skip user if we don't have a public key
This commit is contained in:
parent
d308ec4f0e
commit
4ef9df8750
3 changed files with 87 additions and 1 deletions
|
@ -94,10 +94,12 @@ class Application extends \OCP\AppFramework\App {
|
|||
public function registerEncryptionModule() {
|
||||
$container = $this->getContainer();
|
||||
|
||||
|
||||
$this->encryptionManager->registerEncryptionModule(
|
||||
Encryption::ID,
|
||||
Encryption::DISPLAY_NAME,
|
||||
function() use ($container) {
|
||||
|
||||
return new Encryption(
|
||||
$container->query('Crypt'),
|
||||
$container->query('KeyManager'),
|
||||
|
@ -105,6 +107,7 @@ class Application extends \OCP\AppFramework\App {
|
|||
$container->getServer()->getLogger()
|
||||
);
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
public function registerServices() {
|
||||
|
|
|
@ -25,6 +25,7 @@
|
|||
namespace OCA\Encryption\Crypto;
|
||||
|
||||
|
||||
use OCA\Encryption\Exceptions\PublicKeyMissingException;
|
||||
use OCA\Encryption\Util;
|
||||
use OCP\Encryption\IEncryptionModule;
|
||||
use OCA\Encryption\KeyManager;
|
||||
|
@ -67,6 +68,7 @@ class Encryption implements IEncryptionModule {
|
|||
/** @var Util */
|
||||
private $util;
|
||||
|
||||
|
||||
/** @var ILogger */
|
||||
private $logger;
|
||||
|
||||
|
@ -161,6 +163,9 @@ class Encryption implements IEncryptionModule {
|
|||
* @param string $path to the file
|
||||
* @return string remained data which should be written to the file in case
|
||||
* of a write operation
|
||||
* @throws PublicKeyMissingException
|
||||
* @throws \Exception
|
||||
* @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
|
||||
*/
|
||||
public function end($path) {
|
||||
$result = '';
|
||||
|
@ -171,7 +176,16 @@ class Encryption implements IEncryptionModule {
|
|||
}
|
||||
$publicKeys = array();
|
||||
foreach ($this->accessList['users'] as $uid) {
|
||||
try {
|
||||
$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
|
||||
} catch (PublicKeyMissingException $e) {
|
||||
$this->logger->warning('no public key found for user \'' . $uid .
|
||||
'\', user will not be able to read the file', array('app' => 'encryption'));
|
||||
// if the public key of the owner is missing we should fail
|
||||
if ($uid === $this->user) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys);
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
|
||||
namespace OCA\Encryption\Tests\Crypto;
|
||||
|
||||
use OCA\Encryption\Exceptions\PublicKeyMissingException;
|
||||
use Test\TestCase;
|
||||
use OCA\Encryption\Crypto\Encryption;
|
||||
|
||||
|
@ -63,6 +64,74 @@ class EncryptionTest extends TestCase {
|
|||
$this->utilMock,
|
||||
$this->loggerMock
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* test if public key from one of the recipients is missing
|
||||
*/
|
||||
public function testEndUser1() {
|
||||
$this->instance->begin('/foo/bar', 'user1', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
|
||||
$this->endTest();
|
||||
}
|
||||
|
||||
/**
|
||||
* test if public key from owner is missing
|
||||
*
|
||||
* @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException
|
||||
*/
|
||||
public function testEndUser2() {
|
||||
$this->instance->begin('/foo/bar', 'user2', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
|
||||
$this->endTest();
|
||||
}
|
||||
|
||||
/**
|
||||
* common part of testEndUser1 and testEndUser2
|
||||
*
|
||||
* @throws PublicKeyMissingException
|
||||
*/
|
||||
public function endTest() {
|
||||
// prepare internal variables
|
||||
$class = get_class($this->instance);
|
||||
$module = new \ReflectionClass($class);
|
||||
$isWriteOperation = $module->getProperty('isWriteOperation');
|
||||
$writeCache = $module->getProperty('writeCache');
|
||||
$isWriteOperation->setAccessible(true);
|
||||
$writeCache->setAccessible(true);
|
||||
$isWriteOperation->setValue($this->instance, true);
|
||||
$writeCache->setValue($this->instance, '');
|
||||
$isWriteOperation->setAccessible(false);
|
||||
$writeCache->setAccessible(false);
|
||||
|
||||
$this->keyManagerMock->expects($this->any())
|
||||
->method('getPublicKey')
|
||||
->will($this->returnCallback([$this, 'getPublicKeyCallback']));
|
||||
$this->keyManagerMock->expects($this->any())
|
||||
->method('addSystemKeys')
|
||||
->will($this->returnCallback([$this, 'addSystemKeysCallback']));
|
||||
$this->cryptMock->expects($this->any())
|
||||
->method('multiKeyEncrypt')
|
||||
->willReturn(true);
|
||||
$this->cryptMock->expects($this->any())
|
||||
->method('setAllFileKeys')
|
||||
->willReturn(true);
|
||||
|
||||
$this->instance->end('/foo/bar');
|
||||
}
|
||||
|
||||
|
||||
public function getPublicKeyCallback($uid) {
|
||||
if ($uid === 'user2') {
|
||||
throw new PublicKeyMissingException($uid);
|
||||
}
|
||||
return $uid;
|
||||
}
|
||||
|
||||
public function addSystemKeysCallback($accessList, $publicKeys) {
|
||||
$this->assertSame(2, count($publicKeys));
|
||||
$this->assertArrayHasKey('user1', $publicKeys);
|
||||
$this->assertArrayHasKey('user3', $publicKeys);
|
||||
return $publicKeys;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue