allow the user to login but do not allow upload and show error message on the web

12 years ago · e9d1ea712c
parent 2e3bfdb12c
commit e9d1ea712c
3 changed files with 26 additions and 7 deletions
--- a/apps/files_encryption/appinfo/app.php
+++ b/apps/files_encryption/appinfo/app.php
@ -28,9 +28,10 @@ if (OCP\User::isLoggedIn()) {
 	$view = new OC_FilesystemView('/');
 	$session = new \OCA\Encryption\Session($view);

+	$user = \OCP\USER::getUser();
 	// check if user has a private key
 	if (
-		!$session->getPrivateKey(\OCP\USER::getUser())
+		!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
 		&& OCA\Encryption\Crypt::mode() === 'server'
 	) {

--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@ -62,13 +62,13 @@ class Hooks {
 		if(is_resource($res)) {
 			$sslInfo = openssl_pkey_get_details($res);
 			if(!isset($sslInfo['key'])) {
-				$privateKey = null;
+				$privateKey = false;
 			}
 		} else {
-			$privateKey = null;
+			$privateKey = false;
 		}

-		if($privateKey === null) {
+		if($privateKey === false) {
 			\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
 		}

--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@ -236,7 +236,11 @@ class Stream {
 			// if there is no valid private key return false
 			if($privateKey === false) {

-				\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
+				if(\OC_Util::isCallRegistered()) {
+					$l = \OC_L10N::get('core');
+					\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
+					throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
+				}

 				return false;
 			}
@ -433,6 +437,22 @@ class Stream {

 		$this->flush();

+		$view = new \OC_FilesystemView('/');
+		$session = new \OCA\Encryption\Session( $this->rootView );
+		$privateKey = $session->getPrivateKey($this->userId);
+
+		// if there is no valid private key return false
+		if($privateKey === false) {
+
+			if(\OC_Util::isCallRegistered()) {
+				$l = \OC_L10N::get('core');
+				\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
+				throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
+			}
+
+			return false;
+		}
+
 		if (
 			$this->meta['mode'] !== 'r'
 			and $this->meta['mode'] !== 'rb'
@ -459,8 +479,6 @@ class Stream {
 			// Encrypt enc key for all sharing users
 			$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);

-			$view = new \OC_FilesystemView('/');
-
 			// Save the new encrypted file key
 			Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);