Merge pull request #5233 from owncloud/enc_filter_users
only encrypt file to users with encryption keys
This commit is contained in:
commit
4336d42ab0
|
@ -92,8 +92,6 @@ class Hooks {
|
|||
}
|
||||
|
||||
// Encrypt existing user files:
|
||||
// This serves to upgrade old versions of the encryption
|
||||
// app (see appinfo/spec.txt)
|
||||
if (
|
||||
$util->encryptAll('/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password'])
|
||||
) {
|
||||
|
|
|
@ -38,8 +38,6 @@ class Proxy extends \OC_FileProxy {
|
|||
|
||||
private static $blackList = null; //mimetypes blacklisted from encryption
|
||||
|
||||
private static $enableEncryption = null;
|
||||
|
||||
/**
|
||||
* Check if a file requires encryption
|
||||
* @param string $path
|
||||
|
@ -49,46 +47,22 @@ class Proxy extends \OC_FileProxy {
|
|||
*/
|
||||
private static function shouldEncrypt($path) {
|
||||
|
||||
if (is_null(self::$enableEncryption)) {
|
||||
if (
|
||||
\OCP\App::isEnabled('files_encryption') === true
|
||||
&& Crypt::mode() === 'server'
|
||||
) {
|
||||
|
||||
self::$enableEncryption = true;
|
||||
|
||||
} else {
|
||||
|
||||
self::$enableEncryption = false;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if (!self::$enableEncryption) {
|
||||
|
||||
if (\OCP\App::isEnabled('files_encryption') === false || Crypt::mode() !== 'server') {
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
if (is_null(self::$blackList)) {
|
||||
|
||||
self::$blackList = explode(',', \OCP\Config::getAppValue('files_encryption', 'type_blacklist', ''));
|
||||
|
||||
}
|
||||
|
||||
if (Crypt::isCatfileContent($path)) {
|
||||
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
$extension = substr($path, strrpos($path, '.') + 1);
|
||||
|
||||
if (array_search($extension, self::$blackList) === false) {
|
||||
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
|
@ -506,9 +506,10 @@ class Stream {
|
|||
|
||||
// Get all users sharing the file includes current user
|
||||
$uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
|
||||
$checkedUserIds = $util->filterShareReadyUsers($uniqueUserIds);
|
||||
|
||||
// Fetch public keys for all sharing users
|
||||
$publicKeys = Keymanager::getPublicKeys($this->rootView, $uniqueUserIds);
|
||||
$publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']);
|
||||
|
||||
// Encrypt enc key for all sharing users
|
||||
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
|
||||
|
|
|
@ -58,6 +58,10 @@ class Test_Files_Sharing_Api extends \PHPUnit_Framework_TestCase {
|
|||
}
|
||||
|
||||
function setUp() {
|
||||
|
||||
//login as user1
|
||||
\Test_Files_Sharing_Api::loginHelper(\Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER1);
|
||||
|
||||
$this->data = 'foobar';
|
||||
$this->view = new \OC_FilesystemView('/' . \Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER1 . '/files');
|
||||
|
||||
|
@ -104,9 +108,6 @@ class Test_Files_Sharing_Api extends \PHPUnit_Framework_TestCase {
|
|||
*/
|
||||
function testCreateShare() {
|
||||
|
||||
//login as user1
|
||||
\Test_Files_Sharing_Api::loginHelper(\Test_Files_Sharing_Api::TEST_FILES_SHARING_API_USER1);
|
||||
|
||||
// share to user
|
||||
|
||||
// simulate a post request
|
||||
|
|
|
@ -155,13 +155,13 @@ class Share {
|
|||
|
||||
while ($source !== -1) {
|
||||
|
||||
// Fetch all shares of this file path from DB
|
||||
// Fetch all shares with another user
|
||||
$query = \OC_DB::prepare(
|
||||
'SELECT `share_with`
|
||||
FROM
|
||||
`*PREFIX*share`
|
||||
WHERE
|
||||
`item_source` = ? AND `share_type` = ?'
|
||||
`item_source` = ? AND `share_type` = ? AND `item_type` IN (\'file\', \'folder\')'
|
||||
);
|
||||
|
||||
$result = $query->execute(array($source, self::SHARE_TYPE_USER));
|
||||
|
@ -180,7 +180,7 @@ class Share {
|
|||
FROM
|
||||
`*PREFIX*share`
|
||||
WHERE
|
||||
`item_source` = ? AND `share_type` = ?'
|
||||
`item_source` = ? AND `share_type` = ? AND `item_type` IN (\'file\', \'folder\')'
|
||||
);
|
||||
|
||||
$result = $query->execute(array($source, self::SHARE_TYPE_GROUP));
|
||||
|
@ -201,7 +201,7 @@ class Share {
|
|||
FROM
|
||||
`*PREFIX*share`
|
||||
WHERE
|
||||
`item_source` = ? AND `share_type` = ?'
|
||||
`item_source` = ? AND `share_type` = ? AND `item_type` IN (\'file\', \'folder\')'
|
||||
);
|
||||
|
||||
$result = $query->execute(array($source, self::SHARE_TYPE_LINK));
|
||||
|
|
Loading…
Reference in New Issue