Mirrors
/
nextcloud-server
mirror of https://github.com/nextcloud/server
3
0
Fork 0
Code Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22010 Commits
570 Branches
1160 Tags
4.1 GiB
Tree: 8164415b45
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8164415b45'
${ noResults }
nextcloud-server/apps/files_encryption/lib/hooks.php

626 lines
19 KiB
Raw Normal View History

added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
Fixed many coding guidelines issues Continued work on upgrade path via login hook listener New spec file with notes
13 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
harmonize copyright notice
11 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
Fix namespace of files_encryption classes and autoload them
11 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
fix rename of shared files
12 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
fix rename of shared files
12 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
reformat code
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
Squashed commit of the following: commit 1345201c9da99a82f198e41fba24da6b0d7ae59a Author: Björn Schießle <schiessle@owncloud.com> Date: Thu Jun 20 16:27:46 2013 +0200 add l10n support commit bf2c79c8de8710e839a4a55642a91874c374fa1c Author: Björn Schießle <schiessle@owncloud.com> Date: Thu Jun 20 16:19:10 2013 +0200 only init session if openssl extension is loaded commit cbd52af6afbaa310bb1a534db64ff5e476dfd5d7 Author: Björn Schießle <schiessle@owncloud.com> Date: Thu Jun 20 12:25:40 2013 +0200 first disable app and than show error page commit 55baf593179c433642de59552592e6b0f1932880 Author: Björn Schießle <schiessle@owncloud.com> Date: Thu Jun 20 12:17:34 2013 +0200 typo fixed commit 1d9bef0b058e7cc3d511b81ae12d5a07660c75b2 Author: Björn Schießle <schiessle@owncloud.com> Date: Thu Jun 20 12:15:40 2013 +0200 move dependency check to the encryption app commit c186e95da526f0470e20f014f1bd9513db5518ff Author: Björn Schießle <schiessle@owncloud.com> Date: Thu Jun 20 11:13:11 2013 +0200 make sure that openssl is installed and loaded
13 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
remove legacy aka deprecated code: OC_FilesystemView
12 years ago
reformat code
13 years ago
fix login errors while filesystem is not loaded
13 years ago
ceanup encryption code, improved return codes
12 years ago
fix login errors while filesystem is not loaded
13 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
performance improvement, check configuration only if no private key exists
12 years ago
ceanup encryption code, improved return codes
12 years ago
performance improvement, check configuration only if no private key exists
12 years ago
ceanup encryption code, improved return codes
12 years ago
performance improvement, check configuration only if no private key exists
12 years ago
update error message
11 years ago
performance improvement, check configuration only if no private key exists
12 years ago
Don't cache the pkey, skip generation if the keyfile exists
12 years ago
make sure that initial encryption also starts for a fresh installation
12 years ago
reformat code
13 years ago
working decrypt files method
13 years ago
fix for broken tests
13 years ago
Added support for user-specified password for adminRecovery account in admin settings page Made encryptAll() (file migration for unencrypted + legacy encrypted files) run only on first login for each user (status stored in DB) Made recoveryAdmin user member of 'admin' user group automatically Set recoveryadmin settings to only display on user settings if enabled by an admin Updated encryption db xml schema
13 years ago
use number of manipulated rows as idicator if it was possible to enter the migration mode
13 years ago
refuse login as long as the initial encryption is running
12 years ago
only start migration if the encryption was initialized; allow to overwrite keys if no files exists
12 years ago
use number of manipulated rows as idicator if it was possible to enter the migration mode
13 years ago
refuse login as long as the initial encryption is running
12 years ago
don't block login forever if we are stuck in the middle of the initial encryption
12 years ago
use number of manipulated rows as idicator if it was possible to enter the migration mode
13 years ago
reformat code
13 years ago
ceanup encryption code, improved return codes
12 years ago
Added support for user-specified password for adminRecovery account in admin settings page Made encryptAll() (file migration for unencrypted + legacy encrypted files) run only on first login for each user (status stored in DB) Made recoveryAdmin user member of 'admin' user group automatically Set recoveryadmin settings to only display on user settings if enabled by an admin Updated encryption db xml schema
13 years ago
make sure that only one process can enter the migration mode
13 years ago
reformat code
13 years ago
catch errors during initial encryption
12 years ago
Kill legacy encryption migration
12 years ago
catch errors during initial encryption
12 years ago
reformat code
13 years ago
ceanup encryption code, improved return codes
12 years ago
catch errors during initial encryption
12 years ago
ceanup encryption code, improved return codes
12 years ago
catch errors during initial encryption
12 years ago
Added support for user-specified password for adminRecovery account in admin settings page Made encryptAll() (file migration for unencrypted + legacy encrypted files) run only on first login for each user (status stored in DB) Made recoveryAdmin user member of 'admin' user group automatically Set recoveryadmin settings to only display on user settings if enabled by an admin Updated encryption db xml schema
13 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
ceanup encryption code, improved return codes
12 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
added post_createUser hook
13 years ago
add logout hook to remove keys from session
11 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
add logout hook to remove keys from session
11 years ago
reformat code
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
reformat code
13 years ago
added post_createUser hook
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
remove legacy aka deprecated code: OC_FilesystemView
12 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
reformat code
13 years ago
added post_createUser hook
13 years ago
reformat code
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
reformat code
13 years ago
added post_deleteUser hook for cleanup public key
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
change private/public key names for consistency reasons
11 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
reformat code
13 years ago
added post_deleteUser hook for cleanup public key
13 years ago
use pre_setPassword hook to update the encryption keys if the back-end doesn't support password change; improved output to let the admin know what happened
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
use pre_setPassword hook to update the encryption keys if the back-end doesn't support password change; improved output to let the admin know what happened
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
use pre_setPassword hook to update the encryption keys if the back-end doesn't support password change; improved output to let the admin know what happened
13 years ago
reformat code
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Added library phpseclib First implementation of passphrase changing on user pwd change
13 years ago
allow admin to recover users files in case of password lost
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
Added library phpseclib First implementation of passphrase changing on user pwd change
13 years ago
check if the decrypted private key is valid on login and on read/write files
13 years ago
Added library phpseclib First implementation of passphrase changing on user pwd change
13 years ago
replace == with === and replace != with !==
13 years ago
fixed missing parameter
13 years ago
remove legacy aka deprecated code: OC_FilesystemView
12 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
fixed missing parameter
13 years ago
first check if a private key exists, if not it is always a recovery szenario
11 years ago
allow admin to recover users files in case of password lost
13 years ago
first check if a private key exists, if not it is always a recovery szenario
11 years ago
allow admin to recover users files in case of password lost
13 years ago
support aes 256
12 years ago
allow admin to recover users files in case of password lost
13 years ago
support aes 256
12 years ago
allow admin to recover users files in case of password lost
13 years ago
reformat code
13 years ago
allow admin to recover users files in case of password lost
13 years ago
reformat code
13 years ago
allow admin to recover users files in case of password lost
13 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
allow admin to recover users files in case of password lost
13 years ago
only start migration if the encryption was initialized; allow to overwrite keys if no files exists
12 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
only start migration if the encryption was initialized; allow to overwrite keys if no files exists
12 years ago
allow admin to recover users files in case of password lost
13 years ago
create backup from all keys before recovery
11 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
allow admin to recover users files in case of password lost
13 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
reformat code
13 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
allow admin to recover users files in case of password lost
13 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
allow admin to recover users files in case of password lost
13 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
change private/public key names for consistency reasons
11 years ago
allow admin to recover users files in case of password lost
13 years ago
support aes 256
12 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
support aes 256
12 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
allow admin to recover users files in case of password lost
13 years ago
only create new key on password change if a recovery key exists or if the user don't have any private/public keys
12 years ago
allow admin to recover users files in case of password lost
13 years ago
Added library phpseclib First implementation of passphrase changing on user pwd change
13 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
listen to the post_passwordReset hook, backup the old keys and create a new key pair for the user
11 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
added test for failed sharing
13 years ago
Fix PHPDoc in /apps
12 years ago
added test for failed sharing
13 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
fix test and make warning translatable
13 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
change private/public key names for consistency reasons
11 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
cancel sharing if some users doesn't have a working encryption set-up.
13 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
change private/public key names for consistency reasons
11 years ago
cancel sharing if some users doesn't have a working encryption set-up.
13 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
improved tests
13 years ago
cancel sharing if some users doesn't have a working encryption set-up.
