mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #3527 from owncloud/file_encryption_external_storage_fixes 

File encryption external storage fixes
This commit is contained in:
FlorinPeter 2013-05-31 03:21:46 -07:00
parent a730a72dcb eaa4f92275
commit d636e168a6
8 changed files with 198 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
apps/files_encryption/hooks/hooks.php
View File

@ -327,6 +327,12 @@ class Hooks {
$sharingEnabled = \OCP\Share::isEnabled(); $sharingEnabled = \OCP\Share::isEnabled();
// get the path including mount point only if not a shared folder
if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
// if a folder was shared, get a list of all (sub-)folders // if a folder was shared, get a list of all (sub-)folders
if ($params['itemType'] === 'folder') { if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles($path); $allFiles = $util->getAllFiles($path);
@ -376,17 +382,11 @@ class Hooks {
// rebuild path // rebuild path
foreach ($targetPathSplit as $pathPart) { foreach ($targetPathSplit as $pathPart) {
if ($pathPart !== $sharedPart) { if ($pathPart !== $sharedPart) {
$path = '/' . $pathPart . $path; $path = '/' . $pathPart . $path;
} else { } else {
break; break;
} }
} }
// prefix path with Shared // prefix path with Shared
@ -404,13 +404,16 @@ class Hooks {
} }
} }
// get the path including mount point only if not a shared folder
if(strncmp($path, '/Shared' , strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
// if we unshare a folder we need a list of all (sub-)files // if we unshare a folder we need a list of all (sub-)files
if ($params['itemType'] === 'folder') { if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles( $path );
$allFiles = $util->getAllFiles($path);
} else { } else {
$allFiles = array($path); $allFiles = array($path);
} }

14
apps/files_encryption/lib/helper.php
View File

@ -186,4 +186,18 @@ class Helper {
return false; return false;
} }
} }
/**
* @brief Format a path to be relative to the /user/files/ directory
* @param string $path the absolute path
* @return string e.g. turns '/admin/files/test.txt' into 'test.txt'
*/
public static function stripUserFilesPath($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
$sliced = array_slice($split, 2);
$relPath = implode('/', $sliced);
return $relPath;
}
} }

4
apps/files_encryption/lib/keymanager.php
View File

@ -169,7 +169,7 @@ class Keymanager {
*/ */
public static function fixPartialFilePath($path) { public static function fixPartialFilePath($path) {
if (preg_match('/\.part$/', $path)) { if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) {
$newLength = strlen($path) - 5; $newLength = strlen($path) - 5;
$fPath = substr($path, 0, $newLength); $fPath = substr($path, 0, $newLength);
@ -191,7 +191,7 @@ class Keymanager {
*/ */
public static function isPartialFilePath($path) { public static function isPartialFilePath($path) {
if (preg_match('/\.part$/', $path)) { if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) {
return true; return true;

