mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added handling for public file access via files_sharing link

This commit is contained in:
Florin Peter 2013-05-13 21:24:59 +02:00
parent d92f6b887d
commit 61ed347d26
4 changed files with 120 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/files_encryption/lib/keymanager.php
View File

@ -455,7 +455,7 @@ class Keymanager {
list($owner, $filename) = $util->getUidAndFilename($filePath); list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'; $shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
if ( $view->file_exists( $shareKeyPath ) ) { if ( $view->file_exists( $shareKeyPath ) ) {
$result = $view->file_get_contents( $shareKeyPath ); $result = $view->file_get_contents( $shareKeyPath );

16
apps/files_encryption/lib/session.php
View File

@ -60,6 +60,8 @@ class Session {
$keypair = Crypt::createKeypair(); $keypair = Crypt::createKeypair();
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false; \OC_FileProxy::$enabled = false;
// Save public key // Save public key
@ -76,9 +78,21 @@ class Session {
// Save private key // Save private key
$this->view->file_put_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key', $encryptedPrivateKey ); $this->view->file_put_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key', $encryptedPrivateKey );
\OC_FileProxy::$enabled = true; \OC_FileProxy::$enabled = $proxyStatus;
} }
if(\OCP\USER::getUser() === false) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key' );
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, '' );
$this->setPrivateKey($privateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
} }
/** /**

12
apps/files_encryption/lib/stream.php
View File

@ -73,19 +73,19 @@ class Stream {
public function stream_open( $path, $mode, $options, &$opened_path ) { public function stream_open( $path, $mode, $options, &$opened_path ) {
$this->userId = \OCP\User::getUser();
if ( ! isset( $this->rootView ) ) { if ( ! isset( $this->rootView ) ) {
$this->rootView = new \OC_FilesystemView( '/' ); $this->rootView = new \OC_FilesystemView( '/' );
} }
$util = new Util( $this->rootView, \OCP\USER::getUser());
$this->userId = $util->getUserId();
// Strip identifier text from path, this gives us the path relative to data/<user>/files // Strip identifier text from path, this gives us the path relative to data/<user>/files
$this->relPath = str_replace( 'crypt://', '', $path ); $this->relPath = \OC\Files\Filesystem::normalizePath(str_replace( 'crypt://', '', $path ));
// rawPath is relative to the data directory // rawPath is relative to the data directory
$this->rawPath = $this->userId . '/files/' . $this->relPath; $this->rawPath = $util->getUserFilesDir() . $this->relPath;
if ( if (
dirname( $this->rawPath ) == 'streams' dirname( $this->rawPath ) == 'streams'

50
apps/files_encryption/lib/util.php
View File

@ -110,12 +110,37 @@ class Util {
private $privateKeyPath; // Path to user's private key private $privateKeyPath; // Path to user's private key
private $publicShareKeyId; private $publicShareKeyId;
private $recoveryKeyId; private $recoveryKeyId;
private $isPublic;
public function __construct( \OC_FilesystemView $view, $userId, $client = false ) { public function __construct( \OC_FilesystemView $view, $userId, $client = false ) {
$this->view = $view; $this->view = $view;
$this->userId = $userId; $this->userId = $userId;
$this->client = $client; $this->client = $client;
$this->isPublic = false;
$this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
$this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
// if we are anonymous/public
if($this->userId === false) {
$this->userId = $this->publicShareKeyId;
// only handle for files_sharing app
if($GLOBALS['app'] === 'files_sharing') {
$this->userDir = '/' . $GLOBALS['fileOwner'];
$this->fileFolderName = 'files';
$this->userFilesDir = '/' . $GLOBALS['fileOwner'] . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
$this->publicKeyDir = '/' . 'public-keys';
$this->encryptionDir = '/' . $GLOBALS['fileOwner'] . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath = '/owncloud_private_key/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->isPublic = true;
}
} else {
$this->userDir = '/' . $this->userId; $this->userDir = '/' . $this->userId;
$this->fileFolderName = 'files'; $this->fileFolderName = 'files';
$this->userFilesDir = '/' . $this->userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable? $this->userFilesDir = '/' . $this->userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
@ -125,8 +150,7 @@ class Util {
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys'; $this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key $this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key $this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId'); }
$this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
} }
public function ready() { public function ready() {
@ -1070,11 +1094,17 @@ class Util {
$view = new \OC\Files\View($this->userFilesDir); $view = new \OC\Files\View($this->userFilesDir);
$fileOwnerUid = $view->getOwner( $path ); $fileOwnerUid = $view->getOwner( $path );
// handle public access
if($fileOwnerUid === false && $this->isPublic) {
$filename = $view->getPath( $GLOBALS['fileSource'] );
$fileOwnerUid = $GLOBALS['fileOwner'];
return array ( $fileOwnerUid, $filename );
} else {
// Check that UID is valid // Check that UID is valid
if ( ! \OCP\User::userExists( $fileOwnerUid ) ) { if ( ! \OCP\User::userExists( $fileOwnerUid ) ) {
throw new \Exception( 'Could not find owner (UID = "' . var_export( $fileOwnerUid, 1 ) . '") of file "' . $path . '"' ); throw new \Exception( 'Could not find owner (UID = "' . var_export( $fileOwnerUid, 1 ) . '") of file "' . $path . '"' );
} }
// NOTE: Bah, this dependency should be elsewhere // NOTE: Bah, this dependency should be elsewhere
@ -1109,6 +1139,8 @@ class Util {
return false; return false;
} }
}
} }
@ -1233,4 +1265,14 @@ class Util {
} }
public function getUserId()
{
return $this->userId;
}
public function getUserFilesDir()
{
return $this->userFilesDir;
}
} }