update keys recursively if a folder was moved

3 files changed, 92 insertions, 25 deletions

diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index 07502cd121a..8666e482d56 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -330,7 +330,6 @@ class Hooks {
 		if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {

 

 			$view = new \OC_FilesystemView('/');

-			$session = new \OCA\Encryption\Session($view);

 			$userId = \OCP\User::getUser();

 			$util = new Util($view, $userId);

 			$path = $util->fileIdToPath($params['itemSource']);

@@ -387,25 +386,41 @@ class Hooks {
 				}

 			}

 

-			$sharingEnabled = \OCP\Share::isEnabled();

-

 			// get the path including mount point only if not a shared folder

 			if (strncmp($path, '/Shared', strlen('/Shared') !== 0)) {

 				// get path including the the storage mount point

 				$path = $util->getPathWithMountPoint($params['itemSource']);

 			}

 

-			// if a folder was shared, get a list of all (sub-)folders

-			if ($params['itemType'] === 'folder') {

-				$allFiles = $util->getAllFiles($path);

-			} else {

-				$allFiles = array($path);

-			}

+			self::updateKeyfiles($path, $params['itemType']);

+		}

+	}

 

-			foreach ($allFiles as $path) {

-				$usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);

-				$util->setSharedFileKeyfiles($session, $usersSharing, $path);

-			}

+	/**

+	 * update keyfiles and share keys recursively

+	 *

+	 * @param string $path to the file/folder

+	 * @param string $type 'file' or 'folder'

+	 */

+	private static function updateKeyfiles($path, $type) {

+

+		$view = new \OC_FilesystemView('/');

+		$session = new \OCA\Encryption\Session($view);

+		$userId = \OCP\User::getUser();

+		$util = new Util($view, $userId);

+

+		$sharingEnabled = \OCP\Share::isEnabled();

+

+		// if a folder was shared, get a list of all (sub-)folders

+		if ($type === 'folder') {

+			$allFiles = $util->getAllFiles($path);

+		} else {

+			$allFiles = array($path);

+		}

+

+		foreach ($allFiles as $path) {

+			$usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);

+			$util->setSharedFileKeyfiles($session, $usersSharing, $path);

 		}

 	}

 

@@ -512,10 +527,12 @@ class Hooks {
 		// otherwise we perform a stream copy, so we get a new set of keys

 		$mp1 = $view->getMountPoint('/' . $user . '/files/' . $params['oldpath']);

 		$mp2 = $view->getMountPoint('/' . $user . '/files/' . $params['newpath']);

+		$type = $view->is_dir('/' . $user . '/files/' . $params['oldpath']) ? 'folder' : 'file';

 		if ($mp1 === $mp2) {

 			self::$renamedFiles[$params['oldpath']] = array(

 				'uid' => $ownerOld,

-				'path' => $pathOld);

+				'path' => $pathOld,

+				'type' => $type);

 		}

 	}

 

@@ -537,7 +554,6 @@ class Hooks {
 		\OC_FileProxy::$enabled = false;

 

 		$view = new \OC_FilesystemView('/');

-		$session = new \OCA\Encryption\Session($view);

 		$userId = \OCP\User::getUser();

 		$util = new Util($view, $userId);

 

@@ -545,6 +561,8 @@ class Hooks {
 				isset(self::$renamedFiles[$params['oldpath']]['path'])) {

 			$ownerOld = self::$renamedFiles[$params['oldpath']]['uid'];

 			$pathOld = self::$renamedFiles[$params['oldpath']]['path'];

+			$type = self::$renamedFiles[$params['oldpath']]['type'];

+			unset(self::$renamedFiles[$params['oldpath']]);

 		} else {

 			\OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::ERROR);

 			return false;

@@ -570,7 +588,7 @@ class Hooks {
 		}

 

 		// add key ext if this is not an folder

-		if (!$view->is_dir($oldKeyfilePath)) {

+		if ($type === 'file') {

 			$oldKeyfilePath .= '.key';

 			$newKeyfilePath .= '.key';

 

@@ -614,16 +632,10 @@ class Hooks {
 		// build the path to the file

 		$newPath = '/' . $ownerNew . '/files' . $pathNew;

 

-		if ($util->fixFileSize($newPath)) {

-			// get sharing app state

-			$sharingEnabled = \OCP\Share::isEnabled();

-

-			// get users

-			$usersSharing = $util->getSharingUsersArray($sharingEnabled, $pathNew);

+		$util->fixFileSize($newPath);

 

-			// update sharing-keys

-			$util->setSharedFileKeyfiles($session, $usersSharing, $pathNew);

-		}

+		// update sharing-keys

+		self::updateKeyfiles($params['newpath'], $type);

 

 		\OC_FileProxy::$enabled = $proxyStatus;

 	}

diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 743f042614e..a0d2f5ae8ae 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -1141,6 +1141,10 @@ class Util {
 		// Re-enc keyfile to (additional) sharekeys
 		$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
 
+		if ($multiEncKey === false) {
+			return false;
+		}
+
 		// Save the recrypted key to it's owner's keyfiles directory
 		// Save new sharekeys to all necessary user directory
 		if (
diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php
index 489244a3f69..5506ea6ec92 100755
--- a/apps/files_encryption/tests/share.php
+++ b/apps/files_encryption/tests/share.php
@@ -1020,4 +1020,55 @@ class Test_Encryption_Share extends \PHPUnit_Framework_TestCase {
 		$this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
 	}
 
+	/**
+	 * test if additional share keys are added if we move a folder to a shared parent
+	 * @medium
+	 */
+	function testMoveFolder() {
+
+		// login as admin
+		\Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
+
+		$view = new \OC\Files\View('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
+
+		$filename = '/tmp-' . uniqid();
+		$folder = '/folder' . uniqid();
+
+		\OC\Files\Filesystem::mkdir($folder);
+
+		// Save long data as encrypted file using stream wrapper
+		$cryptedFile = \OC\Files\Filesystem::file_put_contents($folder . $filename, $this->dataShort);
+
+		// Test that data was successfully written
+		$this->assertTrue(is_int($cryptedFile));
+
+		// Get file decrypted contents
+		$decrypt = \OC\Files\Filesystem::file_get_contents($folder . $filename);
+
+		$this->assertEquals($this->dataShort, $decrypt);
+
+		$newFolder = '/newfolder/subfolder' . uniqid();
+		\OC\Files\Filesystem::mkdir('/newfolder');
+
+		// get the file info from previous created file
+		$fileInfo = \OC\Files\Filesystem::getFileInfo('/newfolder');
+		$this->assertTrue(is_array($fileInfo));
+
+		// share the folder
+		\OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, OCP\PERMISSION_ALL);
+
+		\OC\Files\Filesystem::rename($folder, $newFolder);
+
+		// Get file decrypted contents
+		$newDecrypt = \OC\Files\Filesystem::file_get_contents($newFolder . $filename);
+		$this->assertEquals($this->dataShort, $newDecrypt);
+
+		// check if additional share key for user2 exists
+		$this->assertTrue($view->file_exists('files_encryption/share-keys' . $newFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
+
+		// tear down
+		\OC\Files\Filesystem::unlink($newFolder);
+		\OC\Files\Filesystem::unlink('/newfolder');
+	}
+
 }