DisableMasterKey.php 1.9 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-License-Identifier: AGPL-3.0-or-later
  5. */
  6. namespace OCA\Encryption\Command;
  7. use OCA\Encryption\Util;
  8. use OCP\IConfig;
  9. use Symfony\Component\Console\Command\Command;
  10. use Symfony\Component\Console\Helper\QuestionHelper;
  11. use Symfony\Component\Console\Input\InputInterface;
  12. use Symfony\Component\Console\Output\OutputInterface;
  13. use Symfony\Component\Console\Question\ConfirmationQuestion;
  14. class DisableMasterKey extends Command {
  15. public function __construct(
  16. protected Util $util,
  17. protected IConfig $config,
  18. protected QuestionHelper $questionHelper,
  19. ) {
  20. parent::__construct();
  21. }
  22. protected function configure(): void {
  23. $this
  24. ->setName('encryption:disable-master-key')
  25. ->setDescription('Disable the master key and use per-user keys instead. Only available for fresh installations with no existing encrypted data! There is no way to enable it again.');
  26. }
  27. protected function execute(InputInterface $input, OutputInterface $output): int {
  28. $isMasterKeyEnabled = $this->util->isMasterKeyEnabled();
  29. if (!$isMasterKeyEnabled) {
  30. $output->writeln('Master key already disabled');
  31. return self::SUCCESS;
  32. }
  33. $question = new ConfirmationQuestion(
  34. 'Warning: Only perform this operation for a fresh installations with no existing encrypted data! '
  35. . 'There is no way to enable the master key again. '
  36. . 'We strongly recommend to keep the master key, it provides significant performance improvements '
  37. . 'and is easier to handle for both, users and administrators. '
  38. . 'Do you really want to switch to per-user keys? (y/n) ', false);
  39. if ($this->questionHelper->ask($input, $output, $question)) {
  40. $this->config->setAppValue('encryption', 'useMasterKey', '0');
  41. $output->writeln('Master key successfully disabled.');
  42. return self::SUCCESS;
  43. }
  44. $output->writeln('aborted.');
  45. return self::FAILURE;
  46. }
  47. }