diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 812f1042a8..6275047252 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -201,7 +201,8 @@ class Application extends \OCP\AppFramework\App { $c->query('KeyManager'), $c->query('Crypt'), $c->query('Session'), - $server->getSession() + $server->getSession(), + $c->query('Util') ); }); diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php index 8fa163d075..260337361e 100644 --- a/apps/encryption/appinfo/routes.php +++ b/apps/encryption/appinfo/routes.php @@ -35,6 +35,11 @@ namespace OCA\Encryption\AppInfo; 'url' => '/ajax/updatePrivateKeyPassword', 'verb' => 'POST' ], + [ + 'name' => 'Settings#setEncryptHomeStorage', + 'url' => '/ajax/setEncryptHomeStorage', + 'verb' => 'POST' + ], [ 'name' => 'Recovery#changeRecoveryPassword', 'url' => '/ajax/changeRecoveryPassword', diff --git a/apps/encryption/controller/settingscontroller.php b/apps/encryption/controller/settingscontroller.php index e5bb79a1d4..59e23087b3 100644 --- a/apps/encryption/controller/settingscontroller.php +++ b/apps/encryption/controller/settingscontroller.php @@ -25,6 +25,7 @@ namespace OCA\Encryption\Controller; use OCA\Encryption\Crypto\Crypt; use OCA\Encryption\KeyManager; use OCA\Encryption\Session; +use OCA\Encryption\Util; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; @@ -57,6 +58,9 @@ class SettingsController extends Controller { /** @var ISession */ private $ocSession; + /** @var Util */ + private $util; + /** * @param string $AppName * @param IRequest $request @@ -67,6 +71,7 @@ class SettingsController extends Controller { * @param Crypt $crypt * @param Session $session * @param ISession $ocSession + * @param Util $util */ public function __construct($AppName, IRequest $request, @@ -76,7 +81,9 @@ class SettingsController extends Controller { KeyManager $keyManager, Crypt $crypt, Session $session, - ISession $ocSession) { + ISession $ocSession, + Util $util +) { parent::__construct($AppName, $request); $this->l = $l10n; $this->userSession = $userSession; @@ -85,6 +92,7 @@ class SettingsController extends Controller { $this->crypt = $crypt; $this->session = $session; $this->ocSession = $ocSession; + $this->util = $util; } @@ -143,4 +151,15 @@ class SettingsController extends Controller { } } + + /** + * @UseSession + * + * @param bool $encryptHomeStorage + * @return DataResponse + */ + public function setEncryptHomeStorage($encryptHomeStorage) { + $this->util->setEncryptHomeStorage($encryptHomeStorage); + return new DataResponse(); + } } diff --git a/apps/encryption/js/settings-admin.js b/apps/encryption/js/settings-admin.js index 39923718c2..9b00a4ec62 100644 --- a/apps/encryption/js/settings-admin.js +++ b/apps/encryption/js/settings-admin.js @@ -76,4 +76,13 @@ $(document).ready(function () { }); }); + $('#encryptHomeStorage').change(function() { + $.post( + OC.generateUrl('/apps/encryption/ajax/setEncryptHomeStorage'), + { + encryptHomeStorage: this.checked + } + ); + }); + }); diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 1a05277e20..d1140ce7cd 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -378,6 +378,12 @@ class Encryption implements IEncryptionModule { * @return boolean */ public function shouldEncrypt($path) { + if ($this->util->shouldEncryptHomeStorage() === false) { + $storage = $this->util->getStorage($path); + if ($storage->instanceOfStorage('\OCP\Files\IHomeStorage')) { + return false; + } + } $parts = explode('/', $path); if (count($parts) < 4) { return false; diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php index a162dcde30..62c9dc6dc5 100644 --- a/apps/encryption/lib/util.php +++ b/apps/encryption/lib/util.php @@ -94,11 +94,40 @@ class Util { $recoveryMode = $this->config->getUserValue($uid, 'encryption', 'recoveryEnabled', - 0); + '0'); return ($recoveryMode === '1'); } + /** + * check if the home storage should be encrypted + * + * @return bool + */ + public function shouldEncryptHomeStorage() { + $encryptHomeStorage = $this->config->getAppValue( + 'encryption', + 'encryptHomeStorage', + '1' + ); + + return ($encryptHomeStorage === '1'); + } + + /** + * check if the home storage should be encrypted + * + * @param bool $encryptHomeStorage + */ + public function setEncryptHomeStorage($encryptHomeStorage) { + $value = $encryptHomeStorage ? '1' : '0'; + $this->config->setAppValue( + 'encryption', + 'encryptHomeStorage', + $value + ); + } + /** * check if master key is enabled * @@ -157,4 +186,15 @@ class Util { return $owner; } + /** + * get storage of path + * + * @param string $path + * @return \OC\Files\Storage\Storage + */ + public function getStorage($path) { + $storage = $this->files->getMount($path)->getStorage(); + return $storage; + } + } diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php index c7ac8c09c6..8d55d587fe 100644 --- a/apps/encryption/settings/settings-admin.php +++ b/apps/encryption/settings/settings-admin.php @@ -25,12 +25,27 @@ $tmpl = new OCP\Template('encryption', 'settings-admin'); +$crypt = new \OCA\Encryption\Crypto\Crypt( + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); + +$util = new \OCA\Encryption\Util( + new \OC\Files\View(), + $crypt, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig(), + \OC::$server->getUserManager()); + // Check if an adminRecovery account is enabled for recovering files after lost pwd $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled', '0'); $session = new \OCA\Encryption\Session(\OC::$server->getSession()); +$encryptHomeStorage = $util->shouldEncryptHomeStorage($user); $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); $tmpl->assign('initStatus', $session->getStatus()); +$tmpl->assign('encryptHomeStorage', $encryptHomeStorage); return $tmpl->fetchPage(); diff --git a/apps/encryption/templates/settings-admin.php b/apps/encryption/templates/settings-admin.php index 81c7f0607d..e55aba6757 100644 --- a/apps/encryption/templates/settings-admin.php +++ b/apps/encryption/templates/settings-admin.php @@ -9,56 +9,63 @@ style('encryption', 'settings-admin'); t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> -

