nextcloud/apps/files_encryption/ajax/adminrecovery.php

<?php
/**
 * @author Bjoern Schiessle <schiessle@owncloud.com>
 * @author Björn Schießle <schiessle@owncloud.com>
 * @author Florin Peter <github@florin-peter.de>
 * @author Joas Schilling <nickvergessen@gmx.de>
 * @author Lukas Reschke <lukas@owncloud.com>
 * @author Robin Appelman <icewind@owncloud.com>
 * @author Sam Tuke <mail@samtuke.com>
 *
 * @copyright Copyright (c) 2015, ownCloud, Inc.
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */
use OCA\Files_Encryption\Helper;

\OCP\JSON::checkAdminUser();
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();

$l = \OC::$server->getL10N('files_encryption');

$return = false;
$errorMessage = $l->t("Unknown error");

//check if both passwords are the same
if (empty($_POST['recoveryPassword'])) {
	$errorMessage = $l->t('Missing recovery key password');
	\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
	exit();
}

if (empty($_POST['confirmPassword'])) {
	$errorMessage = $l->t('Please repeat the recovery key password');
	\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
	exit();
}

if ($_POST['recoveryPassword'] !== $_POST['confirmPassword']) {
	$errorMessage = $l->t('Repeated recovery key password does not match the provided recovery key password');
	\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
	exit();
}

// Enable recoveryAdmin
$recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryKeyId');

if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') {

	$return = Helper::adminEnableRecovery($recoveryKeyId, (string)$_POST['recoveryPassword']);

	// Return success or failure
	if ($return) {
		$successMessage = $l->t('Recovery key successfully enabled');
	} else {
		$errorMessage = $l->t('Could not disable recovery key. Please check your recovery key password!');
	}

// Disable recoveryAdmin
} elseif (
	isset($_POST['adminEnableRecovery'])
	&& '0' === $_POST['adminEnableRecovery']
) {
	$return = Helper::adminDisableRecovery((string)$_POST['recoveryPassword']);

	if ($return) {
		$successMessage = $l->t('Recovery key successfully disabled');
	} else {
		$errorMessage = $l->t('Could not disable recovery key. Please check your recovery key password!');
	}
}

// Return success or failure
if ($return) {
	\OCP\JSON::success(array('data' => array('message' => $successMessage)));
} else {
	\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
}
Added ajax scripts for setting pwd recovery preferences 2013-03-28 21:29:18 +04:00			`<?php`
			`/**`
Updating license headers 2015-02-23 13:28:53 +03:00			`* @author Bjoern Schiessle <schiessle@owncloud.com>`
			`* @author Björn Schießle <schiessle@owncloud.com>`
			`* @author Florin Peter <github@florin-peter.de>`
			`* @author Joas Schilling <nickvergessen@gmx.de>`
			`* @author Lukas Reschke <lukas@owncloud.com>`
			`* @author Robin Appelman <icewind@owncloud.com>`
			`* @author Sam Tuke <mail@samtuke.com>`
			`*`
			`* @copyright Copyright (c) 2015, ownCloud, Inc.`
			`* @license AGPL-3.0`
			`*`
			`* This code is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License, version 3,`
			`* as published by the Free Software Foundation.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License, version 3,`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>`
Added ajax scripts for setting pwd recovery preferences 2013-03-28 21:29:18 +04:00			`*`
			`*/`
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself 2014-12-03 18:52:44 +03:00			`use OCA\Files_Encryption\Helper;`
Added ajax scripts for setting pwd recovery preferences 2013-03-28 21:29:18 +04:00
			`\OCP\JSON::checkAdminUser();`
don't create a recovery user, only generate recovery key similar to the public link share key 2013-05-13 19:26:21 +04:00			`\OCP\JSON::checkAppEnabled('files_encryption');`
Added ajax scripts for setting pwd recovery preferences 2013-03-28 21:29:18 +04:00			`\OCP\JSON::callCheck();`

Use public api for getting l10n 2014-08-31 12:05:59 +04:00			`$l = \OC::$server->getL10N('files_encryption');`
added l10n support in apps/files_encryption/ajax/adminrecovery.php 2013-05-24 00:09:28 +04:00
don't create a recovery user, only generate recovery key similar to the public link share key 2013-05-13 19:26:21 +04:00			`$return = false;`
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`$errorMessage = $l->t("Unknown error");`

