From e4895bda01f9c94fc33e094ae9466e1cf5502916 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 16:23:31 +0200 Subject: [PATCH] add helper class accessible for encryption modules to ask for a list of users with access to a file, needed to apply the recovery key to all files --- apps/encryption/appinfo/application.php | 4 +- apps/encryption/appinfo/routes.php | 5 ++ .../controller/recoverycontroller.php | 61 ++++++++++--- apps/encryption/js/settings-personal.js | 29 +------ apps/encryption/lib/recovery.php | 87 ++++++++++++++++--- .../encryption/settings/settings-personal.php | 6 +- .../templates/settings-personal.php | 2 + lib/base.php | 1 + lib/private/encryption/file.php | 81 +++++++++++++++++ lib/private/encryption/update.php | 8 +- lib/private/encryption/util.php | 47 +--------- lib/private/files/stream/encryption.php | 9 +- lib/private/server.php | 12 +++ lib/public/encryption/ifile.php | 36 ++++++++ lib/public/encryption/imanager.php | 4 +- lib/public/iservercontainer.php | 5 ++ 16 files changed, 290 insertions(+), 107 deletions(-) create mode 100644 lib/private/encryption/file.php create mode 100644 lib/public/encryption/ifile.php diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index e8f10798bb..372d49e5ef 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -139,7 +139,9 @@ class Application extends \OCP\AppFramework\App { $server->getSecureRandom(), $c->query('KeyManager'), $server->getConfig(), - $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID)); + $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), + $server->getEncryptionFilesHelper(), + new \OC\Files\View()); }); $container->registerService('RecoveryController', function (IAppContainer $c) { diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php index 030e761781..1a6cf18fbe 100644 --- a/apps/encryption/appinfo/routes.php +++ b/apps/encryption/appinfo/routes.php @@ -38,6 +38,11 @@ namespace OCA\Encryption\AppInfo; 'name' => 'Recovery#changeRecoveryPassword', 'url' => '/ajax/changeRecoveryPassword', 'verb' => 'POST' + ], + [ + 'name' => 'Recovery#userSetRecovery', + 'url' => '/ajax/userSetRecovery', + 'verb' => 'POST' ] diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php index e7bfd37490..d115feb8e3 100644 --- a/apps/encryption/controller/recoverycontroller.php +++ b/apps/encryption/controller/recoverycontroller.php @@ -61,61 +61,72 @@ class RecoveryController extends Controller { public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { // Check if both passwords are the same if (empty($recoveryPassword)) { - $errorMessage = $this->l->t('Missing recovery key password'); + $errorMessage = (string) $this->l->t('Missing recovery key password'); return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if (empty($confirmPassword)) { - $errorMessage = $this->l->t('Please repeat the recovery key password'); + $errorMessage = (string) $this->l->t('Please repeat the recovery key password'); return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if ($recoveryPassword !== $confirmPassword) { - $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); + $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { if ($this->recovery->enableAdminRecovery($recoveryPassword)) { - return new DataResponse(['status' =>'success', 'data' => array('message' => $this->l->t('Recovery key successfully enabled'))]); + return new DataResponse(['status' =>'success', 'data' => array('message' => (string) $this->l->t('Recovery key successfully enabled'))]); } - return new DataResponse(['data' => array('message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { if ($this->recovery->disableAdminRecovery($recoveryPassword)) { - return new DataResponse(['data' => array('message' => $this->l->t('Recovery key successfully disabled'))]); + return new DataResponse(['data' => array('message' => (string) $this->l->t('Recovery key successfully disabled'))]); } - return new DataResponse(['data' => array('message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); } } public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { //check if both passwords are the same if (empty($oldPassword)) { - $errorMessage = $this->l->t('Please provide the old recovery password'); + $errorMessage = (string) $this->l->t('Please provide the old recovery password'); return new DataResponse(array('data' => array('message' => $errorMessage))); } if (empty($newPassword)) { - $errorMessage = $this->l->t('Please provide a new recovery password'); + $errorMessage = (string) $this->l->t('Please provide a new recovery password'); return new DataResponse (array('data' => array('message' => $errorMessage))); } if (empty($confirmPassword)) { - $errorMessage = $this->l->t('Please repeat the new recovery password'); + $errorMessage = (string) $this->l->t('Please repeat the new recovery password'); return new DataResponse(array('data' => array('message' => $errorMessage))); } if ($newPassword !