open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

handle system wide mount points

Browse Source
remotes/origin/stable6
Björn Schießle 13 years ago
parent 9c855f7b3d
commit 3e4dcafa89
2 changed files with 62 additions and 17 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 49
      apps/files_encryption/lib/keymanager.php
  2. 30
      apps/files_encryption/lib/util.php

49
apps/files_encryption/lib/keymanager.php
Unescape View File

@ -126,7 +126,12 @@ class Keymanager {
$util = new Util($view, \OCP\User::getUser());
list($owner, $filename) = $util->getUidAndFilename($path);
$basePath = '/' . $owner . '/files_encryption/keyfiles';
// in case of system wide mount points the keys are stored directly in the data directory
if (self::isSystemWideMountPoint($filename)) {
$basePath = '/files_encryption/keyfiles';
} else {
$basePath = '/' . $owner . '/files_encryption/keyfiles';
}
$targetPath = self::keySetPreparation($view, $filename, $basePath, $owner);
@ -233,7 +238,12 @@ class Keymanager {
list($owner, $filename) = $util->getUidAndFilename($filePath);
$filePath_f = ltrim($filename, '/');
$keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
// in case of system wide mount points the keys are stored directly in the data directory
if (self::isSystemWideMountPoint($filename)) {
$keyfilePath = '/files_encryption/keyfiles/' . $filePath_f . '.key';
} else {
$keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
}
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
@ -341,19 +351,20 @@ class Keymanager {
list($owner, $filename) = $util->getUidAndFilename($path);
$basePath = '/' . $owner . '/files_encryption/share-keys';
// in case of system wide mount points the keys are stored directly in the data directory
if (self::isSystemWideMountPoint($filename)) {
$basePath = '/files_encryption/share-keys';
} else {
$basePath = '/' . $owner . '/files_encryption/share-keys';
}
$shareKeyPath = self::keySetPreparation($view, $filename, $basePath, $owner);
// try reusing key file if part file
if (self::isPartialFilePath($shareKeyPath)) {
$writePath = $basePath . '/' . self::fixPartialFilePath($shareKeyPath) . '.' . $userId . '.shareKey';
} else {
$writePath = $basePath . '/' . $shareKeyPath . '.' . $userId . '.shareKey';
}
$proxyStatus = \OC_FileProxy::$enabled;
@ -440,8 +451,13 @@ class Keymanager {
$util = new Util($view, \OCP\User::getUser());
list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = \OC\Files\Filesystem::normalizePath(
'/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
// in case of system wide mount points the keys are stored directly in the data directory
if (self::isSystemWideMountPoint($filename)) {
$shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
} else {
$shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
}
if ($view->file_exists($shareKeyPath)) {
@ -568,4 +584,19 @@ class Keymanager {
return $targetPath;
}
/**
* @brief check if the file is stored on a system wide mount point
* @param $path relative to /data/user with leading '/'
* @return boolean
*/
private static function isSystemWideMountPoint($path) {
$mount = OC_Mount_Config::getSystemMountPoints();
foreach ($mount as $mountPoint => $data) {
if ($mountPoint == substr($path, 1, strlen($mountPoint))) {
return true;
}
}
return false;
}
}

30
apps/files_encryption/lib/util.php
Unescape View File

@ -992,13 +992,9 @@ class Util {
\OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled')
&& $this->recoveryEnabledForUser()
) {
$recoveryEnabled = true;
} else {
$recoveryEnabled = false;
}
// Make sure that a share key is generated for the owner too
@ -1019,20 +1015,24 @@ class Util {
// If recovery is enabled, add the
// Admin UID to list of users to share to
if ($recoveryEnabled) {
// Find recoveryAdmin user ID
$recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
// Add recoveryAdmin to list of users sharing
$userIds[] = $recoveryKeyId;
}
// add current user if given
if ($currentUserId !== false) {
$userIds[] = $currentUserId;
}
// check if it is a group mount
$mount = OC_Mount_Config::getSystemMountPoints();
foreach ($mount as $mountPoint => $data) {
if ($mountPoint == substr($ownerPath, 1, strlen($mountPoint))) {
$userIds = array_merge($userIds,
$this->getUserWithAccessToMountPoint($data['applicable']['users'], $data['applicable']['groups']));
}
}
// Remove duplicate UIDs
@ -1042,6 +1042,20 @@ class Util {
}
private function getUserWithAccessToMountPoint($users, $groups) {
$result = array();
if (in_array('all', $users)) {
$result = \OCP\User::getUsers();
} else {
$result = array_merge($result, $users);
foreach ($groups as $group) {
$result = array_merge($result, \OC_Group::usersInGroup($group));
}
}
return $result;
}
/**
* @brief start migration mode to initially encrypt users data
* @return boolean

Write Preview
Loading…
Cancel
Save