Merge commit '84fd62b13047cb756d9f39c192e17fd5f2179f83' into files_encryption
Conflicts: apps/files_encryption/lib/crypt.php
This commit is contained in:
Sam Tuke
commit
82f5f73dff
|
|
@ -10,6 +10,7 @@ OC::$CLASSPATH['OCA_Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php';
|
|||
OC_FileProxy::register(new OCA_Encryption\Proxy());
|
||||
|
||||
OCP\Util::connectHook('OC_User','post_login','OCA_Encryption\Hooks','login');
|
||||
OCP\Util::connectHook('OC_Webdav_Properties', 'update', 'OCA_Encryption\Hooks', 'updateKeyfile');
|
||||
|
||||
stream_wrapper_register('crypt','OC_CryptStream');
|
||||
|
||||
|
|
|
|||
|
|
@ -58,6 +58,18 @@ class Hooks {
|
|||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @brief update the encryption key of the file uploaded by the client
|
||||
*/
|
||||
public static function updateKeyfile( $params ) {
|
||||
if (Crypt::mode(\OCP\User::getUser()) == 'client')
|
||||
if (isset($params['properties']['key'])) {
|
||||
Keymanager::setFileKey(\OCP\User::getUser(), $params['path'], $params['properties']['key']);
|
||||
} else {
|
||||
error_log("Client side encryption is enabled but the client doesn't provide a encryption key for the file!");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
@ -21,4 +21,15 @@ $(document).ready(function(){
|
|||
var checked=$('#enable_encryption').is(':checked');
|
||||
OC.AppConfig.setValue('files_encryption','enable_encryption',(checked)?'true':'false');
|
||||
})
|
||||
$('input[name=encryption_mode]').change(function(){
|
||||
var client=$('input[value="client"]:checked').val()
|
||||
,server=$('input[value="server"]:checked').val()
|
||||
,none=$('input[value="none"]:checked').val()
|
||||
if (client)
|
||||
OC.AppConfig.setValue('files_encryption','mode','client');
|
||||
if (server)
|
||||
OC.AppConfig.setValue('files_encryption','mode','server');
|
||||
if (none)
|
||||
OC.AppConfig.setValue('files_encryption','mode','none');
|
||||
})
|
||||
})
|
||||
|
|
@ -32,15 +32,22 @@ class Crypt {
|
|||
|
||||
/**
|
||||
* @brief return encryption mode client or server side encryption
|
||||
* @param string user name
|
||||
* @param string user name (use system wide setting if name=null)
|
||||
* @return string 'client' or 'server'
|
||||
*/
|
||||
public static function mode( $user ) {
|
||||
public static function mode( $user = null ) {
|
||||
|
||||
//TODO: allow user to set encryption mode and check the selection of the user
|
||||
// for the moment I just return 'client' for test purposes
|
||||
return 'server';
|
||||
$mode = \OC_Appconfig::getValue( 'files_encryption', 'mode', 'unknown' );
|
||||
|
||||
if ( $mode == 'unknown' ) {
|
||||
|
||||
error_log('no encryption mode configured');
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
return $mode;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -1,5 +1,14 @@
|
|||
<form id="calendar">
|
||||
<fieldset class="personalblock">
|
||||
|
||||
<strong>Choose encryption mode:</strong>
|
||||
|
||||
<p>
|
||||
<input type="radio" name="encryption_mode" value="client" style="width:20px;" /> Client side encryption (most secure but makes it impossible to access your data from the web interface)<br />
|
||||
<input type="radio" name="encryption_mode" value="server" style="width:20px;" /> Server side encryption (allows you to access your files from the web interface and the desktop client)<br />
|
||||
<input type="radio" name="encryption_mode" value="none" style="width:20px; checked="checked" /> None (no encryption at all)<br/>
|
||||
</p>
|
||||
<p>
|
||||
<strong><?php echo $l->t('Encryption'); ?></strong>
|
||||
<?php echo $l->t("Exclude the following file types from encryption"); ?>
|
||||
<select id='encryption_blacklist' title="<?php echo $l->t('None')?>" multiple="multiple">
|
||||
|
|
@ -7,6 +16,6 @@
|
|||
<option selected="selected" value="<?php echo $type;?>"><?php echo $type;?></option>
|
||||
<?php endforeach;?>
|
||||
</select>
|
||||
<input type='checkbox' id='enable_encryption' <?php if($_['encryption_enabled']){echo 'checked="checked"';} ?>></input><label for='enable_encryption'><?php echo $l->t('Enable Encryption')?></label>
|
||||
</p>
|
||||
</fieldset>
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@
|
|||
*/
|
||||
|
||||
abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IProperties {
|
||||
const GETETAG_PROPERTYNAME = '{DAV:}getetag';
|
||||
|
||||
/**
|
||||
* The path to the current node
|
||||
|
|
@ -140,7 +141,9 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
|
|||
*/
|
||||
public function updateProperties($properties) {
|
||||
$existing = $this->getProperties(array());
|
||||
OC_Hook::emit('OC_Webdav_Properties', 'update', array('properties' => $properties, 'path' => $this->path));
|
||||
foreach($properties as $propertyName => $propertyValue) {
|
||||
$propertyName = preg_replace("/^{.*}/", "", $propertyName); // remove leading namespace from property name
|
||||
// If it was null, we need to delete the property
|
||||
if (is_null($propertyValue)) {
|
||||
if(array_key_exists( $propertyName, $existing )){
|
||||
|
|
@ -178,7 +181,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
|
|||
* @param array $properties
|
||||
* @return void
|
||||
*/
|
||||
function getProperties($properties) {
|
||||
public function getProperties($properties) {
|
||||
if (is_null($this->property_cache)) {
|
||||
$query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ? AND propertypath = ?' );
|
||||
$result = $query->execute( array( OC_User::getUser(), $this->path ));
|
||||
|
|
@ -200,4 +203,29 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
|
|||
}
|
||||
return $props;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the ETag surrounded by double-quotes for this path.
|
||||
* @param string $path Path of the file
|
||||
* @return string|null Returns null if the ETag can not effectively be determined
|
||||
*/
|
||||
static public function getETagPropertyForFile($path) {
|
||||
$tag = OC_Filesystem::hash('md5', $path);
|
||||
if (empty($tag)) {
|
||||
return null;
|
||||
}
|
||||
$etag = '"'.$tag.'"';
|
||||
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*properties (userid,propertypath,propertyname,propertyvalue) VALUES(?,?,?,?)' );
|
||||
$query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME, $etag ));
|
||||
return $etag;
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove the ETag from the cache.
|
||||
* @param string $path Path of the file
|
||||
*/
|
||||
static public function removeETagPropertyForFile($path) {
|
||||
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*properties WHERE userid = ? AND propertypath = ? AND propertyname = ?' );
|
||||
$query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME ));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -809,7 +809,6 @@ class OC_OCS {
|
|||
if(($login==$user)) {
|
||||
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode($user) === 'client') {
|
||||
if (($key = OCA_Encryption\Keymanager::setFileKey($user, $file, $key))) {
|
||||
// TODO: emit hook to move file from tmp location to the right place
|
||||
echo self::generateXml('', 'ok', 100, '');
|
||||
return true;
|
||||
} else {
|
||||
|
|
@ -821,7 +820,6 @@ class OC_OCS {
|
|||
}else{
|
||||
echo self::generateXml('', 'fail', 300, 'You don´t have permission to access this ressource.');
|
||||
}
|
||||
//TODO: emit signal to remove file from tmp location
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue