From 284823d1470666b4fc4c73470e191bf02f126be6 Mon Sep 17 00:00:00 2001 From: Matthieu Gallien Date: Wed, 15 Mar 2023 15:16:18 +0100 Subject: [PATCH 1/3] maintain e2ee state even if the server does not support e2ee might be that the server previously supported e2ee and e2ee folders exist so we have to fetch the info to properly handle it on client Signed-off-by: Matthieu Gallien --- src/gui/folderstatusmodel.cpp | 14 ++++++-------- src/gui/folderwizard.cpp | 6 ++---- src/gui/selectivesyncdialog.cpp | 6 ++---- src/libsync/discoveryphase.cpp | 6 ++---- src/libsync/owncloudpropagator.cpp | 7 +------ 5 files changed, 13 insertions(+), 26 deletions(-) diff --git a/src/gui/folderstatusmodel.cpp b/src/gui/folderstatusmodel.cpp index 08b4276fbd09e..ea013dfee9b4e 100644 --- a/src/gui/folderstatusmodel.cpp +++ b/src/gui/folderstatusmodel.cpp @@ -613,14 +613,12 @@ void FolderStatusModel::fetchMore(const QModelIndex &parent) const auto job = new LsColJob(_accountState->account(), path); info->_fetchingJob = job; - auto props = QList() << "resourcetype" - << "http://owncloud.org/ns:size" - << "http://owncloud.org/ns:permissions" - << "http://nextcloud.org/ns:is-mount-root" - << "http://owncloud.org/ns:fileid"; - if (_accountState->account()->capabilities().clientSideEncryptionAvailable()) { - props << "http://nextcloud.org/ns:is-encrypted"; - } + const auto props = QList() << "resourcetype" + << "http://owncloud.org/ns:size" + << "http://owncloud.org/ns:permissions" + << "http://nextcloud.org/ns:is-mount-root" + << "http://owncloud.org/ns:fileid" + << "http://nextcloud.org/ns:is-encrypted"; job->setProperties(props); job->setTimeout(60 * 1000); diff --git a/src/gui/folderwizard.cpp b/src/gui/folderwizard.cpp index 1aaf3d7861276..7b4d35ba03f36 100644 --- a/src/gui/folderwizard.cpp +++ b/src/gui/folderwizard.cpp @@ -466,10 +466,8 @@ void FolderWizardRemotePath::slotTypedPathFound(const QStringList &subpaths) LsColJob *FolderWizardRemotePath::runLsColJob(const QString &path) { auto *job = new LsColJob(_account, path); - auto props = QList() << "resourcetype"; - if (_account->capabilities().clientSideEncryptionAvailable()) { - props << "http://nextcloud.org/ns:is-encrypted"; - } + const auto props = QList() << "resourcetype" + << "http://nextcloud.org/ns:is-encrypted"; job->setProperties(props); connect(job, &LsColJob::directoryListingSubfolders, this, &FolderWizardRemotePath::slotUpdateDirectories); diff --git a/src/gui/selectivesyncdialog.cpp b/src/gui/selectivesyncdialog.cpp index b7f6fdbcd2c6f..af8deeb90c7d7 100644 --- a/src/gui/selectivesyncdialog.cpp +++ b/src/gui/selectivesyncdialog.cpp @@ -109,10 +109,8 @@ void SelectiveSyncWidget::refreshFolders() auto *job = new LsColJob(_account, _folderPath); auto props = QList() << "resourcetype" - << "http://owncloud.org/ns:size"; - if (_account->capabilities().clientSideEncryptionAvailable()) { - props << "http://nextcloud.org/ns:is-encrypted"; - } + << "http://owncloud.org/ns:size" + << "http://nextcloud.org/ns:is-encrypted"; job->setProperties(props); connect(job, &LsColJob::directoryListingSubfolders, this, &SelectiveSyncWidget::slotUpdateDirectories); diff --git a/src/libsync/discoveryphase.cpp b/src/libsync/discoveryphase.cpp index 2f1b67c4881a3..c08cd8261a64b 100644 --- a/src/libsync/discoveryphase.cpp +++ b/src/libsync/discoveryphase.cpp @@ -399,7 +399,8 @@ void DiscoverySingleDirectoryJob::start() << "http://owncloud.org/ns:downloadURL" << "http://owncloud.org/ns:dDC" << "http://owncloud.org/ns:permissions" - << "http://owncloud.org/ns:checksums"; + << "http://owncloud.org/ns:checksums" + << "http://nextcloud.org/ns:is-encrypted"; if (_isRootPath) props << "http://owncloud.org/ns:data-fingerprint"; @@ -407,9 +408,6 @@ void DiscoverySingleDirectoryJob::start() // Server older than 10.0 have performances issue if we ask for the share-types on every PROPFIND props << "http://owncloud.org/ns:share-types"; } - if (_account->capabilities().clientSideEncryptionAvailable()) { - props << "http://nextcloud.org/ns:is-encrypted"; - } if (_account->capabilities().filesLockAvailable()) { props << "http://nextcloud.org/ns:lock" << "http://nextcloud.org/ns:lock-owner-displayname" diff --git a/src/libsync/owncloudpropagator.cpp b/src/libsync/owncloudpropagator.cpp index b3e1a834f51a1..4f41e124ed202 100644 --- a/src/libsync/owncloudpropagator.cpp +++ b/src/libsync/owncloudpropagator.cpp @@ -315,10 +315,6 @@ void PropagateItemJob::slotRestoreJobFinished(SyncFileItem::Status status) bool PropagateItemJob::hasEncryptedAncestor() const { - if (!propagator()->account()->capabilities().clientSideEncryptionAvailable()) { - return false; - } - SyncJournalFileRecord rec; return propagator()->_journal->findEncryptedAncestorForRecord(_item->_file, &rec) && rec.isValid() && rec.isE2eEncrypted(); @@ -1098,8 +1094,7 @@ bool OwncloudPropagator::isDelayedUploadItem(const SyncFileItemPtr &item) const const auto accountPtr = account(); - if (!accountPtr->capabilities().clientSideEncryptionAvailable() || - !parentRec.isValid() || + if (!parentRec.isValid() || !parentRec.isE2eEncrypted()) { return false; } From a270dca344145fb08998ff0ee977ed3636bf1d85 Mon Sep 17 00:00:00 2001 From: Matthieu Gallien Date: Wed, 15 Mar 2023 15:17:48 +0100 Subject: [PATCH 2/3] do not allow to select e2ee folders if the server support is missing Signed-off-by: Matthieu Gallien --- src/gui/folderstatusmodel.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/gui/folderstatusmodel.cpp b/src/gui/folderstatusmodel.cpp index ea013dfee9b4e..f5cae7b110429 100644 --- a/src/gui/folderstatusmodel.cpp +++ b/src/gui/folderstatusmodel.cpp @@ -135,6 +135,9 @@ Qt::ItemFlags FolderStatusModel::flags(const QModelIndex &index) const return Qt::ItemIsEnabled; case SubFolder: if (supportsSelectiveSync) { + if (info && info->_isEncrypted && !_accountState->account()->capabilities().clientSideEncryptionAvailable()) { + return Qt::ItemIsUserCheckable | Qt::ItemIsSelectable; + } return Qt::ItemIsEnabled | Qt::ItemIsUserCheckable | Qt::ItemIsSelectable; } else { return Qt::ItemIsEnabled | Qt::ItemIsSelectable; From 863256fd5503d73c140ba91f5cd2140de9c5f713 Mon Sep 17 00:00:00 2001 From: Matthieu Gallien Date: Tue, 21 May 2024 18:06:37 +0200 Subject: [PATCH 3/3] ignore encrypted items during discovery when encryption is disabled when we know a folder should be encrypted but encryption client side app is disabled, ignore any items in the encrypted folders Signed-off-by: Matthieu Gallien --- src/libsync/discovery.cpp | 7 +++++++ src/libsync/discoveryphase.cpp | 5 ++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/src/libsync/discovery.cpp b/src/libsync/discovery.cpp index 91d717c0feaba..1e276ad689577 100644 --- a/src/libsync/discovery.cpp +++ b/src/libsync/discovery.cpp @@ -1664,6 +1664,13 @@ void ProcessDirectoryJob::processFileFinalize( const SyncFileItemPtr &item, PathTuple path, bool recurse, QueryMode recurseQueryLocal, QueryMode recurseQueryServer) { + if (item->isEncrypted() && !_discoveryData->_account->capabilities().clientSideEncryptionAvailable()) { + item->_instruction = CSyncEnums::CSYNC_INSTRUCTION_IGNORE; + item->_direction = SyncFileItem::None; + emit _discoveryData->itemDiscovered(item); + return; + } + // Adjust target path for virtual-suffix files if (isVfsWithSuffix()) { if (item->_type == ItemTypeVirtualFile) { diff --git a/src/libsync/discoveryphase.cpp b/src/libsync/discoveryphase.cpp index c08cd8261a64b..ca96b8c825237 100644 --- a/src/libsync/discoveryphase.cpp +++ b/src/libsync/discoveryphase.cpp @@ -623,10 +623,13 @@ void DiscoverySingleDirectoryJob::lsJobFinishedWithoutErrorSlot() emit finished(HttpError{ 0, _error }); deleteLater(); return; - } else if (isE2eEncrypted()) { + } else if (isE2eEncrypted() && _account->capabilities().clientSideEncryptionAvailable()) { emit etag(_firstEtag, QDateTime::fromString(QString::fromUtf8(_lsColJob->responseTimestamp()), Qt::RFC2822Date)); fetchE2eMetadata(); return; + } else if (isE2eEncrypted() && !_account->capabilities().clientSideEncryptionAvailable()) { + emit etag(_firstEtag, QDateTime::fromString(QString::fromUtf8(_lsColJob->responseTimestamp()), Qt::RFC2822Date)); + emit finished(_results); } emit etag(_firstEtag, QDateTime::fromString(QString::fromUtf8(_lsColJob->responseTimestamp()), Qt::RFC2822Date)); emit finished(_results);