some small changes according to the review comments
This commit is contained in:
parent
49038545f8
commit
7f3b178d73
|
@ -225,7 +225,7 @@ class Helper {
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public static function isPublicAccess() {
|
public static function isPublicAccess() {
|
||||||
if (\OCP\USER::getUser() === false) {
|
if (\OCP\User::getUser() === false) {
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
|
@ -252,6 +252,11 @@ class Helper {
|
||||||
return $relPath;
|
return $relPath;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief try to get the user from the path if no user is logged in
|
||||||
|
* @param string $path
|
||||||
|
* @return mixed user or false if we couldn't determine a user
|
||||||
|
*/
|
||||||
public static function getUser($path) {
|
public static function getUser($path) {
|
||||||
|
|
||||||
$user = \OCP\User::getUser();
|
$user = \OCP\User::getUser();
|
||||||
|
@ -261,7 +266,7 @@ class Helper {
|
||||||
return $user;
|
return $user;
|
||||||
}
|
}
|
||||||
|
|
||||||
// if no user is logged in we try to access a publically shared files.
|
// if no user is logged in we try to access a publicly shared files.
|
||||||
// In this case we need to try to get the user from the path
|
// In this case we need to try to get the user from the path
|
||||||
|
|
||||||
$trimmed = ltrim($path, '/');
|
$trimmed = ltrim($path, '/');
|
||||||
|
@ -282,7 +287,7 @@ class Helper {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief get path to the correspondig file in data/user/files if path points
|
* @brief get path to the corresponding file in data/user/files if path points
|
||||||
* to a version or to a file in cache
|
* to a version or to a file in cache
|
||||||
* @param string $path path to a version or a file in the trash
|
* @param string $path path to a version or a file in the trash
|
||||||
* @return string path to correspondig file relative to data/user/files
|
* @return string path to correspondig file relative to data/user/files
|
||||||
|
|
|
@ -113,14 +113,12 @@ class Keymanager {
|
||||||
*
|
*
|
||||||
* @param \OC_FilesystemView $view
|
* @param \OC_FilesystemView $view
|
||||||
* @param string $path relative path of the file, including filename
|
* @param string $path relative path of the file, including filename
|
||||||
* @param $userId
|
* @param string $catfile keyfile content
|
||||||
* @param $catfile
|
|
||||||
* @internal param string $key
|
|
||||||
* @return bool true/false
|
* @return bool true/false
|
||||||
* @note The keyfile is not encrypted here. Client code must
|
* @note The keyfile is not encrypted here. Client code must
|
||||||
* asymmetrically encrypt the keyfile before passing it to this method
|
* asymmetrically encrypt the keyfile before passing it to this method
|
||||||
*/
|
*/
|
||||||
public static function setFileKey(\OC_FilesystemView $view, $path, $userId, $catfile) {
|
public static function setFileKey(\OC_FilesystemView $view, $path, $catfile) {
|
||||||
|
|
||||||
$proxyStatus = \OC_FileProxy::$enabled;
|
$proxyStatus = \OC_FileProxy::$enabled;
|
||||||
\OC_FileProxy::$enabled = false;
|
\OC_FileProxy::$enabled = false;
|
||||||
|
@ -179,7 +177,7 @@ class Keymanager {
|
||||||
* @note The keyfile returned is asymmetrically encrypted. Decryption
|
* @note The keyfile returned is asymmetrically encrypted. Decryption
|
||||||
* of the keyfile must be performed by client code
|
* of the keyfile must be performed by client code
|
||||||
*/
|
*/
|
||||||
public static function getFileKey(\OC_FilesystemView $view, $util, $filePath) {
|
public static function getFileKey($view, $util, $filePath) {
|
||||||
|
|
||||||
|
|
||||||
list($owner, $filename) = $util->getUidAndFilename($filePath);
|
list($owner, $filename) = $util->getUidAndFilename($filePath);
|
||||||
|
@ -216,13 +214,12 @@ class Keymanager {
|
||||||
* @brief Delete a keyfile
|
* @brief Delete a keyfile
|
||||||
*
|
*
|
||||||
* @param \OC_FilesystemView $view
|
* @param \OC_FilesystemView $view
|
||||||
* @param string $userId username
|
|
||||||
* @param string $path path of the file the key belongs to
|
* @param string $path path of the file the key belongs to
|
||||||
* @return bool Outcome of unlink operation
|
* @return bool Outcome of unlink operation
|
||||||
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
|
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
|
||||||
* /data/admin/files/mydoc.txt
|
* /data/admin/files/mydoc.txt
|
||||||
*/
|
*/
|
||||||
public static function deleteFileKey(\OC_FilesystemView $view, $userId, $path) {
|
public static function deleteFileKey(\OC_FilesystemView $view, $path) {
|
||||||
|
|
