added handling for public file access via files_sharing link

This commit is contained in:
Florin Peter 2013-05-13 21:24:59 +02:00
parent d92f6b887d
commit 61ed347d26
4 changed files with 120 additions and 64 deletions

View File

@ -455,7 +455,7 @@ class Keymanager {
list($owner, $filename) = $util->getUidAndFilename($filePath); list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'; $shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
if ( $view->file_exists( $shareKeyPath ) ) { if ( $view->file_exists( $shareKeyPath ) ) {
$result = $view->file_get_contents( $shareKeyPath ); $result = $view->file_get_contents( $shareKeyPath );

View File

@ -59,9 +59,11 @@ class Session {
) { ) {
$keypair = Crypt::createKeypair(); $keypair = Crypt::createKeypair();
\OC_FileProxy::$enabled = false; // Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Save public key // Save public key
if (!$view->is_dir('/public-keys')) { if (!$view->is_dir('/public-keys')) {
@ -76,9 +78,21 @@ class Session {
// Save private key // Save private key
$this->view->file_put_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key', $encryptedPrivateKey ); $this->view->file_put_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key', $encryptedPrivateKey );
\OC_FileProxy::$enabled = true; \OC_FileProxy::$enabled = $proxyStatus;
} }
if(\OCP\USER::getUser() === false) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key' );
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, '' );
$this->setPrivateKey($privateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
} }
/** /**

View File

@ -72,20 +72,20 @@ class Stream {
private $rootView; // a fsview object set to '/' private $rootView; // a fsview object set to '/'
public function stream_open( $path, $mode, $options, &$opened_path ) { public function stream_open( $path, $mode, $options, &$opened_path ) {
$this->userId = \OCP\User::getUser();
if ( ! isset( $this->rootView ) ) { if ( ! isset( $this->rootView ) ) {
$this->rootView = new \OC_FilesystemView( '/' ); $this->rootView = new \OC_FilesystemView( '/' );
} }
// Strip identifier text from path, this gives us the path relative to data/<user>/files $util = new Util( $this->rootView, \OCP\USER::getUser());
$this->relPath = str_replace( 'crypt://', '', $path );
$this->userId = $util->getUserId();
// Strip identifier text from path, this gives us the path relative to data/<user>/files
$this->relPath = \OC\Files\Filesystem::normalizePath(str_replace( 'crypt://', '', $path ));
// rawPath is relative to the data directory // rawPath is relative to the data directory
$this->rawPath = $this->userId . '/files/' . $this->relPath; $this->rawPath = $util->getUserFilesDir() . $this->relPath;
if ( if (
dirname( $this->rawPath ) == 'streams' dirname( $this->rawPath ) == 'streams'

View File

@ -110,23 +110,47 @@ class Util {
private $privateKeyPath; // Path to user's private key private $privateKeyPath; // Path to user's private key
private $publicShareKeyId; private $publicShareKeyId;
private $recoveryKeyId; private $recoveryKeyId;
private $isPublic;
public function __construct( \OC_FilesystemView $view, $userId, $client = false ) { public function __construct( \OC_FilesystemView $view, $userId, $client = false ) {
$this->view = $view; $this->view = $view;
$this->userId = $userId; $this->userId = $userId;
$this->client = $client; $this->client = $client;
$this->userDir = '/' . $this->userId; $this->isPublic = false;
$this->fileFolderName = 'files';
$this->userFilesDir = '/' . $this->userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable? $this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
$this->publicKeyDir = '/' . 'public-keys'; $this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles'; // if we are anonymous/public
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys'; if($this->userId === false) {
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key $this->userId = $this->publicShareKeyId;
$this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId'); // only handle for files_sharing app
$this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId'); if($GLOBALS['app'] === 'files_sharing') {
$this->userDir = '/' . $GLOBALS['fileOwner'];
$this->fileFolderName = 'files';
$this->userFilesDir = '/' . $GLOBALS['fileOwner'] . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
$this->publicKeyDir = '/' . 'public-keys';
$this->encryptionDir = '/' . $GLOBALS['fileOwner'] . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath = '/owncloud_private_key/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->isPublic = true;
}
} else {
$this->userDir = '/' . $this->userId;
$this->fileFolderName = 'files';
$this->userFilesDir = '/' . $this->userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
$this->publicKeyDir = '/' . 'public-keys';
$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
}
} }
public function ready() { public function ready() {
@ -1069,46 +1093,54 @@ class Util {
$view = new \OC\Files\View($this->userFilesDir); $view = new \OC\Files\View($this->userFilesDir);
$fileOwnerUid = $view->getOwner( $path ); $fileOwnerUid = $view->getOwner( $path );
// Check that UID is valid
if ( ! \OCP\User::userExists( $fileOwnerUid ) ) {
throw new \Exception( 'Could not find owner (UID = "' . var_export( $fileOwnerUid, 1 ) . '") of file "' . $path . '"' );
}
// NOTE: Bah, this dependency should be elsewhere // handle public access
\OC\Files\Filesystem::initMountPoints( $fileOwnerUid ); if($fileOwnerUid === false && $this->isPublic) {
$filename = $view->getPath( $GLOBALS['fileSource'] );
// If the file owner is the currently logged in user $fileOwnerUid = $GLOBALS['fileOwner'];
if ( $fileOwnerUid == $this->userId ) {
return array ( $fileOwnerUid, $filename );
// Assume the path supplied is correct } else {
$filename = $path;
// Check that UID is valid
} else { if ( ! \OCP\User::userExists( $fileOwnerUid ) ) {
throw new \Exception( 'Could not find owner (UID = "' . var_export( $fileOwnerUid, 1 ) . '") of file "' . $path . '"' );
$info = $view->getFileInfo( $path ); }
$ownerView = new \OC\Files\View( '/' . $fileOwnerUid . '/files' );
// NOTE: Bah, this dependency should be elsewhere
// Fetch real file path from DB \OC\Files\Filesystem::initMountPoints( $fileOwnerUid );
$filename = $ownerView->getPath( $info['fileid'] ); // TODO: Check that this returns a path without including the user data dir
// If the file owner is the currently logged in user
} if ( $fileOwnerUid == $this->userId ) {
// Make path relative for use by $view // Assume the path supplied is correct
$relpath = \OC\Files\Filesystem::normalizePath($fileOwnerUid . '/' . $this->fileFolderName . '/' . $filename); $filename = $path;
// Check that the filename we're using is working } else {
if ( $this->view->file_exists( $relpath ) ) {
$info = $view->getFileInfo( $path );
return array ( $fileOwnerUid, $filename ); $ownerView = new \OC\Files\View( '/' . $fileOwnerUid . '/files' );
} else { // Fetch real file path from DB
$filename = $ownerView->getPath( $info['fileid'] ); // TODO: Check that this returns a path without including the user data dir
return false;
}
}
// Make path relative for use by $view
$relpath = \OC\Files\Filesystem::normalizePath($fileOwnerUid . '/' . $this->fileFolderName . '/' . $filename);
// Check that the filename we're using is working
if ( $this->view->file_exists( $relpath ) ) {
return array ( $fileOwnerUid, $filename );
} else {
return false;
}
}
} }
@ -1233,4 +1265,14 @@ class Util {
} }
public function getUserId()
{
return $this->userId;
}
public function getUserFilesDir()
{
return $this->userFilesDir;
}
} }