mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #5977 from owncloud/encryption_enable_public_upload 

Encryption enable public upload
This commit is contained in:
Vincent Petry 2013-11-27 07:39:03 -08:00
parent 5b7b053634 9fb71af988
commit 40231c08cf
8 changed files with 17 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/files/index.php
View File

@ -108,7 +108,6 @@ if ($needUpgrade) {
// if the encryption app is disabled, than everything is fine (INIT_SUCCESSFUL status code) // if the encryption app is disabled, than everything is fine (INIT_SUCCESSFUL status code)
$encryptionInitStatus = 2; $encryptionInitStatus = 2;
if (OC_App::isEnabled('files_encryption')) { if (OC_App::isEnabled('files_encryption')) {
$publicUploadEnabled = 'no';
$session = new \OCA\Encryption\Session(new \OC\Files\View('/')); $session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
$encryptionInitStatus = $session->getInitialized(); $encryptionInitStatus = $session->getInitialized();
} }

1
apps/files_encryption/lib/helper.php
View File

@ -261,6 +261,7 @@ class Helper {
$user = \OCP\User::getUser(); $user = \OCP\User::getUser();
// if we are logged in, then we return the userid // if we are logged in, then we return the userid
if ($user) { if ($user) {
return $user; return $user;

14
apps/files_encryption/lib/keymanager.php
View File

@ -112,19 +112,18 @@ class Keymanager {
* @brief store file encryption key * @brief store file encryption key
* *
* @param \OC_FilesystemView $view * @param \OC_FilesystemView $view
* @param \OCA\Encryption\Util $util
* @param string $path relative path of the file, including filename * @param string $path relative path of the file, including filename
* @param string $catfile keyfile content * @param string $catfile keyfile content
* @return bool true/false * @return bool true/false
* @note The keyfile is not encrypted here. Client code must * @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method * asymmetrically encrypt the keyfile before passing it to this method
*/ */
public static function setFileKey(\OC_FilesystemView $view, $path, $catfile) { public static function setFileKey(\OC_FilesystemView $view, $util, $path, $catfile) {
$proxyStatus = \OC_FileProxy::$enabled; $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false; \OC_FileProxy::$enabled = false;
$userId = Helper::getUser($path);
$util = new Util($view, $userId);
list($owner, $filename) = $util->getUidAndFilename($path); list($owner, $filename) = $util->getUidAndFilename($path);
// in case of system wide mount points the keys are stored directly in the data directory // in case of system wide mount points the keys are stored directly in the data directory
@ -313,19 +312,16 @@ class Keymanager {
/** /**
* @brief store multiple share keys for a single file * @brief store multiple share keys for a single file
* @param \OC_FilesystemView $view * @param \OC_FilesystemView $view
* @param $path * @param \OCA\Encryption\Util $util
* @param string $path
* @param array $shareKeys * @param array $shareKeys
* @return bool * @return bool
*/ */
public static function setShareKeys(\OC_FilesystemView $view, $path, array $shareKeys) { public static function setShareKeys(\OC_FilesystemView $view, $util, $path, array $shareKeys) {
// $shareKeys must be an array with the following format: // $shareKeys must be an array with the following format:
// [userId] => [encrypted key] // [userId] => [encrypted key]
$userId = Helper::getUser($path);
$util = new Util($view, $userId);
list($owner, $filename) = $util->getUidAndFilename($path); list($owner, $filename) = $util->getUidAndFilename($path);
// in case of system wide mount points the keys are stored directly in the data directory // in case of system wide mount points the keys are stored directly in the data directory

