improved error messaging, initial commit
This commit is contained in:
Bjoern Schiessle
parent
0a23ac18bc
commit
d7dca966a2
|
|
@ -34,6 +34,13 @@
|
|||
<default>0</default>
|
||||
<comments>Whether encryption migration has been performed</comments>
|
||||
</field>
|
||||
<field>
|
||||
<name>initialized</name>
|
||||
<type>integer</type>
|
||||
<notnull>true</notnull>
|
||||
<default>0</default>
|
||||
<comments>Did the user initialized the encryption app at least once</comments>
|
||||
</field>
|
||||
</declaration>
|
||||
</table>
|
||||
</database>
|
||||
|
|
@ -1 +1 @@
|
|||
0.4
|
||||
0.5
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ if (!isset($_)) { //also provide standalone error page
|
|||
|
||||
$l = OC_L10N::get('files_encryption');
|
||||
|
||||
$errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
|
||||
$errorMsg = $l->t('Your private key is not valid! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app. If this doesn\'t help maybe your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
|
||||
|
||||
if(isset($_GET['p']) && $_GET['p'] === '1') {
|
||||
header('HTTP/1.0 404 ' . $errorMsg);
|
||||
|
|
|
|||
|
|
@ -70,6 +70,8 @@ class Hooks {
|
|||
// If migration not yet done
|
||||
if ($ready) {
|
||||
|
||||
$util->setInitialized(Util::ENCRYPTION_INITIALIZED);
|
||||
|
||||
$userView = new \OC_FilesystemView('/' . $params['uid']);
|
||||
|
||||
// Set legacy encryption key if it exists, to support
|
||||
|
|
@ -143,6 +145,7 @@ class Hooks {
|
|||
* @brief If the password can't be changed within ownCloud, than update the key password in advance.
|
||||
*/
|
||||
public static function preSetPassphrase($params) {
|
||||
return true;
|
||||
if ( ! \OC_User::canUserChangePassword($params['uid']) ) {
|
||||
self::setPassphrase($params);
|
||||
}
|
||||
|
|
@ -153,7 +156,7 @@ class Hooks {
|
|||
* @param array $params keys: uid, password
|
||||
*/
|
||||
public static function setPassphrase($params) {
|
||||
|
||||
return true;
|
||||
// Only attempt to change passphrase if server-side encryption
|
||||
// is in use (client-side encryption does not have access to
|
||||
// the necessary keys)
|
||||
|
|
@ -537,14 +540,18 @@ class Hooks {
|
|||
}
|
||||
|
||||
/**
|
||||
* set migration status back to '0' so that all new files get encrypted
|
||||
* set migration status and the init status back to '0' so that all new files get encrypted
|
||||
* if the app gets enabled again
|
||||
* @param array $params contains the app ID
|
||||
*/
|
||||
public static function preDisable($params) {
|
||||
if ($params['app'] === 'files_encryption') {
|
||||
$query = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0');
|
||||
$query->execute();
|
||||
|
||||
$setMigrationStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0');
|
||||
$setMigrationStatus->execute();
|
||||
|
||||
$setInitStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `initialized`=0');
|
||||
$setInitStatus->execute();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -235,14 +235,30 @@ class Helper {
|
|||
/**
|
||||
* @brief redirect to a error page
|
||||
*/
|
||||
public static function redirectToErrorPage() {
|
||||
$location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php');
|
||||
$post = 0;
|
||||
if(count($_POST) > 0) {
|
||||
$post = 1;
|
||||
public static function redirectToErrorPage($util) {
|
||||
|
||||
$l = \OC_L10N::get('files_encryption');
|
||||
|
||||
if ($util->getInitialized() === false) {
|
||||
$errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.');
|
||||
} else {
|
||||
$errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
|
||||
}
|
||||
header('Location: ' . $location . '?p=' . $post);
|
||||
exit();
|
||||
|
||||
if(count($_POST) > 0) {
|
||||
header('HTTP/1.0 404 ' . $errorMsg);
|
||||
}
|
||||
|
||||
// check if ajax request
|
||||
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
|
||||
\OCP\JSON::error(array('data' => array('message' => $errorMsg)));
|
||||
} else {
|
||||
header('HTTP/1.0 404 ' . $errorMsg);
|
||||
$tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest');
|
||||
$tmpl->printPage();
|
||||
}
|
||||
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -131,7 +131,7 @@ class Stream {
|
|||
|
||||
if($this->privateKey === false) {
|
||||
// if private key is not valid redirect user to a error page
|
||||
\OCA\Encryption\Helper::redirectToErrorPage();
|
||||
\OCA\Encryption\Helper::redirectToErrorPage($util);
|
||||
}
|
||||
|
||||
$this->size = $this->rootView->filesize($this->rawPath, $mode);
|
||||
|
|
|
|||
|
|
@ -37,6 +37,8 @@ class Util {
|
|||
const MIGRATION_IN_PROGRESS = -1; // migration is running
|
||||
const MIGRATION_OPEN = 0; // user still needs to be migrated
|
||||
|
||||
const ENCRYPTION_INITIALIZED = 1;
|
||||
const ENCRYPTION_NOT_INITIALIZED = 0;
|
||||
|
||||
private $view; // OC_FilesystemView object for filesystem operations
|
||||
private $userId; // ID of the currently logged-in user
|
||||
|
|
@ -1216,6 +1218,56 @@ class Util {
|
|||
return $return;
|
||||
}
|
||||
|
||||
/**
|
||||
* set remember if the encryption app was already initialized or not
|
||||
* @param type $status
|
||||
*/
|
||||
public function setInitialized($status) {
|
||||
$sql = 'UPDATE `*PREFIX*encryption` SET `initialized` = ? WHERE `uid` = ?';
|
||||
$args = array($status, $this->userId);
|
||||
$query = \OCP\DB::prepare($sql);
|
||||
$query->execute($args);
|
||||
}
|
||||
|
||||
/**
|
||||
* set remember if the encryption app was already initialized or not
|
||||
*/
|
||||
public function getInitialized() {
|
||||
$sql = 'SELECT `initialized` FROM `*PREFIX*encryption` WHERE `uid` = ?';
|
||||
$args = array($this->userId);
|
||||
$query = \OCP\DB::prepare($sql);
|
||||
|
||||
$result = $query->execute($args);
|
||||
$initializedStatus = null;
|
||||
|
||||
if (\OCP\DB::isError($result)) {
|
||||
\OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR);
|
||||
} else {
|
||||
if ($result->numRows() > 0) {
|
||||
$row = $result->fetchRow();
|
||||
if (isset($row['initialized'])) {
|
||||
$initializedStatus = (int)$row['initialized'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// If no record is found
|
||||
if (empty($initializedStatus)) {
|
||||
\OCP\Util::writeLog('Encryption library', "Could not get initialized status for " . $this->userId . ", no record found", \OCP\Util::ERROR);
|
||||
return false;
|
||||
// If a record is found
|
||||
} else {
|
||||
return (bool)$initializedStatus;
|
||||
}
|
||||
|
||||
|
||||
|
||||
$sql = 'UPDATE `*PREFIX*encryption` SET `initialized` = ? WHERE `uid` = ?';
|
||||
$args = array($status, $this->userId);
|
||||
$query = \OCP\DB::prepare($sql);
|
||||
$query->execute($args);
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief close migration mode after users data has been encrypted successfully
|
||||
* @return boolean
|
||||
|
|
|
|||
Loading…
Reference in New Issue