upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-22 10:06:37 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 16

Merge pull request #60001 from cuppett/refactor/encryption-wrapper-homemount-support

Browse source 
fix(encryption): Refactor EncryptionWrapper with HomeMountPoint support
This commit is contained in:
Stephen Cuppett 2026-05-12 07:35:45 -04:00 committed by GitHub
commit e47345ed83
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 43 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
lib/private/Encryption/EncryptionWrapper.php
View file

@ -8,6 +8,7 @@
namespace OC\Encryption;
use OC\Files\Filesystem;
use OC\Files\Mount\HomeMountPoint;
use OC\Files\Storage\Wrapper\Encryption;
use OC\Files\View;
use OC\Memcache\ArrayCache;
@ -16,6 +17,7 @@ use OCP\Encryption\Keys\IStorage as EncryptionKeysStorage;
use OCP\Files\Mount\IMountPoint;
use OCP\Files\Storage\IDisableEncryptionStorage;
use OCP\Files\Storage\IStorage;
use OCP\IAppConfig;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IUserManager;
@ -57,32 +59,48 @@ class EncryptionWrapper {
'mount' => $mount
];
if ($force || (!$storage->instanceOfStorage(IDisableEncryptionStorage::class) && $mountPoint !== '/')) {
$user = Server::get(IUserSession::class)->getUser();
$mountManager = Filesystem::getMountManager();
$uid = $user ? $user->getUID() : null;
$fileHelper = Server::get(IFile::class);
$keyStorage = Server::get(EncryptionKeysStorage::class);
// Only evaluate other conditions if not forced
if (!$force) {
// If a disabled storage medium, return basic storage
if ($storage->instanceOfStorage(IDisableEncryptionStorage::class)) {
return $storage;
}
$util = new Util(
new View(),
Server::get(IUserManager::class),
Server::get(IGroupManager::class),
Server::get(IConfig::class)
);
return new Encryption(
$parameters,
$this->manager,
$util,
$this->logger,
$fileHelper,
$uid,
$keyStorage,
$mountManager,
$this->arrayCache
);
} else {
return $storage;
// Root mount point handling: skip encryption wrapper
if ($mountPoint === '/') {
return $storage;
}
// Skip encryption for home mounts if encryptHomeStorage is disabled
if ($mount instanceof HomeMountPoint
&& !Server::get(IAppConfig::class)->getValueBool('encryption', 'encryptHomeStorage', true)) {
return $storage;
}
}
// Apply encryption wrapper
$user = Server::get(IUserSession::class)->getUser();
$mountManager = Filesystem::getMountManager();
$uid = $user ? $user->getUID() : null;
$fileHelper = Server::get(IFile::class);
$keyStorage = Server::get(EncryptionKeysStorage::class);
$util = new Util(
new View(),
Server::get(IUserManager::class),
Server::get(IGroupManager::class),
Server::get(IConfig::class)
);
return new Encryption(
$parameters,
$this->manager,
$util,
$this->logger,
$fileHelper,
$uid,
$keyStorage,
$mountManager,
$this->arrayCache
);
}
}