166
apps/files_encryption/lib/proxy.php
View File

@ -104,78 +104,40 @@ class Proxy extends \OC_FileProxy {
if (self::shouldEncrypt($path)) { if (self::shouldEncrypt($path)) {
// Stream put contents should have been converted to fopen
if (!is_resource($data)) { if (!is_resource($data)) {
$userId = \OCP\USER::getUser(); // get root view
$view = new \OC_FilesystemView('/'); $view = new \OC_FilesystemView('/');
$util = new Util($view, $userId);
$session = new \OCA\Encryption\Session($view);
$privateKey = $session->getPrivateKey();
$filePath = $util->stripUserFilesPath($path);
// Set the filesize for userland, before encrypting
$size = strlen($data);
// Disable encryption proxy to prevent recursive calls // get relative path
$proxyStatus = \OC_FileProxy::$enabled; $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
\OC_FileProxy::$enabled = false;
// Check if there is an existing key we can reuse
if ($encKeyfile = Keymanager::getFileKey($view, $userId, $filePath)) {
// Fetch shareKey
$shareKey = Keymanager::getShareKey($view, $userId, $filePath);
// Decrypt the keyfile
$plainKey = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
} else {
// Make a new key
$plainKey = Crypt::generateKey();
if (!isset($relativePath)) {
return true;
} }
// Encrypt data $handle = fopen('crypt://' . $relativePath . '.etmp', 'w');
$encData = Crypt::symmetricEncryptFileContent($data, $plainKey); if (is_resource($handle)) {
$sharingEnabled = \OCP\Share::isEnabled(); // write data to stream
fwrite($handle, $data);
// if file exists try to get sharing users // close stream
if ($view->file_exists($path)) { fclose($handle);
$uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $filePath, $userId);
} else { // disable encryption proxy to prevent recursive calls
$uniqueUserIds[] = $userId; $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get encrypted content
$data = $view->file_get_contents($path . '.etmp');
// remove our temp file
$view->unlink($path . '.etmp');
// re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
} }
// Fetch public keys for all users who will share the file
$publicKeys = Keymanager::getPublicKeys($view, $uniqueUserIds);
// Encrypt plain keyfile to multiple sharefiles
$multiEncrypted = Crypt::multiKeyEncrypt($plainKey, $publicKeys);
// Save sharekeys to user folders
Keymanager::setShareKeys($view, $filePath, $multiEncrypted['keys']);
// Set encrypted keyfile as common varname
$encKey = $multiEncrypted['data'];
// Save keyfile for newly encrypted file in parallel directory tree
Keymanager::setFileKey($view, $filePath, $userId, $encKey);
// Replace plain content with encrypted content by reference
$data = $encData;
// Update the file cache with file info
\OC\Files\Filesystem::putFileInfo($filePath, array(
'encrypted' => true,
'size' => strlen($data),
'unencrypted_size' => $size
), '');
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
} }
} }
@ -189,15 +151,11 @@ class Proxy extends \OC_FileProxy {
*/ */
public function postFile_get_contents($path, $data) { public function postFile_get_contents($path, $data) {
$userId = \OCP\USER::getUser(); $plainData = null;
$view = new \OC_FilesystemView('/'); $view = new \OC_FilesystemView('/');
$util = new Util($view, $userId);
$relPath = $util->stripUserFilesPath($path); // get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// init session // init session
$session = new \OCA\Encryption\Session($view); $session = new \OCA\Encryption\Session($view);
@ -208,28 +166,27 @@ class Proxy extends \OC_FileProxy {
&& Crypt::isCatfileContent($data) && Crypt::isCatfileContent($data)
) { ) {
$privateKey = $session->getPrivateKey($userId); $handle = fopen('crypt://' . $relativePath, 'r');
// Get the encrypted keyfile if (is_resource($handle)) {
$encKeyfile = Keymanager::getFileKey($view, $userId, $relPath); while (($plainDataChunk = fgets($handle, 8192)) !== false) {
$plainData .= $plainDataChunk;
// Attempt to fetch the user's shareKey }
$shareKey = Keymanager::getShareKey($view, $userId, $relPath); }
// Decrypt keyfile with shareKey
$plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
$plainData = Crypt::symmetricDecryptFileContent($data, $plainKeyfile);
} elseif ( } elseif (
Crypt::mode() == 'server' Crypt::mode() == 'server'
&& \OC::$session->exists('legacyenckey') && \OC::$session->exists('legacyenckey')
&& Crypt::isEncryptedMeta($path) && Crypt::isEncryptedMeta($path)
) { ) {
$plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey()); // Disable encryption proxy to prevent recursive calls
} $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
\OC_FileProxy::$enabled = $proxyStatus; $plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey());
\OC_FileProxy::$enabled = $proxyStatus;
}
if (!isset($plainData)) { if (!isset($plainData)) {
@ -261,10 +218,10 @@ class Proxy extends \OC_FileProxy {
$util = new Util($view, $userId); $util = new Util($view, $userId);
// Format path to be relative to user files dir // get relative path
$relPath = $util->stripUserFilesPath($path); $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
list($owner, $ownerPath) = $util->getUidAndFilename($relPath); list($owner, $ownerPath) = $util->getUidAndFilename($relativePath);
// Delete keyfile & shareKey so it isn't orphaned // Delete keyfile & shareKey so it isn't orphaned
if (!Keymanager::deleteFileKey($view, $owner, $ownerPath)) { if (!Keymanager::deleteFileKey($view, $owner, $ownerPath)) {
@ -305,12 +262,14 @@ class Proxy extends \OC_FileProxy {
} }
// Reformat path for use with OC_FSV // split the path parts
$path_split = explode('/', $path); $pathParts = explode('/', $path);
$path_f = implode('/', array_slice($path_split, 3));
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted // FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
if (isset($path_split) && $path_split[2] === 'cache') { if (isset($pathParts[2]) && $pathParts[2] === 'cache') {
return $result; return $result;
} }
@ -335,14 +294,14 @@ class Proxy extends \OC_FileProxy {
// Open the file using the crypto stream wrapper // Open the file using the crypto stream wrapper
// protocol and let it do the decryption work instead // protocol and let it do the decryption work instead
$result = fopen('crypt://' . $path_f, $meta['mode']); $result = fopen('crypt://' . $relativePath, $meta['mode']);
} elseif ( } elseif (
self::shouldEncrypt($path) self::shouldEncrypt($path)
and $meta ['mode'] !== 'r' and $meta ['mode'] !== 'r'
and $meta['mode'] !== 'rb' and $meta['mode'] !== 'rb'
) { ) {
$result = fopen('crypt://' . $path_f, $meta['mode']); $result = fopen('crypt://' . $relativePath, $meta['mode']);
} }
// Re-enable the proxy // Re-enable the proxy
@ -390,12 +349,11 @@ class Proxy extends \OC_FileProxy {
return $size; return $size;
} }
// Reformat path for use with OC_FSV // get relative path
$path_split = explode('/', $path); $relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
$path_f = implode('/', array_slice($path_split, 3));
// if path is empty we cannot resolve anything // if path is empty we cannot resolve anything
if (empty($path_f)) { if (empty($relativePath)) {
return $size; return $size;
} }
@ -424,7 +382,7 @@ class Proxy extends \OC_FileProxy {
$fileInfo['unencrypted_size'] = $size; $fileInfo['unencrypted_size'] = $size;
// put file info if not .part file // put file info if not .part file
if (!Keymanager::isPartialFilePath($path_f)) { if (!Keymanager::isPartialFilePath($relativePath)) {
$view->putFileInfo($path, $fileInfo); $view->putFileInfo($path, $fileInfo);
} }
} }
@ -447,21 +405,23 @@ class Proxy extends \OC_FileProxy {
$userId = \OCP\User::getUser(); $userId = \OCP\User::getUser();
$util = new Util($view, $userId); $util = new Util($view, $userId);
// Reformat path for use with OC_FSV // split the path parts
$path_split = explode('/', $path); $pathParts = explode('/', $path);
$path_f = implode('/', array_slice($path_split, 3));
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// only if file is on 'files' folder fix file size and sharing // only if file is on 'files' folder fix file size and sharing
if (isset($path_split) && $path_split[2] === 'files' && $util->fixFileSize($path)) { if (isset($pathParts[2]) && $pathParts[2] === 'files' && $util->fixFileSize($path)) {
// get sharing app state // get sharing app state
$sharingEnabled = \OCP\Share::isEnabled(); $sharingEnabled = \OCP\Share::isEnabled();
// get users // get users
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $path_f); $usersSharing = $util->getSharingUsersArray($sharingEnabled, $relativePath);
// update sharing-keys // update sharing-keys
$util->setSharedFileKeyfiles($session, $usersSharing, $path_f); $util->setSharedFileKeyfiles($session, $usersSharing, $relativePath);
} }
\OC_FileProxy::$enabled = $proxyStatus; \OC_FileProxy::$enabled = $proxyStatus;

67
apps/files_encryption/lib/util.php
View File

@ -188,7 +188,9 @@ class Util {
/** /**
* @brief Sets up user folders and keys for serverside encryption * @brief Sets up user folders and keys for serverside encryption
* @param string $passphrase passphrase to encrypt server-stored private key with *
* @param string $passphrase to encrypt server-stored private key with
* @return bool
*/ */
public function setupServerSide($passphrase = null) { public function setupServerSide($passphrase = null) {
@ -403,7 +405,7 @@ class Util {
) { ) {
$filePath = $directory . '/' . $this->view->getRelativePath('/' . $file); $filePath = $directory . '/' . $this->view->getRelativePath('/' . $file);
$relPath = $this->stripUserFilesPath($filePath); $relPath = \OCA\Encryption\Helper::stripUserFilesPath($filePath);
// If the path is a directory, search // If the path is a directory, search
// its contents // its contents
@ -528,7 +530,7 @@ class Util {
/** /**
* @brief Check if a given path identifies an encrypted file * @brief Check if a given path identifies an encrypted file
* @param $path * @param string $path
* @return boolean * @return boolean
*/ */
public function isEncryptedPath($path) { public function isEncryptedPath($path) {
@ -541,7 +543,7 @@ class Util {
// we only need 24 byte from the last chunk // we only need 24 byte from the last chunk
$data = ''; $data = '';
$handle = $this->view->fopen($path, 'r'); $handle = $this->view->fopen($path, 'r');
if (!fseek($handle, -24, SEEK_END)) { if (is_resource($handle) && !fseek($handle, -24, SEEK_END)) {
$data = fgets($handle); $data = fgets($handle);
} }
@ -565,11 +567,13 @@ class Util {
$proxyStatus = \OC_FileProxy::$enabled; $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false; \OC_FileProxy::$enabled = false;
// Reformat path for use with OC_FSV // split the path parts
$pathSplit = explode('/', $path); $pathParts = explode('/', $path);
$pathRelative = implode('/', array_slice($pathSplit, 3));
if (isset($pathSplit[2]) && $pathSplit[2] === 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) { // get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
if (isset($pathParts[2]) && $pathParts[2] === 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) {
// get the size from filesystem // get the size from filesystem
$fullPath = $this->view->getLocalFile($path); $fullPath = $this->view->getLocalFile($path);
@ -579,7 +583,7 @@ class Util {
$lastChunkNr = floor($size / 8192); $lastChunkNr = floor($size / 8192);
// open stream // open stream
$stream = fopen('crypt://' . $pathRelative, "r"); $stream = fopen('crypt://' . $relativePath, "r");
if (is_resource($stream)) { if (is_resource($stream)) {
// calculate last chunk position // calculate last chunk position
@ -639,20 +643,6 @@ class Util {
return $result; return $result;
} }
/**
* @brief Format a path to be relative to the /user/files/ directory
* @note e.g. turns '/admin/files/test.txt' into 'test.txt'
*/
public function stripUserFilesPath($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
$sliced = array_slice($split, 2);
$relPath = implode('/', $sliced);
return $relPath;
}
/** /**
* @param $path * @param $path
@ -748,7 +738,7 @@ class Util {
$recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKeys ); $recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKeys );
$rawPath = $legacyFile['path']; $rawPath = $legacyFile['path'];
$relPath = $this->stripUserFilesPath($rawPath); $relPath = \OCA\Encryption\Helper::stripUserFilesPath($rawPath);
// Save keyfile // Save keyfile
Keymanager::setFileKey($this->view, $relPath, $this->userId, $recrypted['filekey']); Keymanager::setFileKey($this->view, $relPath, $this->userId, $recrypted['filekey']);
@ -903,6 +893,7 @@ class Util {
* @param string $filePath * @param string $filePath
* @param string $fileOwner * @param string $fileOwner
* @param string $privateKey * @param string $privateKey
* @return bool|string
* @note Checks whether file was encrypted with openssl_seal or * @note Checks whether file was encrypted with openssl_seal or
* openssl_encrypt, and decrypts accrdingly * openssl_encrypt, and decrypts accrdingly
* @note This was used when 2 types of encryption for keyfiles was used, * @note This was used when 2 types of encryption for keyfiles was used,
@ -1028,7 +1019,7 @@ class Util {
if ($sharingEnabled) { if ($sharingEnabled) {
// Find out who, if anyone, is sharing the file // Find out who, if anyone, is sharing the file
$result = \OCP\Share::getUsersSharingFile($ownerPath, $owner, true, true, true); $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner, true);
$userIds = $result['users']; $userIds = $result['users'];
if ($result['public']) { if ($result['public']) {
$userIds[] = $this->publicShareKeyId; $userIds[] = $this->publicShareKeyId;
@ -1136,6 +1127,7 @@ class Util {
/** /**
* @brief get uid of the owners of the file and the path to the file * @brief get uid of the owners of the file and the path to the file
* @param string $path Path of the file to check * @param string $path Path of the file to check
* @throws \Exception
* @note $shareFilePath must be relative to data/UID/files. Files * @note $shareFilePath must be relative to data/UID/files. Files
* relative to /Shared are also acceptable * relative to /Shared are also acceptable
* @return array * @return array
@ -1199,14 +1191,14 @@ class Util {
$result = array(); $result = array();
$content = $this->view->getDirectoryContent($this->userFilesDir . $dir); $content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath($this->userFilesDir . '/' . $dir));
// handling for re shared folders // handling for re shared folders
$path_split = explode('/', $dir); $pathSplit = explode('/', $dir);
foreach ($content as $c) { foreach ($content as $c) {
$sharedPart = $path_split[sizeof($path_split) - 1]; $sharedPart = $pathSplit[sizeof($pathSplit) - 1];
$targetPathSplit = array_reverse(explode('/', $c['path'])); $targetPathSplit = array_reverse(explode('/', $c['path']));
$path = ''; $path = '';
@ -1459,7 +1451,7 @@ class Util {
// Find out who, if anyone, is sharing the file // Find out who, if anyone, is sharing the file
if ($sharingEnabled) { if ($sharingEnabled) {
$result = \OCP\Share::getUsersSharingFile($file, $this->userId, true, true, true); $result = \OCP\Share::getUsersSharingFile($file, $this->userId, true);
$userIds = $result['users']; $userIds = $result['users'];
$userIds[] = $this->recoveryKeyId; $userIds[] = $this->recoveryKeyId;
if ($result['public']) { if ($result['public']) {
@ -1535,4 +1527,21 @@ class Util {
$this->recoverAllFiles('/', $privateKey); $this->recoverAllFiles('/', $privateKey);
} }
/**
* Get the path including the storage mount point
* @param int $id
* @return string the path including the mount point like AmazonS3/folder/file.txt
*/
public function getPathWithMountPoint($id) {
list($storage, $internalPath) = \OC\Files\Cache\Cache::getById($id);
$mount = \OC\Files\Filesystem::getMountByStorageId($storage);
$mountPoint = $mount[0]->getMountPoint();
$path = \OC\Files\Filesystem::normalizePath($mountPoint.'/'.$internalPath);
// reformat the path to be relative e.g. /user/files/folder becomes /folder/
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
return $relativePath;
}
} }

2
apps/files_encryption/tests/webdav.php
View File

@ -216,7 +216,7 @@ class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
* *
* @param bool $body * @param bool $body
* *
* @note this init procedure is copied from /apps/files/remote.php * @note this init procedure is copied from /apps/files/appinfo/remote.php
*/ */
function handleWebdavRequest($body = false) { function handleWebdavRequest($body = false) {
// Backends // Backends

17
apps/files_versions/lib/versions.php
View File

@ -113,8 +113,16 @@ class Storage {
mkdir($versionsFolderName.'/'.$info['dirname'], 0750, true); mkdir($versionsFolderName.'/'.$info['dirname'], 0750, true);
} }
// disable proxy to prevent multiple fopen calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// store a new version of a file // store a new version of a file
$users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename)); $users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename));
// reset proxy state
\OC_FileProxy::$enabled = $proxyStatus;
$versionsSize = self::getVersionsSize($uid); $versionsSize = self::getVersionsSize($uid);
if ( $versionsSize === false || $versionsSize < 0 ) { if ( $versionsSize === false || $versionsSize < 0 ) {
$versionsSize = self::calculateSize($uid); $versionsSize = self::calculateSize($uid);
@ -195,7 +203,16 @@ class Storage {
//first create a new version //first create a new version
$version = 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename); $version = 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename);
if ( !$users_view->file_exists($version)) { if ( !$users_view->file_exists($version)) {
// disable proxy to prevent multiple fopen calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename)); $users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename));
// reset proxy state
\OC_FileProxy::$enabled = $proxyStatus;
$versionCreated = true; $versionCreated = true;
} }

