DisableMasterKey.php 2.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-License-Identifier: AGPL-3.0-or-later
  5. */
  6. namespace OCA\Encryption\Command;
  7. use OCA\Encryption\Util;
  8. use OCP\IConfig;
  9. use Symfony\Component\Console\Command\Command;
  10. use Symfony\Component\Console\Helper\QuestionHelper;
  11. use Symfony\Component\Console\Input\InputInterface;
  12. use Symfony\Component\Console\Output\OutputInterface;
  13. use Symfony\Component\Console\Question\ConfirmationQuestion;
  14. class DisableMasterKey extends Command {
  15. /** @var Util */
  16. protected $util;
  17. /** @var IConfig */
  18. protected $config;
  19. /** @var QuestionHelper */
  20. protected $questionHelper;
  21. /**
  22. * @param Util $util
  23. * @param IConfig $config
  24. * @param QuestionHelper $questionHelper
  25. */
  26. public function __construct(Util $util,
  27. IConfig $config,
  28. QuestionHelper $questionHelper) {
  29. $this->util = $util;
  30. $this->config = $config;
  31. $this->questionHelper = $questionHelper;
  32. parent::__construct();
  33. }
  34. protected function configure() {
  35. $this
  36. ->setName('encryption:disable-master-key')
  37. ->setDescription('Disable the master key and use per-user keys instead. Only available for fresh installations with no existing encrypted data! There is no way to enable it again.');
  38. }
  39. protected function execute(InputInterface $input, OutputInterface $output): int {
  40. $isMasterKeyEnabled = $this->util->isMasterKeyEnabled();
  41. if (!$isMasterKeyEnabled) {
  42. $output->writeln('Master key already disabled');
  43. } else {
  44. $question = new ConfirmationQuestion(
  45. 'Warning: Only perform this operation for a fresh installations with no existing encrypted data! '
  46. . 'There is no way to enable the master key again. '
  47. . 'We strongly recommend to keep the master key, it provides significant performance improvements '
  48. . 'and is easier to handle for both, users and administrators. '
  49. . 'Do you really want to switch to per-user keys? (y/n) ', false);
  50. if ($this->questionHelper->ask($input, $output, $question)) {
  51. $this->config->setAppValue('encryption', 'useMasterKey', '0');
  52. $output->writeln('Master key successfully disabled.');
  53. } else {
  54. $output->writeln('aborted.');
  55. return 1;
  56. }
  57. }
  58. return 0;
  59. }
  60. }