nextcloud · come-nc · May 14, 2025 · Oct 3, 2024 · Nov 5, 2024 · Nov 26, 2024
@@ -10,7 +10,6 @@
 use OC\Files\Node\NonExistingFile;
 use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
 use OCP\Files\Events\Node\BeforeNodeReadEvent;
-use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
 use OCP\Files\Events\Node\NodeCopiedEvent;
 use OCP\Files\Events\Node\NodeCreatedEvent;
 use OCP\Files\Events\Node\NodeRenamedEvent;
@@ -26,9 +25,6 @@
  * @package OCA\AdminAudit\Actions
  */
 class Files extends Action {
-
-	private array $renamedNodes = [];
-
 	/**
 	 * Logs file read actions
 	 */
@@ -52,31 +48,16 @@ public function read(BeforeNodeReadEvent $event): void {
 		);
 	}
 
-	/**
-	 * Logs rename actions of files
-	 */
-	public function beforeRename(BeforeNodeRenamedEvent $event): void {
-		try {
-			$source = $event->getSource();
-			$this->renamedNodes[$source->getId()] = $source;
-		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file rename: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
-			);
-			return;
-		}
-	}
-
 	/**
 	 * Logs rename actions of files
 	 */
 	public function afterRename(NodeRenamedEvent $event): void {
 		try {
 			$target = $event->getTarget();
-			$originalSource = $this->renamedNodes[$target->getId()];
+			$source = $event->getSource();
 			$params = [
 				'newid' => $target->getId(),
-				'oldpath' => $originalSource->getPath(),
+				'oldpath' => $source->getPath(),
 				'newpath' => $target->getPath(),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {

@@ -42,7 +42,6 @@
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
 use OCP\Files\Events\Node\BeforeNodeReadEvent;
-use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
 use OCP\Files\Events\Node\NodeCopiedEvent;
 use OCP\Files\Events\Node\NodeCreatedEvent;
 use OCP\Files\Events\Node\NodeRenamedEvent;
@@ -170,13 +169,6 @@ private function tagHooks(IAuditLogger $logger,
 	private function fileHooks(IAuditLogger $logger, IEventDispatcher $eventDispatcher): void {
 		$fileActions = new Files($logger);
 
-		$eventDispatcher->addListener(
-			BeforeNodeRenamedEvent::class,
-			function (BeforeNodeRenamedEvent $event) use ($fileActions): void {
-				$fileActions->beforeRename($event);
-			}
-		);
-
 		$eventDispatcher->addListener(
 			NodeRenamedEvent::class,
 			function (NodeRenamedEvent $event) use ($fileActions): void {

@@ -17,13 +17,22 @@
 class EncryptedSizePropagationTest extends SizePropagationTest {
 	use EncryptionTrait;
 
+	protected function setUp(): void {
+		parent::setUp();
+		$this->config->setAppValue('encryption', 'useMasterKey', '0');
+	}
+
 	protected function setupUser($name, $password = '') {
 		$this->createUser($name, $password);
 		$tmpFolder = Server::get(ITempManager::class)->getTemporaryFolder();
 		$this->registerMount($name, '\OC\Files\Storage\Local', '/' . $name, ['datadir' => $tmpFolder]);
-		$this->config->setAppValue('encryption', 'useMasterKey', '0');
 		$this->setupForUser($name, $password);
 		$this->loginWithEncryption($name);
 		return new View('/' . $name . '/files');
 	}
+
+	protected function loginHelper($user, $create = false, $password = false) {
+		$this->setupForUser($user, $password);
+		parent::loginHelper($user, $create, $password);
+	}
 }
@@ -108,7 +108,7 @@ protected function setUp(): void {
 		Server::get(DisplayNameCache::class)->clear();
 
 		//login as user1
-		self::loginHelper(self::TEST_FILES_SHARING_API_USER1);
+		$this->loginHelper(self::TEST_FILES_SHARING_API_USER1);
 
 		$this->data = 'foobar';
 		$this->view = new View('/' . self::TEST_FILES_SHARING_API_USER1 . '/files');
@@ -173,7 +173,7 @@ public static function tearDownAfterClass(): void {
 	 * @param bool $create
 	 * @param bool $password
 	 */
-	protected static function loginHelper($user, $create = false, $password = false) {
+	protected function loginHelper($user, $create = false, $password = false) {
 		if ($password === false) {
 			$password = $user;
 		}

@@ -115,8 +115,11 @@ protected function setUp(): void {
 
 		Server::get(IAppManager::class)->enableApp('files_trashbin');
 		$config = Server::get(IConfig::class);
-		$mockConfig = $this->createMock(IConfig::class);
-		$mockConfig
+		$mockConfig = $this->getMockBuilder(AllConfig::class)
+			->onlyMethods(['getSystemValue'])
+			->setConstructorArgs([Server::get(\OC\SystemConfig::class)])
+			->getMock();
+		$mockConfig->expects($this->any())
 			->method('getSystemValue')
 			->willReturnCallback(static function ($key, $default) use ($config) {
 				if ($key === 'filesystem_check_changes') {
@@ -125,16 +128,6 @@ protected function setUp(): void {
 					return $config->getSystemValue($key, $default);
 				}
 			});
-		$mockConfig
-			->method('getUserValue')
-			->willReturnCallback(static function ($userId, $appName, $key, $default = '') use ($config) {
-				return $config->getUserValue($userId, $appName, $key, $default);
-			});
-		$mockConfig
-			->method('getAppValue')
-			->willReturnCallback(static function ($appName, $key, $default = '') use ($config) {
-				return $config->getAppValue($appName, $key, $default);
-			});
 		$this->overwriteService(AllConfig::class, $mockConfig);
 
 		$this->trashRoot1 = '/' . self::TEST_TRASHBIN_USER1 . '/files_trashbin';

@@ -250,7 +250,7 @@ public function post_write_hook(Node $node): void {
 	/**
 	 * Erase versions of deleted file
 	 *
-	 * This function is connected to the delete signal of OC_Filesystem
+	 * This function is connected to the NodeDeletedEvent event
 	 * cleanup the versions directory if the actual file gets deleted
 	 */
 	public function remove_hook(Node $node): void {
@@ -282,7 +282,7 @@ public function pre_remove_hook(Node $node): void {
 	/**
 	 * rename/move versions of renamed/moved files
 	 *
-	 * This function is connected to the rename signal of OC_Filesystem and adjust the name and location
+	 * This function is connected to the NodeRenamedEvent event and adjust the name and location
 	 * of the stored versions along the actual file
 	 */
 	public function rename_hook(Node $source, Node $target): void {
@@ -301,7 +301,7 @@ public function rename_hook(Node $source, Node $target): void {
 	/**
 	 * copy versions of copied files
 	 *
-	 * This function is connected to the copy signal of OC_Filesystem and copies the
+	 * This function is connected to the NodeCopiedEvent event and copies the
 	 * the stored versions to the new location
 	 */
 	public function copy_hook(Node $source, Node $target): void {

@@ -83,7 +83,10 @@ protected function setUp(): void {
 		parent::setUp();
 
 		$config = Server::get(IConfig::class);
-		$mockConfig = $this->createMock(IConfig::class);
+		$mockConfig = $this->getMockBuilder(AllConfig::class)
+			->onlyMethods(['getSystemValue'])
+			->setConstructorArgs([Server::get(\OC\SystemConfig::class)])
+			->getMock();
 		$mockConfig->expects($this->any())
 			->method('getSystemValue')
 			->willReturnCallback(function ($key, $default) use ($config) {
@@ -427,8 +430,9 @@ public function testMoveFileIntoSharedFolderAsRecipient(): void {
 		$this->rootView->file_put_contents($v2, 'version2');
 
 		// move file into the shared folder as recipient
-		Filesystem::rename('/test.txt', '/folder1/test.txt');
+		$success = Filesystem::rename('/test.txt', '/folder1/test.txt');
 
+		$this->assertTrue($success);
 		$this->assertFalse($this->rootView->file_exists($v1));
 		$this->assertFalse($this->rootView->file_exists($v2));
 

@@ -2013,9 +2013,6 @@
     </UndefinedInterfaceMethod>
   </file>
   <file src="lib/private/Files/Storage/Wrapper/Encryption.php">
-    <InvalidOperand>
-      <code><![CDATA[$this->copyFromStorage($sourceStorage, $sourceInternalPath . '/' . $file, $targetInternalPath . '/' . $file, false, $isRename)]]></code>
-    </InvalidOperand>
     <InvalidReturnStatement>
       <code><![CDATA[$result]]></code>
     </InvalidReturnStatement>

@@ -6,13 +6,14 @@
  * SPDX-FileCopyrightText: 2013-2016 ownCloud, Inc.
  * SPDX-License-Identifier: AGPL-3.0-only
  */
-use OC\Encryption\HookManager;
+
 use OC\Profiler\BuiltInProfiler;
 use OC\Share20\GroupDeletedListener;
 use OC\Share20\Hooks;
 use OC\Share20\UserDeletedListener;
 use OC\Share20\UserRemovedListener;
 use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Files\Events\BeforeFileSystemSetupEvent;
 use OCP\Group\Events\GroupDeletedEvent;
 use OCP\Group\Events\UserRemovedEvent;
 use OCP\IConfig;
@@ -22,7 +23,6 @@
 use OCP\IUserSession;
 use OCP\Security\Bruteforce\IThrottler;
 use OCP\Server;
-use OCP\Share;
 use OCP\Template\ITemplateManager;
 use OCP\User\Events\UserChangedEvent;
 use OCP\User\Events\UserDeletedEvent;
@@ -907,15 +907,16 @@ public static function registerCleanupHooks(\OC\SystemConfig $systemConfig): voi
 	}
 
 	private static function registerEncryptionWrapperAndHooks(): void {
+		/** @var \OC\Encryption\Manager */
 		$manager = Server::get(\OCP\Encryption\IManager::class);
-		\OCP\Util::connectHook('OC_Filesystem', 'preSetup', $manager, 'setupStorage');
+		Server::get(IEventDispatcher::class)->addListener(
+			BeforeFileSystemSetupEvent::class,
+			$manager->setupStorage(...),
+		);
 
 		$enabled = $manager->isEnabled();
 		if ($enabled) {
-			\OCP\Util::connectHook(Share::class, 'post_shared', HookManager::class, 'postShared');
-			\OCP\Util::connectHook(Share::class, 'post_unshare', HookManager::class, 'postUnshared');
-			\OCP\Util::connectHook('OC_Filesystem', 'post_rename', HookManager::class, 'postRename');
-			\OCP\Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', HookManager::class, 'postRestore');
+			\OC\Encryption\EncryptionEventListener::register(Server::get(IEventDispatcher::class));
 		}
 	}
 

@@ -1539,6 +1539,7 @@
     'OC\\DirectEditing\\Token' => $baseDir . '/lib/private/DirectEditing/Token.php',
     'OC\\EmojiHelper' => $baseDir . '/lib/private/EmojiHelper.php',
     'OC\\Encryption\\DecryptAll' => $baseDir . '/lib/private/Encryption/DecryptAll.php',
+    'OC\\Encryption\\EncryptionEventListener' => $baseDir . '/lib/private/Encryption/EncryptionEventListener.php',
     'OC\\Encryption\\EncryptionWrapper' => $baseDir . '/lib/private/Encryption/EncryptionWrapper.php',
     'OC\\Encryption\\Exceptions\\DecryptionFailedException' => $baseDir . '/lib/private/Encryption/Exceptions/DecryptionFailedException.php',
     'OC\\Encryption\\Exceptions\\EmptyEncryptionDataException' => $baseDir . '/lib/private/Encryption/Exceptions/EmptyEncryptionDataException.php',
@@ -1549,7 +1550,6 @@
     'OC\\Encryption\\Exceptions\\ModuleDoesNotExistsException' => $baseDir . '/lib/private/Encryption/Exceptions/ModuleDoesNotExistsException.php',
     'OC\\Encryption\\Exceptions\\UnknownCipherException' => $baseDir . '/lib/private/Encryption/Exceptions/UnknownCipherException.php',
     'OC\\Encryption\\File' => $baseDir . '/lib/private/Encryption/File.php',
-    'OC\\Encryption\\HookManager' => $baseDir . '/lib/private/Encryption/HookManager.php',
     'OC\\Encryption\\Keys\\Storage' => $baseDir . '/lib/private/Encryption/Keys/Storage.php',
     'OC\\Encryption\\Manager' => $baseDir . '/lib/private/Encryption/Manager.php',
     'OC\\Encryption\\Update' => $baseDir . '/lib/private/Encryption/Update.php',

@@ -1580,6 +1580,7 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OC\\DirectEditing\\Token' => __DIR__ . '/../../..' . '/lib/private/DirectEditing/Token.php',
         'OC\\EmojiHelper' => __DIR__ . '/../../..' . '/lib/private/EmojiHelper.php',
         'OC\\Encryption\\DecryptAll' => __DIR__ . '/../../..' . '/lib/private/Encryption/DecryptAll.php',
+        'OC\\Encryption\\EncryptionEventListener' => __DIR__ . '/../../..' . '/lib/private/Encryption/EncryptionEventListener.php',
         'OC\\Encryption\\EncryptionWrapper' => __DIR__ . '/../../..' . '/lib/private/Encryption/EncryptionWrapper.php',
         'OC\\Encryption\\Exceptions\\DecryptionFailedException' => __DIR__ . '/../../..' . '/lib/private/Encryption/Exceptions/DecryptionFailedException.php',
         'OC\\Encryption\\Exceptions\\EmptyEncryptionDataException' => __DIR__ . '/../../..' . '/lib/private/Encryption/Exceptions/EmptyEncryptionDataException.php',
@@ -1590,7 +1591,6 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OC\\Encryption\\Exceptions\\ModuleDoesNotExistsException' => __DIR__ . '/../../..' . '/lib/private/Encryption/Exceptions/ModuleDoesNotExistsException.php',
         'OC\\Encryption\\Exceptions\\UnknownCipherException' => __DIR__ . '/../../..' . '/lib/private/Encryption/Exceptions/UnknownCipherException.php',
         'OC\\Encryption\\File' => __DIR__ . '/../../..' . '/lib/private/Encryption/File.php',
-        'OC\\Encryption\\HookManager' => __DIR__ . '/../../..' . '/lib/private/Encryption/HookManager.php',
         'OC\\Encryption\\Keys\\Storage' => __DIR__ . '/../../..' . '/lib/private/Encryption/Keys/Storage.php',
         'OC\\Encryption\\Manager' => __DIR__ . '/../../..' . '/lib/private/Encryption/Manager.php',
         'OC\\Encryption\\Update' => __DIR__ . '/../../..' . '/lib/private/Encryption/Update.php',

@@ -0,0 +1,93 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+namespace OC\Encryption;
+
+use OC\Files\SetupManager;
+use OC\Files\View;
+use OCA\Files_Trashbin\Events\NodeRestoredEvent;
+use OCP\Encryption\IFile;
+use OCP\EventDispatcher\Event;
+use OCP\EventDispatcher\IEventDispatcher;
+use OCP\EventDispatcher\IEventListener;
+use OCP\Files\Events\Node\NodeRenamedEvent;
+use OCP\IUser;
+use OCP\IUserSession;
+use OCP\Share\Events\ShareCreatedEvent;
+use OCP\Share\Events\ShareDeletedEvent;
+use Psr\Log\LoggerInterface;
+
+/** @template-implements IEventListener<NodeRenamedEvent|ShareCreatedEvent|ShareDeletedEvent|NodeRestoredEvent> */
+class EncryptionEventListener implements IEventListener {
+	private ?Update $updater = null;
+
+	public function __construct(
+		private IUserSession $userSession,
+		private SetupManager $setupManager,
+		private Manager $encryptionManager,
+	) {
+	}
+
+	public static function register(IEventDispatcher $dispatcher): void {
+		$dispatcher->addServiceListener(NodeRenamedEvent::class, static::class);
+		$dispatcher->addServiceListener(ShareCreatedEvent::class, static::class);
+		$dispatcher->addServiceListener(ShareDeletedEvent::class, static::class);
+		$dispatcher->addServiceListener(NodeRestoredEvent::class, static::class);
+	}
+
+	public function handle(Event $event): void {
+		if (!$this->encryptionManager->isEnabled()) {
+			return;
+		}
+		if ($event instanceof NodeRenamedEvent) {
+			$this->getUpdate()->postRename($event->getSource(), $event->getTarget());
+		} elseif ($event instanceof ShareCreatedEvent) {
+			$this->getUpdate()->postShared($event->getShare()->getNode());
+		} elseif ($event instanceof ShareDeletedEvent) {
+			// In case the unsharing happens in a background job, we don't have
+			// a session and we load instead the user from the UserManager
+			$owner = $event->getShare()->getNode()->getOwner();
+			$this->getUpdate($owner)->postUnshared($event->getShare()->getNode());
+		} elseif ($event instanceof NodeRestoredEvent) {
+			$this->getUpdate()->postRestore($event->getTarget());
+		}
+	}
+
+	private function getUpdate(?IUser $owner = null): Update {
+		if (is_null($this->updater)) {
+			$user = $this->userSession->getUser();
+			if (!$user && ($owner !== null)) {
+				$user = $owner;
+			}
+			if (!$user) {
+				throw new \Exception('Inconsistent data, File unshared, but owner not found. Should not happen');
+			}
+
+			$uid = $user->getUID();
+
+			if (!$this->setupManager->isSetupComplete($user)) {
+				$this->setupManager->setupForUser($user);
+			}
+
+			$this->updater = new Update(
+				new Util(
+					new View(),
+					\OC::$server->getUserManager(),
+					\OC::$server->getGroupManager(),
+					\OC::$server->getConfig()),
+				\OC::$server->getEncryptionManager(),
+				\OC::$server->get(IFile::class),
+				\OC::$server->get(LoggerInterface::class),
+				$uid
+			);
+		}
+
+		return $this->updater;
+	}
+}