13 years ago
fix test and make warning translatable
13 years ago
reformat code
13 years ago
improved error messaging, initial commit
12 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
use right location of the file is the source and not the target it is shared to
13 years ago
update keys recursively if a folder was moved
12 years ago
Adding sharing support: added new method in Keymanager setShareKey() Added notes in proxy{} and stream{} pointing to share support
13 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
fix sharing of folders. First we need to collect all files. Than we need to find all users with access to the file because this can vary from file to file and than we can encrypt it for all recipients
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
use preShare hook only to check if all pub keys are available and the postShare hook to finaly update the shareKeys if the file was shared successfully
13 years ago
some fixes to make the gallery work, this made it necessary to adjust some tests and the encryption code
12 years ago
Made code formatting of new methods more consistent
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
update keys recursively if a folder was moved
12 years ago
fix sharing of folders. First we need to collect all files. Than we need to find all users with access to the file because this can vary from file to file and than we can encrypt it for all recipients
13 years ago
update keys recursively if a folder was moved
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
update keys recursively if a folder was moved
12 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
update keys recursively if a folder was moved
12 years ago
fix share and un-share for single file
13 years ago
update keys recursively if a folder was moved
12 years ago
fix sharing of folders. First we need to collect all files. Than we need to find all users with access to the file because this can vary from file to file and than we can encrypt it for all recipients
13 years ago
update keys recursively if a folder was moved
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
update keys recursively if a folder was moved
12 years ago
Development snapshot Added comments Added methods
13 years ago
Adding sharing support: added new method in Keymanager setShareKey() Added notes in proxy{} and stream{} pointing to share support
13 years ago
reformat code
13 years ago
Adding sharing support: added new method in Keymanager setShareKey() Added notes in proxy{} and stream{} pointing to share support
13 years ago
add owner as parameter for delShareKey
12 years ago
Adding sharing support: added new method in Keymanager setShareKey() Added notes in proxy{} and stream{} pointing to share support
13 years ago
reformat code
13 years ago
handling for re-share and re-unshare should work now
13 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
reformat code
13 years ago
handling for re-share and re-unshare should work now
13 years ago
remove legacy aka deprecated code: OC_FilesystemView
12 years ago
Next step in server-to-server sharing next generation, see #12285 Beside some small improvements and bug fixes this will probably the final state for OC8. To test this you need to set up two ownCloud instances. Let's say: URL: myPC/firstOwnCloud user: user1 URL: myPC/secondOwnCloud user: user2 Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud". The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined. If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.
11 years ago
reformat code
13 years ago
Next step in server-to-server sharing next generation, see #12285 Beside some small improvements and bug fixes this will probably the final state for OC8. To test this you need to set up two ownCloud instances. Let's say: URL: myPC/firstOwnCloud user: user1 URL: myPC/secondOwnCloud user: user2 Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud". The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined. If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.
11 years ago
Made code formatting of new methods more consistent
13 years ago
replace == with === and replace != with !==
13 years ago
Made code formatting of new methods more consistent
13 years ago
if file was shared to user than userIds is just the users Id
13 years ago
Next step in server-to-server sharing next generation, see #12285 Beside some small improvements and bug fixes this will probably the final state for OC8. To test this you need to set up two ownCloud instances. Let's say: URL: myPC/firstOwnCloud user: user1 URL: myPC/secondOwnCloud user: user2 Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud". The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined. If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.
11 years ago
reformat code
13 years ago
Made code formatting of new methods more consistent
13 years ago
get mount point from mount manager
12 years ago
fix for share folder on external storage
13 years ago
fix share and un-share for single file
13 years ago
some fixes to make the gallery work, this made it necessary to adjust some tests and the encryption code
12 years ago
Made code formatting of new methods more consistent
13 years ago
reformat code
13 years ago
Made code formatting of new methods more consistent
13 years ago
reformat code
13 years ago
Made code formatting of new methods more consistent
13 years ago
reformat code
13 years ago
Made code formatting of new methods more consistent
13 years ago
reformat code
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
add owner as parameter for delShareKey
12 years ago
removed dead code for delShareKey
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
Made code formatting of new methods more consistent
13 years ago
reformat code
13 years ago
fix rename of shared files
12 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
check if the old owner and the old path is available
12 years ago
fix rename of shared files
12 years ago
Fix moving share keys as non-owner to subdir This fix gathers the share keys BEFORE a file is moved to make sure that findShareKeys() is able to find all relevant keys when the file still exists. After the move/copy operation the keys are moved/copied to the target dir. Also: refactored preRename and preCopy into a single function to avoid duplicate code.
11 years ago
fix rename of shared files
12 years ago
Adding sharing support: added new method in Keymanager setShareKey() Added notes in proxy{} and stream{} pointing to share support
13 years ago
Fix moving share keys as non-owner to subdir This fix gathers the share keys BEFORE a file is moved to make sure that findShareKeys() is able to find all relevant keys when the file still exists. After the move/copy operation the keys are moved/copied to the target dir. Also: refactored preRename and preCopy into a single function to avoid duplicate code.
11 years ago
make the versions and encryption app aware of the copy operation
12 years ago
Fix moving share keys as non-owner to subdir This fix gathers the share keys BEFORE a file is moved to make sure that findShareKeys() is able to find all relevant keys when the file still exists. After the move/copy operation the keys are moved/copied to the target dir. Also: refactored preRename and preCopy into a single function to avoid duplicate code.
11 years ago
make the versions and encryption app aware of the copy operation
12 years ago
delete old keys if file was moved to a different mount point
11 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
delete old keys if file was moved to a different mount point
11 years ago
make the versions and encryption app aware of the copy operation
12 years ago
Fix moving share keys as non-owner to subdir This fix gathers the share keys BEFORE a file is moved to make sure that findShareKeys() is able to find all relevant keys when the file still exists. After the move/copy operation the keys are moved/copied to the target dir. Also: refactored preRename and preCopy into a single function to avoid duplicate code.
11 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
Fix moving share keys as non-owner to subdir This fix gathers the share keys BEFORE a file is moved to make sure that findShareKeys() is able to find all relevant keys when the file still exists. After the move/copy operation the keys are moved/copied to the target dir. Also: refactored preRename and preCopy into a single function to avoid duplicate code.
11 years ago
delete old keys if file was moved to a different mount point
11 years ago
make the versions and encryption app aware of the copy operation
12 years ago
reformat code
13 years ago
make the versions and encryption app aware of the copy operation
12 years ago
reformat code
13 years ago
make the versions and encryption app aware of the copy operation
12 years ago
backport of https://github.com/owncloud/core/pull/5513
12 years ago
remove legacy aka deprecated code: OC_FilesystemView
12 years ago
reformat code
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
make the versions and encryption app aware of the copy operation
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
update keys recursively if a folder was moved
12 years ago
delete old keys if file was moved to a different mount point
11 years ago
check if the old owner and the old path is available
12 years ago
make sure that the umount hook always contains the path relative to data/user/files
12 years ago
check if the old owner and the old path is available
12 years ago
fix rename of shared files
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
reformat code
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
reformat code
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
small fixes
11 years ago
reformat code
13 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
reformat code
13 years ago
always use oc filesystem for rename operation
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
reformat code
13 years ago
introduce pre-disable-app hook and use it for the encryption app to reset migration status if the app was disabled
13 years ago
improved error messaging, initial commit
12 years ago
introduce pre-disable-app hook and use it for the encryption app to reset migration status if the app was disabled
13 years ago
improved error messaging, initial commit
12 years ago
reduce OC_Preferences, OC_Config and \OCP\Config usage * files_encryption * files_versions * files_trashbin * tests * status.php * core * server container
11 years ago
improved error messaging, initial commit
12 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
introduce pre-disable-app hook and use it for the encryption app to reset migration status if the app was disabled
13 years ago
set the init status to "NOT_INITIALIZED" if the encryption app gets enabled
12 years ago
Update OCA\Encryption to OCA\Files_Encryption in the encryption app itself
11 years ago
set the init status to "NOT_INITIALIZED" if the encryption app gets enabled
12 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
polish documentation based on scrutinizer patches
12 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
polish documentation based on scrutinizer patches
12 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
small fixes
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
move unlink proxy to a hook which handles pre and post conditions
12 years ago
remove encryption keys if user unshares a file
12 years ago
add owner as parameter for delShareKey
12 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
remove encryption keys if user unshares a file
12 years ago
add owner as parameter for delShareKey
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
remove encryption keys if user unshares a file
12 years ago
new folder structure for keys all keys are now in files_encryption/key/path_to_file/filename/ share keys are named: user.shareKey file key is named: fileKey
11 years ago
Next step in server-to-server sharing next generation, see #12285 Beside some small improvements and bug fixes this will probably the final state for OC8. To test this you need to set up two ownCloud instances. Let's say: URL: myPC/firstOwnCloud user: user1 URL: myPC/secondOwnCloud user: user2 Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud". The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined. If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.
11 years ago
remove encryption keys if user unshares a file
12 years ago
added wrapper method in crypt class for encrypting asymmetric and symmetric simultaneously fixed bugs with keymanager integration added unit tests
13 years ago
  1. <?php
  3. /**
  4. * ownCloud
  5. *
  6. * @copyright (C) 2014 ownCloud, Inc.
  7. *
  8. * @author Sam Tuke <samtuke@owncloud.org>
  9. * @author Bjoern Schiessle <schiessle@owncloud.com>
  10. *
  11. * This library is free software; you can redistribute it and/or
  12. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
  13. * License as published by the Free Software Foundation; either
  14. * version 3 of the License, or any later version.
  15. *
  16. * This library is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public
  22. * License along with this library. If not, see <http://www.gnu.org/licenses/>.
  23. *
  24. */
  26. namespace OCA\Files_Encryption;
  28. /**
  29. * Class for hook specific logic
  30. */
  31. class Hooks {
  33. // file for which we want to rename the keys after the rename operation was successful
  34. private static $renamedFiles = array();
  35. // file for which we want to delete the keys after the delete operation was successful
  36. private static $deleteFiles = array();
  37. // file for which we want to delete the keys after the delete operation was successful
  38. private static $unmountedFiles = array();
  40. /**
  41. * Startup encryption backend upon user login
  42. * @note This method should never be called for users using client side encryption
  43. */
  44. public static function login($params) {
  46. if (\OCP\App::isEnabled('files_encryption') === false) {
  47. return true;
  48. }
  51. $l = new \OC_L10N('files_encryption');
  53. $view = new \OC\Files\View('/');
  55. // ensure filesystem is loaded
  56. if (!\OC\Files\Filesystem::$loaded) {
  57. \OC_Util::setupFS($params['uid']);
  58. }
  60. $privateKey = Keymanager::getPrivateKey($view, $params['uid']);
  62. // if no private key exists, check server configuration
  63. if (!$privateKey) {
  64. //check if all requirements are met
  65. if (!Helper::checkRequirements() || !Helper::checkConfiguration()) {
  66. $error_msg = $l->t("Missing requirements.");
  67. $hint = $l->t('Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.');
  68. \OC_App::disable('files_encryption');
  69. \OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR);
  70. \OCP\Template::printErrorPage($error_msg, $hint);
  71. }
  72. }
  74. $util = new Util($view, $params['uid']);
  76. // setup user, if user not ready force relogin
  77. if (Helper::setupUser($util, $params['password']) === false) {
  78. return false;
  79. }
  81. $session = $util->initEncryption($params);
  83. // Check if first-run file migration has already been performed
  84. $ready = false;
  85. $migrationStatus = $util->getMigrationStatus();
  86. if ($migrationStatus === Util::MIGRATION_OPEN && $session !== false) {
  87. $ready = $util->beginMigration();
  88. } elseif ($migrationStatus === Util::MIGRATION_IN_PROGRESS) {
  89. // refuse login as long as the initial encryption is running
  90. sleep(5);
  91. \OCP\User::logout();
  92. return false;
  93. }
  95. $result = true;
  97. // If migration not yet done
  98. if ($ready) {
  100. // Encrypt existing user files
  101. try {
  102. $result = $util->encryptAll('/' . $params['uid'] . '/' . 'files');
  103. } catch (\Exception $ex) {
  104. \OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL);
  105. $result = false;
  106. }
  108. if ($result) {
  109. \OC_Log::write(
  110. 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed'
  111. , \OC_Log::INFO
  112. );
  113. // Register successful migration in DB
  114. $util->finishMigration();
  115. } else {
  116. \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL);
  117. $util->resetMigrationStatus();
  118. \OCP\User::logout();
  119. }
  120. }
  122. return $result;
  123. }
  125. /**
  126. * remove keys from session during logout
  127. */
  128. public static function logout() {
  129. $session = new Session(new \OC\Files\View());
  130. $session->removeKeys();
  131. }
  133. /**
  134. * setup encryption backend upon user created
  135. * @note This method should never be called for users using client side encryption
  136. */
  137. public static function postCreateUser($params) {
  139. if (\OCP\App::isEnabled('files_encryption')) {
  140. $view = new \OC\Files\View('/');
  141. $util = new Util($view, $params['uid']);
  142. Helper::setupUser($util, $params['password']);
  143. }
  144. }
  146. /**
  147. * cleanup encryption backend upon user deleted
  148. * @note This method should never be called for users using client side encryption
  149. */
  150. public static function postDeleteUser($params) {
  152. if (\OCP\App::isEnabled('files_encryption')) {
  153. Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']);
  154. }
  155. }
  157. /**
  158. * If the password can't be changed within ownCloud, than update the key password in advance.
  159. */
  160. public static function preSetPassphrase($params) {
  161. if (\OCP\App::isEnabled('files_encryption')) {
  162. if ( ! \OC_User::canUserChangePassword($params['uid']) ) {
  163. self::setPassphrase($params);
  164. }
  165. }
  166. }
  168. /**
  169. * Change a user's encryption passphrase
  170. * @param array $params keys: uid, password
  171. */
  172. public static function setPassphrase($params) {
  173. if (\OCP\App::isEnabled('files_encryption') === false) {
  174. return true;
  175. }
  177. // Only attempt to change passphrase if server-side encryption
  178. // is in use (client-side encryption does not have access to
  179. // the necessary keys)
  180. if (Crypt::mode() === 'server') {
  182. $view = new \OC\Files\View('/');
  183. $session = new Session($view);
  185. // Get existing decrypted private key
  186. $privateKey = $session->getPrivateKey();
  188. if ($params['uid'] === \OCP\User::getUser() && $privateKey) {
  190. // Encrypt private key with new user pwd as passphrase
  191. $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password'], Helper::getCipher());
  193. // Save private key
  194. if ($encryptedPrivateKey) {
  195. Keymanager::setPrivateKey($encryptedPrivateKey, \OCP\User::getUser());
  196. } else {
  197. \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR);
  198. }
  200. // NOTE: Session does not need to be updated as the
  201. // private key has not changed, only the passphrase
  202. // used to decrypt it has changed
  205. } else { // admin changed the password for a different user, create new keys and reencrypt file keys
  207. $user = $params['uid'];
  208. $util = new Util($view, $user);
  209. $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null;
  211. // we generate new keys if...
