Skip to content

Commit 6b70181

Browse files
come-nccome-nc
committed
feat(encryption): Support running decrypt-all when encryption is already disabled
This was an arbitrary limitation since the first thing the command does is disabling encryption anyway, it makes little sence to force the admin to enable encryption first. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 parent 4c17229 commit 6b70181

File tree

1 file changed

+20
-11
lines changed

1 file changed

+20
-11
lines changed

core/Command/Encryption/DecryptAll.php

Lines changed: 20 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,12 @@
55
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
66
* SPDX-License-Identifier: AGPL-3.0-only
77
*/
8+
89
namespace OC\Core\Command\Encryption;
910

1011
use OCP\App\IAppManager;
1112
use OCP\Encryption\IManager;
13+
use OCP\IAppConfig;
1214
use OCP\IConfig;
1315
use Symfony\Component\Console\Command\Command;
1416
use Symfony\Component\Console\Helper\QuestionHelper;
@@ -25,6 +27,7 @@ public function __construct(
2527
protected IManager $encryptionManager,
2628
protected IAppManager $appManager,
2729
protected IConfig $config,
30+
protected IAppConfig $appConfig,
2831
protected \OC\Encryption\DecryptAll $decryptAll,
2932
protected QuestionHelper $questionHelper,
3033
) {
@@ -88,14 +91,14 @@ protected function execute(InputInterface $input, OutputInterface $output): int
8891
return 1;
8992
}
9093

94+
$originallyEnabled = $this->appConfig->getValueBool('core', 'encryption_enabled');
9195
try {
92-
if ($this->encryptionManager->isEnabled() === true) {
96+
if ($originallyEnabled) {
9397
$output->write('Disable server side encryption... ');
94-
$this->config->setAppValue('core', 'encryption_enabled', 'no');
98+
$this->appConfig->setValueBool('core', 'encryption_enabled', false);
9599
$output->writeln('done.');
96100
} else {
97101
$output->writeln('Server side encryption not enabled. Nothing to do.');
98-
return 0;
99102
}
100103

101104
$uid = $input->getArgument('user');
@@ -118,23 +121,29 @@ protected function execute(InputInterface $input, OutputInterface $output): int
118121
$result = $this->decryptAll->decryptAll($input, $output, $user);
119122
if ($result === false) {
120123
$output->writeln(' aborted.');
124+
if ($originallyEnabled) {
125+
$output->writeln('Server side encryption remains enabled');
126+
$this->appConfig->setValueBool('core', 'encryption_enabled', true);
127+
}
128+
} elseif (($uid !== '') && $originallyEnabled) {
121129
$output->writeln('Server side encryption remains enabled');
122-
$this->config->setAppValue('core', 'encryption_enabled', 'yes');
123-
} elseif ($uid !== '') {
124-
$output->writeln('Server side encryption remains enabled');
125-
$this->config->setAppValue('core', 'encryption_enabled', 'yes');
130+
$this->appConfig->setValueBool('core', 'encryption_enabled', true);
126131
}
127132
$this->resetMaintenanceAndTrashbin();
128133
return 0;
129134
}
130-
$output->write('Enable server side encryption... ');
131-
$this->config->setAppValue('core', 'encryption_enabled', 'yes');
132-
$output->writeln('done.');
135+
if ($originallyEnabled) {
136+
$output->write('Enable server side encryption... ');
137+
$this->appConfig->setValueBool('core', 'encryption_enabled', true);
138+
$output->writeln('done.');
139+
}
133140
$output->writeln('aborted');
134141
return 1;
135142
} catch (\Exception $e) {
136143
// enable server side encryption again if something went wrong
137-
$this->config->setAppValue('core', 'encryption_enabled', 'yes');
144+
if ($originallyEnabled) {
145+
$this->appConfig->setValueBool('core', 'encryption_enabled', true);
146+
}
138147
$this->resetMaintenanceAndTrashbin();
139148
throw $e;
140149
}

0 commit comments

Comments
 (0)