From d7dca966a2a926be8b45ab337488143eac3ce9ba Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 30 Aug 2013 10:17:50 +0200 Subject: [PATCH 01/80] improved error messaging, initial commit --- apps/files_encryption/appinfo/database.xml | 7 +++ apps/files_encryption/appinfo/version | 2 +- apps/files_encryption/files/error.php | 2 +- apps/files_encryption/hooks/hooks.php | 29 +++++++----- apps/files_encryption/lib/helper.php | 44 ++++++++++++------ apps/files_encryption/lib/stream.php | 34 +++++++------- apps/files_encryption/lib/util.php | 52 ++++++++++++++++++++++ 7 files changed, 126 insertions(+), 44 deletions(-) diff --git a/apps/files_encryption/appinfo/database.xml b/apps/files_encryption/appinfo/database.xml index 4587930da0..cd5434b8c2 100644 --- a/apps/files_encryption/appinfo/database.xml +++ b/apps/files_encryption/appinfo/database.xml @@ -34,6 +34,13 @@ 0 Whether encryption migration has been performed + + initialized + integer + true + 0 + Did the user initialized the encryption app at least once + \ No newline at end of file diff --git a/apps/files_encryption/appinfo/version b/apps/files_encryption/appinfo/version index bd73f47072..2eb3c4fe4e 100644 --- a/apps/files_encryption/appinfo/version +++ b/apps/files_encryption/appinfo/version @@ -1 +1 @@ -0.4 +0.5 diff --git a/apps/files_encryption/files/error.php b/apps/files_encryption/files/error.php index 2dd27257ab..7a2bb1a281 100644 --- a/apps/files_encryption/files/error.php +++ b/apps/files_encryption/files/error.php @@ -4,7 +4,7 @@ if (!isset($_)) { //also provide standalone error page $l = OC_L10N::get('files_encryption'); - $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); + $errorMsg = $l->t('Your private key is not valid! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app. If this doesn\'t help maybe your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); if(isset($_GET['p']) && $_GET['p'] === '1') { header('HTTP/1.0 404 ' . $errorMsg); diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index de306462d7..aefb274e1c 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -70,9 +70,11 @@ class Hooks { // If migration not yet done if ($ready) { + $util->setInitialized(Util::ENCRYPTION_INITIALIZED); + $userView = new \OC_FilesystemView('/' . $params['uid']); - // Set legacy encryption key if it exists, to support + // Set legacy encryption key if it exists, to support // depreciated encryption system if ( $userView->file_exists('encryption.key') @@ -143,6 +145,7 @@ class Hooks { * @brief If the password can't be changed within ownCloud, than update the key password in advance. */ public static function preSetPassphrase($params) { + return true; if ( ! \OC_User::canUserChangePassword($params['uid']) ) { self::setPassphrase($params); } @@ -153,7 +156,7 @@ class Hooks { * @param array $params keys: uid, password */ public static function setPassphrase($params) { - + return true; // Only attempt to change passphrase if server-side encryption // is in use (client-side encryption does not have access to // the necessary keys) @@ -248,7 +251,7 @@ class Hooks { $params['run'] = false; $params['error'] = $l->t('Following users are not set up for encryption:') . ' ' . join(', ' , $notConfigured); } - + } /** @@ -259,7 +262,7 @@ class Hooks { // NOTE: $params has keys: // [itemType] => file // itemSource -> int, filecache file ID - // [parent] => + // [parent] => // [itemTarget] => /13 // shareWith -> string, uid of user being shared to // fileTarget -> path of file being shared @@ -300,13 +303,13 @@ class Hooks { // NOTE: parent is folder but shared was a file! // we try to rebuild the missing path // some examples we face here - // user1 share folder1 with user2 folder1 has - // the following structure + // user1 share folder1 with user2 folder1 has + // the following structure // /folder1/subfolder1/subsubfolder1/somefile.txt // user2 re-share subfolder2 with user3 // user3 re-share somefile.txt user4 - // so our path should be - // /Shared/subfolder1/subsubfolder1/somefile.txt + // so our path should be + // /Shared/subfolder1/subsubfolder1/somefile.txt // while user3 is sharing if ($params['itemType'] === 'file') { @@ -537,14 +540,18 @@ class Hooks { } /** - * set migration status back to '0' so that all new files get encrypted + * set migration status and the init status back to '0' so that all new files get encrypted * if the app gets enabled again * @param array $params contains the app ID */ public static function preDisable($params) { if ($params['app'] === 'files_encryption') { - $query = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0'); - $query->execute(); + + $setMigrationStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0'); + $setMigrationStatus->execute(); + + $setInitStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `initialized`=0'); + $setInitStatus->execute(); } } diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 0209a5d18b..105c5357e9 100755 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -199,12 +199,12 @@ class Helper { public static function stripUserFilesPath($path) { $trimmed = ltrim($path, '/'); $split = explode('/', $trimmed); - + // it is not a file relative to data/user/files if (count($split) < 3 || $split[1] !== 'files') { return false; } - + $sliced = array_slice($split, 2); $relPath = implode('/', $sliced); @@ -219,30 +219,46 @@ class Helper { public static function getPathToRealFile($path) { $trimmed = ltrim($path, '/'); $split = explode('/', $trimmed); - + if (count($split) < 3 || $split[1] !== "files_versions") { return false; } - + $sliced = array_slice($split, 2); $realPath = implode('/', $sliced); //remove the last .v $realPath = substr($realPath, 0, strrpos($realPath, '.v')); return $realPath; - } - + } + /** * @brief redirect to a error page */ - public static function redirectToErrorPage() { - $location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php'); - $post = 0; - if(count($_POST) > 0) { - $post = 1; + public static function redirectToErrorPage($util) { + + $l = \OC_L10N::get('files_encryption'); + + if ($util->getInitialized() === false) { + $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.'); + } else { + $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); } - header('Location: ' . $location . '?p=' . $post); - exit(); + + if(count($_POST) > 0) { + header('HTTP/1.0 404 ' . $errorMsg); + } + + // check if ajax request + if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { + \OCP\JSON::error(array('data' => array('message' => $errorMsg))); + } else { + header('HTTP/1.0 404 ' . $errorMsg); + $tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest'); + $tmpl->printPage(); + } + + exit; } /** @@ -259,7 +275,7 @@ class Helper { return (bool) $result; } - + /** * check some common errors if the server isn't configured properly for encryption * @return bool true if configuration seems to be OK diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index 335ea3733e..87b8dc3ee2 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -81,7 +81,7 @@ class Stream { * @return bool */ public function stream_open($path, $mode, $options, &$opened_path) { - + // assume that the file already exist before we decide it finally in getKey() $this->newFile = false; @@ -106,12 +106,12 @@ class Stream { if ($this->relPath === false) { $this->relPath = Helper::getPathToRealFile($this->rawPath); } - + if($this->relPath === false) { \OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to user/files or to user/files_versions', \OCP\Util::ERROR); return false; } - + // Disable fileproxies so we can get the file size and open the source file without recursive encryption $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; @@ -131,7 +131,7 @@ class Stream { if($this->privateKey === false) { // if private key is not valid redirect user to a error page - \OCA\Encryption\Helper::redirectToErrorPage(); + \OCA\Encryption\Helper::redirectToErrorPage($util); } $this->size = $this->rootView->filesize($this->rawPath, $mode); @@ -272,7 +272,7 @@ class Stream { } else { $this->newFile = true; - + return false; } @@ -296,9 +296,9 @@ class Stream { return strlen($data); } - // Disable the file proxies so that encryption is not - // automatically attempted when the file is written to disk - - // we are handling that separately here and we don't want to + // Disable the file proxies so that encryption is not + // automatically attempted when the file is written to disk - + // we are handling that separately here and we don't want to // get into an infinite loop $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; @@ -311,7 +311,7 @@ class Stream { $pointer = ftell($this->handle); // Get / generate the keyfile for the file we're handling - // If we're writing a new file (not overwriting an existing + // If we're writing a new file (not overwriting an existing // one), save the newly generated keyfile if (!