allow the user to login but do not allow upload and show error message on the web
This commit is contained in:
Florin Peter
parent
2e3bfdb12c
commit
e9d1ea712c
|
|
@ -28,9 +28,10 @@ if (OCP\User::isLoggedIn()) {
|
|||
$view = new OC_FilesystemView('/');
|
||||
$session = new \OCA\Encryption\Session($view);
|
||||
|
||||
$user = \OCP\USER::getUser();
|
||||
// check if user has a private key
|
||||
if (
|
||||
!$session->getPrivateKey(\OCP\USER::getUser())
|
||||
!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
|
||||
&& OCA\Encryption\Crypt::mode() === 'server'
|
||||
) {
|
||||
|
||||
|
|
|
|||
|
|
@ -62,13 +62,13 @@ class Hooks {
|
|||
if(is_resource($res)) {
|
||||
$sslInfo = openssl_pkey_get_details($res);
|
||||
if(!isset($sslInfo['key'])) {
|
||||
$privateKey = null;
|
||||
$privateKey = false;
|
||||
}
|
||||
} else {
|
||||
$privateKey = null;
|
||||
$privateKey = false;
|
||||
}
|
||||
|
||||
if($privateKey === null) {
|
||||
if($privateKey === false) {
|
||||
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -236,7 +236,11 @@ class Stream {
|
|||
// if there is no valid private key return false
|
||||
if($privateKey === false) {
|
||||
|
||||
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
|
||||
if(\OC_Util::isCallRegistered()) {
|
||||
$l = \OC_L10N::get('core');
|
||||
\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
|
||||
throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
|
@ -433,6 +437,22 @@ class Stream {
|
|||
|
||||
$this->flush();
|
||||
|
||||
$view = new \OC_FilesystemView('/');
|
||||
$session = new \OCA\Encryption\Session( $this->rootView );
|
||||
$privateKey = $session->getPrivateKey($this->userId);
|
||||
|
||||
// if there is no valid private key return false
|
||||
if($privateKey === false) {
|
||||
|
||||
if(\OC_Util::isCallRegistered()) {
|
||||
$l = \OC_L10N::get('core');
|
||||
\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
|
||||
throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
if (
|
||||
$this->meta['mode'] !== 'r'
|
||||
and $this->meta['mode'] !== 'rb'
|
||||
|
|
@ -459,8 +479,6 @@ class Stream {
|
|||
// Encrypt enc key for all sharing users
|
||||
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
|
||||
|
||||
$view = new \OC_FilesystemView('/');
|
||||
|
||||
// Save the new encrypted file key
|
||||
Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue