EncryptionWrapper.php 2.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. namespace OC\Encryption;
  8. use OC\Files\Filesystem;
  9. use OC\Files\Storage\Wrapper\Encryption;
  10. use OC\Files\View;
  11. use OC\Memcache\ArrayCache;
  12. use OCP\Encryption\IFile;
  13. use OCP\Encryption\Keys\IStorage as EncryptionKeysStorage;
  14. use OCP\Files\Mount\IMountPoint;
  15. use OCP\Files\Storage\IDisableEncryptionStorage;
  16. use OCP\Files\Storage\IStorage;
  17. use Psr\Log\LoggerInterface;
  18. /**
  19. * Class EncryptionWrapper
  20. *
  21. * applies the encryption storage wrapper
  22. *
  23. * @package OC\Encryption
  24. */
  25. class EncryptionWrapper {
  26. /** @var ArrayCache */
  27. private $arrayCache;
  28. /** @var Manager */
  29. private $manager;
  30. private LoggerInterface $logger;
  31. /**
  32. * EncryptionWrapper constructor.
  33. */
  34. public function __construct(ArrayCache $arrayCache,
  35. Manager $manager,
  36. LoggerInterface $logger
  37. ) {
  38. $this->arrayCache = $arrayCache;
  39. $this->manager = $manager;
  40. $this->logger = $logger;
  41. }
  42. /**
  43. * Wraps the given storage when it is not a shared storage
  44. *
  45. * @param string $mountPoint
  46. * @param IStorage $storage
  47. * @param IMountPoint $mount
  48. * @param bool $force apply the wrapper even if the storage normally has encryption disabled, helpful for repair steps
  49. * @return Encryption|IStorage
  50. */
  51. public function wrapStorage(string $mountPoint, IStorage $storage, IMountPoint $mount, bool $force = false) {
  52. $parameters = [
  53. 'storage' => $storage,
  54. 'mountPoint' => $mountPoint,
  55. 'mount' => $mount
  56. ];
  57. if ($force || (!$storage->instanceOfStorage(IDisableEncryptionStorage::class) && $mountPoint !== '/')) {
  58. $user = \OC::$server->getUserSession()->getUser();
  59. $mountManager = Filesystem::getMountManager();
  60. $uid = $user ? $user->getUID() : null;
  61. $fileHelper = \OC::$server->get(IFile::class);
  62. $keyStorage = \OC::$server->get(EncryptionKeysStorage::class);
  63. $util = new Util(
  64. new View(),
  65. \OC::$server->getUserManager(),
  66. \OC::$server->getGroupManager(),
  67. \OC::$server->getConfig()
  68. );
  69. $update = new Update(
  70. new View(),
  71. $util,
  72. Filesystem::getMountManager(),
  73. $this->manager,
  74. $fileHelper,
  75. $this->logger,
  76. $uid
  77. );
  78. return new Encryption(
  79. $parameters,
  80. $this->manager,
  81. $util,
  82. $this->logger,
  83. $fileHelper,
  84. $uid,
  85. $keyStorage,
  86. $update,
  87. $mountManager,
  88. $this->arrayCache
  89. );
  90. } else {
  91. return $storage;
  92. }
  93. }
  94. }