Merge pull request #12691 from nextcloud/storage-no-encryption-interface

Add interface to allow storages from opting out of encryption

Author: MorrisJobke

apps/files_external/lib/Lib/Storage/OwnCloud.php

@@ -25,6 +25,7 @@
  */
 
 namespace OCA\Files_External\Lib\Storage;
+use OCP\Files\Storage\IDisableEncryptionStorage;
 use Sabre\DAV\Client;
 
 /**
@@ -34,7 +35,7 @@
  * http://%host/%context/remote.php/webdav/%root
  *
  */
-class OwnCloud extends \OC\Files\Storage\DAV{
+class OwnCloud extends \OC\Files\Storage\DAV implements IDisableEncryptionStorage {
 	const OC_URL_SUFFIX = 'remote.php/webdav';
 
 	public function __construct($params) {

apps/files_sharing/lib/External/Storage.php

@@ -39,10 +39,11 @@
 use OCP\Constants;
 use OCP\Federation\ICloudId;
 use OCP\Files\NotFoundException;
+use OCP\Files\Storage\IDisableEncryptionStorage;
 use OCP\Files\StorageInvalidException;
 use OCP\Files\StorageNotAvailableException;
 
-class Storage extends DAV implements ISharedStorage {
+class Storage extends DAV implements ISharedStorage, IDisableEncryptionStorage {
 	/** @var ICloudId */
 	private $cloudId;
 	/** @var string */

apps/files_sharing/lib/SharedStorage.php

@@ -39,14 +39,15 @@
 use OCP\Constants;
 use OCP\Files\Cache\ICacheEntry;
 use OCP\Files\NotFoundException;
+use OCP\Files\Storage\IDisableEncryptionStorage;
 use OCP\Files\Storage\IStorage;
 use OCP\Lock\ILockingProvider;
 use OC\User\NoUserException;
 
 /**
  * Convert target path to source path and pass the function call to the correct storage provider
  */
-class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements ISharedStorage {
+class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements ISharedStorage, IDisableEncryptionStorage {
 
 	/** @var \OCP\Share\IShare */
 	private $superShare;

lib/composer/composer/autoload_classmap.php

@@ -227,6 +227,7 @@
     'OCP\\Files\\StorageInvalidException' => $baseDir . '/lib/public/Files/StorageInvalidException.php',
     'OCP\\Files\\StorageNotAvailableException' => $baseDir . '/lib/public/Files/StorageNotAvailableException.php',
     'OCP\\Files\\StorageTimeoutException' => $baseDir . '/lib/public/Files/StorageTimeoutException.php',
+    'OCP\\Files\\Storage\\IDisableEncryptionStorage' => $baseDir . '/lib/public/Files/Storage/IDisableEncryptionStorage.php',
     'OCP\\Files\\Storage\\ILockingStorage' => $baseDir . '/lib/public/Files/Storage/ILockingStorage.php',
     'OCP\\Files\\Storage\\INotifyStorage' => $baseDir . '/lib/public/Files/Storage/INotifyStorage.php',
     'OCP\\Files\\Storage\\IStorage' => $baseDir . '/lib/public/Files/Storage/IStorage.php',

lib/composer/composer/autoload_static.php

@@ -257,6 +257,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OCP\\Files\\StorageInvalidException' => __DIR__ . '/../../..' . '/lib/public/Files/StorageInvalidException.php',
         'OCP\\Files\\StorageNotAvailableException' => __DIR__ . '/../../..' . '/lib/public/Files/StorageNotAvailableException.php',
         'OCP\\Files\\StorageTimeoutException' => __DIR__ . '/../../..' . '/lib/public/Files/StorageTimeoutException.php',
+        'OCP\\Files\\Storage\\IDisableEncryptionStorage' => __DIR__ . '/../../..' . '/lib/public/Files/Storage/IDisableEncryptionStorage.php',
         'OCP\\Files\\Storage\\ILockingStorage' => __DIR__ . '/../../..' . '/lib/public/Files/Storage/ILockingStorage.php',
         'OCP\\Files\\Storage\\INotifyStorage' => __DIR__ . '/../../..' . '/lib/public/Files/Storage/INotifyStorage.php',
         'OCP\\Files\\Storage\\IStorage' => __DIR__ . '/../../..' . '/lib/public/Files/Storage/IStorage.php',

lib/private/Encryption/EncryptionWrapper.php

@@ -82,9 +82,7 @@ public function wrapStorage($mountPoint, Storage $storage, IMountPoint $mount) {
 			'mount' => $mount
 		];
 
-		if (!$storage->instanceOfStorage('OCA\Files_Sharing\SharedStorage')
-			&& !$storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')
-			&& !$storage->instanceOfStorage('OC\Files\Storage\OwnCloud')) {
+		if (!$storage->instanceOfStorage(Storage\IDisableEncryptionStorage::class)) {
 
 			$user = \OC::$server->getUserSession()->getUser();
 			$mountManager = Filesystem::getMountManager();

lib/public/Files/Storage/IDisableEncryptionStorage.php

@@ -0,0 +1,31 @@
+<?php
+/**
+ * @copyright Copyright (c) 2018 Robin Appelman <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\Files\Storage;
+
+/**
+ * Marks that a storage does not support server side encryption
+ *
+ * @since 16.0.0
+ */
+interface IDisableEncryptionStorage {
+
+}

tests/lib/Encryption/EncryptionWrapperTest.php

@@ -92,13 +92,7 @@ public function provideWrapStorage() {
 			[true, ['OCA\Files_Trashbin\Storage']],
 
 			// Do not wrap shared storages
-			[false, ['OCA\Files_Sharing\SharedStorage']],
-			[false, ['OCA\Files_Sharing\External\Storage']],
-			[false, ['OC\Files\Storage\OwnCloud']],
-			[false, ['OCA\Files_Sharing\SharedStorage', 'OCA\Files_Sharing\External\Storage']],
-			[false, ['OCA\Files_Sharing\SharedStorage', 'OC\Files\Storage\OwnCloud']],
-			[false, ['OCA\Files_Sharing\External\Storage', 'OC\Files\Storage\OwnCloud']],
-			[false, ['OCA\Files_Sharing\SharedStorage', 'OCA\Files_Sharing\External\Storage', 'OC\Files\Storage\OwnCloud']],
+			[false, [Storage\IDisableEncryptionStorage::class]],
 		];
 	}