$this->getKey()) { @@ -319,7 +319,7 @@ class Stream { } - // If extra data is left over from the last round, make sure it + // If extra data is left over from the last round, make sure it // is integrated into the next 6126 / 8192 block if ($this->writeCache) { @@ -344,12 +344,12 @@ class Stream { if ($remainingLength < 6126) { // Set writeCache to contents of $data - // The writeCache will be carried over to the - // next write round, and added to the start of - // $data to ensure that written blocks are - // always the correct length. If there is still - // data in writeCache after the writing round - // has finished, then the data will be written + // The writeCache will be carried over to the + // next write round, and added to the start of + // $data to ensure that written blocks are + // always the correct length. If there is still + // data in writeCache after the writing round + // has finished, then the data will be written // to disk by $this->flush(). $this->writeCache = $data; @@ -363,7 +363,7 @@ class Stream { $encrypted = $this->preWriteEncrypt($chunk, $this->plainKey); - // Write the data chunk to disk. This will be + // Write the data chunk to disk. This will be // attended to the last data chunk if the file // being handled totals more than 6126 bytes fwrite($this->handle, $encrypted); diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index b8d6862349..edb9564e73 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -37,6 +37,8 @@ class Util { const MIGRATION_IN_PROGRESS = -1; // migration is running const MIGRATION_OPEN = 0; // user still needs to be migrated + const ENCRYPTION_INITIALIZED = 1; + const ENCRYPTION_NOT_INITIALIZED = 0; private $view; // OC_FilesystemView object for filesystem operations private $userId; // ID of the currently logged-in user @@ -1216,6 +1218,56 @@ class Util { return $return; } + /** + * set remember if the encryption app was already initialized or not + * @param type $status + */ + public function setInitialized($status) { + $sql = 'UPDATE `*PREFIX*encryption` SET `initialized` = ? WHERE `uid` = ?'; + $args = array($status, $this->userId); + $query = \OCP\DB::prepare($sql); + $query->execute($args); + } + + /** + * set remember if the encryption app was already initialized or not + */ + public function getInitialized() { + $sql = 'SELECT `initialized` FROM `*PREFIX*encryption` WHERE `uid` = ?'; + $args = array($this->userId); + $query = \OCP\DB::prepare($sql); + + $result = $query->execute($args); + $initializedStatus = null; + + if (\OCP\DB::isError($result)) { + \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); + } else { + if ($result->numRows() > 0) { + $row = $result->fetchRow(); + if (isset($row['initialized'])) { + $initializedStatus = (int)$row['initialized']; + } + } + } + + // If no record is found + if (empty($initializedStatus)) { + \OCP\Util::writeLog('Encryption library', "Could not get initialized status for " . $this->userId . ", no record found", \OCP\Util::ERROR); + return false; + // If a record is found + } else { + return (bool)$initializedStatus; + } + + + + $sql = 'UPDATE `*PREFIX*encryption` SET `initialized` = ? WHERE `uid` = ?'; + $args = array($status, $this->userId); + $query = \OCP\DB::prepare($sql); + $query->execute($args); + } + /** * @brief close migration mode after users data has been encrypted successfully * @return boolean From 77adaee6457c3e17d0f0b32c74da4cdbfce60164 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 30 Aug 2013 13:53:49 +0200 Subject: [PATCH 02/80] enable user to inform recipients about a shared file by mail --- apps/files/index.php | 3 +- apps/files/templates/index.php | 1 + core/ajax/share.php | 106 +++++++++++++++++++++++++++++++-- core/css/share.css | 4 +- core/js/share.js | 39 ++++++++++-- db_structure.xml | 8 +++ lib/defaults.php | 31 +++++++++- lib/public/defaults.php | 19 ++++++ lib/public/share.php | 81 ++++++++++++++++++++++--- lib/util.php | 16 ++--- settings/admin.php | 5 +- settings/templates/admin.php | 10 +++- 12 files changed, 292 insertions(+), 31 deletions(-) diff --git a/apps/files/index.php b/apps/files/index.php index e4d8e35385..7f5f9ec474 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -131,7 +131,7 @@ if ($needUpgrade) { if ($trashEnabled) { $trashEmpty = \OCA\Files_Trashbin\Trashbin::isEmpty($user); } - + OCP\Util::addscript('files', 'fileactions'); OCP\Util::addscript('files', 'files'); OCP\Util::addscript('files', 'keyboardshortcuts'); @@ -151,5 +151,6 @@ if ($needUpgrade) { $tmpl->assign('isPublic', false); $tmpl->assign('publicUploadEnabled', $publicUploadEnabled); $tmpl->assign("encryptedFiles", \OCP\Util::encryptedFiles()); + $tmpl->assign("mailNotificationEnabled", \OC_Appconfig::getValue('core', 'shareapi_allow_mail_notification', 'yes')); $tmpl->printPage(); } diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php index 360874103f..e3fcecbe47 100644 --- a/apps/files/templates/index.php +++ b/apps/files/templates/index.php @@ -120,3 +120,4 @@ + diff --git a/core/ajax/share.php b/core/ajax/share.php index d3c6a8456a..3f6a995326 100644 --- a/core/ajax/share.php +++ b/core/ajax/share.php @@ -23,6 +23,8 @@ OC_JSON::checkLoggedIn(); OCP\JSON::callCheck(); OC_App::loadApps(); +$defaults = new \OCP\Defaults(); + if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSource'])) { switch ($_POST['action']) { case 'share': @@ -33,7 +35,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo if ($shareType === OCP\Share::SHARE_TYPE_LINK && $shareWith == '') { $shareWith = null; } - + $token = OCP\Share::shareItem( $_POST['itemType'], $_POST['itemSource'], @@ -41,7 +43,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo $shareWith, $_POST['permissions'] ); - + if (is_string($token)) { OC_JSON::success(array('data' => array('token' => $token))); } else { @@ -81,6 +83,102 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo ($return) ? OC_JSON::success() : OC_JSON::error(); } break; + case 'informRecipients': + + $l = OC_L10N::get('core'); + + $shareType = (int) $_POST['shareType']; + $itemType = $_POST['itemType']; + $itemSource = $_POST['itemSource']; + $recipient = $_POST['recipient']; + $from = \OCP\Util::getDefaultEmailAddress('sharing-noreply'); + $subject = $defaults->getShareNotificationSubject($itemType); + + $noMail = array(); + $recipientList = array(); + + if ($shareType === \OCP\Share::SHARE_TYPE_GROUP) { + $users = \OC_Group::usersInGroup($recipient); + foreach ($users as $user) { + $email = OC_Preferences::getValue($user, 'settings', 'email', ''); + if ($email !== '' || $recipient === \OCP\User::getUser()) { + $recipientList[] = array( + 'email' => $email, + 'displayName' => \OCP\User::getDisplayName($user), + 'uid' => $user, + ); + } else { + $noMail[] = \OCP\User::getDisplayName($user); + } + } + } else { // shared to a single user + $email = OC_Preferences::getValue($recipient, 'settings', 'email', ''); + if ($email !== '') { + $recipientList[] = array( + 'email' => $email, + 'displayName' => \OCP\User::getDisplayName($recipient), + 'uid' => $recipient, + ); + } else { + $noMail[] = \OCP\User::getDisplayName($recipient); + } + } + + // send mail to all recipients with an email address + foreach ($recipientList as $recipient) { + //get correct target folder name + + $users = \OCP\Share::getItemSharedWithUser($itemType, $itemSource, $recipient['uid']); + $targetName = $users[0]['file_target']; + + //$share = $shareManager->getShares($itemType, array('shareWith' => $recipient['uid'], 'isShareWithUser' => true, 'itemSource' => $itemSource)); + //$targetName = $share[0]->getItemTarget(); + if ($itemType === 'folder') { + $foldername = "/Shared/" . $targetName; + $filename = $targetName; + } else { + // if it is a file we can just link to the Shared folder, + // that's the place where the user will find the file + $foldername = "/Shared"; + $filename = $targetName; + } + + $url = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername)); + $text = $defaults->getShareNotificationText(\OCP\User::getDisplayName(), $filename, $itemType, $url); + + try { + OCP\Util::sendMail( + $recipient['email'], + $recipient['displayName'], + $subject, + $text, + $from, + \OCP\User::getDisplayName() + ); + } catch (Exception $exception) { + $noMail[] = \OCP\User::getDisplayName($recipient['displayName']); + } + } + + \OCP\Share::setSendMailStatus($itemType, $itemSource, $shareType, true); + + if (empty($noMail)) { + OCP\JSON::success(); + } else { + OCP\JSON::error(array('data' => array('message' => $l->t("Couldn't send mail to following users: %s ", implode(', ', $noMail))))); + } + break; + case 'informRecipientsDisabled': + $itemSource = $_POST['itemSource']; + $itemType = $_POST['itemType']; + $recipient = $_POST['recipient']; + //$share = $shareManager->getShares($itemType, array('shareWith' => $recipient, 'isShareWithUser' => true, 'itemSource' => $itemSource)); + //$share[0]->setMailSend(false); + //$shareManager->update($share[0]); + //write status to db + OCP\JSON::success(); + break; + case 'email': // read post variables $user = OCP\USER::getUser(); @@ -213,10 +311,10 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo } } $count = 0; - + // enable l10n support $l = OC_L10N::get('core'); - + foreach ($groups as $group) { if ($count < 15) { if (stripos($group, $_GET['search']) !== false diff --git a/core/css/share.css b/core/css/share.css index 2d6849b4bb..b6c5a0c139 100644 --- a/core/css/share.css +++ b/core/css/share.css @@ -11,7 +11,7 @@ margin-right:7em; position:absolute; right:0; - width:19em; + width:25em; z-index:500; padding:1em; } @@ -24,7 +24,7 @@ #shareWithList li { padding-top:.1em; } - + #shareWithList li:first-child { white-space:normal; } diff --git a/core/js/share.js b/core/js/share.js index 27c16f38b9..c806d83f10 100644 --- a/core/js/share.js +++ b/core/js/share.js @@ -217,9 +217,9 @@ OC.Share={ OC.Share.showLink(share.token, share.share_with, itemSource); } else { if (share.collection) { - OC.Share.addShareWith(share.share_type, share.share_with, share.share_with_displayname, share.permissions, possiblePermissions, share.collection); + OC.Share.addShareWith(share.share_type, share.share_with, share.share_with_displayname, share.permissions, possiblePermissions, share.mail_send, share.collection); } else { - OC.Share.addShareWith(share.share_type, share.share_with, share.share_with_displayname, share.permissions, possiblePermissions, false); + OC.Share.addShareWith(share.share_type, share.share_with, share.share_with_displayname, share.mail_send, share.permissions, possiblePermissions, share.mail_send, false); } } if (share.expiration != null) { @@ -299,7 +299,7 @@ OC.Share={ } }); }, - addShareWith:function(shareType, shareWith, shareWithDisplayName, permissions, possiblePermissions, collection) { + addShareWith:function(shareType, shareWith, shareWithDisplayName, permissions, possiblePermissions, mailSend, collection) { if (!OC.Share.itemShares[shareType]) { OC.Share.itemShares[shareType] = []; } @@ -341,6 +341,14 @@ OC.Share={ }else{ html += escapeHTML(shareWithDisplayName); } + mailNotificationEnabled = $('input:hidden[name=mailNotificationEnabled]').val(); + if (mailNotificationEnabled === 'yes') { + checked = ''; + if (mailSend === true) { + checked = 'checked'; + } + html += ''+t('core', 'notify user by email')+''; + } if (possiblePermissions & OC.PERMISSION_CREATE || possiblePermissions & OC.PERMISSION_UPDATE || possiblePermissions & OC.PERMISSION_DELETE) { if (editChecked == '') { html += ''; diff --git a/lib/public/share.php b/lib/public/share.php index eac6fab2b6..c2dd0096ab 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -1030,19 +1030,19 @@ class Share { if ($format == self::FORMAT_STATUSES) { if ($itemType == 'file' || $itemType == 'folder') { $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`,' - .' `share_type`, `file_source`, `path`, `expiration`, `storage`'; + .' `share_type`, `file_source`, `path`, `expiration`, `storage`, `mail_send`'; } else { - $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `expiration`'; + $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `expiration`, `mail_send`'; } } else { if (isset($uidOwner)) { if ($itemType == 'file' || $itemType == 'folder') { $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`,' .' `share_type`, `share_with`, `file_source`, `path`, `permissions`, `stime`,' - .' `expiration`, `token`, `storage`'; + .' `expiration`, `token`, `storage`, `storage`, `mail_send`'; } else { $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `permissions`,' - .' `stime`, `file_source`, `expiration`, `token`'; + .' `stime`, `file_source`, `expiration`, `token`, `storage`, `mail_send`'; } } else { if ($fileDependent) { @@ -1053,11 +1053,11 @@ class Share { $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, ' .'`share_type`, `share_with`, `file_source`, `path`, `file_target`, ' .'`permissions`, `expiration`, `storage`, `*PREFIX*filecache`.`parent` as `file_parent`, ' - .'`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`'; + .'`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`, `storage`, `mail_send`'; } else { $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, - `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`, `storage`'; + `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`, `storage`, `storage`, `mail_send`'; } } else { $select = '*'; From 36574241f821f0cbef2f52032b8187b99c5fce94 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 30 Aug 2013 16:21:52 +0200 Subject: [PATCH 04/80] some clean-up --- core/ajax/share.php | 85 ++++++++++++++++++--------------------------- 1 file changed, 33 insertions(+), 52 deletions(-) diff --git a/core/ajax/share.php b/core/ajax/share.php index 3f6a995326..9727f7d02e 100644 --- a/core/ajax/share.php +++ b/core/ajax/share.php @@ -97,66 +97,47 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo $noMail = array(); $recipientList = array(); - if ($shareType === \OCP\Share::SHARE_TYPE_GROUP) { - $users = \OC_Group::usersInGroup($recipient); - foreach ($users as $user) { - $email = OC_Preferences::getValue($user, 'settings', 'email', ''); - if ($email !== '' || $recipient === \OCP\User::getUser()) { - $recipientList[] = array( - 'email' => $email, - 'displayName' => \OCP\User::getDisplayName($user), - 'uid' => $user, - ); - } else { - $noMail[] = \OCP\User::getDisplayName($user); - } - } - } else { // shared to a single user - $email = OC_Preferences::getValue($recipient, 'settings', 'email', ''); - if ($email !== '') { - $recipientList[] = array( - 'email' => $email, - 'displayName' => \OCP\User::getDisplayName($recipient), - 'uid' => $recipient, - ); - } else { - $noMail[] = \OCP\User::getDisplayName($recipient); - } + if($shareType === \OCP\Share::SHARE_TYPE_USER) { + $recipientList[] = $recipient; + } elseif ($shareType === \OCP\Share::SHARE_TYPE_GROUP) { + $recipientList = \OC_Group::usersInGroup($recipient); } // send mail to all recipients with an email address foreach ($recipientList as $recipient) { //get correct target folder name + $email = OC_Preferences::getValue($recipient, 'settings', 'email', ''); - $users = \OCP\Share::getItemSharedWithUser($itemType, $itemSource, $recipient['uid']); - $targetName = $users[0]['file_target']; + if ($email !== '') { + $displayName = \OCP\User::getDisplayName($recipient); + $items = \OCP\Share::getItemSharedWithUser($itemType, $itemSource, $recipient); + $filename = $items[0]['file_target']; - //$share = $shareManager->getShares($itemType, array('shareWith' => $recipient['uid'], 'isShareWithUser' => true, 'itemSource' => $itemSource)); - //$targetName = $share[0]->getItemTarget(); - if ($itemType === 'folder') { - $foldername = "/Shared/" . $targetName; - $filename = $targetName; + if ($itemType === 'folder') { + $foldername = "/Shared/" . $filename; + } else { + // if it is a file we can just link to the Shared folder, + // that's the place where the user will find the file + $foldername = "/Shared"; + } + + $url = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername)); + $text = $defaults->getShareNotificationText(\OCP\User::getDisplayName(), $filename, $itemType, $url); + + try { + OCP\Util::sendMail( + $email, + $displayName, + $subject, + $text, + $from, + \OCP\User::getDisplayName() + ); + } catch (Exception $exception) { + $noMail[] = \OCP\User::getDisplayName($recipient['displayName']); + } } else { - // if it is a file we can just link to the Shared folder, - // that's the place where the user will find the file - $foldername = "/Shared"; - $filename = $targetName; - } - - $url = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername)); - $text = $defaults->getShareNotificationText(\OCP\User::getDisplayName(), $filename, $itemType, $url); - - try { - OCP\Util::sendMail( - $recipient['email'], - $recipient['displayName'], - $subject, - $text, - $from, - \OCP\User::getDisplayName() - ); - } catch (Exception $exception) { - $noMail[] = \OCP\User::getDisplayName($recipient['displayName']); + $noMail[] = \OCP\User::getDisplayName($recipient); } } From 65ddefc89d6730f3c32727bddae2895232c66a62 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 30 Aug 2013 16:29:22 +0200 Subject: [PATCH 05/80] set sendMail status back to false --- core/ajax/share.php | 8 +++----- core/js/share.js | 4 +--- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/core/ajax/share.php b/core/ajax/share.php index 9727f7d02e..76a67f5472 100644 --- a/core/ajax/share.php +++ b/core/ajax/share.php @@ -134,7 +134,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo \OCP\User::getDisplayName() ); } catch (Exception $exception) { - $noMail[] = \OCP\User::getDisplayName($recipient['displayName']); + $noMail[] = \OCP\User::getDisplayName($recipient); } } else { $noMail[] = \OCP\User::getDisplayName($recipient); @@ -151,12 +151,10 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo break; case 'informRecipientsDisabled': $itemSource = $_POST['itemSource']; + $shareType = $_POST['shareType']; $itemType = $_POST['itemType']; $recipient = $_POST['recipient']; - //$share = $shareManager->getShares($itemType, array('shareWith' => $recipient, 'isShareWithUser' => true, 'itemSource' => $itemSource)); - //$share[0]->setMailSend(false); - //$shareManager->update($share[0]); - //write status to db + \OCP\Share::setSendMailStatus($itemType, $itemSource, $shareType, false); OCP\JSON::success(); break; diff --git a/core/js/share.js b/core/js/share.js index 7d7f580c9b..e253f77ef2 100644 --- a/core/js/share.js +++ b/core/js/share.js @@ -695,9 +695,7 @@ $(document).ready(function() { } }); - $(document).on('click', '#dropdown input[name=mailNotification]', function(event) { - event.preventDefault(); - event.stopPropagation(); + $(document).on('click', '#dropdown input[name=mailNotification]', function() { var li = $(this).parent(); var itemType = $('#dropdown').data('item-type'); var itemSource = $('#dropdown').data('item-source'); From e7959f4fd23ff3354db7b876db2c3e595044bc4c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 30 Aug 2013 16:52:06 +0200 Subject: [PATCH 06/80] don't send mail to the user who shared the file --- core/ajax/share.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/core/ajax/share.php b/core/ajax/share.php index 76a67f5472..0cf4b246f9 100644 --- a/core/ajax/share.php +++ b/core/ajax/share.php @@ -103,6 +103,9 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo $recipientList = \OC_Group::usersInGroup($recipient); } + // don't send a mail to the user who shared the file + array_diff($recipientList, [\OCP\User::getUser()]); + // send mail to all recipients with an email address foreach ($recipientList as $recipient) { //get correct target folder name From 4bbefdf608fdf930fa6fd1f783d6f58267752394 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 30 Aug 2013 17:20:10 +0200 Subject: [PATCH 07/80] add expiration date if it is already set --- core/ajax/share.php | 8 ++++++-- lib/defaults.php | 11 ++++++++--- lib/public/defaults.php | 5 +++-- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/core/ajax/share.php b/core/ajax/share.php index 0cf4b246f9..8b5191e655 100644 --- a/core/ajax/share.php +++ b/core/ajax/share.php @@ -114,7 +114,11 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo if ($email !== '') { $displayName = \OCP\User::getDisplayName($recipient); $items = \OCP\Share::getItemSharedWithUser($itemType, $itemSource, $recipient); - $filename = $items[0]['file_target']; + $filename = trim($items[0]['file_target'], '/'); + $expiration = null; + if (isset($items[0]['expiration'])) { + $expiration = $items[0]['expiration']; + } if ($itemType === 'folder') { $foldername = "/Shared/" . $filename; @@ -125,7 +129,7 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo } $url = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername)); - $text = $defaults->getShareNotificationText(\OCP\User::getDisplayName(), $filename, $itemType, $url); + $text = $defaults->getShareNotificationText(\OCP\User::getDisplayName(), $filename, $itemType, $url, $expiration); try { OCP\Util::sendMail( diff --git a/lib/defaults.php b/lib/defaults.php index 26f417ae2a..0685fbb16c 100644 --- a/lib/defaults.php +++ b/lib/defaults.php @@ -65,12 +65,17 @@ class OC_Defaults { * @param string $itemName name of the file/folder * @param string $itemType typically "file" or "folder" * @param string $link link directly to the file/folder in your ownCloud + * @param string $expiration expiration date */ - public function getShareNotificationText($sender, $itemName, $itemType, $link) { + public function getShareNotificationText($sender, $itemName, $itemType, $link, $expiration=null) { if ($this->themeExist('getShareNotificationText')) { - return $this->theme->getShareNotificationText($sender, $itemName, $itemType, $link); + return $this->theme->getShareNotificationText($sender, $itemName, $itemType, $link, $expiration); } else { - return $this->l->t("%s shared a %s called %s with you. You can find the %s here: %s", array($sender, $itemType, $itemName, $itemType, $link)); + if ($expiration) { + return $this->l->t("%s shared a %s called %s with you. The share will expire at %s. You can find the %s here: %s", array($sender, $itemType, $itemName, $expiration, $itemType, $link)); + } else { + return $this->l->t("%s shared a %s called %s with you. You can find the %s here: %s", array($sender, $itemType, $itemName, $itemType, $link)); + } } } diff --git a/lib/public/defaults.php b/lib/public/defaults.php index 9c8c3c0bda..573831e8ea 100644 --- a/lib/public/defaults.php +++ b/lib/public/defaults.php @@ -48,9 +48,10 @@ class Defaults { * @param string $itemName name of the file/folder * @param string $itemType typically "file" or "folder" * @param string $link link directly to the file/folder in your ownCloud + * @param string $expiration expiration date */ - public function getShareNotificationText($sender, $itemName, $itemType, $link) { - return $this->defaults->getShareNotificationText($sender, $itemName, $itemType, $link); + public function getShareNotificationText($sender, $itemName, $itemType, $link, $expiration) { + return $this->defaults->getShareNotificationText($sender, $itemName, $itemType, $link, $expiration); } /** From bab63c22eea058ea619de5c021d16803ba48ab8d Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 11:26:11 +0200 Subject: [PATCH 08/80] encryption error messages, distinguish between a re-enabled encryption app and a password change from outside --- apps/files_encryption/appinfo/database.xml | 7 --- apps/files_encryption/hooks/hooks.php | 8 +-- apps/files_encryption/lib/helper.php | 4 +- apps/files_encryption/lib/session.php | 27 +++++++++ apps/files_encryption/lib/stream.php | 2 +- apps/files_encryption/lib/util.php | 60 ++----------------- apps/files_encryption/settings-personal.php | 5 +- .../templates/settings-personal.php | 10 ++-- settings/ajax/changepassword.php | 2 +- settings/templates/personal.php | 2 +- 10 files changed, 48 insertions(+), 79 deletions(-) diff --git a/apps/files_encryption/appinfo/database.xml b/apps/files_encryption/appinfo/database.xml index cd5434b8c2..4587930da0 100644 --- a/apps/files_encryption/appinfo/database.xml +++ b/apps/files_encryption/appinfo/database.xml @@ -34,13 +34,6 @@ 0 Whether encryption migration has been performed - - initialized - integer - true - 0 - Did the user initialized the encryption app at least once - \ No newline at end of file diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index aefb274e1c..4c6122b7c2 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -70,8 +70,6 @@ class Hooks { // If migration not yet done if ($ready) { - $util->setInitialized(Util::ENCRYPTION_INITIALIZED); - $userView = new \OC_FilesystemView('/' . $params['uid']); // Set legacy encryption key if it exists, to support @@ -145,7 +143,6 @@ class Hooks { * @brief If the password can't be changed within ownCloud, than update the key password in advance. */ public static function preSetPassphrase($params) { - return true; if ( ! \OC_User::canUserChangePassword($params['uid']) ) { self::setPassphrase($params); } @@ -156,7 +153,6 @@ class Hooks { * @param array $params keys: uid, password */ public static function setPassphrase($params) { - return true; // Only attempt to change passphrase if server-side encryption // is in use (client-side encryption does not have access to // the necessary keys) @@ -550,8 +546,8 @@ class Hooks { $setMigrationStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0'); $setMigrationStatus->execute(); - $setInitStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `initialized`=0'); - $setInitStatus->execute(); + $session = new \OCA\Encryption\Session(new \OC\Files\View('/')); + $session->setInitialized(false); } } diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 105c5357e9..7d466b8852 100755 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -235,11 +235,11 @@ class Helper { /** * @brief redirect to a error page */ - public static function redirectToErrorPage($util) { + public static function redirectToErrorPage($session) { $l = \OC_L10N::get('files_encryption'); - if ($util->getInitialized() === false) { + if ($session->getInitialized() === false) { $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.'); } else { $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index 1911386cd1..f5ce7083af 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -112,6 +112,33 @@ class Session { } + /** + * @brief Sets status if we tried to initialize the encyption app + * @param bool $privateKey true=initialized false=not initialized + * @return bool + */ + public function setInitialized($init) { + + \OC::$session->set('encryptionInitialized', $init); + + return true; + + } + + + /** + * @brief Gets status if we already tried to initialize the encryption app + * @returns bool + * + */ + public function getInitialized() { + if (!is_null(\OC::$session->get('encryptionInitialized'))) { + return \OC::$session->get('encryptionInitialized'); + } else { + return false; + } + } + /** * @brief Gets user or public share private key from session * @returns string $privateKey The user's plaintext private key diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index 87b8dc3ee2..9215352aa7 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -131,7 +131,7 @@ class Stream { if($this->privateKey === false) { // if private key is not valid redirect user to a error page - \OCA\Encryption\Helper::redirectToErrorPage($util); + \OCA\Encryption\Helper::redirectToErrorPage($this->session); } $this->size = $this->rootView->filesize($this->rawPath, $mode); diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index edb9564e73..17096a787f 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -37,9 +37,6 @@ class Util { const MIGRATION_IN_PROGRESS = -1; // migration is running const MIGRATION_OPEN = 0; // user still needs to be migrated - const ENCRYPTION_INITIALIZED = 1; - const ENCRYPTION_NOT_INITIALIZED = 0; - private $view; // OC_FilesystemView object for filesystem operations private $userId; // ID of the currently logged-in user private $client; // Client side encryption mode flag @@ -1218,56 +1215,6 @@ class Util { return $return; } - /** - * set remember if the encryption app was already initialized or not - * @param type $status - */ - public function setInitialized($status) { - $sql = 'UPDATE `*PREFIX*encryption` SET `initialized` = ? WHERE `uid` = ?'; - $args = array($status, $this->userId); - $query = \OCP\DB::prepare($sql); - $query->execute($args); - } - - /** - * set remember if the encryption app was already initialized or not - */ - public function getInitialized() { - $sql = 'SELECT `initialized` FROM `*PREFIX*encryption` WHERE `uid` = ?'; - $args = array($this->userId); - $query = \OCP\DB::prepare($sql); - - $result = $query->execute($args); - $initializedStatus = null; - - if (\OCP\DB::isError($result)) { - \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); - } else { - if ($result->numRows() > 0) { - $row = $result->fetchRow(); - if (isset($row['initialized'])) { - $initializedStatus = (int)$row['initialized']; - } - } - } - - // If no record is found - if (empty($initializedStatus)) { - \OCP\Util::writeLog('Encryption library', "Could not get initialized status for " . $this->userId . ", no record found", \OCP\Util::ERROR); - return false; - // If a record is found - } else { - return (bool)$initializedStatus; - } - - - - $sql = 'UPDATE `*PREFIX*encryption` SET `initialized` = ? WHERE `uid` = ?'; - $args = array($status, $this->userId); - $query = \OCP\DB::prepare($sql); - $query->execute($args); - } - /** * @brief close migration mode after users data has been encrypted successfully * @return boolean @@ -1774,6 +1721,11 @@ class Util { */ public function initEncryption($params) { + $session = new \OCA\Encryption\Session($this->view); + + // we tried to initialize the encryption app for this session + $session->setInitialized(true); + $encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']); $privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']); @@ -1784,8 +1736,6 @@ class Util { return false; } - $session = new \OCA\Encryption\Session($this->view); - $session->setPrivateKey($privateKey); return $session; diff --git a/apps/files_encryption/settings-personal.php b/apps/files_encryption/settings-personal.php index 589219f32a..c0c91bdf65 100644 --- a/apps/files_encryption/settings-personal.php +++ b/apps/files_encryption/settings-personal.php @@ -16,7 +16,9 @@ $view = new \OC_FilesystemView('/'); $util = new \OCA\Encryption\Util($view, $user); $session = new \OCA\Encryption\Session($view); -$privateKeySet = $session->getPrivateKey() !== false; +$privateKeySet = $session->getPrivateKey() !== false; +// was the key successfully initialized during log-in +$initialized = $session->getInitialized(); $recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled'); $recoveryEnabledForUser = $util->recoveryEnabledForUser(); @@ -31,6 +33,7 @@ if ($recoveryAdminEnabled || !$privateKeySet) { $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser); $tmpl->assign('privateKeySet', $privateKeySet); + $tmpl->assign('initialized', $initialized); $result = $tmpl->fetchPage(); } diff --git a/apps/files_encryption/templates/settings-personal.php b/apps/files_encryption/templates/settings-personal.php index 3851245320..ff04556dd5 100644 --- a/apps/files_encryption/templates/settings-personal.php +++ b/apps/files_encryption/templates/settings-personal.php @@ -4,7 +4,7 @@ t( 'Encryption' ) ); ?> - +


t( "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" ) ); ?>
- /> t( "Enabled" ) ); ?>
- - t('Your password was changed');?>

- From 5e508f1ccbd3b83ed11f7eab35fea43e1583caf3 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 11:34:28 +0200 Subject: [PATCH 09/80] improved documentation of the methods --- apps/files_encryption/lib/session.php | 3 +++ apps/files_encryption/settings-personal.php | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index f5ce7083af..648e6e9ab0 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -116,6 +116,8 @@ class Session { * @brief Sets status if we tried to initialize the encyption app * @param bool $privateKey true=initialized false=not initialized * @return bool + * + * @note this doesn not indicate of the init was successful, we just remeber the try! */ public function setInitialized($init) { @@ -130,6 +132,7 @@ class Session { * @brief Gets status if we already tried to initialize the encryption app * @returns bool * + * @note this doesn not indicate of the init was successful, we just remeber the try! */ public function getInitialized() { if (!is_null(\OC::$session->get('encryptionInitialized'))) { diff --git a/apps/files_encryption/settings-personal.php b/apps/files_encryption/settings-personal.php index c0c91bdf65..ffcb99602e 100644 --- a/apps/files_encryption/settings-personal.php +++ b/apps/files_encryption/settings-personal.php @@ -17,7 +17,7 @@ $util = new \OCA\Encryption\Util($view, $user); $session = new \OCA\Encryption\Session($view); $privateKeySet = $session->getPrivateKey() !== false; -// was the key successfully initialized during log-in +// did we tried to initialize the keys for this session? $initialized = $session->getInitialized(); $recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled'); From 6572ca811fc56c71b4efc970668741630acbd63c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 11:36:20 +0200 Subject: [PATCH 10/80] error.php no longer needed --- apps/files_encryption/files/error.php | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 apps/files_encryption/files/error.php diff --git a/apps/files_encryption/files/error.php b/apps/files_encryption/files/error.php deleted file mode 100644 index 7a2bb1a281..0000000000 --- a/apps/files_encryption/files/error.php +++ /dev/null @@ -1,23 +0,0 @@ -t('Your private key is not valid! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app. If this doesn\'t help maybe your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); - - if(isset($_GET['p']) && $_GET['p'] === '1') { - header('HTTP/1.0 404 ' . $errorMsg); - } - - // check if ajax request - if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { - \OCP\JSON::error(array('data' => array('message' => $errorMsg))); - } else { - header('HTTP/1.0 404 ' . $errorMsg); - $tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest'); - $tmpl->printPage(); - } - - exit; -} From 983da0d78fe13814fb771eb90dd2f10a89e0bcc6 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 17:01:10 +0200 Subject: [PATCH 11/80] fix db queries --- lib/public/share.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index c2dd0096ab..cb55c5c975 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -1053,11 +1053,11 @@ class Share { $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, ' .'`share_type`, `share_with`, `file_source`, `path`, `file_target`, ' .'`permissions`, `expiration`, `storage`, `*PREFIX*filecache`.`parent` as `file_parent`, ' - .'`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`, `storage`, `mail_send`'; + .'`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`, `mail_send`'; } else { $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, - `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`, `storage`, `storage`, `mail_send`'; + `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`, `storage`, `mail_send`'; } } else { $select = '*'; From 931e90634e905816e5ec8db3d10f9446c1b1eacc Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 17:03:35 +0200 Subject: [PATCH 12/80] fix db queries --- lib/public/share.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index cb55c5c975..4461a1d421 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -1039,10 +1039,10 @@ class Share { if ($itemType == 'file' || $itemType == 'folder') { $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`,' .' `share_type`, `share_with`, `file_source`, `path`, `permissions`, `stime`,' - .' `expiration`, `token`, `storage`, `storage`, `mail_send`'; + .' `expiration`, `token`, `storage`, `mail_send`'; } else { $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `permissions`,' - .' `stime`, `file_source`, `expiration`, `token`, `storage`, `mail_send`'; + .' `stime`, `file_source`, `expiration`, `token`, `mail_send`'; } } else { if ($fileDependent) { From 7ce54f7b3a86c4cc1301cb6d96f3029c7047a95b Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 17:09:26 +0200 Subject: [PATCH 13/80] revert submodule reference changes --- 3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty b/3rdparty index 21b466b72c..dc87ea6302 160000 --- a/3rdparty +++ b/3rdparty @@ -1 +1 @@ -Subproject commit 21b466b72cdd4c823c011669593ecef1defb1f3c +Subproject commit dc87ea630287f27502eba825fbb19fcc33c34c86 From 3ce4bf5ec70ed4cfd0e6d619e2f7ae0a1bfdb06c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 2 Sep 2013 17:14:11 +0200 Subject: [PATCH 14/80] use css class hidden to hide setting elements --- settings/templates/admin.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/settings/templates/admin.php b/settings/templates/admin.php index 22cf946803..72e93e78da 100644 --- a/settings/templates/admin.php +++ b/settings/templates/admin.php @@ -128,7 +128,7 @@ if (!$_['internetconnectionworking']) { - > + > />
@@ -137,7 +137,7 @@ if (!$_['internetconnectionworking']) { - > + > />
@@ -146,7 +146,7 @@ if (!$_['internetconnectionworking']) { - > + > />
@@ -154,7 +154,7 @@ if (!$_['internetconnectionworking']) { - > + > />
@@ -164,7 +164,7 @@ if (!$_['internetconnectionworking']) { - > + > />
From fd7469db9e1cd1fd85e3a8a18aac87c7040ec8e7 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 3 Sep 2013 13:37:06 +0200 Subject: [PATCH 15/80] coding-style fixes --- core/ajax/share.php | 16 ++++++++++++++-- core/js/share.js | 2 +- lib/defaults.php | 9 +++++++-- 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/core/ajax/share.php b/core/ajax/share.php index 1e954ac4f9..8f5432a0fc 100644 --- a/core/ajax/share.php +++ b/core/ajax/share.php @@ -129,7 +129,13 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo } $url = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername)); - $text = $defaults->getShareNotificationText(\OCP\User::getDisplayName(), $filename, $itemType, $url, $expiration); + $text = $defaults->getShareNotificationText( + \OCP\User::getDisplayName(), + $filename, + $itemType, + $url, + $expiration + ); try { OCP\Util::sendMail( @@ -153,7 +159,13 @@ if (isset($_POST['action']) && isset($_POST['itemType']) && isset($_POST['itemSo if (empty($noMail)) { OCP\JSON::success(); } else { - OCP\JSON::error(array('data' => array('message' => $l->t("Couldn't send mail to following users: %s ", implode(', ', $noMail))))); + OCP\JSON::error(array( + 'data' => array( + 'message' => $l->t("Couldn't send mail to following users: %s ", + implode(', ', $noMail) + ) + ) + )); } break; case 'informRecipientsDisabled': diff --git a/core/js/share.js b/core/js/share.js index e253f77ef2..763713e7cf 100644 --- a/core/js/share.js +++ b/core/js/share.js @@ -493,7 +493,7 @@ $(document).ready(function() { $('input:[type=checkbox]', this).hide(); $('label', this).hide(); } - } else { + } else { $('a.unshare', this).hide(); } }); diff --git a/lib/defaults.php b/lib/defaults.php index 0685fbb16c..efb6c2c7b3 100644 --- a/lib/defaults.php +++ b/lib/defaults.php @@ -72,9 +72,14 @@ class OC_Defaults { return $this->theme->getShareNotificationText($sender, $itemName, $itemType, $link, $expiration); } else { if ($expiration) { - return $this->l->t("%s shared a %s called %s with you. The share will expire at %s. You can find the %s here: %s", array($sender, $itemType, $itemName, $expiration, $itemType, $link)); + return $this->l->t("%s shared a %s called %s with you. " . + "The share will expire at %s. ". + "You can find the %s here: %s", + array($sender, $itemType, $itemName, $expiration, $itemType, $link)); } else { - return $this->l->t("%s shared a %s called %s with you. You can find the %s here: %s", array($sender, $itemType, $itemName, $itemType, $link)); + return $this->l->t("%s shared a %s called %s with you. ". + "You can find the %s here: %s", + array($sender, $itemType, $itemName, $itemType, $link)); } } } From 69b1625f0e368e65771fef473f4b4d4a13456354 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 6 Sep 2013 12:27:25 +0200 Subject: [PATCH 16/80] re-added error.php --- apps/files_encryption/files/error.php | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 apps/files_encryption/files/error.php diff --git a/apps/files_encryption/files/error.php b/apps/files_encryption/files/error.php new file mode 100644 index 0000000000..ac0c026916 --- /dev/null +++ b/apps/files_encryption/files/error.php @@ -0,0 +1,33 @@ +t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.'); + $init = '0'; + } else { + $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); + $init = '1'; + } + + if (isset($_GET['p']) && $_GET['p'] === '1') { + header('HTTP/1.0 404 ' . $errorMsg); + } + +// check if ajax request + if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { + \OCP\JSON::error(array('data' => array('message' => $errorMsg))); + } else { + header('HTTP/1.0 404 ' . $errorMsg); + $tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest'); + $tmpl->assign('message', $errorMsg); + $tmpl->assign('init', $init); + $tmpl->printPage(); + } + + exit; +} + From fb462e83ccde5c46565c23545c5eb894acbd6fd3 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 6 Sep 2013 12:27:40 +0200 Subject: [PATCH 17/80] no longer enforce log out, but provide useful errors/warnings instead --- apps/files/index.php | 7 ++++- apps/files/js/files.js | 9 +++++++ apps/files/templates/index.php | 1 + .../ajax/updatePrivateKeyPassword.php | 1 + apps/files_encryption/appinfo/app.php | 17 ------------ apps/files_encryption/hooks/hooks.php | 2 +- apps/files_encryption/lib/helper.php | 27 +++++-------------- apps/files_encryption/lib/session.php | 15 +++++++---- apps/files_encryption/lib/stream.php | 2 +- apps/files_encryption/lib/util.php | 3 ++- .../templates/invalid_private_key.php | 6 +++-- 11 files changed, 42 insertions(+), 48 deletions(-) diff --git a/apps/files/index.php b/apps/files/index.php index f1e120c872..b81ba2bdde 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -124,8 +124,12 @@ if ($needUpgrade) { $storageInfo=OC_Helper::getStorageInfo($dir); $maxUploadFilesize=OCP\Util::maxUploadFilesize($dir); $publicUploadEnabled = \OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes'); + // if the encryption app is disabled, than everything is fine + $encryptionInitStatus = \OCA\Encryption\Session::INIT_SUCCESSFUL; if (OC_App::isEnabled('files_encryption')) { $publicUploadEnabled = 'no'; + $session = new \OCA\Encryption\Session(new \OC\Files\View('/')); + $encryptionInitStatus = $session->getInitialized(); } $trashEnabled = \OCP\App::isEnabled('files_trashbin'); @@ -133,7 +137,7 @@ if ($needUpgrade) { if ($trashEnabled) { $trashEmpty = \OCA\Files_Trashbin\Trashbin::isEmpty($user); } - + OCP\Util::addscript('files', 'fileactions'); OCP\Util::addscript('files', 'files'); OCP\Util::addscript('files', 'keyboardshortcuts'); @@ -153,5 +157,6 @@ if ($needUpgrade) { $tmpl->assign('isPublic', false); $tmpl->assign('publicUploadEnabled', $publicUploadEnabled); $tmpl->assign("encryptedFiles", \OCP\Util::encryptedFiles()); + $tmpl->assign("encryptionInitStatus", $encryptionInitStatus); $tmpl->printPage(); } diff --git a/apps/files/js/files.js b/apps/files/js/files.js index d729077ea7..63c3544b53 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -90,6 +90,15 @@ Files={ } var encryptedFiles = $('#encryptedFiles').val(); + var initStatus = $('#encryptionInitStatus').val(); + if (initStatus === '0') { // enc not initialized, but should be + OC.Notification.show(t('files_encryption', 'Encryption App is enabled but your keys are not initialized, please log-out and log-in again')); + return; + } + if (initStatus === '1') { // encryption tried to init but failed + OC.Notification.show(t('files_encryption', 'Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.')); + return; + } if (encryptedFiles === '1') { OC.Notification.show(t('files_encryption', 'Encryption was disabled but your files are still encrypted. Please go to your personal settings to decrypt your files.')); return; diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php index 24cb8c2fe5..e17273e47b 100644 --- a/apps/files/templates/index.php +++ b/apps/files/templates/index.php @@ -123,3 +123,4 @@ + \ No newline at end of file diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php index 1e6644da57..29c72952ae 100644 --- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php +++ b/apps/files_encryption/ajax/updatePrivateKeyPassword.php @@ -48,6 +48,7 @@ if ($decryptedKey) { // success or failure if ($return) { + $session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL); \OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.')))); } else { \OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.')))); diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index 90a9984e27..cd26cd10cd 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -41,23 +41,6 @@ if (!OC_Config::getValue('maintenance', false)) { if($sessionReady) { $session = new \OCA\Encryption\Session($view); } - - $user = \OCP\USER::getUser(); - // check if user has a private key - if ($sessionReady === false - || (!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key') - && OCA\Encryption\Crypt::mode() === 'server') - ) { - - // Force the user to log-in again if the encryption key isn't unlocked - // (happens when a user is logged in before the encryption app is - // enabled) - OCP\User::logout(); - - header("Location: " . OC::$WEBROOT . '/'); - - exit(); - } } } else { // logout user if we are in maintenance to force re-login diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 4c6122b7c2..c945deeea0 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -547,7 +547,7 @@ class Hooks { $setMigrationStatus->execute(); $session = new \OCA\Encryption\Session(new \OC\Files\View('/')); - $session->setInitialized(false); + $session->setInitialized(\OCA\Encryption\Session::NOT_INITIALIZED); } } diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 7d466b8852..048473ce84 100755 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -237,28 +237,15 @@ class Helper { */ public static function redirectToErrorPage($session) { - $l = \OC_L10N::get('files_encryption'); - - if ($session->getInitialized() === false) { - $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.'); - } else { - $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'); - } + $init = $session->getInitialized(); + $location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php'); + $post = 0; if(count($_POST) > 0) { - header('HTTP/1.0 404 ' . $errorMsg); - } - - // check if ajax request - if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { - \OCP\JSON::error(array('data' => array('message' => $errorMsg))); - } else { - header('HTTP/1.0 404 ' . $errorMsg); - $tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest'); - $tmpl->printPage(); - } - - exit; + $post = 1; + } + header('Location: ' . $location . '?p=' . $post . '&i=' . $init); + exit(); } /** diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index 648e6e9ab0..25f2198181 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -30,6 +30,11 @@ class Session { private $view; + const NOT_INITIALIZED = '0'; + const INIT_EXECUTED = '1'; + const INIT_SUCCESSFUL = '2'; + + /** * @brief if session is started, check if ownCloud key pair is set up, if not create it * @param \OC_FilesystemView $view @@ -113,10 +118,10 @@ class Session { } /** - * @brief Sets status if we tried to initialize the encyption app - * @param bool $privateKey true=initialized false=not initialized + * @brief Sets status of encryption app + * @param string $init INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INOITIALIZED * @return bool - * + * * @note this doesn not indicate of the