||||||
$trimmed = ltrim($path, '/');
|
$trimmed = ltrim($path, '/');
|
||||||
|
|
||||||
|
@ -368,7 +365,6 @@ class Keymanager {
|
||||||
* @param string $userId
|
* @param string $userId
|
||||||
* @param \OCA\Encryption\Util $util
|
* @param \OCA\Encryption\Util $util
|
||||||
* @param string $filePath
|
* @param string $filePath
|
||||||
* @internal param \OCA\Encryption\file $string name
|
|
||||||
* @return string file key or false
|
* @return string file key or false
|
||||||
* @note The sharekey returned is encrypted. Decryption
|
* @note The sharekey returned is encrypted. Decryption
|
||||||
* of the keyfile must be performed by client code
|
* of the keyfile must be performed by client code
|
||||||
|
|
|
@ -201,7 +201,7 @@ class Proxy extends \OC_FileProxy {
|
||||||
list($owner, $ownerPath) = $util->getUidAndFilename($relativePath);
|
list($owner, $ownerPath) = $util->getUidAndFilename($relativePath);
|
||||||
|
|
||||||
// Delete keyfile & shareKey so it isn't orphaned
|
// Delete keyfile & shareKey so it isn't orphaned
|
||||||
if (!Keymanager::deleteFileKey($view, $owner, $ownerPath)) {
|
if (!Keymanager::deleteFileKey($view, $ownerPath)) {
|
||||||
\OCP\Util::writeLog('Encryption library',
|
\OCP\Util::writeLog('Encryption library',
|
||||||
'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OCP\Util::ERROR);
|
'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OCP\Util::ERROR);
|
||||||
}
|
}
|
||||||
|
|
|
@ -102,7 +102,7 @@ class Stream {
|
||||||
|
|
||||||
$util = new Util($this->rootView, $this->userId);
|
$util = new Util($this->rootView, $this->userId);
|
||||||
|
|
||||||
// get the key ID which we want to use, canm be the users key or the
|
// get the key ID which we want to use, can be the users key or the
|
||||||
// public share key
|
// public share key
|
||||||
$this->keyId = $util->getKeyId();
|
$this->keyId = $util->getKeyId();
|
||||||
|
|
||||||
|
@ -527,7 +527,7 @@ class Stream {
|
||||||
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
|
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
|
||||||
|
|
||||||
// Save the new encrypted file key
|
// Save the new encrypted file key
|
||||||
Keymanager::setFileKey($this->rootView, $this->relPath, $this->keyId, $this->encKeyfiles['data']);
|
Keymanager::setFileKey($this->rootView, $this->relPath, $this->encKeyfiles['data']);
|
||||||
|
|
||||||
// Save the sharekeys
|
// Save the sharekeys
|
||||||
Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
|
Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
|
||||||
|
|
|
@ -1093,7 +1093,7 @@ class Util {
|
||||||
// Save the recrypted key to it's owner's keyfiles directory
|
// Save the recrypted key to it's owner's keyfiles directory
|
||||||
// Save new sharekeys to all necessary user directory
|
// Save new sharekeys to all necessary user directory
|
||||||
if (
|
if (
|
||||||
!Keymanager::setFileKey($this->view, $filePath, $fileOwner, $multiEncKey['data'])
|
!Keymanager::setFileKey($this->view, $filePath, $multiEncKey['data'])
|
||||||
|| !Keymanager::setShareKeys($this->view, $filePath, $multiEncKey['keys'])
|
|| !Keymanager::setShareKeys($this->view, $filePath, $multiEncKey['keys'])
|
||||||
) {
|
) {
|
||||||
|
|
||||||
|
|
|
@ -201,7 +201,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase {
|
||||||
// Teardown
|
// Teardown
|
||||||
$this->view->unlink($this->userId . '/files/' . $filename);
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
||||||
|
|
||||||
Encryption\Keymanager::deleteFileKey($this->view, $this->userId, $filename);
|
Encryption\Keymanager::deleteFileKey($this->view, $filename);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -287,7 +287,7 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase {
|
||||||
|
|
||||||
$this->view->unlink($this->userId . '/files/' . $filename);
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
||||||
|
|
||||||
Encryption\Keymanager::deleteFileKey($this->view, $this->userId, $filename);
|
Encryption\Keymanager::deleteFileKey($this->view, $filename);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -151,7 +151,7 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
|
||||||
|
|
||||||
$this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort);
|
$this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort);
|
||||||
|
|
||||||
Encryption\Keymanager::setFileKey($this->view, $file, $this->userId, $key);
|
Encryption\Keymanager::setFileKey($this->view, $file, $key);
|
||||||
|
|
||||||
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key'));
|
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key'));
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue