make sure that all share keys get deleted if a file/folder gets unshared from a user/group
This commit is contained in:
parent
2bd338c49f
commit
12785b93f1
|
@ -240,22 +240,27 @@ class Hooks {
|
||||||
// [shareType] => 0
|
// [shareType] => 0
|
||||||
// [shareWith] => test1
|
// [shareWith] => test1
|
||||||
|
|
||||||
// TODO: Should other kinds of item be encrypted too?
|
if ( $params['itemType'] === 'file' || $params['itemType'] === 'folder' ) {
|
||||||
if ( $params['itemType'] === 'file' ) {
|
|
||||||
|
|
||||||
$view = new \OC_FilesystemView( '/' );
|
$view = new \OC_FilesystemView( '/' );
|
||||||
$session = new Session();
|
$session = new Session($view);
|
||||||
$userId = \OCP\User::getUser();
|
$userId = \OCP\User::getUser();
|
||||||
$util = new Util( $view, $userId );
|
$util = new Util( $view, $userId );
|
||||||
$path = $util->fileIdToPath( $params['itemSource'] );
|
$path = $util->fileIdToPath( $params['itemSource'] );
|
||||||
|
|
||||||
|
if ($params['shareType'] == \OCP\Share::SHARE_TYPE_GROUP) {
|
||||||
|
$userIds = \OC_Group::usersInGroup($params['shareWith']);
|
||||||
|
} else {
|
||||||
|
$userIds = array($params['shareWith']);
|
||||||
|
}
|
||||||
|
|
||||||
// If path is a folder, get all children
|
// If path is a folder, get all children
|
||||||
$allPaths = $util->getPaths( $path );
|
$allPaths = $util->getPaths( $path );
|
||||||
|
|
||||||
foreach ( $allPaths as $path ) {
|
foreach ( $allPaths as $path ) {
|
||||||
|
|
||||||
// Unshare each child path
|
// Unshare each child path
|
||||||
if ( ! Keymanager::delShareKey( $view, $params['shareWith'], $path ) ) {
|
if ( ! Keymanager::delShareKey( $view, $userIds, $path ) ) {
|
||||||
|
|
||||||
$failed[] = $path;
|
$failed[] = $path;
|
||||||
|
|
||||||
|
|
|
@ -395,27 +395,28 @@ class Keymanager {
|
||||||
/**
|
/**
|
||||||
* @brief Delete a single user's shareKey for a single file
|
* @brief Delete a single user's shareKey for a single file
|
||||||
*/
|
*/
|
||||||
public static function delShareKey( \OC_FilesystemView $view, $userId, $filePath ) {
|
public static function delShareKey( \OC_FilesystemView $view, $userIds, $filePath ) {
|
||||||
|
|
||||||
\OC_FileProxy::$enabled = false;
|
\OC_FileProxy::$enabled = false;
|
||||||
|
|
||||||
$shareKeyPath = '/' . $userId . '/files_encryption/share-keys/' . $filePath;
|
//here we need the currently logged in user, while userId can be a different user
|
||||||
|
$util = new Util( $view, \OCP\User::getUser() );
|
||||||
|
|
||||||
|
list($owner, $filename) = $util->getUidAndFilename($filePath);
|
||||||
|
|
||||||
|
$shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename;
|
||||||
|
|
||||||
$result = false;
|
$result = false;
|
||||||
|
|
||||||
if ( $view->is_dir($shareKeyPath) ) {
|
if ( $view->is_dir($shareKeyPath) ) {
|
||||||
$result = $view->unlink($shareKeyPath);
|
|
||||||
|
$localPath = \OC_Filesystem::normalizePath($view->getLocalFolder($shareKeyPath));
|
||||||
|
$result = self::recursiveDelShareKeys($localPath, $userIds);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
$absPath = $view->getLocalFile($shareKeyPath);
|
|
||||||
|
|
||||||
$matches = glob(preg_quote($absPath).'.*.shareKey' );
|
|
||||||
|
|
||||||
if ( $matches ) {
|
|
||||||
|
|
||||||
foreach ( $matches as $ma ) {
|
|
||||||
unlink($ma);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
foreach ($userIds as $userId) {
|
||||||
|
$view->unlink($shareKeyPath.'.'.$userId.'.shareKey');
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = true;
|
$result = true;
|
||||||
|
@ -432,7 +433,28 @@ class Keymanager {
|
||||||
return $result;
|
return $result;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief recursively delete share keys from given users
|
||||||
|
*
|
||||||
|
* @param type $dir directory
|
||||||
|
* @param type $userIds user ids for which the share keys should be deleted
|
||||||
|
*/
|
||||||
|
private static function recursiveDelShareKeys($dir, $userIds) {
|
||||||
|
foreach ($userIds as $userId) {
|
||||||
|
$completePath = $dir.'/.*'.'.'.$userId.'.shareKey';
|
||||||
|
$matches = glob(preg_quote($dir).'/*'.preg_quote('.'.$userId.'.shareKey'));
|
||||||
|
}
|
||||||
|
foreach ($matches as $ma) {
|
||||||
|
unlink($ma);
|
||||||
|
}
|
||||||
|
$subdirs = $directories = glob(preg_quote($dir) . '/*' , GLOB_ONLYDIR);
|
||||||
|
foreach ( $subdirs as $subdir ) {
|
||||||
|
self::recursiveDelShareKeys($subdir, $userIds);
|
||||||
|
}
|
||||||
|
return $true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Make preparations to vars and filesystem for saving a keyfile
|
* @brief Make preparations to vars and filesystem for saving a keyfile
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue