Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proceed encrypt-all after one of the encryption mode is selected #31598

Closed
wants to merge 1 commit into from
Closed

Proceed encrypt-all after one of the encryption mode is selected #31598

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions core/Command/Encryption/EncryptAll.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,12 @@ protected function execute(InputInterface $input, OutputInterface $output) {
throw new \Exception('Server side encryption is not enabled');
}

$masterKeyEnabled = $this->config->getAppValue('encryption', 'useMasterKey', '');
$userKeyEnabled = $this->config->getAppValue('encryption', 'userSpecificKey', '');
if (($masterKeyEnabled === '') && ($userKeyEnabled === '')) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm, there is $this->encryptionManager->isEnabled() a few lines above. That already checks encryption_enabled and useMasterKey. Maybe it also needs to check userSpecificKey.

What is the bug you are trying to solve? It seems that when user based encryption was enabled user individual or master key based encryption should have been selected.

So, to properly enable encryption you now need to

occ app:enable encryption
occ encryption:enable # this is a core commend
occ encryption:select-encryption-type # this is an encryption app command

before you can encryption:encryptall ... shouldn't encryption:enable also set the encryption type? Currently, it neither sets useMasterKey, nor userSpecificKey. Presumably, because core shouldn't know anything about the inner workings of the encryption app, such as which encryption type is used. The encryption login hook will initialize user individual keys unless useMasterKey is set, so implicitly user individual keys are used.

Arg what a mess ... why did I even look at this ... in light of all this, this PR is good enough.

throw new \Exception('Select encryption type masterkey or user-keys to continue.');
}

$output->writeln("\n");
$output->writeln('You are about to encrypt all files stored in your ownCloud installation.');
$output->writeln('Depending on the number of available files, and their size, this may take quite some time.');
Expand Down
18 changes: 18 additions & 0 deletions tests/Core/Command/Encryption/EncryptAllTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,4 +125,22 @@ public function testExecuteException() {
$this->encryptionModule->expects($this->never())->method('encryptAll');
$this->invokePrivate($command, 'execute', [$this->consoleInput, $this->consoleOutput]);
}

/**
* @expectedException \Exception
* @expectedExceptionMessage Select encryption type masterkey or user-keys to continue.
*/
public function testExecuteExceptionForNoModeSelection() {
$command = new EncryptAll($this->encryptionManager, $this->appManager, $this->config, $this->questionHelper);

$this->encryptionManager->expects($this->once())->method('isEnabled')->willReturn(true);
$this->config->expects($this->any())
->method('getAppValue')
->willReturnMap([
['encryption', 'useMasterKey', '', ''],
['encryption', 'userSpecificKey', '', '']
]);

$this->invokePrivate($command, 'execute', [$this->consoleInput, $this->consoleOutput]);
}
}