== $confirmPassword) { - $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); + $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); return new DataResponse(array('data' => array('message' => $errorMessage))); } $result = $this->recovery->changeRecoveryKeyPassword($newPassword, $oldPassword); if ($result) { - return new DataResponse(array('status' => 'success' ,'data' => array('message' => $this->l->t('Password successfully changed.')))); + return new DataResponse( + array( + 'status' => 'success' , + 'data' => array( + 'message' => (string) $this->l->t('Password successfully changed.')) + ) + ); } else { - return new DataResponse(array('data' => array('message' => $this->l->t('Could not change the password. Maybe the old password was not correct.')))); + return new DataResponse( + array( + 'data' => array + ('message' => (string) $this->l->t('Could not change the password. Maybe the old password was not correct.')) + ) + ); } } @@ -131,4 +142,28 @@ class RecoveryController extends Controller { } } + public function userSetRecovery($userEnableRecovery) { + if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { + + $result = $this->recovery->setRecoveryForUser($userEnableRecovery); + + if ($result) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'message' => (string) $this->l->t('Recovery Key enabled')) + ) + ); + } else { + return new DataResponse( + array( + 'data' => array + ('message' => (string) $this->l->t('Could not enable the recovery key, please try again or contact your administrator')) + ) + ); + } + } + } + } diff --git a/apps/encryption/js/settings-personal.js b/apps/encryption/js/settings-personal.js index b798ba7e4e..7f0f4c6c26 100644 --- a/apps/encryption/js/settings-personal.js +++ b/apps/encryption/js/settings-personal.js @@ -29,7 +29,7 @@ $(document).ready(function(){ var recoveryStatus = $( this ).val(); OC.msg.startAction('#userEnableRecovery .msg', 'Updating recovery keys. This can take some time...'); $.post( - OC.filePath( 'files_encryption', 'ajax', 'userrecovery.php' ) + OC.generateUrl('/apps/encryption/ajax/userSetRecovery') , { userEnableRecovery: recoveryStatus } , function( data ) { OC.msg.finishedAction('#userEnableRecovery .msg', data); @@ -40,33 +40,6 @@ $(document).ready(function(){ } ); - $("#encryptAll").click( - function(){ - - // Hide feedback messages in case they're already visible - $('#encryptAllSuccess').hide(); - $('#encryptAllError').hide(); - - var userPassword = $( '#userPassword' ).val(); - var encryptAll = $( '#encryptAll' ).val(); - - $.post( - OC.filePath( 'files_encryption', 'ajax', 'encryptall.php' ) - , { encryptAll: encryptAll, userPassword: userPassword } - , function( data ) { - if ( data.status == "success" ) { - $('#encryptAllSuccess').show(); - } else { - $('#encryptAllError').show(); - } - } - ); - // Ensure page is not reloaded on form submit - return false; - } - - ); - // update private key password $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) { diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 0426c3746e..701c0934c9 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -29,7 +29,8 @@ use OCP\IUser; use OCP\IUserSession; use OCP\PreConditionNotMetException; use OCP\Security\ISecureRandom; -use OCP\Share; +use OC\Files\View; +use OCP\Encryption\IFile; class Recovery { @@ -58,7 +59,17 @@ class Recovery { * @var IStorage */ private $keyStorage; - + /** + * @var View + */ + private $view; + /** + * @var IFile + */ + private $file; + /** + * @var string + */ private $recoveryKeyId; /** @@ -68,19 +79,25 @@ class Recovery { * @param KeyManager $keyManager * @param IConfig $config * @param IStorage $keyStorage + * @param IFile $file + * @param