diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index b1e7e8c52a..ccea51f91f 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -228,6 +228,9 @@ class Hooks { || !$util->userKeysExists() || !$view->file_exists($user . '/files')) { + // backup old keys + $util->backupAllKeys('recovery'); + $newUserPassword = $params['password']; // make sure that the users home is mounted diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 31d11338ef..b406404a68 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -54,7 +54,7 @@ class Proxy extends \OC_FileProxy { $view = new \OC\Files\View(); // files outside of the files-folder are excluded - if(strpos($path, '/' . $uid . '/files') !== 0) { + if(strpos($path, '/' . $uid . '/files/') !== 0) { return true; } diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 087dada7f1..33c2f88b0f 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -1477,6 +1477,22 @@ class Util { $this->recoverAllFiles('/', $privateKey); } + /** + * create a backup of all keys from the user + * + * @param string $purpose (optional) define the purpose of the backup, will be part of the backup folder + */ + public function backupAllKeys($purpose = '') { + $this->userId; + $backupDir = $this->encryptionDir . '/backup.'; + $backupDir .= ($purpose === '') ? date("Y-m-d_H-i-s") . '/' : $purpose . '.' . date("Y-m-d_H-i-s") . '/'; + $this->view->mkdir($backupDir); + $this->view->copy($this->shareKeysPath, $backupDir . 'share-keys/'); + $this->view->copy($this->keyfilesPath, $backupDir . 'keyfiles/'); + $this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.private.key'); + $this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.public.key'); + } + /** * check if the file is stored on a system wide mount point * @param string $path relative to /data/user with leading '/' diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php index f337eb4635..f2db21be4c 100755 --- a/apps/files_encryption/tests/util.php +++ b/apps/files_encryption/tests/util.php @@ -398,6 +398,48 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { } + /** + * test if all keys get moved to the backup folder correctly + */ + function testBackupAllKeys() { + self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); + + // create some dummy key files + $encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption'; + $this->view->file_put_contents($encPath . '/keyfiles/foo.key', 'key'); + $this->view->file_put_contents($encPath . '/share-keys/foo.user1.shareKey', 'share key'); + + $util = new \OCA\Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1); + + $util->backupAllKeys('testing'); + + $encFolderContent = $this->view->getDirectoryContent($encPath); + + $backupPath = ''; + foreach ($encFolderContent as $c) { + $name = $c['name']; + if (substr($name, 0, strlen('backup')) === 'backup') { + $backupPath = $encPath . '/'. $c['name']; + break; + } + } + + $this->assertTrue($backupPath !== ''); + + // check backupDir Content + $this->assertTrue($this->view->is_dir($backupPath . '/keyfiles')); + $this->assertTrue($this->view->is_dir($backupPath . '/share-keys')); + $this->assertTrue($this->view->file_exists($backupPath . '/keyfiles/foo.key')); + $this->assertTrue($this->view->file_exists($backupPath . '/share-keys/foo.user1.shareKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.private.key')); + $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.public.key')); + + //cleanup + $this->view->deleteAll($backupPath); + $this->view->unlink($encPath . '/keyfiles/foo.key', 'key'); + $this->view->unlink($encPath . '/share-keys/foo.user1.shareKey', 'share key'); + } + function testDescryptAllWithBrokenFiles() {