Merge pull request #13288 from owncloud/enc_fix_public_download

[encryption] fix download of public shared files
This commit is contained in:
Lukas Reschke 2015-01-14 11:55:13 +01:00
commit 64ee942e7d
3 changed files with 14 additions and 25 deletions

View file

@ -47,16 +47,15 @@ class Proxy extends \OC_FileProxy {
* check if path is excluded from encryption
*
* @param string $path relative to data/
* @param string $uid user
* @return boolean
*/
protected function isExcludedPath($path, $uid) {
protected function isExcludedPath($path) {
$view = new \OC\Files\View();
$path = \OC\Files\Filesystem::normalizePath($path);
$normalizedPath = \OC\Files\Filesystem::normalizePath($path);
$parts = explode('/', $path);
$parts = explode('/', $normalizedPath);
// we only encrypt/decrypt files in the files and files_versions folder
if (sizeof($parts) < 3) {
@ -69,18 +68,18 @@ class Proxy extends \OC_FileProxy {
return true;
}
if(
strpos($path, '/' . $uid . '/files/') !== 0 &&
!($parts[2] === 'files' && \OCP\User::userExists($parts[1])) &&
!($parts[2] === 'files_versions' && \OCP\User::userExists($parts[1]))) {
return true;
}
if (!$view->file_exists($path)) {
$path = dirname($path);
if (!$view->file_exists($normalizedPath)) {
$normalizedPath = dirname($normalizedPath);
}
// we don't encrypt server-to-server shares
list($storage, ) = \OC\Files\Filesystem::resolvePath($path);
list($storage, ) = \OC\Files\Filesystem::resolvePath($normalizedPath);
/**
* @var \OCP\Files\Storage $storage
*/
@ -102,17 +101,16 @@ class Proxy extends \OC_FileProxy {
*/
private function shouldEncrypt($path, $mode = 'w') {
$userId = Helper::getUser($path);
// don't call the crypt stream wrapper, if...
if (
Crypt::mode() !== 'server' // we are not in server-side-encryption mode
|| $this->isExcludedPath($path, $userId) // if path is excluded from encryption
|| $this->isExcludedPath($path) // if path is excluded from encryption
|| substr($path, 0, 8) === 'crypt://' // we are already in crypt mode
) {
return false;
}
$userId = Helper::getUser($path);
$view = new \OC\Files\View('');
$util = new Util($view, $userId);

View file

@ -136,7 +136,8 @@ class Stream {
switch ($fileType) {
case Util::FILE_TYPE_FILE:
$this->relPath = Helper::stripUserFilesPath($this->rawPath);
$this->userId = \OC::$server->getUserSession()->getUser()->getUID();
$user = \OC::$server->getUserSession()->getUser();
$this->userId = $user ? $user->getUID() : Helper::getUserFromPath($this->rawPath);
break;
case Util::FILE_TYPE_VERSION:
$this->relPath = Helper::getPathFromVersion($this->rawPath);
@ -145,7 +146,8 @@ class Stream {
case Util::FILE_TYPE_CACHE:
$this->relPath = Helper::getPathFromCachedFile($this->rawPath);
Helper::mkdirr($this->rawPath, new \OC\Files\View('/'));
$this->userId = \OC::$server->getUserSession()->getUser()->getUID();
$user = \OC::$server->getUserSession()->getUser();
$this->userId = $user ? $user->getUID() : Helper::getUserFromPath($this->rawPath);
break;
default:
\OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to "files", "files_versions" or "cache"', \OCP\Util::ERROR);

View file

@ -126,9 +126,7 @@ class Proxy extends TestCase {
$this->view->mkdir(dirname($path));
$this->view->file_put_contents($path, "test");
$testClass = new DummyProxy();
$result = $testClass->isExcludedPathTesting($path, $this->userId);
$result = \Test_Helper::invokePrivate(new \OCA\Files_Encryption\Proxy(), 'isExcludedPath', array($path));
$this->assertSame($expected, $result);
$this->view->deleteAll(dirname($path));
@ -149,12 +147,3 @@ class Proxy extends TestCase {
}
/**
* Dummy class to make protected methods available for testing
*/
class DummyProxy extends \OCA\Files_Encryption\Proxy {
public function isExcludedPathTesting($path, $uid) {
return $this->isExcludedPath($path, $uid);
}
}