- t("Enable recovery key")) : p($l->t("Disable recovery key")); ?> - -
- - t("The recovery key is an extra encryption key that is used to encrypt files. It allows recovery of a user's files if the user forgets his or her password.")) ?> - -
- "/> - "/> - " - value="t("Enable recovery key")) : p($l->t("Disable recovery key")); ?>"/> -

-

- -

> - t("Change recovery key password:")); ?> - -
- "/> +

+ /> +
+ t( "Enabling this option encrypts all files stored on the main storage, otherwise only files on external storage will be encrypted" ) ); ?> +


- "/> - "/> +

+ t("Enable recovery key")) : p($l->t("Disable recovery key")); ?> + +
+ + t("The recovery key is an extra encryption key that is used to encrypt files. It allows recovery of a user's files if the user forgets his or her password.")) ?> + +
+ "/> + "/> + " + value="t("Enable recovery key")) : p($l->t("Disable recovery key")); ?>"/> +

+

- -

+ +

diff --git a/apps/encryption/tests/controller/SettingsControllerTest.php b/apps/encryption/tests/controller/SettingsControllerTest.php index 724a01522a..3b30e61a45 100644 --- a/apps/encryption/tests/controller/SettingsControllerTest.php +++ b/apps/encryption/tests/controller/SettingsControllerTest.php @@ -56,6 +56,9 @@ class SettingsControllerTest extends TestCase { /** @var \PHPUnit_Framework_MockObject_MockObject */ private $ocSessionMock; + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $utilMock; + protected function setUp() { parent::setUp(); @@ -106,6 +109,10 @@ class SettingsControllerTest extends TestCase { $this->sessionMock = $this->getMockBuilder('OCA\Encryption\Session') ->disableOriginalConstructor()->getMock(); + $this->utilMock = $this->getMockBuilder('OCA\Encryption\Util') + ->disableOriginalConstructor() + ->getMock(); + $this->controller = new SettingsController( 'encryption', $this->requestMock, @@ -115,7 +122,8 @@ class SettingsControllerTest extends TestCase { $this->keyManagerMock, $this->cryptMock, $this->sessionMock, - $this->ocSessionMock + $this->ocSessionMock, + $this->utilMock ); } @@ -234,4 +242,10 @@ class SettingsControllerTest extends TestCase { $data['message']); } + function testSetEncryptHomeStorage() { + $value = true; + $this->utilMock->expects($this->once())->method('setEncryptHomeStorage')->with($value); + $this->controller->setEncryptHomeStorage($value); + } + } diff --git a/apps/encryption/tests/lib/UtilTest.php b/apps/encryption/tests/lib/UtilTest.php index 723cc9fb91..d55b6b50b3 100644 --- a/apps/encryption/tests/lib/UtilTest.php +++ b/apps/encryption/tests/lib/UtilTest.php @@ -39,6 +39,9 @@ class UtilTest extends TestCase { /** @var \PHPUnit_Framework_MockObject_MockObject */ private $userManagerMock; + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $mountMock; + /** @var Util */ private $instance; @@ -65,6 +68,7 @@ class UtilTest extends TestCase { protected function setUp() { parent::setUp(); + $this->mountMock = $this->getMock('\OCP\Files\Mount\IMountPoint'); $this->filesMock = $this->getMock('OC\Files\View'); $this->userManagerMock = $this->getMock('\OCP\IUserManager'); @@ -151,4 +155,52 @@ class UtilTest extends TestCase { ]; } + /** + * @dataProvider dataTestShouldEncryptHomeStorage + * @param $returnValue return value from getAppValue() + * @param $expected + */ + public function testShouldEncryptHomeStorage($returnValue, $expected) { + $this->configMock->expects($this->once())->method('getAppValue') + ->with('encryption', 'encryptHomeStorage', '1') + ->willReturn($returnValue); + + $this->assertSame($expected, + $this->instance->shouldEncryptHomeStorage()); + } + + public function dataTestShouldEncryptHomeStorage() { + return [ + ['1', true], + ['0', false] + ]; + } + + /** + * @dataProvider dataTestSetEncryptHomeStorage + * @param $value + * @param $expected + */ + public function testSetEncryptHomeStorage($value, $expected) { + $this->configMock->expects($this->once())->method('setAppValue') + ->with('encryption', 'encryptHomeStorage', $expected); + $this->instance->setEncryptHomeStorage($value); + } + + public function dataTestSetEncryptHomeStorage() { + return [ + [true, '1'], + [false, '0'] + ]; + } + + public function testGetStorage() { + $path = '/foo/bar.txt'; + $this->filesMock->expects($this->once())->method('getMount')->with($path) + ->willReturn($this->mountMock); + $this->mountMock->expects($this->once())->method('getStorage')->willReturn(true); + + $this->assertTrue($this->instance->getStorage($path)); + } + } diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php index f76bdfb6d6..138c1bc944 100644 --- a/apps/encryption/tests/lib/crypto/encryptionTest.php +++ b/apps/encryption/tests/lib/crypto/encryptionTest.php @@ -55,9 +55,14 @@ class EncryptionTest extends TestCase { /** @var \PHPUnit_Framework_MockObject_MockObject */ private $l10nMock; + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $storageMock; + public function setUp() { parent::setUp(); + $this->storageMock = $this->getMockBuilder('OCP\Files\Storage') + ->disableOriginalConstructor()->getMock(); $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') ->disableOriginalConstructor() ->getMock(); @@ -312,7 +317,17 @@ class EncryptionTest extends TestCase { * * @dataProvider dataTestShouldEncrypt */ - public function testShouldEncrypt($path, $expected) { + public function testShouldEncrypt($path, $shouldEncryptHomeStorage, $isHomeStorage, $expected) { + $this->utilMock->expects($this->once())->method('shouldEncryptHomeStorage') + ->willReturn($shouldEncryptHomeStorage); + + if ($shouldEncryptHomeStorage === false) { + $this->storageMock->expects($this->once())->method('instanceOfStorage') + ->with('\OCP\Files\IHomeStorage')->willReturn($isHomeStorage); + $this->utilMock->expects($this->once())->method('getStorage')->with($path) + ->willReturn($this->storageMock); + } + $this->assertSame($expected, $this->instance->shouldEncrypt($path) ); @@ -320,14 +335,17 @@ class EncryptionTest extends TestCase { public function dataTestShouldEncrypt() { return array( - array('/user1/files/foo.txt', true), - array('/user1/files_versions/foo.txt', true), - array('/user1/files_trashbin/foo.txt', true), - array('/user1/some_folder/foo.txt', false), - array('/user1/foo.txt', false), - array('/user1/files', false), - array('/user1/files_trashbin', false), - array('/user1/files_versions', false), + array('/user1/files/foo.txt', true, true, true), + array('/user1/files_versions/foo.txt', true, true, true), + array('/user1/files_trashbin/foo.txt', true, true, true), + array('/user1/some_folder/foo.txt', true, true, false), + array('/user1/foo.txt', true, true, false), + array('/user1/files', true, true, false), + array('/user1/files_trashbin', true, true, false), + array('/user1/files_versions', true, true, false), + // test if shouldEncryptHomeStorage is set to false + array('/user1/files/foo.txt', false, true, false), + array('/user1/files_versions/foo.txt', false, false, true), ); }