78
lib/public/share.php
View File

@ -133,17 +133,22 @@ class Share {
* @note $path needs to be relative to user data dir, e.g. 'file.txt' * @note $path needs to be relative to user data dir, e.g. 'file.txt'
* not '/admin/data/file.txt' * not '/admin/data/file.txt'
*/ */
public static function getUsersSharingFile($path, $user, $includeOwner = false, $removeDuplicates = true) { public static function getUsersSharingFile($path, $user, $includeOwner = false) {
$path_parts = explode(DIRECTORY_SEPARATOR, trim($path, DIRECTORY_SEPARATOR));
$path = '';
$shares = array(); $shares = array();
$publicShare = false; $publicShare = false;
$source = -1;
$cache = false;
$view = new \OC\Files\View('/' . $user . '/files/'); $view = new \OC\Files\View('/' . $user . '/files/');
foreach ($path_parts as $p) { $meta = $view->getFileInfo(\OC\Files\Filesystem::normalizePath($path));
$path .= '/' . $p;
$meta = $view->getFileInfo(\OC_Filesystem::normalizePath($path)); if($meta !== false) {
$source = $meta['fileid']; $source = $meta['fileid'];
$cache = new \OC\Files\Cache\Cache($meta['storage']);
}
while ($source !== -1) {
// Fetch all shares of this file path from DB // Fetch all shares of this file path from DB
$query = \OC_DB::prepare( $query = \OC_DB::prepare(
@ -156,14 +161,13 @@ class Share {
$result = $query->execute(array($source, self::SHARE_TYPE_USER)); $result = $query->execute(array($source, self::SHARE_TYPE_USER));
if (\OC_DB::isError($result)) { if (\OCP\DB::isError($result)) {
\OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); \OCP\Util::writeLog('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR);
} else {
while ($row = $result->fetchRow()) {
$shares[] = $row['share_with'];
}
} }
while ($row = $result->fetchRow()) {
$shares[] = $row['share_with'];
}
// We also need to take group shares into account // We also need to take group shares into account
$query = \OC_DB::prepare( $query = \OC_DB::prepare(
@ -176,32 +180,42 @@ class Share {
$result = $query->execute(array($source, self::SHARE_TYPE_GROUP)); $result = $query->execute(array($source, self::SHARE_TYPE_GROUP));
if (\OC_DB::isError($result)) { if (\OCP\DB::isError($result)) {
\OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); \OCP\Util::writeLog('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR);
} } else {
while ($row = $result->fetchRow()) {
while ($row = $result->fetchRow()) { $usersInGroup = \OC_Group::usersInGroup($row['share_with']);
$usersInGroup = \OC_Group::usersInGroup($row['share_with']); $shares = array_merge($shares, $usersInGroup);
$shares = array_merge($shares, $usersInGroup); }
} }
//check for public link shares //check for public link shares
$query = \OC_DB::prepare( if (!$publicShare) {
'SELECT share_with $query = \OC_DB::prepare(
FROM 'SELECT share_with
`*PREFIX*share` FROM
WHERE `*PREFIX*share`
item_source = ? AND share_type = ?' WHERE
); item_source = ? AND share_type = ?'
);
$result = $query->execute(array($source, self::SHARE_TYPE_LINK)); $result = $query->execute(array($source, self::SHARE_TYPE_LINK));
if (\OC_DB::isError($result)) { if (\OCP\DB::isError($result)) {
\OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR); \OCP\Util::writeLog('OCP\Share', \OC_DB::getErrorMessage($result), \OC_Log::ERROR);
} else {
if ($result->fetchRow()) {
$publicShare = true;
}
}
} }
if ($result->fetchRow()) { // let's get the parent for the next round
$publicShare = true; $meta = $cache->get((int)$source);
if($meta !== false) {
$source = (int)$meta['parent'];
} else {
$source = -1;
} }
} }
// Include owner in list of users, if requested // Include owner in list of users, if requested