Commit 98bc1ad7 authored by Thomas Müller's avatar Thomas Müller
Browse files

Merge pull request #15265 from owncloud/enc2_fixes

core improvements for Encryption 2.0
parents e918bcf2 b5fad75e
......@@ -104,7 +104,7 @@ class Update {
foreach ($allFiles as $path) {
$usersSharing = $this->util->getSharingUsersArray($path);
$encryptionModule->update($absPath, $usersSharing);
$encryptionModule->update($absPath, $this->uid, $usersSharing);
}
}
......
......@@ -389,9 +389,22 @@ class Util {
* @return boolean
*/
public function isExcluded($path) {
$root = explode('/', $path, 2);
if (isset($root[0])) {
if (in_array($root[0], $this->excludedPaths)) {
$normalizedPath = \OC\Files\Filesystem::normalizePath($path);
$root = explode('/', $normalizedPath, 4);
if (count($root) > 2) {
//detect system wide folders
if (in_array($root[1], $this->excludedPaths)) {
return true;
}
$v1 = $this->userManager->userExists($root[1]);
$v2 = in_array($root[2], $this->excludedPaths);
// detect user specific folders
if ($this->userManager->userExists($root[1])
&& in_array($root[2], $this->excludedPaths)) {
return true;
}
}
......
......@@ -254,7 +254,7 @@ class Encryption extends Wrapper {
'" not found, file will be stored unencrypted');
}
if($shouldEncrypt === true && !$this->util->isExcluded($path) && $encryptionModule !== null) {
if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) {
$source = $this->storage->fopen($path, $mode);
$handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header,
$this->uid, $encryptionModule, $this->storage, $this, $this->util, $mode,
......
......@@ -84,10 +84,11 @@ interface IEncryptionModule {
* update encrypted file, e.g. give additional users access to the file
*
* @param string $path path to the file which should be updated
* @param string $uid of the user who performs the operation
* @param array $accessList who has access to the file contains the key 'users' and 'public'
* @return boolean
*/
public function update($path, $accessList);
public function update($path, $uid, $accessList);
/**
* should the file be encrypted or not
......
......@@ -104,6 +104,14 @@ interface IStorage {
*/
public function deleteFileKey($path, $keyId);
/**
* delete all file keys for a given file
*
* @param string $path to the file
* @return boolean
*/
public function deleteAllFileKeys($path);
/**
* delete system-wide encryption keys not related to a specific user,
* e.g something like a key for public link shares
......
......@@ -98,4 +98,39 @@ class UtilTest extends TestCase {
$u->createHeader($header, $em);
}
/**
* @dataProvider providePathsForTestIsExcluded
*/
public function testIsEcluded($path, $expected) {
$this->userManager
->expects($this->any())
->method('userExists')
->will($this->returnCallback(array($this, 'isExcludedCallback')));
$u = new Util($this->view, $this->userManager);
$this->assertSame($expected,
$u->isExcluded($path)
);
}
public function providePathsForTestIsExcluded() {
return array(
array('files_encryption/foo.txt', true),
array('test/foo.txt', false),
array('/user1/files_encryption/foo.txt', true),
array('/user1/files/foo.txt', false),
);
}
public function isExcludedCallback() {
$args = func_get_args();
if ($args[0] === 'user1') {
return true;
}
return false;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment