Skip to content

Commit

Permalink
Refactors encryption app commands.
Browse files Browse the repository at this point in the history
To improve code readability.

Signed-off-by: Faraz Samapoor <[email protected]>
  • Loading branch information
Faraz Samapoor authored and fsamapoor committed Sep 18, 2023
1 parent cf73440 commit 8f430de
Show file tree
Hide file tree
Showing 7 changed files with 57 additions and 162 deletions.
32 changes: 8 additions & 24 deletions apps/encryption/lib/Command/DisableMasterKey.php
Original file line number Diff line number Diff line change
Expand Up @@ -33,31 +33,15 @@
use Symfony\Component\Console\Question\ConfirmationQuestion;

class DisableMasterKey extends Command {

/** @var Util */
protected $util;

/** @var IConfig */
protected $config;

/** @var QuestionHelper */
protected $questionHelper;

/**
* @param Util $util
* @param IConfig $config
* @param QuestionHelper $questionHelper
*/
public function __construct(Util $util,
IConfig $config,
QuestionHelper $questionHelper) {
$this->util = $util;
$this->config = $config;
$this->questionHelper = $questionHelper;
public function __construct(
protected Util $util,
protected IConfig $config,
protected QuestionHelper $questionHelper,
) {
parent::__construct();
}

protected function configure() {
protected function configure(): void {
$this
->setName('encryption:disable-master-key')
->setDescription('Disable the master key and use per-user keys instead. Only available for fresh installations with no existing encrypted data! There is no way to enable it again.');
Expand All @@ -80,9 +64,9 @@ protected function execute(InputInterface $input, OutputInterface $output): int
$output->writeln('Master key successfully disabled.');
} else {
$output->writeln('aborted.');
return 1;
return self::FAILURE;
}
}
return 0;
return self::SUCCESS;
}
}
4 changes: 2 additions & 2 deletions apps/encryption/lib/Command/DropLegacyFileKey.php
Original file line number Diff line number Diff line change
Expand Up @@ -75,10 +75,10 @@ protected function execute(InputInterface $input, OutputInterface $output): int

if ($result) {
$output->writeln('All scanned files are properly encrypted.');
return 0;
return self::SUCCESS;
}

return 1;
return self::FAILURE;
}

private function scanFolder(OutputInterface $output, string $folder): bool {
Expand Down
32 changes: 8 additions & 24 deletions apps/encryption/lib/Command/EnableMasterKey.php
Original file line number Diff line number Diff line change
Expand Up @@ -32,31 +32,15 @@
use Symfony\Component\Console\Question\ConfirmationQuestion;

class EnableMasterKey extends Command {

/** @var Util */
protected $util;

/** @var IConfig */
protected $config;

/** @var QuestionHelper */
protected $questionHelper;

/**
* @param Util $util
* @param IConfig $config
* @param QuestionHelper $questionHelper
*/
public function __construct(Util $util,
IConfig $config,
QuestionHelper $questionHelper) {
$this->util = $util;
$this->config = $config;
$this->questionHelper = $questionHelper;
public function __construct(
protected Util $util,
protected IConfig $config,
protected QuestionHelper $questionHelper,
) {
parent::__construct();
}

protected function configure() {
protected function configure(): void {
$this
->setName('encryption:enable-master-key')
->setDescription('Enable the master key. Only available for fresh installations with no existing encrypted data! There is also no way to disable it again.');
Expand All @@ -76,9 +60,9 @@ protected function execute(InputInterface $input, OutputInterface $output): int
$output->writeln('Master key successfully enabled.');
} else {
$output->writeln('aborted.');
return 1;
return self::FAILURE;
}
}
return 0;
return self::SUCCESS;
}
}
20 changes: 9 additions & 11 deletions apps/encryption/lib/Command/FixEncryptedVersion.php
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
use Symfony\Component\Console\Output\OutputInterface;

class FixEncryptedVersion extends Command {
private bool $supportLegacy;
private bool $supportLegacy = false;

public function __construct(
private IConfig $config,
Expand All @@ -49,8 +49,6 @@ public function __construct(
private Util $util,
private View $view,
) {
$this->supportLegacy = false;

parent::__construct();
}

Expand Down Expand Up @@ -83,12 +81,12 @@ protected function execute(InputInterface $input, OutputInterface $output): int

if ($skipSignatureCheck) {
$output->writeln("<error>Repairing is not possible when \"encryption_skip_signature_check\" is set. Please disable this flag in the configuration.</error>\n");
return 1;
return self::FAILURE;
}

if (!$this->util->isMasterKeyEnabled()) {
$output->writeln("<error>Repairing only works with master key encryption.</error>\n");
return 1;
return self::FAILURE;
}

$user = $input->getArgument('user');
Expand All @@ -98,12 +96,12 @@ protected function execute(InputInterface $input, OutputInterface $output): int
if ($user) {
if ($all) {
$output->writeln("Specifying a user id and --all are mutually exclusive");
return 1;
return self::FAILURE;
}

if ($this->userManager->get($user) === null) {
$output->writeln("<error>User id $user does not exist. Please provide a valid user id</error>");
return 1;
return self::FAILURE;
}

return $this->runForUser($user, $pathOption, $output);
Expand All @@ -117,7 +115,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
return $result;
} else {
$output->writeln("Either a user id or --all needs to be provided");
return 1;
return self::FAILURE;
}
}

Expand All @@ -136,13 +134,13 @@ private function walkPathOfUser(string $user, string $path, OutputInterface $out
$this->setupUserFs($user);
if (!$this->view->file_exists($path)) {
$output->writeln("<error>Path \"$path\" does not exist. Please provide a valid path.</error>");
return 1;
return self::FAILURE;
}

if ($this->view->is_file($path)) {
$output->writeln("Verifying the content of file \"$path\"");
$this->verifyFileContent($path, $output);
return 0;
return self::SUCCESS;
}
$directories = [];
$directories[] = $path;
Expand All @@ -158,7 +156,7 @@ private function walkPathOfUser(string $user, string $path, OutputInterface $out
}
}
}
return 0;
return self::SUCCESS;
}

/**
Expand Down
46 changes: 7 additions & 39 deletions apps/encryption/lib/Command/FixKeyLocation.php
Original file line number Diff line number Diff line change
Expand Up @@ -43,25 +43,17 @@
use Symfony\Component\Console\Output\OutputInterface;

class FixKeyLocation extends Command {
private IUserManager $userManager;
private IUserMountCache $userMountCache;
private Util $encryptionUtil;
private IRootFolder $rootFolder;
private string $keyRootDirectory;
private View $rootView;
private Manager $encryptionManager;

public function __construct(
IUserManager $userManager,
IUserMountCache $userMountCache,
Util $encryptionUtil,
IRootFolder $rootFolder,
IManager $encryptionManager
private IUserManager $userManager,
private IUserMountCache $userMountCache,
private Util $encryptionUtil,
private IRootFolder $rootFolder,
IManager $encryptionManager,
) {
$this->userManager = $userManager;
$this->userMountCache = $userMountCache;
$this->encryptionUtil = $encryptionUtil;
$this->rootFolder = $rootFolder;
$this->keyRootDirectory = rtrim($this->encryptionUtil->getKeyStorageRoot(), '/');
$this->rootView = new View();
if (!$encryptionManager instanceof Manager) {
Expand Down Expand Up @@ -89,7 +81,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
$user = $this->userManager->get($userId);
if (!$user) {
$output->writeln("<error>User $userId not found</error>");
return 1;
return self::FAILURE;
}

\OC_Util::setupFS($user->getUID());
Expand Down Expand Up @@ -173,7 +165,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
}
}

return 0;
return self::SUCCESS;
}

private function getUserRelativePath(string $path): string {
Expand All @@ -186,7 +178,6 @@ private function getUserRelativePath(string $path): string {
}

/**
* @param IUser $user
* @return ICachedMountInfo[]
*/
private function getSystemMountsForUser(IUser $user): array {
Expand All @@ -201,7 +192,6 @@ private function getSystemMountsForUser(IUser $user): array {
/**
* Get all files in a folder which are marked as encrypted
*
* @param Folder $folder
* @return \Generator<File>
*/
private function getAllEncryptedFiles(Folder $folder) {
Expand Down Expand Up @@ -242,10 +232,6 @@ private function hasUserKey(IUser $user, Node $node): bool {

/**
* Check that the user key stored for a file can decrypt the file
*
* @param IUser $user
* @param File $node
* @return bool
*/
private function copyUserKeyToSystemAndValidate(IUser $user, File $node): bool {
$path = trim(substr($node->getPath(), strlen($user->getUID()) + 1), '/');
Expand Down Expand Up @@ -282,7 +268,6 @@ private function tryReadFile(File $node): bool {
/**
* Get the contents of a file without decrypting it
*
* @param File $node
* @return resource
*/
private function openWithoutDecryption(File $node, string $mode) {
Expand Down Expand Up @@ -310,9 +295,6 @@ private function openWithoutDecryption(File $node, string $mode) {

/**
* Check if the data stored for a file is encrypted, regardless of it's metadata
*
* @param File $node
* @return bool
*/
private function isDataEncrypted(File $node): bool {
$handle = $this->openWithoutDecryption($node, 'r');
Expand All @@ -325,9 +307,6 @@ private function isDataEncrypted(File $node): bool {

/**
* Attempt to find a key (stored for user) for a file (that needs a system key) even when it's not stored in the expected location
*
* @param File $node
* @return string
*/
private function findUserKeyForSystemFile(IUser $user, File $node): ?string {
$userKeyPath = $this->getUserBaseKeyPath($user);
Expand All @@ -343,8 +322,6 @@ private function findUserKeyForSystemFile(IUser $user, File $node): ?string {
/**
* Attempt to find a key for a file even when it's not stored in the expected location
*
* @param string $basePath
* @param string $name
* @return \Generator<string>
*/
private function findKeysByFileName(string $basePath, string $name) {
Expand All @@ -371,11 +348,6 @@ private function findKeysByFileName(string $basePath, string $name) {

/**
* Test if the provided key is valid as a system key for the file
*
* @param IUser $user
* @param string $key
* @param File $node
* @return bool
*/
private function testSystemKey(IUser $user, string $key, File $node): bool {
$systemKeyPath = $this->getSystemKeyPath($node);
Expand All @@ -393,10 +365,6 @@ private function testSystemKey(IUser $user, string $key, File $node): bool {

/**
* Decrypt a file with the specified system key and mark the key as not-encrypted
*
* @param File $node
* @param string $key
* @return void
*/
private function decryptWithSystemKey(File $node, string $key): void {
$storage = $node->getStorage();
Expand Down
Loading

0 comments on commit 8f430de

Please sign in to comment.