View $view */ public function __construct(IUserSession $user, Crypt $crypt, ISecureRandom $random, KeyManager $keyManager, IConfig $config, - IStorage $keyStorage) { + IStorage $keyStorage, + IFile $file, + View $view) { $this->user = $user && $user->isLoggedIn() ? $user->getUser() : false; $this->crypt = $crypt; $this->random = $random; $this->keyManager = $keyManager; $this->config = $config; $this->keyStorage = $keyStorage; + $this->view = $view; + $this->file = $file; } /** @@ -138,14 +155,6 @@ class Recovery { return false; } - public function addRecoveryKeys($keyId) { - // No idea new way to do this.... - } - - public function removeRecoveryKeys() { - // No idea new way to do this.... - } - /** * @return bool */ @@ -159,23 +168,73 @@ class Recovery { } /** - * @param $enabled + * @param string $value * @return bool */ - public function setRecoveryForUser($enabled) { - $value = $enabled ? '1' : '0'; + public function setRecoveryForUser($value) { try { $this->config->setUserValue($this->user->getUID(), 'encryption', 'recoveryEnabled', $value); + + if ($value === '1') { + $this->addRecoveryKeys('/' . $this->user . '/files/'); + } else { + $this->removeRecoveryKeys(); + } + return true; } catch (PreConditionNotMetException $e) { return false; } } + /** + * add recovery key to all encrypted files + */ + private function addRecoveryKeys($path = '/') { + $dirContent = $this->view->getDirectoryContent($path); + foreach ($dirContent as $item) { + // get relative path from files_encryption/keyfiles/ + $filePath = $item['path']; + if ($item['type'] === 'dir') { + $this->addRecoveryKeys($filePath . '/'); + } else { + $fileKey = $this->keyManager->getFileKey($filePath, $this->user); + if (!empty($fileKey)) { + $accessList = $this->file->getAccessList($path); + $publicKeys = array(); + foreach ($accessList['users'] as $uid) { + $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); + } + + $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); + $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); + } + } + } + } + + /** + * remove recovery key to all encrypted files + */ + private function removeRecoveryKeys($path = '/') { + $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); + foreach ($dirContent as $item) { + // get relative path from files_encryption/keyfiles + $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); + if ($item['type'] === 'dir') { + $this->removeRecoveryKeys($filePath . '/'); + } else { + // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' + $file = substr($filePath, 0, -4); + $this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey'); + } + } + } + /** * @param $recoveryPassword */ diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index a4173dbd40..8caacbd19c 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -29,7 +29,11 @@ $user = \OCP\User::getUser(); $view = new \OC\Files\View('/'); $util = new \OCA\Encryption\Util( - new \OC\Files\View(), $crypt, $keymanager, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig()); + new \OC\Files\View(), + $crypt, $keymanager, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); $privateKeySet = $session->isPrivateKeySet(); // did we tried to initialize the keys for this session? diff --git a/apps/encryption/templates/settings-personal.php b/apps/encryption/templates/settings-personal.php index cefd6f4ad5..6b8821ca8a 100644 --- a/apps/encryption/templates/settings-personal.php +++ b/apps/encryption/templates/settings-personal.php @@ -1,6 +1,8 @@

t('ownCloud basic encryption module')); ?>

diff --git a/lib/base.php b/lib/base.php index a5ca08123a..1d53646415 100644 --- a/lib/base.php +++ b/lib/base.php @@ -723,6 +723,7 @@ class OC { \OC::$server->getConfig()), \OC\Files\Filesystem::getMountManager(), \OC::$server->getEncryptionManager(), + \OC::$server->getEncryptionFilesHelper(), $uid ); \OCP\Util::connectHook('OCP\Share', 'post_shared', $updater, 'postShared'); diff --git a/lib/private/encryption/file.php b/lib/private/encryption/file.php new file mode 100644 index 0000000000..f231500fb0 --- /dev/null +++ b/lib/private/encryption/file.php @@ -0,0 +1,81 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OC\Encryption; + +use OC\Encryption\Util; + +class File implements \OCP\Encryption\IFile { + + /** @var Util */ + protected $util; + + public function __construct(Util $util) { + $this->util = $util; + } + + + /** + * get list of users with access to the file + * + * @param $path to the file + * @return array + */ + public function getAccessList($path) { + + // Make sure that a share key is generated for the owner too + list($owner, $ownerPath) = $this->util->getUidAndFilename($path); + + // always add owner to the list of users with access to the file + $userIds = array($owner); + + if (!