From 42e1c32e7d9485fa3297c54a1dd6078de6c41758 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Thu, 25 Aug 2022 14:52:15 +0200 Subject: [PATCH 1/2] allow enabling encryption for groupfolders Signed-off-by: Robin Appelman --- lib/AppInfo/Application.php | 4 ++- lib/Mount/GroupFolderNoEncryptionStorage.php | 29 ++++++++++++++++++ lib/Mount/GroupFolderStorage.php | 2 +- lib/Mount/GroupMountPoint.php | 11 ------- lib/Mount/MountProvider.php | 32 ++++++++++++++------ 5 files changed, 56 insertions(+), 22 deletions(-) create mode 100644 lib/Mount/GroupFolderNoEncryptionStorage.php diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php index 55d5c2687..81226aba9 100644 --- a/lib/AppInfo/Application.php +++ b/lib/AppInfo/Application.php @@ -76,6 +76,7 @@ public function register(IRegistrationContext $context): void { }; $config = $c->get(IConfig::class); $allowRootShare = $config->getAppValue('groupfolders', 'allow_root_share', 'true') === 'true'; + $enableEncryption = $config->getAppValue('groupfolders', 'enable_encryption', 'false') === 'true'; return new MountProvider( $c->getServer()->getGroupManager(), @@ -87,7 +88,8 @@ public function register(IRegistrationContext $context): void { $c->get(ISession::class), $c->get(IMountProviderCollection::class), $c->get(IDBConnection::class), - $allowRootShare + $allowRootShare, + $enableEncryption ); }); diff --git a/lib/Mount/GroupFolderNoEncryptionStorage.php b/lib/Mount/GroupFolderNoEncryptionStorage.php new file mode 100644 index 000000000..cab74cf3c --- /dev/null +++ b/lib/Mount/GroupFolderNoEncryptionStorage.php @@ -0,0 +1,29 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCA\GroupFolders\Mount; + +use OCP\Files\Storage\IDisableEncryptionStorage; + +class GroupFolderNoEncryptionStorage extends GroupFolderStorage implements IDisableEncryptionStorage { +} diff --git a/lib/Mount/GroupFolderStorage.php b/lib/Mount/GroupFolderStorage.php index dfd61046c..ae706398d 100644 --- a/lib/Mount/GroupFolderStorage.php +++ b/lib/Mount/GroupFolderStorage.php @@ -30,7 +30,7 @@ use OCP\IUser; use OCP\IUserSession; -class GroupFolderStorage extends Quota implements IDisableEncryptionStorage { +class GroupFolderStorage extends Quota { /** @var int */ private $folderId; diff --git a/lib/Mount/GroupMountPoint.php b/lib/Mount/GroupMountPoint.php index e35d7ba85..1d6858451 100644 --- a/lib/Mount/GroupMountPoint.php +++ b/lib/Mount/GroupMountPoint.php @@ -36,17 +36,6 @@ public function getMountType() { return 'group'; } - public function getOption($name, $default) { - $options = $this->getOptions(); - return isset($options[$name]) ? $options[$name] : $default; - } - - public function getOptions() { - $options = parent::getOptions(); - $options['encrypt'] = false; - return $options; - } - public function getFolderId(): int { return $this->folderId; } diff --git a/lib/Mount/MountProvider.php b/lib/Mount/MountProvider.php index b0cff63d2..c4377751e 100644 --- a/lib/Mount/MountProvider.php +++ b/lib/Mount/MountProvider.php @@ -68,6 +68,7 @@ class MountProvider implements IMountProvider { private $mountProviderCollection; private $connection; private $allowRootShare; + private bool $enableEncryption; public function __construct( IGroupManager $groupProvider, @@ -79,7 +80,8 @@ public function __construct( ISession $session, IMountProviderCollection $mountProviderCollection, IDBConnection $connection, - bool $allowRootShare + bool $allowRootShare, + bool $enableEncryption ) { $this->groupProvider = $groupProvider; $this->folderManager = $folderManager; @@ -91,6 +93,7 @@ public function __construct( $this->mountProviderCollection = $mountProviderCollection; $this->connection = $connection; $this->allowRootShare = $allowRootShare; + $this->enableEncryption = $enableEncryption; } /** @@ -189,14 +192,25 @@ public function getMount(int $id, string $mountPoint, int $permissions, int $quo 'storage' => $storage, 'root' => $rootPath ]); - $quotaStorage = new GroupFolderStorage([ - 'storage' => $baseStorage, - 'quota' => $quota, - 'folder_id' => $id, - 'rootCacheEntry' => $cacheEntry, - 'userSession' => $this->userSession, - 'mountOwner' => $user, - ]); + if ($this->enableEncryption) { + $quotaStorage = new GroupFolderStorage([ + 'storage' => $baseStorage, + 'quota' => $quota, + 'folder_id' => $id, + 'rootCacheEntry' => $cacheEntry, + 'userSession' => $this->userSession, + 'mountOwner' => $user, + ]); + } else { + $quotaStorage = new GroupFolderNoEncryptionStorage([ + 'storage' => $baseStorage, + 'quota' => $quota, + 'folder_id' => $id, + 'rootCacheEntry' => $cacheEntry, + 'userSession' => $this->userSession, + 'mountOwner' => $user, + ]); + } $maskedStore = new PermissionsMask([ 'storage' => $quotaStorage, 'mask' => $permissions From a4c8b455bc758518e86c5eb964ee5049bf49114a Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Wed, 28 Sep 2022 10:35:41 +0200 Subject: [PATCH 2/2] Replace class type hint with comment Signed-off-by: Vincent Petry --- lib/Mount/MountProvider.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/Mount/MountProvider.php b/lib/Mount/MountProvider.php index c4377751e..3de9e2fb4 100644 --- a/lib/Mount/MountProvider.php +++ b/lib/Mount/MountProvider.php @@ -68,7 +68,9 @@ class MountProvider implements IMountProvider { private $mountProviderCollection; private $connection; private $allowRootShare; - private bool $enableEncryption; + + /** @var bool */ + private $enableEncryption; public function __construct( IGroupManager $groupProvider,