  212. // ...we have a recovery password and the user enabled the recovery key
  213. // ...encryption was activated for the first time (no keys exists)
  214. // ...the user doesn't have any files
  215. if (($util->recoveryEnabledForUser() && $recoveryPassword)
  216. || !$util->userKeysExists()
  217. || !$view->file_exists($user . '/files')) {
  219. // backup old keys
  220. $util->backupAllKeys('recovery');
  222. $newUserPassword = $params['password'];
  224. // make sure that the users home is mounted
  225. \OC\Files\Filesystem::initMountPoints($user);
  227. $keypair = Crypt::createKeypair();
  229. // Disable encryption proxy to prevent recursive calls
  230. $proxyStatus = \OC_FileProxy::$enabled;
  231. \OC_FileProxy::$enabled = false;
  233. // Save public key
  234. Keymanager::setPublicKey($keypair['publicKey'], $user);
  236. // Encrypt private key with new password
  237. $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher());
  238. if ($encryptedKey) {
  239. Keymanager::setPrivateKey($encryptedKey, $user);
  241. if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files
  242. $util = new Util($view, $user);
  243. $util->recoverUsersFiles($recoveryPassword);
  244. }
  245. } else {
  246. \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR);
  247. }
  249. \OC_FileProxy::$enabled = $proxyStatus;
  250. }
  251. }
  252. }
  253. }
  255. /**
  256. * after password reset we create a new key pair for the user
  257. *
  258. * @param array $params
  259. */
  260. public static function postPasswordReset($params) {
  261. $uid = $params['uid'];
  262. $password = $params['password'];
  264. $util = new Util(new \OC\Files\View(), $uid);
  265. $util->replaceUserKeys($password);
  266. }
  268. /*
  269. * check if files can be encrypted to every user.
  270. */
  271. /**
  272. * @param array $params
  273. */
  274. public static function preShared($params) {
  276. if (\OCP\App::isEnabled('files_encryption') === false) {
  277. return true;
  278. }
  280. $l = new \OC_L10N('files_encryption');
  281. $users = array();
  282. $view = new \OC\Files\View('/');
  284. switch ($params['shareType']) {
  285. case \OCP\Share::SHARE_TYPE_USER:
  286. $users[] = $params['shareWith'];
  287. break;
  288. case \OCP\Share::SHARE_TYPE_GROUP:
  289. $users = \OC_Group::usersInGroup($params['shareWith']);
  290. break;
  291. }
  293. $notConfigured = array();
  294. foreach ($users as $user) {
  295. if (!Keymanager::publicKeyExists($view, $user)) {
  296. $notConfigured[] = $user;
  297. }
  298. }
  300. if (count($notConfigured) > 0) {
  301. $params['run'] = false;
  302. $params['error'] = $l->t('Following users are not set up for encryption:') . ' ' . join(', ' , $notConfigured);
  303. }
  305. }
  307. /**
  308. * update share keys if a file was shared
  309. */
  310. public static function postShared($params) {
  312. if (\OCP\App::isEnabled('files_encryption') === false) {
  313. return true;
  314. }
  316. if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
  318. $path = \OC\Files\Filesystem::getPath($params['fileSource']);
  320. self::updateKeyfiles($path);
  321. }
  322. }
  324. /**
  325. * update keyfiles and share keys recursively
  326. *
  327. * @param string $path to the file/folder
  328. */
  329. private static function updateKeyfiles($path) {
  330. $view = new \OC\Files\View('/');
  331. $userId = \OCP\User::getUser();
  332. $session = new Session($view);
  333. $util = new Util($view, $userId);
  334. $sharingEnabled = \OCP\Share::isEnabled();
  336. $mountManager = \OC\Files\Filesystem::getMountManager();
  337. $mount = $mountManager->find('/' . $userId . '/files' . $path);
  338. $mountPoint = $mount->getMountPoint();
  340. // if a folder was shared, get a list of all (sub-)folders
  341. if ($view->is_dir('/' . $userId . '/files' . $path)) {
  342. $allFiles = $util->getAllFiles($path, $mountPoint);
  343. } else {
  344. $allFiles = array($path);
  345. }
  347. foreach ($allFiles as $path) {
  348. $usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);
  349. $util->setSharedFileKeyfiles($session, $usersSharing, $path);
  350. }
  351. }
  353. /**
  354. * unshare file/folder from a user with whom you shared the file before
  355. */
  356. public static function postUnshare($params) {
  358. if (\OCP\App::isEnabled('files_encryption') === false) {
  359. return true;
  360. }
  362. if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
  364. $view = new \OC\Files\View('/');
  365. $userId = $params['uidOwner'];
  366. $userView = new \OC\Files\View('/' . $userId . '/files');
  367. $util = new Util($view, $userId);
  368. $path = $userView->getPath($params['fileSource']);
  370. // for group shares get a list of the group members
  371. if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) {
  372. $userIds = \OC_Group::usersInGroup($params['shareWith']);
  373. } else {
  374. if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK || $params['shareType'] === \OCP\Share::SHARE_TYPE_REMOTE) {
  375. $userIds = array($util->getPublicShareKeyId());
  376. } else {
  377. $userIds = array($params['shareWith']);
  378. }
  379. }
  381. $mountManager = \OC\Files\Filesystem::getMountManager();
  382. $mount = $mountManager->find('/' . $userId . '/files' . $path);
  383. $mountPoint = $mount->getMountPoint();
  385. // if we unshare a folder we need a list of all (sub-)files
  386. if ($params['itemType'] === 'folder') {
  387. $allFiles = $util->getAllFiles($path, $mountPoint);
  388. } else {
  389. $allFiles = array($path);
  390. }
  392. foreach ($allFiles as $path) {
  394. // check if the user still has access to the file, otherwise delete share key
  395. $sharingUsers = $util->getSharingUsersArray(true, $path);
  397. // Unshare every user who no longer has access to the file
  398. $delUsers = array_diff($userIds, $sharingUsers);
  399. $keyPath = Keymanager::getKeyPath($view, $util, $path);
  401. // delete share key
  402. Keymanager::delShareKey($view, $delUsers, $keyPath, $userId, $path);
  403. }
  405. }
  406. }
  408. /**
  409. * mark file as renamed so that we know the original source after the file was renamed
  410. * @param array $params with the old path and the new path
  411. */
  412. public static function preRename($params) {
  413. self::preRenameOrCopy($params, 'rename');
  414. }
  416. /**
  417. * mark file as copied so that we know the original source after the file was copied
  418. * @param array $params with the old path and the new path
  419. */
  420. public static function preCopy($params) {
  421. self::preRenameOrCopy($params, 'copy');
  422. }
  424. private static function preRenameOrCopy($params, $operation) {
  425. $user = \OCP\User::getUser();
  426. $view = new \OC\Files\View('/');
  427. $util = new Util($view, $user);
  429. // we only need to rename the keys if the rename happens on the same mountpoint
  430. // otherwise we perform a stream copy, so we get a new set of keys
  431. $mp1 = $view->getMountPoint('/' . $user . '/files/' . $params['oldpath']);
  432. $mp2 = $view->getMountPoint('/' . $user . '/files/' . $params['newpath']);
  434. $oldKeysPath = Keymanager::getKeyPath($view, $util, $params['oldpath']);
  436. if ($mp1 === $mp2) {
  437. self::$renamedFiles[$params['oldpath']] = array(
  438. 'operation' => $operation,
  439. 'oldKeysPath' => $oldKeysPath,
  440. );
  441. } else {
  442. self::$renamedFiles[$params['oldpath']] = array(
  443. 'operation' => 'cleanup',
  444. 'oldKeysPath' => $oldKeysPath,
  445. );
  446. }
  447. }
  449. /**
  450. * after a file is renamed/copied, rename/copy its keyfile and share-keys also fix the file size and fix also the sharing
  451. *
  452. * @param array $params array with oldpath and newpath
  453. */
  454. public static function postRenameOrCopy($params) {
  456. if (\OCP\App::isEnabled('files_encryption') === false) {
  457. return true;
  458. }
  460. $view = new \OC\Files\View('/');
  461. $userId = \OCP\User::getUser();
  462. $util = new Util($view, $userId);
  464. if (isset(self::$renamedFiles[$params['oldpath']]['operation']) &&
  465. isset(self::$renamedFiles[$params['oldpath']]['oldKeysPath'])) {
  466. $operation = self::$renamedFiles[$params['oldpath']]['operation'];
  467. $oldKeysPath = self::$renamedFiles[$params['oldpath']]['oldKeysPath'];
  468. unset(self::$renamedFiles[$params['oldpath']]);
  469. if ($operation === 'cleanup') {
  470. return $view->unlink($oldKeysPath);
  471. }
  472. } else {
  473. \OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::DEBUG);
  474. return false;
  475. }
  477. list($ownerNew, $pathNew) = $util->getUidAndFilename($params['newpath']);
  479. if ($util->isSystemWideMountPoint($pathNew)) {
  480. $newKeysPath = 'files_encryption/keys/' . $pathNew;
  481. } else {
  482. $newKeysPath = $ownerNew . '/files_encryption/keys/' . $pathNew;
  483. }
  485. // create key folders if it doesn't exists
  486. if (!$view->file_exists(dirname($newKeysPath))) {
  487. $view->mkdir(dirname($newKeysPath));
  488. }
  490. $view->$operation($oldKeysPath, $newKeysPath);
  492. // update sharing-keys
  493. self::updateKeyfiles($params['newpath']);
  494. }
  496. /**
  497. * set migration status and the init status back to '0' so that all new files get encrypted
  498. * if the app gets enabled again
  499. * @param array $params contains the app ID
  500. */
  501. public static function preDisable($params) {
  502. if ($params['app'] === 'files_encryption') {
  504. \OC::$server->getConfig()->deleteAppFromAllUsers('files_encryption');
  506. $session = new Session(new \OC\Files\View('/'));
  507. $session->setInitialized(Session::NOT_INITIALIZED);
  508. }
  509. }
  511. /**
  512. * set the init status to 'NOT_INITIALIZED' (0) if the app gets enabled
  513. * @param array $params contains the app ID
  514. */
  515. public static function postEnable($params) {
  516. if ($params['app'] === 'files_encryption') {
  517. $session = new Session(new \OC\Files\View('/'));
  518. $session->setInitialized(Session::NOT_INITIALIZED);
  519. }
  520. }
  522. /**
  523. * if the file was really deleted we remove the encryption keys
  524. * @param array $params
  525. * @return boolean|null
  526. */
  527. public static function postDelete($params) {
  529. $path = $params[\OC\Files\Filesystem::signal_param_path];
  531. if (!isset(self::$deleteFiles[$path])) {
  532. return true;
  533. }
  535. $deletedFile = self::$deleteFiles[$path];
  536. $keyPath = $deletedFile['keyPath'];
  538. // we don't need to remember the file any longer
  539. unset(self::$deleteFiles[$path]);
  541. $view = new \OC\Files\View('/');
  543. // return if the file still exists and wasn't deleted correctly
  544. if ($view->file_exists('/' . \OCP\User::getUser() . '/files/' . $path)) {
  545. return true;
  546. }
  548. // Delete keyfile & shareKey so it isn't orphaned
  549. $view->unlink($keyPath);
  551. }
  553. /**
  554. * remember the file which should be deleted and it's owner
  555. * @param array $params
  556. * @return boolean|null
  557. */
  558. public static function preDelete($params) {
  559. $view = new \OC\Files\View('/');
  560. $path = $params[\OC\Files\Filesystem::signal_param_path];
  562. // skip this method if the trash bin is enabled or if we delete a file
  563. // outside of /data/user/files
  564. if (\OCP\App::isEnabled('files_trashbin')) {
  565. return true;
  566. }
  568. $util = new Util($view, \OCP\USER::getUser());
  570. $keysPath = Keymanager::getKeyPath($view, $util, $path);
  572. self::$deleteFiles[$path] = array(
  573. 'keyPath' => $keysPath);
  574. }
  576. /**
  577. * unmount file from yourself
  578. * remember files/folders which get unmounted
  579. */
  580. public static function preUnmount($params) {
  581. $view = new \OC\Files\View('/');
  582. $user = \OCP\User::getUser();
  583. $path = $params[\OC\Files\Filesystem::signal_param_path];
  585. $util = new Util($view, $user);
  586. list($owner, $ownerPath) = $util->getUidAndFilename($path);
  588. $keysPath = Keymanager::getKeyPath($view, $util, $path);
  590. self::$unmountedFiles[$path] = array(
  591. 'keyPath' => $keysPath,
  592. 'owner' => $owner,
  593. 'ownerPath' => $ownerPath
  594. );
  595. }
  597. /**
  598. * unmount file from yourself
  599. */
  600. public static function postUnmount($params) {
  602. $path = $params[\OC\Files\Filesystem::signal_param_path];
  603. $user = \OCP\User::getUser();
  605. if (!isset(self::$unmountedFiles[$path])) {
  606. return true;
  607. }
  609. $umountedFile = self::$unmountedFiles[$path];
  610. $keyPath = $umountedFile['keyPath'];
  611. $owner = $umountedFile['owner'];
  612. $ownerPath = $umountedFile['ownerPath'];
  614. $view = new \OC\Files\View();
  616. // we don't need to remember the file any longer
  617. unset(self::$unmountedFiles[$path]);
  619. // check if the user still has access to the file, otherwise delete share key
  620. $sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);
  621. if (!in_array($user, $sharingUsers['users'])) {
  622. Keymanager::delShareKey($view, array($user), $keyPath, $owner, $ownerPath);
  623. }
  624. }
  626. }