mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

no longer enforce log out, but provide useful errors/warnings instead

This commit is contained in:
Bjoern Schiessle 2013-09-06 12:27:40 +02:00
parent 69b1625f0e
commit fb462e83cc
11 changed files with 42 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/files/index.php
View File

@ -124,8 +124,12 @@ if ($needUpgrade) {
$storageInfo=OC_Helper::getStorageInfo($dir); $storageInfo=OC_Helper::getStorageInfo($dir);
$maxUploadFilesize=OCP\Util::maxUploadFilesize($dir); $maxUploadFilesize=OCP\Util::maxUploadFilesize($dir);
$publicUploadEnabled = \OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes'); $publicUploadEnabled = \OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes');
// if the encryption app is disabled, than everything is fine
$encryptionInitStatus = \OCA\Encryption\Session::INIT_SUCCESSFUL;
if (OC_App::isEnabled('files_encryption')) { if (OC_App::isEnabled('files_encryption')) {
$publicUploadEnabled = 'no'; $publicUploadEnabled = 'no';
$session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
$encryptionInitStatus = $session->getInitialized();
} }
$trashEnabled = \OCP\App::isEnabled('files_trashbin'); $trashEnabled = \OCP\App::isEnabled('files_trashbin');
@ -153,5 +157,6 @@ if ($needUpgrade) {
$tmpl->assign('isPublic', false); $tmpl->assign('isPublic', false);
$tmpl->assign('publicUploadEnabled', $publicUploadEnabled); $tmpl->assign('publicUploadEnabled', $publicUploadEnabled);
$tmpl->assign("encryptedFiles", \OCP\Util::encryptedFiles()); $tmpl->assign("encryptedFiles", \OCP\Util::encryptedFiles());
$tmpl->assign("encryptionInitStatus", $encryptionInitStatus);
$tmpl->printPage(); $tmpl->printPage();
} }

9
apps/files/js/files.js
View File

@ -90,6 +90,15 @@ Files={
} }
var encryptedFiles = $('#encryptedFiles').val(); var encryptedFiles = $('#encryptedFiles').val();
var initStatus = $('#encryptionInitStatus').val();
if (initStatus === '0') { // enc not initialized, but should be
OC.Notification.show(t('files_encryption', 'Encryption App is enabled but your keys are not initialized, please log-out and log-in again'));
return;
}
if (initStatus === '1') { // encryption tried to init but failed
OC.Notification.show(t('files_encryption', 'Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.'));
return;
}
if (encryptedFiles === '1') { if (encryptedFiles === '1') {
OC.Notification.show(t('files_encryption', 'Encryption was disabled but your files are still encrypted. Please go to your personal settings to decrypt your files.')); OC.Notification.show(t('files_encryption', 'Encryption was disabled but your files are still encrypted. Please go to your personal settings to decrypt your files.'));
return; return;

1
apps/files/templates/index.php
View File

@ -123,3 +123,4 @@
<input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php p($_['allowZipDownload']); ?>" /> <input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php p($_['allowZipDownload']); ?>" />
<input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php p($_['usedSpacePercent']); ?>" /> <input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php p($_['usedSpacePercent']); ?>" />
<input type="hidden" name="encryptedFiles" id="encryptedFiles" value="<?php $_['encryptedFiles'] ? p('1') : p('0'); ?>" /> <input type="hidden" name="encryptedFiles" id="encryptedFiles" value="<?php $_['encryptedFiles'] ? p('1') : p('0'); ?>" />
<input type="hidden" name="encryptedFiles" id="encryptionInitStatus" value="<?php p($_['encryptionInitStatus']) ?>" />

1
apps/files_encryption/ajax/updatePrivateKeyPassword.php
View File

@ -48,6 +48,7 @@ if ($decryptedKey) {
// success or failure // success or failure
if ($return) { if ($return) {
$session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
\OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.')))); \OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.'))));
} else { } else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.')))); \OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.'))));

17
apps/files_encryption/appinfo/app.php
View File

@ -41,23 +41,6 @@ if (!OC_Config::getValue('maintenance', false)) {
if($sessionReady) { if($sessionReady) {
$session = new \OCA\Encryption\Session($view); $session = new \OCA\Encryption\Session($view);
} }
$user = \OCP\USER::getUser();
// check if user has a private key
if ($sessionReady === false
|| (!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
&& OCA\Encryption\Crypt::mode() === 'server')
) {
// Force the user to log-in again if the encryption key isn't unlocked
// (happens when a user is logged in before the encryption app is
// enabled)
OCP\User::logout();
header("Location: " . OC::$WEBROOT . '/');
exit();
}
} }
} else { } else {
// logout user if we are in maintenance to force re-login // logout user if we are in maintenance to force re-login

