mirror of
https://github.com/nextcloud/server.git
synced 2026-02-03 20:41:22 -05:00
caff1023ea
To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
297 lines
8.1 KiB
PHP
297 lines
8.1 KiB
PHP
<?php
|
|
/**
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
*
|
|
* @author Bjoern Schiessle <bjoern@schiessle.org>
|
|
* @author Björn Schießle <bjoern@schiessle.org>
|
|
* @author Christian Jürges <christian@eqipe.ch>
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
|
* @author Joas Schilling <coding@schilljs.com>
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
|
* @author sammo2828 <sammo2828@gmail.com>
|
|
* @author Vincent Petry <pvince81@owncloud.com>
|
|
*
|
|
* @license AGPL-3.0
|
|
*
|
|
* This code is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
* as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
*
|
|
*/
|
|
|
|
namespace OC\Encryption;
|
|
|
|
use OC\Encryption\Exceptions\DecryptionFailedException;
|
|
use OC\Files\View;
|
|
use OCP\Encryption\IEncryptionModule;
|
|
use OCP\IUserManager;
|
|
use Symfony\Component\Console\Helper\ProgressBar;
|
|
use Symfony\Component\Console\Input\InputInterface;
|
|
use Symfony\Component\Console\Output\OutputInterface;
|
|
|
|
class DecryptAll {
|
|
|
|
/** @var OutputInterface */
|
|
protected $output;
|
|
|
|
/** @var InputInterface */
|
|
protected $input;
|
|
|
|
/** @var Manager */
|
|
protected $encryptionManager;
|
|
|
|
/** @var IUserManager */
|
|
protected $userManager;
|
|
|
|
/** @var View */
|
|
protected $rootView;
|
|
|
|
/** @var array files which couldn't be decrypted */
|
|
protected $failed;
|
|
|
|
/**
|
|
* @param Manager $encryptionManager
|
|
* @param IUserManager $userManager
|
|
* @param View $rootView
|
|
*/
|
|
public function __construct(
|
|
Manager $encryptionManager,
|
|
IUserManager $userManager,
|
|
View $rootView
|
|
) {
|
|
$this->encryptionManager = $encryptionManager;
|
|
$this->userManager = $userManager;
|
|
$this->rootView = $rootView;
|
|
$this->failed = [];
|
|
}
|
|
|
|
/**
|
|
* start to decrypt all files
|
|
*
|
|
* @param InputInterface $input
|
|
* @param OutputInterface $output
|
|
* @param string $user which users data folder should be decrypted, default = all users
|
|
* @return bool
|
|
* @throws \Exception
|
|
*/
|
|
public function decryptAll(InputInterface $input, OutputInterface $output, $user = '') {
|
|
$this->input = $input;
|
|
$this->output = $output;
|
|
|
|
if ($user !== '' && $this->userManager->userExists($user) === false) {
|
|
$this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again');
|
|
return false;
|
|
}
|
|
|
|
$this->output->writeln('prepare encryption modules...');
|
|
if ($this->prepareEncryptionModules($user) === false) {
|
|
return false;
|
|
}
|
|
$this->output->writeln(' done.');
|
|
|
|
$this->decryptAllUsersFiles($user);
|
|
|
|
if (empty($this->failed)) {
|
|
$this->output->writeln('all files could be decrypted successfully!');
|
|
} else {
|
|
$this->output->writeln('Files for following users couldn\'t be decrypted, ');
|
|
$this->output->writeln('maybe the user is not set up in a way that supports this operation: ');
|
|
foreach ($this->failed as $uid => $paths) {
|
|
$this->output->writeln(' ' . $uid);
|
|
foreach ($paths as $path) {
|
|
$this->output->writeln(' ' . $path);
|
|
}
|
|
}
|
|
$this->output->writeln('');
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* prepare encryption modules to perform the decrypt all function
|
|
*
|
|
* @param $user
|
|
* @return bool
|
|
*/
|
|
protected function prepareEncryptionModules($user) {
|
|
// prepare all encryption modules for decrypt all
|
|
$encryptionModules = $this->encryptionManager->getEncryptionModules();
|
|
foreach ($encryptionModules as $moduleDesc) {
|
|
/** @var IEncryptionModule $module */
|
|
$module = call_user_func($moduleDesc['callback']);
|
|
$this->output->writeln('');
|
|
$this->output->writeln('Prepare "' . $module->getDisplayName() . '"');
|
|
$this->output->writeln('');
|
|
if ($module->prepareDecryptAll($this->input, $this->output, $user) === false) {
|
|
$this->output->writeln('Module "' . $moduleDesc['displayName'] . '" does not support the functionality to decrypt all files again or the initialization of the module failed!');
|
|
return false;
|
|
}
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* iterate over all user and encrypt their files
|
|
*
|
|
* @param string $user which users files should be decrypted, default = all users
|
|
*/
|
|
protected function decryptAllUsersFiles($user = '') {
|
|
$this->output->writeln("\n");
|
|
|
|
$userList = [];
|
|
if ($user === '') {
|
|
$fetchUsersProgress = new ProgressBar($this->output);
|
|
$fetchUsersProgress->setFormat(" %message% \n [%bar%]");
|
|
$fetchUsersProgress->start();
|
|
$fetchUsersProgress->setMessage("Fetch list of users...");
|
|
$fetchUsersProgress->advance();
|
|
|
|
foreach ($this->userManager->getBackends() as $backend) {
|
|
$limit = 500;
|
|
$offset = 0;
|
|
do {
|
|
$users = $backend->getUsers('', $limit, $offset);
|
|
foreach ($users as $user) {
|
|
$userList[] = $user;
|
|
}
|
|
$offset += $limit;
|
|
$fetchUsersProgress->advance();
|
|
} while (count($users) >= $limit);
|
|
$fetchUsersProgress->setMessage("Fetch list of users... finished");
|
|
$fetchUsersProgress->finish();
|
|
}
|
|
} else {
|
|
$userList[] = $user;
|
|
}
|
|
|
|
$this->output->writeln("\n\n");
|
|
|
|
$progress = new ProgressBar($this->output);
|
|
$progress->setFormat(" %message% \n [%bar%]");
|
|
$progress->start();
|
|
$progress->setMessage("starting to decrypt files...");
|
|
$progress->advance();
|
|
|
|
$numberOfUsers = count($userList);
|
|
$userNo = 1;
|
|
foreach ($userList as $uid) {
|
|
$userCount = "$uid ($userNo of $numberOfUsers)";
|
|
$this->decryptUsersFiles($uid, $progress, $userCount);
|
|
$userNo++;
|
|
}
|
|
|
|
$progress->setMessage("starting to decrypt files... finished");
|
|
$progress->finish();
|
|
|
|
$this->output->writeln("\n\n");
|
|
}
|
|
|
|
/**
|
|
* encrypt files from the given user
|
|
*
|
|
* @param string $uid
|
|
* @param ProgressBar $progress
|
|
* @param string $userCount
|
|
*/
|
|
protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) {
|
|
$this->setupUserFS($uid);
|
|
$directories = [];
|
|
$directories[] = '/' . $uid . '/files';
|
|
|
|
while ($root = array_pop($directories)) {
|
|
$content = $this->rootView->getDirectoryContent($root);
|
|
foreach ($content as $file) {
|
|
// only decrypt files owned by the user
|
|
if ($file->getStorage()->instanceOfStorage('OCA\Files_Sharing\SharedStorage')) {
|
|
continue;
|
|
}
|
|
$path = $root . '/' . $file['name'];
|
|
if ($this->rootView->is_dir($path)) {
|
|
$directories[] = $path;
|
|
continue;
|
|
} else {
|
|
try {
|
|
$progress->setMessage("decrypt files for user $userCount: $path");
|
|
$progress->advance();
|
|
if ($file->isEncrypted() === false) {
|
|
$progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
|
|
$progress->advance();
|
|
} else {
|
|
if ($this->decryptFile($path) === false) {
|
|
$progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
|
|
$progress->advance();
|
|
}
|
|
}
|
|
} catch (\Exception $e) {
|
|
if (isset($this->failed[$uid])) {
|
|
$this->failed[$uid][] = $path;
|
|
} else {
|
|
$this->failed[$uid] = [$path];
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* encrypt file
|
|
*
|
|
* @param string $path
|
|
* @return bool
|
|
*/
|
|
protected function decryptFile($path) {
|
|
|
|
// skip already decrypted files
|
|
$fileInfo = $this->rootView->getFileInfo($path);
|
|
if ($fileInfo !== false && !$fileInfo->isEncrypted()) {
|
|
return true;
|
|
}
|
|
|
|
$source = $path;
|
|
$target = $path . '.decrypted.' . $this->getTimestamp();
|
|
|
|
try {
|
|
$this->rootView->copy($source, $target);
|
|
$this->rootView->touch($target, $fileInfo->getMTime());
|
|
$this->rootView->rename($target, $source);
|
|
} catch (DecryptionFailedException $e) {
|
|
if ($this->rootView->file_exists($target)) {
|
|
$this->rootView->unlink($target);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* get current timestamp
|
|
*
|
|
* @return int
|
|
*/
|
|
protected function getTimestamp() {
|
|
return time();
|
|
}
|
|
|
|
|
|
/**
|
|
* setup user file system
|
|
*
|
|
* @param string $uid
|
|
*/
|
|
protected function setupUserFS($uid) {
|
|
\OC_Util::tearDownFS();
|
|
\OC_Util::setupFS($uid);
|
|
}
|
|
}
|