Merge pull request #3481 from nextcloud/backport/3425/stable30

[stable30] Encryption trash fixes
nextcloud · Dec 12, 2024 · 208c87c · 208c87c
2 parents 7771396 + 61a1818
commit 208c87c
Show file tree

Hide file tree

Showing 5 changed files with 236 additions and 83 deletions.
diff --git a/lib/Mount/GroupFolderStorage.php b/lib/Mount/GroupFolderStorage.php
@@ -10,16 +10,17 @@
 use OC\Files\ObjectStore\ObjectStoreScanner;
 use OC\Files\ObjectStore\ObjectStoreStorage;
 use OC\Files\Storage\Wrapper\Quota;
+use OCP\Files\Cache\ICache;
 use OCP\Files\Cache\ICacheEntry;
 use OCP\IUser;
 use OCP\IUserSession;
 
 class GroupFolderStorage extends Quota {
 	private int $folderId;
-	private ICacheEntry $rootEntry;
+	private ?ICacheEntry $rootEntry;
 	private IUserSession $userSession;
-	private ?IUser $mountOwner = null;
-	/** @var RootEntryCache|null */
+	private ?IUser $mountOwner;
+	/** @var ICache|null */
 	public $cache = null;
 
 	public function __construct($parameters) {
@@ -53,7 +54,12 @@ public function getCache($path = '', $storage = null) {
 			$storage = $this;
 		}
 
-		$this->cache = new RootEntryCache(parent::getCache($path, $storage), $this->rootEntry);
+		$cache = parent::getCache($path, $storage);
+		if ($this->rootEntry !== null) {
+			$cache = new RootEntryCache($cache, $this->rootEntry);
+		}
+		$this->cache = $cache;
+
 		return $this->cache;
 	}
 

diff --git a/lib/Mount/MountProvider.php b/lib/Mount/MountProvider.php
@@ -128,7 +128,7 @@ public function getMountsForUser(IUser $user, IStorageFactory $loader) {
 		$aclManager = $this->aclManagerFactory->getACLManager($user, $this->getRootStorageId());
 		$rootRules = $aclManager->getRelevantRulesForPath($aclRootPaths);
 
-		return array_values(array_filter(array_map(function ($folder) use ($user, $loader, $conflicts, $aclManager, $rootRules) {
+		return array_merge(...array_filter(array_map(function (array $folder) use ($user, $loader, $conflicts, $aclManager, $rootRules): ?array {
 			// check for existing files in the user home and rename them if needed
 			$originalFolderName = $folder['mount_point'];
 			if (in_array($originalFolderName, $conflicts)) {
@@ -147,7 +147,7 @@ public function getMountsForUser(IUser $user, IStorageFactory $loader) {
 				$userStorage->getPropagator()->propagateChange("files/$folderName", time());
 			}
 
-			return $this->getMount(
+			$mount = $this->getMount(
 				$folder['folder_id'],
 				'/' . $user->getUID() . '/files/' . $folder['mount_point'],
 				$folder['permissions'],
@@ -159,6 +159,22 @@ public function getMountsForUser(IUser $user, IStorageFactory $loader) {
 				$aclManager,
 				$rootRules
 			);
+			if (!$mount) {
+				return null;
+			}
+			$trashMount = $this->getTrashMount(
+				$folder['folder_id'],
+				'/' . $user->getUID() . '/files_trashbin/groupfolders/' . $folder['folder_id'],
+				$folder['quota'],
+				$loader,
+				$user
+			);
+
+			return [
+				$mount,
+				$trashMount,
+			];
+
 		}, $folders)));
 	}
 
@@ -181,16 +197,16 @@ private function getCurrentUID(): ?string {
 	}
 
 	public function getMount(
-		int $id,
-		string $mountPoint,
-		int $permissions,
-		int $quota,
-		?ICacheEntry $cacheEntry = null,
+		int              $id,
+		string           $mountPoint,
+		int              $permissions,
+		int              $quota,
+		?ICacheEntry     $cacheEntry = null,
 		?IStorageFactory $loader = null,
-		bool $acl = false,
-		?IUser $user = null,
-		?ACLManager $aclManager = null,
-		array $rootRules = []
+		bool             $acl = false,
+		?IUser           $user = null,
+		?ACLManager      $aclManager = null,
+		array            $rootRules = []
 	): ?IMountPoint {
 		if (!$cacheEntry) {
 			// trigger folder creation
@@ -220,52 +236,91 @@ public function getMount(
 			$cacheEntry['permissions'] &= $aclRootPermissions;
 		}
 
+		$quotaStorage = $this->getGroupFolderStorage($id, $storage, $user, $rootPath, $quota, $cacheEntry);
+
+		$maskedStore = new PermissionsMask([
+			'storage' => $quotaStorage,
+			'mask' => $permissions,
+		]);
+
+		if (!$this->allowRootShare) {
+			$maskedStore = new RootPermissionsMask([
+				'storage' => $maskedStore,
+				'mask' => Constants::PERMISSION_ALL - Constants::PERMISSION_SHARE,
+			]);
+		}
+
+		return new GroupMountPoint(
+			$id,
+			$maskedStore,
+			$mountPoint,
+			null,
+			$loader
+		);
+	}
+
+	public function getTrashMount(
+		int             $id,
+		string          $mountPoint,
+		int             $quota,
+		IStorageFactory $loader,
+		IUser           $user,
+	): IMountPoint {
+
+		$storage = $this->getRootFolder()->getStorage();
+
+		$storage->setOwner($user->getUID());
+
+		$trashPath = $this->getRootFolder()->getInternalPath() . '/trash/' . $id;
+
+		$trashStorage = $this->getGroupFolderStorage($id, $storage, $user, $trashPath, $quota, null);
+
+		return new GroupMountPoint(
+			$id,
+			$trashStorage,
+			$mountPoint,
+			null,
+			$loader
+		);
+	}
+
+	public function getGroupFolderStorage(
+		int          $id,
+		IStorage     $rootStorage,
+		?IUser       $user,
+		string       $rootPath,
+		int          $quota,
+		?ICacheEntry $rootCacheEntry,
+	): IStorage {
 		if ($this->enableEncryption) {
 			$baseStorage = new GroupFolderEncryptionJail([
-				'storage' => $storage,
-				'root' => $rootPath
+				'storage' => $rootStorage,
+				'root' => $rootPath,
 			]);
 			$quotaStorage = new GroupFolderStorage([
 				'storage' => $baseStorage,
 				'quota' => $quota,
 				'folder_id' => $id,
-				'rootCacheEntry' => $cacheEntry,
+				'rootCacheEntry' => $rootCacheEntry,
 				'userSession' => $this->userSession,
 				'mountOwner' => $user,
 			]);
 		} else {
 			$baseStorage = new Jail([
-				'storage' => $storage,
-				'root' => $rootPath
+				'storage' => $rootStorage,
+				'root' => $rootPath,
 			]);
 			$quotaStorage = new GroupFolderNoEncryptionStorage([
 				'storage' => $baseStorage,
 				'quota' => $quota,
 				'folder_id' => $id,
-				'rootCacheEntry' => $cacheEntry,
+				'rootCacheEntry' => $rootCacheEntry,
 				'userSession' => $this->userSession,
 				'mountOwner' => $user,
 			]);
 		}
-		$maskedStore = new PermissionsMask([
-			'storage' => $quotaStorage,
-			'mask' => $permissions
-		]);
-
-		if (!$this->allowRootShare) {
-			$maskedStore = new RootPermissionsMask([
-				'storage' => $maskedStore,
-				'mask' => Constants::PERMISSION_ALL - Constants::PERMISSION_SHARE,
-			]);
-		}
 
-		return new GroupMountPoint(
-			$id,
-			$maskedStore,
-			$mountPoint,
-			null,
-			$loader
-		);
+		return $quotaStorage;
 	}
 
 	public function getJailPath(int $folderId): string {

diff --git a/lib/Trash/GroupTrashItem.php b/lib/Trash/GroupTrashItem.php
@@ -6,7 +6,6 @@
 
 namespace OCA\GroupFolders\Trash;
 
-use OC\Files\Storage\Wrapper\Jail;
 use OCA\Files_Trashbin\Trash\ITrashBackend;
 use OCA\Files_Trashbin\Trash\TrashItem;
 use OCP\Files\FileInfo;
@@ -45,18 +44,7 @@ public function getTitle(): string {
 		return $this->getGroupFolderMountPoint() . '/' . $this->getOriginalLocation();
 	}
 
-	public function getStorage() {
-		// get the unjailed storage, since the trash item is outside the jail
-		// (the internal path is also unjailed)
-		$groupFolderStorage = parent::getStorage();
-		if ($groupFolderStorage->instanceOfStorage(Jail::class)) {
-			/** @var Jail $groupFolderStorage */
-			return $groupFolderStorage->getUnjailedStorage();
-		}
-		return $groupFolderStorage;
-	}
-
-	public function getMtime() {
+	public function getMtime(): int {
 		// trashbin is currently (incorrectly) assuming these to be the same
 		return $this->getDeletedTime();
 	}