$this->util->isFile($ownerPath)) { + return array('users' => $userIds, 'public' => false); + } + + $ownerPath = substr($ownerPath, strlen('/files')); + $ownerPath = $this->util->stripPartialFileExtension($ownerPath); + + // Find out who, if anyone, is sharing the file + $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); + $userIds = \array_merge($userIds, $result['users']); + $public = $result['public'] || $result['remote']; + + // check if it is a group mount + if (\OCP\App::isEnabled("files_external")) { + $mounts = \OC_Mount_Config::getSystemMountPoints(); + foreach ($mounts as $mount) { + if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { + $mountedFor = $this->util->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']); + $userIds = array_merge($userIds, $mountedFor); + } + } + } + + // Remove duplicate UIDs + $uniqueUserIds = array_unique($userIds); + + return array('users' => $uniqueUserIds, 'public' => $public); + } + +} \ No newline at end of file diff --git a/lib/private/encryption/update.php b/lib/private/encryption/update.php index 06dc330151..21cedde614 100644 --- a/lib/private/encryption/update.php +++ b/lib/private/encryption/update.php @@ -46,12 +46,16 @@ class Update { /** @var string */ protected $uid; + /** @var \OC\Encryption\File */ + protected $file; + /** * * @param \OC\Files\View $view * @param \OC\Encryption\Util $util * @param \OC\Files\Mount\Manager $mountManager * @param \OC\Encryption\Manager $encryptionManager + * @param \OC\Encryption\File $file * @param string $uid */ public function __construct( @@ -59,6 +63,7 @@ class Update { Util $util, Mount\Manager $mountManager, Manager $encryptionManager, + File $file, $uid ) { @@ -66,6 +71,7 @@ class Update { $this->util = $util; $this->mountManager = $mountManager; $this->encryptionManager = $encryptionManager; + $this->file = $file; $this->uid = $uid; } @@ -103,7 +109,7 @@ class Update { $encryptionModule = $this->encryptionManager->getDefaultEncryptionModule(); foreach ($allFiles as $path) { - $usersSharing = $this->util->getSharingUsersArray($path); + $usersSharing = $this->file->getAccessList($path); $encryptionModule->update($absPath, $this->uid, $usersSharing); } } diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 1308d27c92..734da741fd 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -162,49 +162,6 @@ class Util { return $paddedHeader; } - /** - * Find, sanitise and format users sharing a file - * @note This wraps other methods into a portable bundle - * @param string $path path relative to current users files folder - * @return array - */ - public function getSharingUsersArray($path) { - - // Make sure that a share key is generated for the owner too - list($owner, $ownerPath) = $this->getUidAndFilename($path); - - // always add owner to the list of users with access to the file - $userIds = array($owner); - - if (!$this->isFile($ownerPath)) { - return array('users' => $userIds, 'public' => false); - } - - $ownerPath = substr($ownerPath, strlen('/files')); - $ownerPath = $this->stripPartialFileExtension($ownerPath); - - // Find out who, if anyone, is sharing the file - $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); - $userIds = \array_merge($userIds, $result['users']); - $public = $result['public'] || $result['remote']; - - // check if it is a group mount - if (\OCP\App::isEnabled("files_external")) { - $mounts = \OC_Mount_Config::getSystemMountPoints(); - foreach ($mounts as $mount) { - if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { - $mountedFor = $this->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']); - $userIds = array_merge($userIds, $mountedFor); - } - } - } - - // Remove duplicate UIDs - $uniqueUserIds = array_unique($userIds); - - return array('users' => $uniqueUserIds, 'public' => $public); - } - /** * go recursively through a dir