
-		} else {
-			$systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
-		}
-
-		return  Filesystem::normalizePath($systemPath, false);
-	}
-
-	/**
-	 * Make preparations to filesystem for saving a key file
-	 *
-	 * @param string $path relative to the views root
-	 */
-	protected function keySetPreparation($path) {
-		// If the file resides within a subdirectory, create it
-		if (!$this->view->file_exists($path)) {
-			$sub_dirs = explode('/', ltrim($path, '/'));
-			$dir = '';
-			foreach ($sub_dirs as $sub_dir) {
-				$dir .= '/' . $sub_dir;
-				if (!$this->view->is_dir($dir)) {
-					$this->view->mkdir($dir);
-				}
-			}
-		}
-	}
+    // hidden file which indicate that the folder is a valid key storage
+    const KEY_STORAGE_MARKER = '.oc_key_storage';
+
+    /** @var View */
+    private $view;
+
+    /** @var Util */
+    private $util;
+
+    // base dir where all the file related keys are stored
+    /** @var string */
+    private $keys_base_dir;
+
+    // root of the key storage default is empty which means that we use the data folder
+    /** @var string */
+    private $root_dir;
+
+    /** @var string */
+    private $encryption_base_dir;
+
+    /** @var string */
+    private $backup_base_dir;
+
+    /** @var array */
+    private $keyCache = [];
+
+    /**
+     * @param View $view
+     * @param Util $util
+     */
+    public function __construct(View $view, Util $util) {
+        $this->view = $view;
+        $this->util = $util;
+
+        $this->encryption_base_dir = '/files_encryption';
+        $this->keys_base_dir = $this->encryption_base_dir .'/keys';
+        $this->backup_base_dir = $this->encryption_base_dir .'/backup';
+        $this->root_dir = $this->util->getKeyStorageRoot();
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getUserKey($uid, $keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+        return $this->getKey($path);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getFileKey($path, $keyId, $encryptionModuleId) {
+        $realFile = $this->util->stripPartialFileExtension($path);
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
+        $key = $this->getKey($keyDir . $keyId);
+
+        if ($key === '' && $realFile !== $path) {
+            // Check if the part file has keys and use them, if no normal keys
+            // exist. This is required to fix copyBetweenStorage() when we
+            // rename a .part file over storage borders.
+            $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+            $key = $this->getKey($keyDir . $keyId);
+        }
+
+        return $key;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSystemUserKey($keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return $this->getKey($path);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+        return $this->setKey($path, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+        return $this->setKey($keyDir . $keyId, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return $this->setKey($path, $key);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
+        try {
+            $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
+            return !$this->view->file_exists($path) || $this->view->unlink($path);
+        } catch (NoUserException $e) {
+            // this exception can come from initMountPoints() from setupUserMounts()
+            // for a deleted user.
+            //
+            // It means, that:
+            // - we are not running in alternative storage mode because we don't call
+            // initMountPoints() in that mode
+            // - the keys were in the user's home but since the user was deleted, the
+            // user's home is gone and so are the keys
+            //
+            // So there is nothing to do, just ignore.
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteFileKey($path, $keyId, $encryptionModuleId) {
+        $keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
+        return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteAllFileKeys($path) {
+        $keyDir = $this->getFileKeyDir('', $path);
+        return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function deleteSystemUserKey($keyId, $encryptionModuleId) {
+        $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
+        return !$this->view->file_exists($path) || $this->view->unlink($path);
+    }
+
+    /**
+     * construct path to users key
+     *
+     * @param string $encryptionModuleId
+     * @param string $keyId
+     * @param string $uid
+     * @return string
+     */
+    protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
+
+        if ($uid === null) {
+            $path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
+        } else {
+            $path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
+                . $encryptionModuleId . '/' . $uid . '.' . $keyId;
+        }
+
+        return \OC\Files\Filesystem::normalizePath($path);
+    }
+
+    /**
+     * read key from hard disk
+     *
+     * @param string $path to key
+     * @return string
+     */
+    private function getKey($path) {
+
+        $key = '';
+
+        if ($this->view->file_exists($path)) {
+            if (isset($this->keyCache[$path])) {
+                $key =  $this->keyCache[$path];
+            } else {
+                $key = $this->view->file_get_contents($path);
+                $this->keyCache[$path] = $key;
+            }
+        }
+
+        return $key;
+    }
+
+    /**
+     * write key to disk
+     *
+     *
+     * @param string $path path to key directory
+     * @param string $key key
+     * @return bool
+     */
+    private function setKey($path, $key) {
+        $this->keySetPreparation(dirname($path));
+
+        $result = $this->view->file_put_contents($path, $key);
+
+        if (is_int($result) && $result > 0) {
+            $this->keyCache[$path] = $key;
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * get path to key folder for a given file
+     *
+     * @param string $encryptionModuleId
+     * @param string $path path to the file, relative to data/
+     * @return string
+     */
+    private function getFileKeyDir($encryptionModuleId, $path) {
+
+        list($owner, $filename) = $this->util->getUidAndFilename($path);
+
+        // in case of system wide mount points the keys are stored directly in the data directory
+        if ($this->util->isSystemWideMountPoint($filename, $owner)) {
+            $keyPath = $this->root_dir . '/' . $this->keys_base_dir . $filename . '/';
+        } else {
+            $keyPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $filename . '/';
+        }
+
+        return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
+    }
+
+    /**
+     * move keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     */
+    public function renameKeys($source, $target) {
+
+        $sourcePath = $this->getPathToKeys($source);
+        $targetPath = $this->getPathToKeys($target);
+
+        if ($this->view->file_exists($sourcePath)) {
+            $this->keySetPreparation(dirname($targetPath));
+            $this->view->rename($sourcePath, $targetPath);
+
+            return true;
+        }
+
+        return false;
+    }
+
+
+    /**
+     * copy keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     */
+    public function copyKeys($source, $target) {
+
+        $sourcePath = $this->getPathToKeys($source);
+        $targetPath = $this->getPathToKeys($target);
+
+        if ($this->view->file_exists($sourcePath)) {
+            $this->keySetPreparation(dirname($targetPath));
+            $this->view->copy($sourcePath, $targetPath);
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * backup keys of a given encryption module
+     *
+     * @param string $encryptionModuleId
+     * @param string $purpose
+     * @param string $uid
+     * @return bool
+     * @since 12.0.0
+     */
+    public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
+        $source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
+        $backupDir = $uid . $this->backup_base_dir;
+        if (!$this->view->file_exists($backupDir)) {
+            $this->view->mkdir($backupDir);
+        }
+
+        $backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
+        $this->view->mkdir($backupDir);
+
+        return $this->view->copy($source, $backupDir);
+    }
+
+    /**
+     * get the current timestamp
+     *
+     * @return int
+     */
+    protected function getTimestamp() {
+        return time();
+    }
+
+    /**
+     * get system wide path and detect mount points
+     *
+     * @param string $path
+     * @return string
+     */
+    protected function getPathToKeys($path) {
+        list($owner, $relativePath) = $this->util->getUidAndFilename($path);
+        $systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
+
+        if ($systemWideMountPoint) {
+            $systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
+        } else {
+            $systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
+        }
+
+        return  Filesystem::normalizePath($systemPath, false);
+    }
+
+    /**
+     * Make preparations to filesystem for saving a key file
+     *
+     * @param string $path relative to the views root
+     */
+    protected function keySetPreparation($path) {
+        // If the file resides within a subdirectory, create it
+        if (!$this->view->file_exists($path)) {
+            $sub_dirs = explode('/', ltrim($path, '/'));
+            $dir = '';
+            foreach ($sub_dirs as $sub_dir) {
+                $dir .= '/' . $sub_dir;
+                if (!$this->view->is_dir($dir)) {
+                    $this->view->mkdir($dir);
+                }
+            }
+        }
+    }
 
 }