			`//check if both passwords are the same`
			`if (empty($_POST['recoveryPassword'])) {`
			`$errorMessage = $l->t('Missing recovery key password');`
			`\OCP\JSON::error(array('data' => array('message' => $errorMessage)));`
			`exit();`
			`}`
don't create a recovery user, only generate recovery key similar to the public link share key 2013-05-13 19:26:21 +04:00
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`if (empty($_POST['confirmPassword'])) {`
			`$errorMessage = $l->t('Please repeat the recovery key password');`
			`\OCP\JSON::error(array('data' => array('message' => $errorMessage)));`
			`exit();`
			`}`

			`if ($_POST['recoveryPassword'] !== $_POST['confirmPassword']) {`
			`$errorMessage = $l->t('Repeated recovery key password does not match the provided recovery key password');`
			`\OCP\JSON::error(array('data' => array('message' => $errorMessage)));`
			`exit();`
			`}`

			`// Enable recoveryAdmin`
Remove usage of legacy OC_Appconfig 2014-02-13 19:28:49 +04:00			`$recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryKeyId');`
Added ajax scripts for setting pwd recovery preferences 2013-03-28 21:29:18 +04:00
changed " to ' 2013-05-30 01:11:30 +04:00			`if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') {`
don't create a recovery user, only generate recovery key similar to the public link share key 2013-05-13 19:26:21 +04:00
Manually type-case all AJAX files This enforces proper types on POST and GET arguments where I considered it sensible. I didn't update some as I don't know what kind of values they would support :see_no_evil: Fixes https://github.com/owncloud/core/issues/14196 for core 2015-02-13 15:33:20 +03:00			`$return = Helper::adminEnableRecovery($recoveryKeyId, (string)$_POST['recoveryPassword']);`
changed l10n to full sentences 2013-05-29 22:27:12 +04:00
			`// Return success or failure`
			`if ($return) {`
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`$successMessage = $l->t('Recovery key successfully enabled');`
changed l10n to full sentences 2013-05-29 22:27:12 +04:00			`} else {`
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`$errorMessage = $l->t('Could not disable recovery key. Please check your recovery key password!');`
changed l10n to full sentences 2013-05-29 22:27:12 +04:00			`}`
Fixed recoveryadmin settings in user and admin settings pages (js, templates, ajax) Renamed recovery methods in Util{} for clarity Added note about bug causing slow page load and redundant keypair generation recoveryAdmin functionality not yet complete 2013-05-01 21:18:31 +04:00
			`// Disable recoveryAdmin`
don't create a recovery user, only generate recovery key similar to the public link share key 2013-05-13 19:26:21 +04:00			`} elseif (`
			`isset($_POST['adminEnableRecovery'])`
changed " to ' 2013-05-30 01:11:30 +04:00			`&& '0' === $_POST['adminEnableRecovery']`
Fixed recoveryadmin settings in user and admin settings pages (js, templates, ajax) Renamed recovery methods in Util{} for clarity Added note about bug causing slow page load and redundant keypair generation recoveryAdmin functionality not yet complete 2013-05-01 21:18:31 +04:00			`) {`
Manually type-case all AJAX files This enforces proper types on POST and GET arguments where I considered it sensible. I didn't update some as I don't know what kind of values they would support :see_no_evil: Fixes https://github.com/owncloud/core/issues/14196 for core 2015-02-13 15:33:20 +03:00			`$return = Helper::adminDisableRecovery((string)$_POST['recoveryPassword']);`
Fixed proxy class handing of read / write files Various work on other classes 2013-04-10 19:37:03 +04:00
changed l10n to full sentences 2013-05-29 22:27:12 +04:00			`if ($return) {`
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`$successMessage = $l->t('Recovery key successfully disabled');`
changed l10n to full sentences 2013-05-29 22:27:12 +04:00			`} else {`
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`$errorMessage = $l->t('Could not disable recovery key. Please check your recovery key password!');`
changed l10n to full sentences 2013-05-29 22:27:12 +04:00			`}`
improved error messages 2013-05-22 20:01:18 +04:00			`}`
changed l10n to full sentences 2013-05-29 22:27:12 +04:00
improved visual feedback if recovery key gets enabled/disabled 2014-10-07 14:06:46 +04:00			`// Return success or failure`
			`if ($return) {`
			`\OCP\JSON::success(array('data' => array('message' => $successMessage)));`
			`} else {`
			`\OCP\JSON::error(array('data' => array('message' => $errorMessage)));`
			`}`