Merge pull request #60332 from nextcloud/revert-60001-refactor/encryption-wrapper-homemount-support

Revert "fix(encryption): Refactor EncryptionWrapper with HomeMountPoint support"
2026-06-11 01:30:50 -04:00 · 2026-05-13 09:25:10 +02:00 · 2026-05-13 09:25:10 +02:00 · 9abd134264
commit 9abd134264
parent 4d1092e380 13b6f92c1b
1 changed files with 25 additions and 43 deletions
--- a/lib/private/Encryption/EncryptionWrapper.php
+++ b/lib/private/Encryption/EncryptionWrapper.php
@ -8,7 +8,6 @@
 namespace OC\Encryption;

 use OC\Files\Filesystem;
-use OC\Files\Mount\HomeMountPoint;
 use OC\Files\Storage\Wrapper\Encryption;
 use OC\Files\View;
 use OC\Memcache\ArrayCache;
@ -17,7 +16,6 @@ use OCP\Encryption\Keys\IStorage as EncryptionKeysStorage;
 use OCP\Files\Mount\IMountPoint;
 use OCP\Files\Storage\IDisableEncryptionStorage;
 use OCP\Files\Storage\IStorage;
-use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\IUserManager;
@ -59,48 +57,32 @@ class EncryptionWrapper {
 			'mount' => $mount
 		];

-		// Only evaluate other conditions if not forced
-		if (!$force) {
-			// If a disabled storage medium, return basic storage
-			if ($storage->instanceOfStorage(IDisableEncryptionStorage::class)) {
-				return $storage;
-			}
+		if ($force || (!$storage->instanceOfStorage(IDisableEncryptionStorage::class) && $mountPoint !== '/')) {
+			$user = Server::get(IUserSession::class)->getUser();
+			$mountManager = Filesystem::getMountManager();
+			$uid = $user ? $user->getUID() : null;
+			$fileHelper = Server::get(IFile::class);
+			$keyStorage = Server::get(EncryptionKeysStorage::class);

-			// Root mount point handling: skip encryption wrapper
-			if ($mountPoint === '/') {
-				return $storage;
-			}
-
-			// Skip encryption for home mounts if encryptHomeStorage is disabled
-			if ($mount instanceof HomeMountPoint
-				&& !Server::get(IAppConfig::class)->getValueBool('encryption', 'encryptHomeStorage', true)) {
-				return $storage;
-			}
+			$util = new Util(
+				new View(),
+				Server::get(IUserManager::class),
+				Server::get(IGroupManager::class),
+				Server::get(IConfig::class)
+			);
+			return new Encryption(
+				$parameters,
+				$this->manager,
+				$util,
+				$this->logger,
+				$fileHelper,
+				$uid,
+				$keyStorage,
+				$mountManager,
+				$this->arrayCache
+			);
+		} else {
+			return $storage;
 		}
-
-		// Apply encryption wrapper
-		$user = Server::get(IUserSession::class)->getUser();
-		$mountManager = Filesystem::getMountManager();
-		$uid = $user ? $user->getUID() : null;
-		$fileHelper = Server::get(IFile::class);
-		$keyStorage = Server::get(EncryptionKeysStorage::class);
-
-		$util = new Util(
-			new View(),
-			Server::get(IUserManager::class),
-			Server::get(IGroupManager::class),
-			Server::get(IConfig::class)
-		);
-		return new Encryption(
-			$parameters,
-			$this->manager,
-			$util,
-			$this->logger,
-			$fileHelper,
-			$uid,
-			$keyStorage,
-			$mountManager,
-			$this->arrayCache
-		);
 	}
 }