7
apps/files_encryption/lib/proxy.php
View File

@ -47,8 +47,10 @@ class Proxy extends \OC_FileProxy {
*/ */
private static function shouldEncrypt($path) { private static function shouldEncrypt($path) {
$userId = Helper::getUser($path);
if (\OCP\App::isEnabled('files_encryption') === false || Crypt::mode() !== 'server' || if (\OCP\App::isEnabled('files_encryption') === false || Crypt::mode() !== 'server' ||
strpos($path, '/' . \OCP\User::getUser() . '/files') !== 0) { strpos($path, '/' . $userId . '/files') !== 0) {
return false; return false;
} }
@ -244,9 +246,6 @@ class Proxy extends \OC_FileProxy {
// split the path parts // split the path parts
$pathParts = explode('/', $path); $pathParts = explode('/', $path);
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted // FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
if (isset($pathParts[2]) && $pathParts[2] === 'cache') { if (isset($pathParts[2]) && $pathParts[2] === 'cache') {
return $result; return $result;

5
apps/files_encryption/lib/stream.php
View File

@ -91,6 +91,7 @@ class Stream {
$this->rootView = new \OC_FilesystemView('/'); $this->rootView = new \OC_FilesystemView('/');
} }
$this->session = new \OCA\Encryption\Session($this->rootView); $this->session = new \OCA\Encryption\Session($this->rootView);
$this->privateKey = $this->session->getPrivateKey(); $this->privateKey = $this->session->getPrivateKey();
@ -527,10 +528,10 @@ class Stream {
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys); $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
// Save the new encrypted file key // Save the new encrypted file key
Keymanager::setFileKey($this->rootView, $this->relPath, $this->encKeyfiles['data']); Keymanager::setFileKey($this->rootView, $util, $this->relPath, $this->encKeyfiles['data']);
// Save the sharekeys // Save the sharekeys
Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']); Keymanager::setShareKeys($this->rootView, $util, $this->relPath, $this->encKeyfiles['keys']);
// Re-enable proxy - our work is done // Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus; \OC_FileProxy::$enabled = $proxyStatus;

4
apps/files_encryption/lib/util.php
View File

@ -1093,8 +1093,8 @@ class Util {
// Save the recrypted key to it's owner's keyfiles directory // Save the recrypted key to it's owner's keyfiles directory
// Save new sharekeys to all necessary user directory // Save new sharekeys to all necessary user directory
if ( if (
!Keymanager::setFileKey($this->view, $filePath, $multiEncKey['data']) !Keymanager::setFileKey($this->view, $this, $filePath, $multiEncKey['data'])
|| !Keymanager::setShareKeys($this->view, $filePath, $multiEncKey['keys']) || !Keymanager::setShareKeys($this->view, $this, $filePath, $multiEncKey['keys'])
) { ) {
\OCP\Util::writeLog('Encryption library', \OCP\Util::writeLog('Encryption library',

4
apps/files_encryption/tests/keymanager.php
View File

@ -145,13 +145,15 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
$file = 'unittest-' . time() . '.txt'; $file = 'unittest-' . time() . '.txt';
$util = new Encryption\Util($this->view, $this->userId);
// Disable encryption proxy to prevent recursive calls // Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled; $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false; \OC_FileProxy::$enabled = false;
$this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort); $this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort);
Encryption\Keymanager::setFileKey($this->view, $file, $key); Encryption\Keymanager::setFileKey($this->view, $util, $file, $key);
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key')); $this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key'));

3
apps/files_sharing/public.php
View File

@ -152,9 +152,6 @@ if (isset($path)) {
$tmpl->assign('sharingToken', $token); $tmpl->assign('sharingToken', $token);
$tmpl->assign('disableSharing', true); $tmpl->assign('disableSharing', true);
$allowPublicUploadEnabled = (bool) ($linkItem['permissions'] & OCP\PERMISSION_CREATE); $allowPublicUploadEnabled = (bool) ($linkItem['permissions'] & OCP\PERMISSION_CREATE);
if (\OCP\App::isEnabled('files_encryption')) {
$allowPublicUploadEnabled = false;
}
if (OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes') === 'no') { if (OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes') === 'no') {
$allowPublicUploadEnabled = false; $allowPublicUploadEnabled = false;
} }