Merge pull request #312 from cryptomator/feature/files-in-use

Feature: Files-in-Use

Author: infeo

.idea/codeStyles/Project.xml

@@ -10,7 +10,8 @@ Changes to prior versions can be found on the [Github release page](https://gith
 ## [Unreleased](https://github.com/cryptomator/cryptofs/compare/2.9.0...HEAD)
 
 ### Added
-* [changelog](CHANGELOG.md) file
+* Files-in-Use: Optional feature to indicate for external parties if an encrypted file is currently opened by this filesystem ([#312](https://github.com/cryptomator/cryptofs/pull/312))
+* Changelog file
 
 ### Changed
 * Use JDK 25 for build (bf26d6c9cd15a2489126ee0409a8ec9eca59da0c)

CHANGELOG.md

@@ -25,6 +25,7 @@
 		<slf4j.version>2.0.17</slf4j.version>
 
 		<!-- test dependencies -->
+		<awaitility.version>4.3.0</awaitility.version>
 		<junit.jupiter.version>6.0.0</junit.jupiter.version>
 		<jmh.version>1.37</jmh.version>
 		<mockito.version>5.20.0</mockito.version>
@@ -159,6 +160,12 @@
 			<version>${jimfs.version}</version>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.awaitility</groupId>
+			<artifactId>awaitility</artifactId>
+			<version>${awaitility.version}</version>
+			<scope>test</scope>
+		</dependency>
 	</dependencies>
 
 	<build>

pom.xml

@@ -8,6 +8,7 @@
  *******************************************************************************/
 package org.cryptomator.cryptofs;
 
+import jakarta.inject.Inject;
 import org.cryptomator.cryptofs.attr.AttributeByNameProvider;
 import org.cryptomator.cryptofs.attr.AttributeProvider;
 import org.cryptomator.cryptofs.attr.AttributeViewProvider;
@@ -19,10 +20,14 @@
 import org.cryptomator.cryptofs.dir.CiphertextDirectoryDeleter;
 import org.cryptomator.cryptofs.dir.DirectoryStreamFactory;
 import org.cryptomator.cryptofs.dir.DirectoryStreamFilters;
+import org.cryptomator.cryptofs.event.FileIsInUseEvent;
+import org.cryptomator.cryptofs.event.FilesystemEvent;
 import org.cryptomator.cryptofs.fh.OpenCryptoFiles;
+import org.cryptomator.cryptofs.inuse.FileAlreadyInUseException;
+import org.cryptomator.cryptofs.inuse.InUseManager;
+import org.cryptomator.cryptofs.inuse.UseInfo;
 import org.cryptomator.cryptolib.api.Cryptor;
 
-import jakarta.inject.Inject;
 import java.io.IOException;
 import java.nio.channels.FileChannel;
 import java.nio.file.AccessDeniedException;
@@ -56,12 +61,14 @@
 import java.nio.file.attribute.PosixFileAttributes;
 import java.nio.file.attribute.PosixFilePermission;
 import java.nio.file.attribute.UserPrincipalLookupService;
+import java.time.Instant;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.EnumSet;
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
+import java.util.function.Consumer;
 import java.util.stream.Collectors;
 
 import static java.lang.String.format;
@@ -92,10 +99,11 @@ class CryptoFileSystemImpl extends CryptoFileSystem {
 	private final CiphertextDirectoryDeleter ciphertextDirDeleter;
 	private final ReadonlyFlag readonlyFlag;
 	private final CryptoFileSystemProperties fileSystemProperties;
-
+	private final InUseManager inUseManager;
 	private final CryptoPath rootPath;
 	private final CryptoPath emptyPath;
 	private final FileNameDecryptor fileNameDecryptor;
+	private final Consumer<FilesystemEvent> eventConsumer;
 
 	private volatile boolean open = true;
 
@@ -105,7 +113,7 @@ public CryptoFileSystemImpl(CryptoFileSystemProvider provider, CryptoFileSystems
 								PathMatcherFactory pathMatcherFactory, DirectoryStreamFactory directoryStreamFactory, DirectoryIdProvider dirIdProvider, DirectoryIdBackup dirIdBackup, //
 								AttributeProvider fileAttributeProvider, AttributeByNameProvider fileAttributeByNameProvider, AttributeViewProvider fileAttributeViewProvider, //
 								OpenCryptoFiles openCryptoFiles, Symlinks symlinks, FinallyUtil finallyUtil, CiphertextDirectoryDeleter ciphertextDirDeleter, ReadonlyFlag readonlyFlag, //
-								CryptoFileSystemProperties fileSystemProperties, FileNameDecryptor fileNameDecryptor) {
+								CryptoFileSystemProperties fileSystemProperties, InUseManager inUseManager, FileNameDecryptor fileNameDecryptor, Consumer<FilesystemEvent> eventConsumer) {
 		this.provider = provider;
 		this.cryptoFileSystems = cryptoFileSystems;
 		this.pathToVault = pathToVault;
@@ -130,7 +138,9 @@ public CryptoFileSystemImpl(CryptoFileSystemProvider provider, CryptoFileSystems
 
 		this.rootPath = cryptoPathFactory.rootFor(this);
 		this.emptyPath = cryptoPathFactory.emptyFor(this);
+		this.inUseManager = inUseManager;
 		this.fileNameDecryptor = fileNameDecryptor;
+		this.eventConsumer = eventConsumer;
 	}
 
 	@Override
@@ -203,9 +213,11 @@ public void close() throws IOException {
 			open = false;
 			finallyUtil.guaranteeInvocationOf( //
 					() -> cryptoFileSystems.remove(this), //
-					() -> openCryptoFiles.close(), //
-					() -> directoryStreamFactory.close(), //
-					() -> cryptor.destroy());
+					openCryptoFiles::close, //
+					directoryStreamFactory::close, //
+					inUseManager::close, //
+					cryptor::destroy //
+			);
 		}
 	}
 
@@ -402,8 +414,9 @@ private FileChannel newFileChannelFromFile(CryptoPath cleartextFilePath, Effecti
 			Files.createDirectories(ciphertextPath.getRawPath()); // suppresses FileAlreadyExists
 		}
 
-		FileChannel ch = openCryptoFiles.getOrCreate(ciphertextFilePath).newFileChannel(options, attrs); // might throw FileAlreadyExists
+		FileChannel ch = null;
 		try {
+			ch = openCryptoFiles.getOrCreate(ciphertextFilePath).newFileChannel(options, attrs); // might throw FileAlreadyExists
 			if (options.writable()) {
 				ciphertextPath.persistLongFileName();
 				stats.incrementAccessesWritten();
@@ -414,7 +427,17 @@ private FileChannel newFileChannelFromFile(CryptoPath cleartextFilePath, Effecti
 			stats.incrementAccesses();
 			return ch;
 		} catch (Exception e) {
-			ch.close();
+			if (e instanceof FileAlreadyInUseException) {
+				var useInfo = inUseManager.getUseInfo(ciphertextFilePath).orElse(new UseInfo("UNKNOWN", Instant.now()));
+				eventConsumer.accept(new FileIsInUseEvent(cleartextFilePath, ciphertextFilePath, useInfo.owner(), useInfo.lastUpdated(), () -> inUseManager.ignoreInUse(ciphertextFilePath)));
+			}
+			if (ch != null) {
+				try {
+					ch.close();
+				} catch (IOException closeEx) {
+					e.addSuppressed(closeEx);
+				}
+			}
 			throw e;
 		}
 	}
@@ -428,11 +451,18 @@ void delete(CryptoPath cleartextPath) throws IOException {
 		CiphertextFilePath ciphertextPath = cryptoPathMapper.getCiphertextFilePath(cleartextPath);
 		switch (ciphertextFileType) {
 			case DIRECTORY -> deleteDirectory(cleartextPath, ciphertextPath);
-			case FILE, SYMLINK -> deleteFileOrSymlink(ciphertextPath);
+			case FILE -> deleteFile(cleartextPath, ciphertextPath);
+			case SYMLINK -> deleteSymlink(ciphertextPath);
 		}
 	}
 
-	private void deleteFileOrSymlink(CiphertextFilePath ciphertextPath) throws IOException {
+	private void deleteFile(CryptoPath cleartextPath, CiphertextFilePath ciphertextPath) throws IOException {
+		checkUsage(cleartextPath, ciphertextPath);
+		openCryptoFiles.delete(ciphertextPath.getFilePath());
+		Files.walkFileTree(ciphertextPath.getRawPath(), DeletingFileVisitor.INSTANCE);
+	}
+
+	private void deleteSymlink(CiphertextFilePath ciphertextPath) throws IOException {
 		openCryptoFiles.delete(ciphertextPath.getFilePath());
 		Files.walkFileTree(ciphertextPath.getRawPath(), DeletingFileVisitor.INSTANCE);
 	}
@@ -605,6 +635,8 @@ private void moveFile(CryptoPath cleartextSource, CryptoPath cleartextTarget, Co
 		CiphertextFilePath ciphertextSource = cryptoPathMapper.getCiphertextFilePath(cleartextSource);
 		CiphertextFilePath ciphertextTarget = cryptoPathMapper.getCiphertextFilePath(cleartextTarget);
 		try (OpenCryptoFiles.TwoPhaseMove twoPhaseMove = openCryptoFiles.prepareMove(ciphertextSource.getRawPath(), ciphertextTarget.getRawPath())) {
+			checkUsage(cleartextSource, ciphertextSource);
+			checkUsage(cleartextTarget, ciphertextTarget);
 			if (ciphertextTarget.isShortened()) {
 				Files.createDirectories(ciphertextTarget.getRawPath());
 				ciphertextTarget.persistLongFileName();
@@ -700,4 +732,14 @@ public String toString() {
 		return format("%sCryptoFileSystem(%s)", open ? "" : "closed ", pathToVault);
 	}
 
+	//visible for testing
+	void checkUsage(CryptoPath cleartextPath, CiphertextFilePath ciphertextPath) throws FileAlreadyInUseException {
+		var path = ciphertextPath.getFilePath();
+		if (inUseManager.isInUseByOthers(path)) {
+			var useInfo = inUseManager.getUseInfo(path).orElse(new UseInfo("UNKNOWN", Instant.now()));
+			eventConsumer.accept(new FileIsInUseEvent(cleartextPath, ciphertextPath.getRawPath(), useInfo.owner(), useInfo.lastUpdated(), () -> inUseManager.ignoreInUse(path)));
+			throw new FileAlreadyInUseException(ciphertextPath.getRawPath());
+		}
+	}
+
 }

src/main/java/org/cryptomator/cryptofs/CryptoFileSystemImpl.java

@@ -12,13 +12,18 @@
 import org.cryptomator.cryptofs.dir.DirectoryStreamComponent;
 import org.cryptomator.cryptofs.event.FilesystemEvent;
 import org.cryptomator.cryptofs.fh.OpenCryptoFileComponent;
+import org.cryptomator.cryptofs.inuse.InUseManager;
+import org.cryptomator.cryptofs.inuse.RealInUseManager;
+import org.cryptomator.cryptofs.inuse.StubInUseManager;
+import org.cryptomator.cryptolib.api.Cryptor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.nio.file.FileStore;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.util.Objects;
 import java.util.Optional;
 import java.util.function.Consumer;
 
@@ -50,4 +55,16 @@ public Consumer<FilesystemEvent> provideFilesystemEventConsumer(CryptoFileSystem
 			}
 		};
 	}
+
+	@Provides
+	@CryptoFileSystemScoped
+	public InUseManager provideInUseManager(CryptoFileSystemProperties fsProps, Cryptor cryptor) {
+		var owner = Objects.requireNonNullElse(fsProps.owner(), "");
+		if (!owner.isBlank() && !fsProps.readonly()) {
+			return new RealInUseManager(owner, cryptor);
+		} else {
+			return new StubInUseManager();
+		}
+
+	}
 }

src/main/java/org/cryptomator/cryptofs/CryptoFileSystemModule.java

@@ -115,6 +115,14 @@ public enum FileSystemFlags {
 
 	static final CryptorProvider.Scheme DEFAULT_CIPHER_COMBO = CryptorProvider.Scheme.SIV_GCM;
 
+	/**
+	 * Key identifying the filesystem owner.
+	 *
+	 * @since 2.10.0
+	 */
+	public static final String PROPERTY_OWNER = "owner";
+	static final String DEFAULT_OWNER = "";
+
 	private final Set<Entry<String, Object>> entries;
 
 	private CryptoFileSystemProperties(Builder builder) {
@@ -126,7 +134,8 @@ private CryptoFileSystemProperties(Builder builder) {
 				Map.entry(PROPERTY_EVENT_CONSUMER, builder.eventConsumer), //
 				Map.entry(PROPERTY_MAX_CLEARTEXT_NAME_LENGTH, builder.maxCleartextNameLength), //
 				Map.entry(PROPERTY_SHORTENING_THRESHOLD, builder.shorteningThreshold), //
-				Map.entry(PROPERTY_CIPHER_COMBO, builder.cipherCombo) //
+				Map.entry(PROPERTY_CIPHER_COMBO, builder.cipherCombo), //
+				Map.entry(PROPERTY_OWNER, builder.owner) //
 		);
 	}
 
@@ -169,6 +178,10 @@ Consumer<FilesystemEvent> filesystemEventConsumer() {
 		return (Consumer<FilesystemEvent>) get(PROPERTY_EVENT_CONSUMER);
 	}
 
+	String owner() {
+		return (String) get(PROPERTY_OWNER);
+	}
+
 	@Override
 	public Set<Entry<String, Object>> entrySet() {
 		return entries;
@@ -225,6 +238,7 @@ public static class Builder {
 		private int maxCleartextNameLength = DEFAULT_MAX_CLEARTEXT_NAME_LENGTH;
 		private int shorteningThreshold = DEFAULT_SHORTENING_THRESHOLD;
 		private Consumer<FilesystemEvent> eventConsumer = DEFAULT_EVENT_CONSUMER;
+		private String owner = DEFAULT_OWNER;
 
 		private Builder() {
 		}
@@ -238,6 +252,7 @@ private Builder(Map<String, ?> properties) {
 			checkedSet(Integer.class, PROPERTY_SHORTENING_THRESHOLD, properties, this::withShorteningThreshold);
 			checkedSet(CryptorProvider.Scheme.class, PROPERTY_CIPHER_COMBO, properties, this::withCipherCombo);
 			checkedSet(Consumer.class, PROPERTY_EVENT_CONSUMER, properties, this::withFilesystemEventConsumer);
+			checkedSet(String.class, PROPERTY_OWNER, properties, this::withOwner);
 		}
 
 		private <T> void checkedSet(Class<T> type, String key, Map<String, ?> properties, Consumer<T> setter) {
@@ -367,6 +382,23 @@ public Builder withFilesystemEventConsumer(Consumer<FilesystemEvent> eventConsum
 			return this;
 		}
 
+		/**
+		 * Sets the owner of the filesystem.
+		 * <p>
+		 * The owners length must be less than or equal to 100.
+		 *
+		 * @param owner the owner string used when marking files in-use
+		 * @return this
+		 * @since 2.10.0
+		 */
+		public Builder withOwner(String owner) {
+			if (owner.length() > 100) {
+				throw new IllegalArgumentException("owner must have length less than or equal to 100");
+			}
+			this.owner = owner;
+			return this;
+		}
+
 		/**
 		 * Validates the values and creates new {@link CryptoFileSystemProperties}.
 		 *

src/main/java/org/cryptomator/cryptofs/CryptoFileSystemProperties.java

@@ -2,14 +2,12 @@
 
 import jakarta.inject.Inject;
 import org.cryptomator.cryptofs.common.Constants;
+import org.cryptomator.cryptofs.common.EncryptedChannels;
 import org.cryptomator.cryptolib.api.CryptoException;
 import org.cryptomator.cryptolib.api.Cryptor;
-import org.cryptomator.cryptolib.common.DecryptingReadableByteChannel;
-import org.cryptomator.cryptolib.common.EncryptingWritableByteChannel;
 
 import java.io.IOException;
 import java.nio.ByteBuffer;
-import java.nio.channels.ByteChannel;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -38,7 +36,7 @@ public DirectoryIdBackup(Cryptor cryptor) {
 	 */
 	public void write(CiphertextDirectory ciphertextDirectory) throws IOException {
 		try (var channel = Files.newByteChannel(getBackupFilePath(ciphertextDirectory.path()), StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE); //
-			 var encryptingChannel = wrapEncryptionAround(channel, cryptor)) {
+			 var encryptingChannel = EncryptedChannels.wrapEncryptionAround(channel, cryptor)) {
 			encryptingChannel.write(ByteBuffer.wrap(ciphertextDirectory.dirId().getBytes(StandardCharsets.US_ASCII)));
 		}
 	}
@@ -72,7 +70,7 @@ public byte[] read(Path ciphertextContentDir) throws IOException, CryptoExceptio
 		var dirIdBuffer = ByteBuffer.allocate(Constants.MAX_DIR_ID_LENGTH + 1); //a dir id contains at most 36 ascii chars, we add for security checks one more
 
 		try (var channel = Files.newByteChannel(dirIdBackupFile, StandardOpenOption.READ); //
-			 var decryptingChannel = wrapDecryptionAround(channel, cryptor)) {
+			 var decryptingChannel = EncryptedChannels.wrapDecryptionAround(channel, cryptor)) {
 			int read = decryptingChannel.read(dirIdBuffer);
 			if (read < 0 || read > Constants.MAX_DIR_ID_LENGTH) {
 				throw new IllegalStateException("Read directory id exceeds the maximum length of %d characters".formatted(Constants.MAX_DIR_ID_LENGTH));
@@ -103,11 +101,4 @@ private static Path getBackupFilePath(Path ciphertextContentDir) {
 		return ciphertextContentDir.resolve(Constants.DIR_ID_BACKUP_FILE_NAME);
 	}
 
-	DecryptingReadableByteChannel wrapDecryptionAround(ByteChannel channel, Cryptor cryptor) {
-		return new DecryptingReadableByteChannel(channel, cryptor, true);
-	}
-
-	EncryptingWritableByteChannel wrapEncryptionAround(ByteChannel channel, Cryptor cryptor) {
-		return new EncryptingWritableByteChannel(channel, cryptor);
-	}
 }