and collect all files and sub files. * @@ -243,7 +200,7 @@ class Util { * @param string $path * @return boolean */ - protected function isFile($path) { + public function isFile($path) { if (substr($path, 0, strlen('/files/')) === '/files/') { return true; } @@ -361,7 +318,7 @@ class Util { } } - protected function getUserWithAccessToMountPoint($users, $groups) { + public function getUserWithAccessToMountPoint($users, $groups) { $result = array(); if (in_array('all', $users)) { $result = \OCP\User::getUsers(); diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index e3927edff2..a96d573723 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -31,6 +31,9 @@ class Encryption extends Wrapper { /** @var \OC\Encryption\Util */ protected $util; + /** @var \OC\Encryption\File */ + protected $file; + /** @var \OCP\Encryption\IEncryptionModule */ protected $encryptionModule; @@ -97,6 +100,7 @@ class Encryption extends Wrapper { 'encryptionModule', 'header', 'uid', + 'file', 'util', 'size', 'unencryptedSize', @@ -117,6 +121,7 @@ class Encryption extends Wrapper { * @param \OC\Files\Storage\Storage $storage * @param \OC\Files\Storage\Wrapper\Encryption $encStorage * @param \OC\Encryption\Util $util + * @param \OC\Encryption\File $file * @param string $mode * @param int $size * @param int $unencryptedSize @@ -130,6 +135,7 @@ class Encryption extends Wrapper { \OC\Files\Storage\Storage $storage, \OC\Files\Storage\Wrapper\Encryption $encStorage, \OC\Encryption\Util $util, + \OC\Encryption\File $file, $mode, $size, $unencryptedSize) { @@ -144,6 +150,7 @@ class Encryption extends Wrapper { 'header' => $header, 'uid' => $uid, 'util' => $util, + 'file' => $file, 'size' => $size, 'unencryptedSize' => $unencryptedSize, 'encryptionStorage' => $encStorage @@ -229,7 +236,7 @@ class Encryption extends Wrapper { $sharePath = dirname($path); } - $accessList = $this->util->getSharingUsersArray($sharePath); + $accessList = $this->file->getAccessList($sharePath); $this->newHeader = $this->encryptionModule->begin($this->fullPath, $this->uid, $this->header, $accessList); return true; diff --git a/lib/private/server.php b/lib/private/server.php index a38096cf74..661aaf6786 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -87,6 +87,11 @@ class Server extends SimpleContainer implements IServerContainer { return new Encryption\Manager($c->getConfig()); }); + $this->registerService('EncryptionFileHelper', function (Server $c) { + $util = new \OC\Encryption\Util(new \OC\Files\View(), $c->getUserManager(), $c->getConfig()); + return new Encryption\File($util); + }); + $this->registerService('EncryptionKeyStorageFactory', function ($c) { return new Encryption\Keys\Factory(); }); @@ -407,6 +412,13 @@ class Server extends SimpleContainer implements IServerContainer { return $this->query('EncryptionManager'); } + /** + * @return \OC\Encryption\File + */ + function getEncryptionFilesHelper() { + return $this->query('EncryptionFileHelper'); + } + /** * @param string $encryptionModuleId encryption module ID * diff --git a/lib/public/encryption/ifile.php b/lib/public/encryption/ifile.php new file mode 100644 index 0000000000..cb4faea062 --- /dev/null +++ b/lib/public/encryption/ifile.php @@ -0,0 +1,36 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OCP\Encryption; + +interface IFile { + + /** + * get list of users with access to the file + * + * @param $path to the file + * @return array + */ + public function getAccessList($path); + +} \ No newline at end of file diff --git a/lib/public/encryption/imanager.php b/lib/public/encryption/imanager.php index 9a12e40159..2691604ac3 100644 --- a/lib/public/encryption/imanager.php +++ b/lib/public/encryption/imanager.php @@ -22,9 +22,7 @@ */ namespace OCP\Encryption; -// -// TODO: move exceptions to OCP -// + use OC\Encryption\Exceptions\ModuleDoesNotExistsException; use OC\Encryption\Exceptions\ModuleAlreadyExistsException; diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php index 9e36bc31be..509e5894d4 100644 --- a/lib/public/iservercontainer.php +++ b/lib/public/iservercontainer.php @@ -183,6 +183,11 @@ interface IServerContainer { */ function getEncryptionManager(); + /** + * @return \OC\Encryption\File + */ + function getEncryptionFilesHelper(); + /** * @param string $encryptionModuleId encryption module ID *