/**
* Tests that filterShareReadyUsers() returns the correct list of
* users that are ready or not ready for encryption
*/
public function testFilterShareReadyUsers()
{
$appConfig = \OC::$server->getAppConfig();
$publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId');
$recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId');
$usersToTest = array('readyUser', 'notReadyUser', 'nonExistingUser', $publicShareKeyId, $recoveryKeyId);
self::loginHelper('readyUser', true);
self::loginHelper('notReadyUser', true);
// delete encryption dir to make it not ready
$this->view->unlink('notReadyUser/files_encryption/');
// login as user1
self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);
$result = $this->util->filterShareReadyUsers($usersToTest);
$this->assertEquals(array('readyUser', $publicShareKeyId, $recoveryKeyId), $result['ready']);
$this->assertEquals(array('notReadyUser', 'nonExistingUser'), $result['unready']);
\OC_User::deleteUser('readyUser');
}
/**
* @return bool
*/
public function stream_close()
{
$this->flush();
// if there is no valid private key return false
if ($this->privateKey === false) {
// cleanup
if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && !$this->isLocalTmpFile) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) {
fclose($this->handle);
$this->rootView->unlink($this->rawPath);
}
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
// if private key is not valid redirect user to a error page
Helper::redirectToErrorPage($this->session);
}
if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && $this->isLocalTmpFile === false && $this->size > 0 && $this->unencryptedSize > 0) {
// only write keyfiles if it was a new file
if ($this->newFile === true) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Fetch user's public key
$this->publicKey = Keymanager::getPublicKey($this->rootView, $this->keyId);
// Check if OC sharing api is enabled
$sharingEnabled = \OCP\Share::isEnabled();
// Get all users sharing the file includes current user
$uniqueUserIds = $this->util->getSharingUsersArray($sharingEnabled, $this->relPath);
$checkedUserIds = $this->util->filterShareReadyUsers($uniqueUserIds);
// Fetch public keys for all sharing users
$publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']);
// Encrypt enc key for all sharing users
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
// Save the new encrypted file key
Keymanager::setFileKey($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['data']);
// Save the sharekeys
Keymanager::setShareKeys($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['keys']);
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
// we need to update the file info for the real file, not for the
// part file.
$path = Helper::stripPartialFileExtension($this->rawPath);
$fileInfo = array('mimetype' => $this->rootView->getMimeType($this->rawPath), 'encrypted' => true, 'unencrypted_size' => $this->unencryptedSize);
// if we write a part file we also store the unencrypted size for
// the part file so that it can be re-used later
$this->rootView->putFileInfo($this->rawPath, $fileInfo);
if ($path !== $this->rawPath) {
$this->rootView->putFileInfo($path, $fileInfo);
}
}
$result = fclose($this->handle);
if ($result === false) {
\OCP\Util::writeLog('Encryption library', 'Could not close stream, file could be corrupted', \OCP\Util::FATAL);
}
return $result;
}
