Add legacy scanning command

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
5 years ago · 2bbb848c31
5 changed files with 145 additions and 1 deletions
--- a/apps/encryption/appinfo/info.xml
+++ b/apps/encryption/appinfo/info.xml
@ -14,7 +14,7 @@
 		Please read the documentation to know all implications before you decide
 		to enable server-side encryption.
 	</description>
-	<version>2.8.0</version>
+	<version>2.8.1</version>
 	<licence>agpl</licence>
 	<author>Bjoern Schiessle</author>
 	<author>Clark Tomlinson</author>
@ -44,6 +44,7 @@
 		<command>OCA\Encryption\Command\EnableMasterKey</command>
 		<command>OCA\Encryption\Command\DisableMasterKey</command>
 		<command>OCA\Encryption\Command\RecoverUser</command>
+		<command>OCA\Encryption\Command\ScanLegacyFormat</command>
 	</commands>

 	<settings>
--- a/apps/encryption/composer/composer/autoload_classmap.php
+++ b/apps/encryption/composer/composer/autoload_classmap.php
@ -10,6 +10,7 @@ return array(
    'OCA\\Encryption\\Command\\DisableMasterKey' => $baseDir . '/../lib/Command/DisableMasterKey.php',
    'OCA\\Encryption\\Command\\EnableMasterKey' => $baseDir . '/../lib/Command/EnableMasterKey.php',
    'OCA\\Encryption\\Command\\RecoverUser' => $baseDir . '/../lib/Command/RecoverUser.php',
+    'OCA\\Encryption\\Command\\ScanLegacyFormat' => $baseDir . '/../lib/Command/ScanLegacyFormat.php',
    'OCA\\Encryption\\Controller\\RecoveryController' => $baseDir . '/../lib/Controller/RecoveryController.php',
    'OCA\\Encryption\\Controller\\SettingsController' => $baseDir . '/../lib/Controller/SettingsController.php',
    'OCA\\Encryption\\Controller\\StatusController' => $baseDir . '/../lib/Controller/StatusController.php',
--- a/apps/encryption/composer/composer/autoload_static.php
+++ b/apps/encryption/composer/composer/autoload_static.php
@ -25,6 +25,7 @@ class ComposerStaticInitEncryption
        'OCA\\Encryption\\Command\\DisableMasterKey' => __DIR__ . '/..' . '/../lib/Command/DisableMasterKey.php',
        'OCA\\Encryption\\Command\\EnableMasterKey' => __DIR__ . '/..' . '/../lib/Command/EnableMasterKey.php',
        'OCA\\Encryption\\Command\\RecoverUser' => __DIR__ . '/..' . '/../lib/Command/RecoverUser.php',
+        'OCA\\Encryption\\Command\\ScanLegacyFormat' => __DIR__ . '/..' . '/../lib/Command/ScanLegacyFormat.php',
        'OCA\\Encryption\\Controller\\RecoveryController' => __DIR__ . '/..' . '/../lib/Controller/RecoveryController.php',
        'OCA\\Encryption\\Controller\\SettingsController' => __DIR__ . '/..' . '/../lib/Controller/SettingsController.php',
        'OCA\\Encryption\\Controller\\StatusController' => __DIR__ . '/..' . '/../lib/Controller/StatusController.php',
--- a/apps/encryption/lib/Command/ScanLegacyFormat.php
+++ b/apps/encryption/lib/Command/ScanLegacyFormat.php
@ -0,0 +1,140 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Encryption\Command;
+
+use OC\Files\View;
+use OCA\Encryption\Util;
+use OCP\IConfig;
+use OCP\IUserManager;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class ScanLegacyFormat extends Command {
+
+	/** @var Util */
+	protected $util;
+
+	/** @var IConfig */
+	protected $config;
+
+	/** @var  QuestionHelper */
+	protected $questionHelper;
+
+	/** @var IUserManager */
+	private $userManager;
+
+	/** @var View */
+	private $rootView;
+
+	/**
+	 * @param Util $util
+	 * @param IConfig $config
+	 * @param QuestionHelper $questionHelper
+	 */
+	public function __construct(Util $util,
+								IConfig $config,
+								QuestionHelper $questionHelper,
+								IUserManager $userManager) {
+		parent::__construct();
+
+		$this->util = $util;
+		$this->config = $config;
+		$this->questionHelper = $questionHelper;
+		$this->userManager = $userManager;
+		$this->rootView = new View();
+	}
+
+	protected function configure() {
+		$this
+			->setName('encryption:scan:legacy-format')
+			->setDescription('Scan the files for the legacy format');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output): int {
+		$result = true;
+
+		$output->writeln('Scanning all files for legacy encryption');
+
+		foreach ($this->userManager->getBackends() as $backend) {
+			$limit = 500;
+			$offset = 0;
+			do {
+				$users = $backend->getUsers('', $limit, $offset);
+				foreach ($users as $user) {
+					$output->writeln('Scanning all files for ' . $user);
+					$this->setupUserFS($user);
+					$result &= $this->scanFolder($output, '/' . $user);
+				}
+				$offset += $limit;
+			} while (count($users) >= $limit);
+		}
+
+		if ($result) {
+			$output->writeln('All scanned files are propperly encrypted. You can disable the legacy compatibility mode.');
+			return 0;
+		}
+
+		return 1;
+	}
+
+	private function scanFolder(OutputInterface $output, string $folder): bool {
+		$clean = true;
+
+		foreach ($this->rootView->getDirectoryContent($folder) as $item) {
+			$path = $folder . '/' . $item['name'];
+			if ($this->rootView->is_dir($path)) {
+				if ($this->scanFolder($output, $path) === false) {
+					$clean = false;
+				}
+			} else {
+				if (!$item->isEncrypted()) {
+					// ignore
+					continue;
+				}
+
+				$stats = $this->rootView->stat($path);
+				if (!isset($stats['hasHeader']) || $stats['hasHeader'] === false) {
+					$clean = false;
+					$output->writeln($path . ' does not have a proper header');
+				}
+			}
+		}
+
+		return $clean;
+	}
+
+	/**
+	 * setup user file system
+	 *
+	 * @param string $uid
+	 */
+	protected function setupUserFS($uid) {
+		\OC_Util::tearDownFS();
+		\OC_Util::setupFS($uid);
+	}
+}
--- a/lib/private/Files/Storage/Wrapper/Encryption.php
+++ b/lib/private/Files/Storage/Wrapper/Encryption.php
@ -818,6 +818,7 @@ class Encryption extends Wrapper {
 		$fileSize = $this->filesize($path);
 		$stat['size'] = $fileSize;
 		$stat[7] = $fileSize;
+		$stat['hasHeader'] = $this->getHeaderSize($path) > 0;
 		return $stat;
 	}