[Pkg-owncloud-commits] [owncloud] 35/70: update keys recursively if a folder was moved
David Prévot
taffit at moszumanska.debian.org
Thu Aug 21 17:40:03 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v6.0.5RC1
in repository owncloud.
commit 304cf0b90c8ae3e5bb9fe8e79c6f9c7ee547a1ef
Author: Bjoern Schiessle <schiessle at owncloud.com>
Date: Thu Jul 17 14:28:52 2014 +0200
update keys recursively if a folder was moved
---
apps/files_encryption/hooks/hooks.php | 62 +++++++++++++++++++++--------------
apps/files_encryption/lib/util.php | 4 +++
apps/files_encryption/tests/share.php | 51 ++++++++++++++++++++++++++++
3 files changed, 92 insertions(+), 25 deletions(-)
diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index 07502cd..8666e48 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -330,7 +330,6 @@ class Hooks {
if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
$view = new \OC_FilesystemView('/');
- $session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
$path = $util->fileIdToPath($params['itemSource']);
@@ -387,25 +386,41 @@ class Hooks {
}
}
- $sharingEnabled = \OCP\Share::isEnabled();
-
// get the path including mount point only if not a shared folder
if (strncmp($path, '/Shared', strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
- // if a folder was shared, get a list of all (sub-)folders
- if ($params['itemType'] === 'folder') {
- $allFiles = $util->getAllFiles($path);
- } else {
- $allFiles = array($path);
- }
+ self::updateKeyfiles($path, $params['itemType']);
+ }
+ }
- foreach ($allFiles as $path) {
- $usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);
- $util->setSharedFileKeyfiles($session, $usersSharing, $path);
- }
+ /**
+ * update keyfiles and share keys recursively
+ *
+ * @param string $path to the file/folder
+ * @param string $type 'file' or 'folder'
+ */
+ private static function updateKeyfiles($path, $type) {
+
+ $view = new \OC_FilesystemView('/');
+ $session = new \OCA\Encryption\Session($view);
+ $userId = \OCP\User::getUser();
+ $util = new Util($view, $userId);
+
+ $sharingEnabled = \OCP\Share::isEnabled();
+
+ // if a folder was shared, get a list of all (sub-)folders
+ if ($type === 'folder') {
+ $allFiles = $util->getAllFiles($path);
+ } else {
+ $allFiles = array($path);
+ }
+
+ foreach ($allFiles as $path) {
+ $usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);
+ $util->setSharedFileKeyfiles($session, $usersSharing, $path);
}
}
@@ -512,10 +527,12 @@ class Hooks {
// otherwise we perform a stream copy, so we get a new set of keys
$mp1 = $view->getMountPoint('/' . $user . '/files/' . $params['oldpath']);
$mp2 = $view->getMountPoint('/' . $user . '/files/' . $params['newpath']);
+ $type = $view->is_dir('/' . $user . '/files/' . $params['oldpath']) ? 'folder' : 'file';
if ($mp1 === $mp2) {
self::$renamedFiles[$params['oldpath']] = array(
'uid' => $ownerOld,
- 'path' => $pathOld);
+ 'path' => $pathOld,
+ 'type' => $type);
}
}
@@ -537,7 +554,6 @@ class Hooks {
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView('/');
- $session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
@@ -545,6 +561,8 @@ class Hooks {
isset(self::$renamedFiles[$params['oldpath']]['path'])) {
$ownerOld = self::$renamedFiles[$params['oldpath']]['uid'];
$pathOld = self::$renamedFiles[$params['oldpath']]['path'];
+ $type = self::$renamedFiles[$params['oldpath']]['type'];
+ unset(self::$renamedFiles[$params['oldpath']]);
} else {
\OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::ERROR);
return false;
@@ -570,7 +588,7 @@ class Hooks {
}
// add key ext if this is not an folder
- if (!$view->is_dir($oldKeyfilePath)) {
+ if ($type === 'file') {
$oldKeyfilePath .= '.key';
$newKeyfilePath .= '.key';
@@ -614,16 +632,10 @@ class Hooks {
// build the path to the file
$newPath = '/' . $ownerNew . '/files' . $pathNew;
- if ($util->fixFileSize($newPath)) {
- // get sharing app state
- $sharingEnabled = \OCP\Share::isEnabled();
-
- // get users
- $usersSharing = $util->getSharingUsersArray($sharingEnabled, $pathNew);
+ $util->fixFileSize($newPath);
- // update sharing-keys
- $util->setSharedFileKeyfiles($session, $usersSharing, $pathNew);
- }
+ // update sharing-keys
+ self::updateKeyfiles($params['newpath'], $type);
\OC_FileProxy::$enabled = $proxyStatus;
}
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 743f042..a0d2f5a 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -1141,6 +1141,10 @@ class Util {
// Re-enc keyfile to (additional) sharekeys
$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
+ if ($multiEncKey === false) {
+ return false;
+ }
+
// Save the recrypted key to it's owner's keyfiles directory
// Save new sharekeys to all necessary user directory
if (
diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php
index 489244a..5506ea6 100755
--- a/apps/files_encryption/tests/share.php
+++ b/apps/files_encryption/tests/share.php
@@ -1020,4 +1020,55 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
$this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
}
+ /**
+ * test if additional share keys are added if we move a folder to a shared parent
+ * @medium
+ */
+ function testMoveFolder() {
+
+ // login as admin
+ \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
+
+ $view = new \OC\Files\View('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
+
+ $filename = '/tmp-' . uniqid();
+ $folder = '/folder' . uniqid();
+
+ \OC\Files\Filesystem::mkdir($folder);
+
+ // Save long data as encrypted file using stream wrapper
+ $cryptedFile = \OC\Files\Filesystem::file_put_contents($folder . $filename, $this->dataShort);
+
+ // Test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile));
+
+ // Get file decrypted contents
+ $decrypt = \OC\Files\Filesystem::file_get_contents($folder . $filename);
+
+ $this->assertEquals($this->dataShort, $decrypt);
+
+ $newFolder = '/newfolder/subfolder' . uniqid();
+ \OC\Files\Filesystem::mkdir('/newfolder');
+
+ // get the file info from previous created file
+ $fileInfo = \OC\Files\Filesystem::getFileInfo('/newfolder');
+ $this->assertTrue(is_array($fileInfo));
+
+ // share the folder
+ \OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, OCP\PERMISSION_ALL);
+
+ \OC\Files\Filesystem::rename($folder, $newFolder);
+
+ // Get file decrypted contents
+ $newDecrypt = \OC\Files\Filesystem::file_get_contents($newFolder . $filename);
+ $this->assertEquals($this->dataShort, $newDecrypt);
+
+ // check if additional share key for user2 exists
+ $this->assertTrue($view->file_exists('files_encryption/share-keys' . $newFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
+
+ // tear down
+ \OC\Files\Filesystem::unlink($newFolder);
+ \OC\Files\Filesystem::unlink('/newfolder');
+ }
+
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list