Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proceed encrypt-all after one of the encryption mode is selected #31598

Closed
wants to merge 1 commit into from
Closed

Proceed encrypt-all after one of the encryption mode is selected #31598

wants to merge 1 commit into from

Conversation

sharidas
Copy link
Contributor

Proceed encrypt-all command only after user had selected one
of the encryption mode.

Signed-off-by: Sujith H [email protected]

Description

If user had not selected user-keys or masterkey, then stop execution of encrypt-all command. Throw an exception.

Related Issue

Motivation and Context

If user had not selected user-keys or masterkey, then stop execution of encrypt-all command. Throw an exception.

How Has This Been Tested?

  • Create user admin
  • Enable encryption. Do not select any encryption mode ( this is done from command line )
  • Run encrypt-all command
  • Verified that exception is triggered.

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@sharidas
Proceed encrypt-all after one of the encryption mode is selected
7ea61e2 
Proceed encrypt-all command only after user had selected one
of the encryption mode.

Signed-off-by: Sujith H <[email protected]>
@sharidas sharidas self-assigned this May 31, 2018
@sharidas sharidas added this to the development milestone May 31, 2018
@codecov
Copy link

codecov bot commented May 31, 2018
edited
Loading

Codecov Report

Merging #31598 into master will increase coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master   #31598      +/-   ##
============================================
+ Coverage     62.83%   62.83%   +<.01%     
- Complexity    18369    18371       +2     
============================================
  Files          1151     1151              
  Lines         69051    69055       +4     
  Branches       1260     1260              
============================================
+ Hits          43389    43393       +4     
  Misses        25293    25293              
  Partials        369      369
Flag Coverage Δ Complexity Δ
#javascript 52.39% <ø> (ø) 0 <ø> (ø) ⬇️
#phpunit 64.04% <100%> (ø) 18371 <0> (+2) ⬆️
Impacted Files Coverage Δ Complexity Δ
core/Command/Encryption/EncryptAll.php 90.9% <100%> (+0.9%) 11 <0> (+2) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44a3f96...7ea61e2. Read the comment docs.

@butonic butonic mentioned this pull request Jun 1, 2018
Merged
butonic
butonic approved these changes Jun 1, 2018
View reviewed changes
core/Command/Encryption/EncryptAll.php
@@ -106,6 +106,12 @@ protected function execute(InputInterface $input, OutputInterface $output) {
throw new \Exception('Server side encryption is not enabled');
}

$masterKeyEnabled = $this->config->getAppValue('encryption', 'useMasterKey', '');
$userKeyEnabled = $this->config->getAppValue('encryption', 'userSpecificKey', '');
if (($masterKeyEnabled === '') && ($userKeyEnabled === '')) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm, there is $this->encryptionManager->isEnabled() a few lines above. That already checks encryption_enabled and useMasterKey. Maybe it also needs to check userSpecificKey.

What is the bug you are trying to solve? It seems that when user based encryption was enabled user individual or master key based encryption should have been selected.

So, to properly enable encryption you now need to

occ app:enable encryption
occ encryption:enable # this is a core commend
occ encryption:select-encryption-type # this is an encryption app command

before you can encryption:encryptall ... shouldn't encryption:enable also set the encryption type? Currently, it neither sets useMasterKey, nor userSpecificKey. Presumably, because core shouldn't know anything about the inner workings of the encryption app, such as which encryption type is used. The encryption login hook will initialize user individual keys unless useMasterKey is set, so implicitly user individual keys are used.

Arg what a mess ... why did I even look at this ... in light of all this, this PR is good enough.

@butonic
Copy link
Member

butonic commented Jun 1, 2018

#31597 makes more sense.

@butonic butonic closed this Jun 1, 2018
@butonic butonic deleted the proceed-encryptall-aftermodeselection branch June 1, 2018 09:32
@PVince81 PVince81 modified the milestones: development, QA Jun 13, 2018
@lock
Copy link

lock bot commented Jul 31, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jul 31, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@butonic butonic butonic approved these changes

Assignees

@sharidas sharidas

Labels
2 - Developing
Projects
None yet
Milestone
10.0.9
Development

Successfully merging this pull request may close these issues.
3 participants
@sharidas @butonic @PVince81