init was successful, we just remeber the try! */ public function setInitialized($init) { @@ -130,7 +135,7 @@ class Session { /** * @brief Gets status if we already tried to initialize the encryption app - * @returns bool + * @returns init status INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INOITIALIZED * * @note this doesn not indicate of the init was successful, we just remeber the try! */ @@ -138,7 +143,7 @@ class Session { if (!is_null(\OC::$session->get('encryptionInitialized'))) { return \OC::$session->get('encryptionInitialized'); } else { - return false; + return self::NOT_INITIALIZED; } } diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index 9215352aa7..c6db10ce40 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -128,7 +128,7 @@ class Stream { $this->unencryptedSize = 0; } else { - +\OCA\Encryption\Helper::redirectToErrorPage($this->session); if($this->privateKey === false) { // if private key is not valid redirect user to a error page \OCA\Encryption\Helper::redirectToErrorPage($this->session); diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 17096a787f..7a19f95464 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -1724,7 +1724,7 @@ class Util { $session = new \OCA\Encryption\Session($this->view); // we tried to initialize the encryption app for this session - $session->setInitialized(true); + $session->setInitialized(\OCA\Encryption\Session::INIT_EXECUTED); $encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']); @@ -1737,6 +1737,7 @@ class Util { } $session->setPrivateKey($privateKey); + $session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL); return $session; } diff --git a/apps/files_encryption/templates/invalid_private_key.php b/apps/files_encryption/templates/invalid_private_key.php index 5c086d6514..9af65f831b 100644 --- a/apps/files_encryption/templates/invalid_private_key.php +++ b/apps/files_encryption/templates/invalid_private_key.php @@ -2,9 +2,11 @@
  • - t('Your private key is not valid! Maybe the your password was changed from outside.')); ?> +
    - t('You can unlock your private key in your ')); ?>     t('personal settings')); ?>. + + p($l->t('Go directly to your ')); ?> t('personal settings')); ?>. +
    • From 1558cb860c2fb26fdde14fce2a16acbb29d12b3e Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 6 Sep 2013 13:16:48 +0200 Subject: [PATCH 18/80] remove test code --- apps/files_encryption/lib/stream.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index c6db10ce40..9215352aa7 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -128,7 +128,7 @@ class Stream { $this->unencryptedSize = 0; } else { -\OCA\Encryption\Helper::redirectToErrorPage($this->session); + if($this->privateKey === false) { // if private key is not valid redirect user to a error page \OCA\Encryption\Helper::redirectToErrorPage($this->session); From 5fb0e257a4e7b16024389261cfe924f53deb69ae Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 18 Sep 2013 16:03:53 +0200 Subject: [PATCH 19/80] let user repeat the recovery key password to prevent typos --- apps/files_encryption/js/settings-admin.js | 36 ++++++++++--------- .../templates/settings-admin.php | 28 +++++++++------ 2 files changed, 37 insertions(+), 27 deletions(-) diff --git a/apps/files_encryption/js/settings-admin.js b/apps/files_encryption/js/settings-admin.js index 6647c621e7..82fdb51708 100644 --- a/apps/files_encryption/js/settings-admin.js +++ b/apps/files_encryption/js/settings-admin.js @@ -1,6 +1,6 @@ /** - * Copyright (c) 2013, Sam Tuke , Robin Appelman - * + * Copyright (c) 2013, Sam Tuke , Robin Appelman + * , Bjoern Schiessle * This file is licensed under the Affero General Public License version 3 or later. * See the COPYING-README file. */ @@ -31,22 +31,23 @@ $(document).ready(function(){ // Trigger ajax on recoveryAdmin status change var enabledStatus = $('#adminEnableRecovery').val(); - $('input:password[name="recoveryPassword"]').keyup(function(event) { - var recoveryPassword = $( '#recoveryPassword' ).val(); + $('input:password[name="encryptionRecoveryPassword"]').keyup(function(event) { + var recoveryPassword = $( '#encryptionRecoveryPassword' ).val(); + var recoveryPasswordRepeated = $( '#repeatEncryptionRecoveryPassword' ).val(); var checkedButton = $('input:radio[name="adminEnableRecovery"]:checked').val(); var uncheckedValue = (1+parseInt(checkedButton)) % 2; - if (recoveryPassword != '' ) { + if (recoveryPassword !== '' && recoveryPassword === recoveryPasswordRepeated) { $('input:radio[name="adminEnableRecovery"][value="'+uncheckedValue.toString()+'"]').removeAttr("disabled"); } else { $('input:radio[name="adminEnableRecovery"][value="'+uncheckedValue.toString()+'"]').attr("disabled", "true"); } }); - $( 'input:radio[name="adminEnableRecovery"]' ).change( + $( 'input:radio[name="adminEnableRecovery"]' ).change( function() { var recoveryStatus = $( this ).val(); var oldStatus = (1+parseInt(recoveryStatus)) % 2; - var recoveryPassword = $( '#recoveryPassword' ).val(); + var recoveryPassword = $( '#encryptionRecoveryPassword' ).val(); $.post( OC.filePath( 'files_encryption', 'ajax', 'adminrecovery.php' ) , { adminEnableRecovery: recoveryStatus, recoveryPassword: recoveryPassword } @@ -57,11 +58,10 @@ $(document).ready(function(){ } else { OC.Notification.hide(); if (recoveryStatus === "0") { - $('button:button[name="submitChangeRecoveryKey"]').attr("disabled", "true"); - $('input:password[name="changeRecoveryPassword"]').attr("disabled", "true"); - $('input:password[name="changeRecoveryPassword"]').val(""); + $('p[name="changeRecoveryPasswordBlock"]').attr("class", "hidden"); } else { - $('input:password[name="changeRecoveryPassword"]').removeAttr("disabled"); + $('input:password[name="changeRecoveryPassword"]').val(""); + $('p[name="changeRecoveryPasswordBlock"]').removeAttr("class"); } } } @@ -72,9 +72,11 @@ $(document).ready(function(){ // change recovery password $('input:password[name="changeRecoveryPassword"]').keyup(function(event) { - var oldRecoveryPassword = $('input:password[id="oldRecoveryPassword"]').val(); - var newRecoveryPassword = $('input:password[id="newRecoveryPassword"]').val(); - if (newRecoveryPassword != '' && oldRecoveryPassword != '' ) { + var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val(); + var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val(); + var newRecoveryPasswordRepeated = $('#repeatedNewEncryptionRecoveryPassword').val(); + console.log("new: " + newRecoveryPassword + " - repeated: " + newRecoveryPasswordRepeated); + if (newRecoveryPassword !== '' && oldRecoveryPassword !== '' && newRecoveryPassword === newRecoveryPasswordRepeated) { $('button:button[name="submitChangeRecoveryKey"]').removeAttr("disabled"); } else { $('button:button[name="submitChangeRecoveryKey"]').attr("disabled", "true"); @@ -83,8 +85,8 @@ $(document).ready(function(){ $('button:button[name="submitChangeRecoveryKey"]').click(function() { - var oldRecoveryPassword = $('input:password[id="oldRecoveryPassword"]').val(); - var newRecoveryPassword = $('input:password[id="newRecoveryPassword"]').val(); + var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val(); + var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val(); OC.msg.startSaving('#encryption .msg'); $.post( OC.filePath( 'files_encryption', 'ajax', 'changeRecoveryPassword.php' ) @@ -98,5 +100,5 @@ $(document).ready(function(){ } ); }); - + }); diff --git a/apps/files_encryption/templates/settings-admin.php b/apps/files_encryption/templates/settings-admin.php index f5f7582c2a..3a6adc09f4 100644 --- a/apps/files_encryption/templates/settings-admin.php +++ b/apps/files_encryption/templates/settings-admin.php @@ -10,14 +10,17 @@ t("Enable recovery key (allow to recover users files in case of password loss):")); ?>

    - +
    + + +
    /> + /> t("Enabled")); ?>
    @@ -25,27 +28,32 @@ type='radio' name='adminEnableRecovery' value='0' - /> + /> t("Disabled")); ?>



    -

    +

    > t("Change recovery key password:")); ?>

    /> - + id="oldEncryptionRecoveryPassword" + +

    /> - + id="newEncryptionRecoveryPassword" + +
    + t("Repeat New Recovery key password")); ?>