From 817bc5b542e4af80bc7e3d587a6b66f0694e72bd Mon Sep 17 00:00:00 2001 From: Stephen Cuppett Date: Thu, 30 Apr 2026 20:58:12 -0400 Subject: [PATCH] fix(encryption): Inject IAppConfig for encryptHomeStorage value Signed-off-by: Stephen Cuppett --- lib/private/Encryption/EncryptionWrapper.php | 25 +++---------------- lib/private/Encryption/Manager.php | 6 +++-- lib/private/Server.php | 3 ++- .../lib/Encryption/EncryptionWrapperTest.php | 7 +++++- 4 files changed, 15 insertions(+), 26 deletions(-) diff --git a/lib/private/Encryption/EncryptionWrapper.php b/lib/private/Encryption/EncryptionWrapper.php index 355257218e8..a926b9a9a7a 100644 --- a/lib/private/Encryption/EncryptionWrapper.php +++ b/lib/private/Encryption/EncryptionWrapper.php @@ -14,7 +14,6 @@ use OC\Files\View; use OC\Memcache\ArrayCache; use OCP\Encryption\IFile; use OCP\Encryption\Keys\IStorage as EncryptionKeysStorage; -use OCP\Exceptions\AppConfigTypeConflictException; use OCP\Files\Mount\IMountPoint; use OCP\Files\Storage\IDisableEncryptionStorage; use OCP\Files\Storage\IStorage; @@ -40,6 +39,7 @@ class EncryptionWrapper { public function __construct( private ArrayCache $arrayCache, private Manager $manager, + private IAppConfig $appConfig, private LoggerInterface $logger, ) { } @@ -73,7 +73,8 @@ class EncryptionWrapper { } // Skip encryption for home mounts if encryptHomeStorage is disabled - if ($mount instanceof HomeMountPoint && !$this->shouldEncryptHomeStorage()) { + if ($mount instanceof HomeMountPoint && + !$this->appConfig->getValueBool('encryption', 'encryptHomeStorage', true)) { return $storage; } } @@ -103,24 +104,4 @@ class EncryptionWrapper { $this->arrayCache ); } - - private function shouldEncryptHomeStorage(): bool { - $appConfig = Server::get(IAppConfig::class); - try { - return $appConfig->getValueBool('encryption', 'encryptHomeStorage', true); - } catch (AppConfigTypeConflictException) { - // Stored as VALUE_STRING from a pre-upgrade installation. - // RetypeEncryptionConfigKeys repair step will fix the type on occ upgrade. - return $this->parseLegacyBoolString( - $appConfig->getValueString('encryption', 'encryptHomeStorage', '1') - ); - } catch (\Throwable) { - // DB not ready (e.g. oc_appconfig does not yet exist during install). - return true; - } - } - - private function parseLegacyBoolString(string $value): bool { - return in_array(strtolower(trim($value)), ['1', 'true', 'yes', 'on'], true); - } } diff --git a/lib/private/Encryption/Manager.php b/lib/private/Encryption/Manager.php index ac27f0911b8..b35480e1c16 100644 --- a/lib/private/Encryption/Manager.php +++ b/lib/private/Encryption/Manager.php @@ -18,6 +18,7 @@ use OCP\Encryption\IEncryptionModule; use OCP\Encryption\IManager; use OCP\Files\Mount\IMountPoint; use OCP\Files\Storage\IStorage; +use OCP\IAppConfig; use OCP\IConfig; use OCP\IL10N; use Psr\Log\LoggerInterface; @@ -32,6 +33,7 @@ class Manager implements IManager { protected View $rootView, protected Util $util, protected ArrayCache $arrayCache, + protected IAppConfig $appConfig, ) { $this->encryptionModules = []; } @@ -205,13 +207,13 @@ class Manager implements IManager { public function setupStorage() { // If encryption is disabled and there are no loaded modules it makes no sense to load the wrapper if (!empty($this->encryptionModules) || $this->isEnabled()) { - $encryptionWrapper = new EncryptionWrapper($this->arrayCache, $this, $this->logger); + $encryptionWrapper = new EncryptionWrapper($this->arrayCache, $this, $this->appConfig, $this->logger); Filesystem::addStorageWrapper('oc_encryption', [$encryptionWrapper, 'wrapStorage'], 2); } } public function forceWrapStorage(IMountPoint $mountPoint, IStorage $storage) { - $encryptionWrapper = new EncryptionWrapper($this->arrayCache, $this, $this->logger); + $encryptionWrapper = new EncryptionWrapper($this->arrayCache, $this, $this->appConfig, $this->logger); return $encryptionWrapper->wrapStorage($mountPoint->getMountPoint(), $storage, $mountPoint, true); } diff --git a/lib/private/Server.php b/lib/private/Server.php index a39d09fe3b0..4adbf5c9ac4 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -372,7 +372,8 @@ class Server extends ServerContainer implements IServerContainer { $c->getL10N('core'), new View(), $util, - new ArrayCache() + new ArrayCache(), + $c->get(IAppConfig::class), ); }); $this->registerAlias(\OCP\Encryption\IManager::class, Encryption\Manager::class); diff --git a/tests/lib/Encryption/EncryptionWrapperTest.php b/tests/lib/Encryption/EncryptionWrapperTest.php index b80d1a08af6..c3ef81cf280 100644 --- a/tests/lib/Encryption/EncryptionWrapperTest.php +++ b/tests/lib/Encryption/EncryptionWrapperTest.php @@ -15,6 +15,7 @@ use OC\Memcache\ArrayCache; use OCA\Files_Trashbin\Storage; use OCP\Files\Mount\IMountPoint; use OCP\Files\Storage\IDisableEncryptionStorage; +use OCP\IAppConfig; use Psr\Log\LoggerInterface; use Test\TestCase; @@ -31,6 +32,9 @@ class EncryptionWrapperTest extends TestCase { /** @var \PHPUnit\Framework\MockObject\MockObject|ArrayCache */ private $arrayCache; + /** @var \PHPUnit\Framework\MockObject\MockObject|IAppConfig */ + private $appConfig; + #[\Override] protected function setUp(): void { parent::setUp(); @@ -38,8 +42,9 @@ class EncryptionWrapperTest extends TestCase { $this->arrayCache = $this->createMock(ArrayCache::class); $this->manager = $this->createMock(Manager::class); $this->logger = $this->createMock(LoggerInterface::class); + $this->appConfig = $this->createMock(IAppConfig::class); - $this->instance = new EncryptionWrapper($this->arrayCache, $this->manager, $this->logger); + $this->instance = new EncryptionWrapper($this->arrayCache, $this->manager, $this->appConfig, $this->logger); }