2
apps/files_encryption/hooks/hooks.php
View File

@ -547,7 +547,7 @@ class Hooks {
$setMigrationStatus->execute(); $setMigrationStatus->execute();
$session = new \OCA\Encryption\Session(new \OC\Files\View('/')); $session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
$session->setInitialized(false); $session->setInitialized(\OCA\Encryption\Session::NOT_INITIALIZED);
} }
} }

27
apps/files_encryption/lib/helper.php
View File

@ -237,28 +237,15 @@ class Helper {
*/ */
public static function redirectToErrorPage($session) { public static function redirectToErrorPage($session) {
$l = \OC_L10N::get('files_encryption'); $init = $session->getInitialized();
if ($session->getInitialized() === false) {
$errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.');
} else {
$errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
}
$location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php');
$post = 0;
if(count($_POST) > 0) { if(count($_POST) > 0) {
header('HTTP/1.0 404 ' . $errorMsg); $post = 1;
} }
header('Location: ' . $location . '?p=' . $post . '&i=' . $init);
// check if ajax request exit();
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
\OCP\JSON::error(array('data' => array('message' => $errorMsg)));
} else {
header('HTTP/1.0 404 ' . $errorMsg);
$tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest');
$tmpl->printPage();
}
exit;
} }
/** /**

13
apps/files_encryption/lib/session.php
View File

@ -30,6 +30,11 @@ class Session {
private $view; private $view;
const NOT_INITIALIZED = '0';
const INIT_EXECUTED = '1';
const INIT_SUCCESSFUL = '2';
/** /**
* @brief if session is started, check if ownCloud key pair is set up, if not create it * @brief if session is started, check if ownCloud key pair is set up, if not create it
* @param \OC_FilesystemView $view * @param \OC_FilesystemView $view
@ -113,8 +118,8 @@ class Session {
} }
/** /**
* @brief Sets status if we tried to initialize the encyption app * @brief Sets status of encryption app
* @param bool $privateKey true=initialized false=not initialized * @param string $init INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INOITIALIZED
* @return bool * @return bool
* *
* @note this doesn not indicate of the init was successful, we just remeber the try! * @note this doesn not indicate of the init was successful, we just remeber the try!
@ -130,7 +135,7 @@ class Session {
/** /**
* @brief Gets status if we already tried to initialize the encryption app * @brief Gets status if we already tried to initialize the encryption app
* @returns bool * @returns init status INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INOITIALIZED
* *
* @note this doesn not indicate of the init was successful, we just remeber the try! * @note this doesn not indicate of the init was successful, we just remeber the try!
*/ */
@ -138,7 +143,7 @@ class Session {
if (!is_null(\OC::$session->get('encryptionInitialized'))) { if (!is_null(\OC::$session->get('encryptionInitialized'))) {
return \OC::$session->get('encryptionInitialized'); return \OC::$session->get('encryptionInitialized');
} else { } else {
return false; return self::NOT_INITIALIZED;
} }
} }

2
apps/files_encryption/lib/stream.php
View File

@ -128,7 +128,7 @@ class Stream {
$this->unencryptedSize = 0; $this->unencryptedSize = 0;
} else { } else {
\OCA\Encryption\Helper::redirectToErrorPage($this->session);
if($this->privateKey === false) { if($this->privateKey === false) {
// if private key is not valid redirect user to a error page // if private key is not valid redirect user to a error page
\OCA\Encryption\Helper::redirectToErrorPage($this->session); \OCA\Encryption\Helper::redirectToErrorPage($this->session);

3
apps/files_encryption/lib/util.php
View File

@ -1724,7 +1724,7 @@ class Util {
$session = new \OCA\Encryption\Session($this->view); $session = new \OCA\Encryption\Session($this->view);
// we tried to initialize the encryption app for this session // we tried to initialize the encryption app for this session
$session->setInitialized(true); $session->setInitialized(\OCA\Encryption\Session::INIT_EXECUTED);
$encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']); $encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']);
@ -1737,6 +1737,7 @@ class Util {
} }
$session->setPrivateKey($privateKey); $session->setPrivateKey($privateKey);
$session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
return $session; return $session;
} }

6
apps/files_encryption/templates/invalid_private_key.php
View File

@ -2,9 +2,11 @@
<li class='error'> <li class='error'>
<?php $location = \OC_Helper::linkToRoute( "settings_personal" ).'#changePKPasswd' ?> <?php $location = \OC_Helper::linkToRoute( "settings_personal" ).'#changePKPasswd' ?>
<?php p($l->t('Your private key is not valid! Maybe the your password was changed from outside.')); ?> <?php p($_['message']); ?>
<br/> <br/>
<?php p($l->t('You can unlock your private key in your ')); ?> <a href="<?php echo $location?>"><?php p($l->t('personal settings')); ?>.</a> <?php if($_['init']): ?>
<?php>p($l->t('Go directly to your ')); ?> <a href="<?php echo $location?>"><?php p($l->t('personal settings')); ?>.</a>
<?php endif; ?>
<br/> <br/>
</li> </li>
</ul> </ul>