diff --git a/apps/files/index.php b/apps/files/index.php
index 9ae378d7a1d64a6cbfeda06008f625261fcc3a51..8f6838aa0d9929af85f8616ceb9c42dda107516f 100644
--- a/apps/files/index.php
+++ b/apps/files/index.php
@@ -108,7 +108,6 @@ if ($needUpgrade) {
// if the encryption app is disabled, than everything is fine (INIT_SUCCESSFUL status code)
$encryptionInitStatus = 2;
if (OC_App::isEnabled('files_encryption')) {
- $publicUploadEnabled = 'no';
$session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
$encryptionInitStatus = $session->getInitialized();
}
diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index b207b1437ba1c96f834226ffb45ab80916dae238..b4396864a49f7c8b0186ca7de7cb211503038c83 100755
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -112,6 +112,7 @@ class Keymanager {
* @brief store file encryption key
*
* @param \OC_FilesystemView $view
+ * @param \OCA\Encryption\Util $util
* @param string $path relative path of the file, including filename
* @param $userId
* @param $catfile
@@ -120,13 +121,11 @@ class Keymanager {
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
- public static function setFileKey(\OC_FilesystemView $view, $path, $userId, $catfile) {
+ public static function setFileKey(\OC_FilesystemView $view, $util, $path, $userId, $catfile) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $userId = Helper::getUser($path);
- $util = new Util($view, $userId);
list($owner, $filename) = $util->getUidAndFilename($path);
// in case of system wide mount points the keys are stored directly in the data directory
@@ -315,19 +314,16 @@ class Keymanager {
/**
* @brief store multiple share keys for a single file
* @param \OC_FilesystemView $view
- * @param $path
+ * @param \OCA\Encryption\Util $util
+ * @param string $path
* @param array $shareKeys
* @return bool
*/
- public static function setShareKeys(\OC_FilesystemView $view, $path, array $shareKeys) {
+ public static function setShareKeys(\OC_FilesystemView $view, $util, $path, array $shareKeys) {
// $shareKeys must be an array with the following format:
// [userId] => [encrypted key]
- $userId = Helper::getUser($path);
-
- $util = new Util($view, $userId);
-
list($owner, $filename) = $util->getUidAndFilename($path);
// in case of system wide mount points the keys are stored directly in the data directory
diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php
index f7253b4591b4bb963d65b15f7abc5e5f2cd4ea18..43d451d67c83a8949b2e9cc78e4a77ccecc71779 100644
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@@ -47,8 +47,10 @@ class Proxy extends \OC_FileProxy {
*/
private static function shouldEncrypt($path) {
+ $userId = Helper::getUser($path);
+
if (\OCP\App::isEnabled('files_encryption') === false || Crypt::mode() !== 'server' ||
- strpos($path, '/' . \OCP\User::getUser() . '/files') !== 0) {
+ strpos($path, '/' . $userId . '/files') !== 0) {
return false;
}
@@ -244,9 +246,6 @@ class Proxy extends \OC_FileProxy {
// split the path parts
$pathParts = explode('/', $path);
- // get relative path
- $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
-
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
if (isset($pathParts[2]) && $pathParts[2] === 'cache') {
return $result;
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 2497e56e89811da95d72e2fb73571214ee5a8c68..3fbcf7db3e4c4250da952147a80a618d94628894 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -90,11 +90,14 @@ class Stream {
$this->rootView = new \OC_FilesystemView('/');
}
+ // rawPath is relative to the data directory
+ $this->rawPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
+
$this->session = new \OCA\Encryption\Session($this->rootView);
$this->privateKey = $this->session->getPrivateKey();
- $userId = Helper::getUser($path);
+ $userId = Helper::getUser($this->rawPath);
$util = new Util($this->rootView, $userId);
@@ -102,9 +105,6 @@ class Stream {
// public share key ID
$this->userId = $util->getUserId();
- // rawPath is relative to the data directory
- $this->rawPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
-
// Strip identifier text from path, this gives us the path relative to data/<user>/files
$this->relPath = Helper::stripUserFilesPath($this->rawPath);
// if raw path doesn't point to a real file, check if it is a version or a file in the trash bin
@@ -518,7 +518,7 @@ class Stream {
$util = new Util($this->rootView, $userId);
// Get all users sharing the file includes current user
- $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
+ $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $userId);
$checkedUserIds = $util->filterShareReadyUsers($uniqueUserIds);
// Fetch public keys for all sharing users
@@ -528,10 +528,10 @@ class Stream {
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
// Save the new encrypted file key
- Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
+ Keymanager::setFileKey($this->rootView, $util, $this->relPath, $userId, $this->encKeyfiles['data']);
// Save the sharekeys
- Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
+ Keymanager::setShareKeys($this->rootView, $util, $this->relPath, $this->encKeyfiles['keys']);
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 1e8b852fb319d0a6d386aa2be3afba6f959004fb..b15c61f599ef4721a80708f9ae5ebc6a70293a60 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -1097,8 +1097,8 @@ class Util {
// Save the recrypted key to it's owner's keyfiles directory
// Save new sharekeys to all necessary user directory
if (
- !Keymanager::setFileKey($this->view, $filePath, $fileOwner, $multiEncKey['data'])
- || !Keymanager::setShareKeys($this->view, $filePath, $multiEncKey['keys'])
+ !Keymanager::setFileKey($this->view, $this, $filePath, $fileOwner, $multiEncKey['data'])
+ || !Keymanager::setShareKeys($this->view, $this, $filePath, $multiEncKey['keys'])
) {
\OCP\Util::writeLog('Encryption library',
diff --git a/apps/files_encryption/tests/keymanager.php b/apps/files_encryption/tests/keymanager.php
index ad6bbd3a7e9fe16dced003001ea3d9b39eabd91b..72ee270ee598e839f4f8e4df3b268ffbdd3fa1c3 100644
--- a/apps/files_encryption/tests/keymanager.php
+++ b/apps/files_encryption/tests/keymanager.php
@@ -145,13 +145,15 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
$file = 'unittest-' . time() . '.txt';
+ $util = new Encryption\Util($this->view, $this->userId);
+
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort);
- Encryption\Keymanager::setFileKey($this->view, $file, $this->userId, $key);
+ Encryption\Keymanager::setFileKey($this->view, $util, $file, $this->userId, $key);
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key'));
diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php
index d59f9b7401a4880a69ada39633da1b9fd72c6ada..f8091967012deba7a307282c43309872c242011f 100644
--- a/apps/files_sharing/public.php
+++ b/apps/files_sharing/public.php
@@ -152,9 +152,6 @@ if (isset($path)) {
$tmpl->assign('sharingToken', $token);
$tmpl->assign('disableSharing', true);
$allowPublicUploadEnabled = (bool) ($linkItem['permissions'] & OCP\PERMISSION_CREATE);
- if (\OCP\App::isEnabled('files_encryption')) {
- $allowPublicUploadEnabled = false;
- }
if (OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes') === 'no') {
$allowPublicUploadEnabled = false;
}