-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Avoid determination of document editor in per-user-encryption setups #1396
Avoid determination of document editor in per-user-encryption setups #1396
Conversation
@juliushaertl Do you know how to solve the failing tests? I'm using |
Yes, the server-side encryption is built in a modular way where the default encryption module (the encryption app that is shipped) is taking care of the implementation in regards to user/master key encryption, so that part is only in the app and not in the server encryption API. That is of course not ideal from an integrating apps perspective since we cannot be sure if the app is enabled or not. Due to that the app is disabled in the tests the autoloader is not able to inject the Util instance into the WopiController constructor. Probably the most suitable way would be to just avoid using dependency injection for the master key check and do something like this for the check:
|
… are active. The incognito mode is also used for fetching documents (see method `getFile`). Signed-off-by: Mario Klump <mail@marioklump.net>
Signed-off-by: Mario Klump <mail@marioklump.net>
Signed-off-by: Mario Klump <mail@marioklump.net> Co-authored-by: Julius Härtl <jus@bitgrid.net>
/backport to stable3.7 |
Summary
When saving a document with enabled per-user encryption keys, an exception
Private Key missing for user: please try to log-out and log-in again
is thrown.This is caused by the determination of the user who is editing the document to be able to trace the document's changes (https://github.com/nextcloud/richdocuments/blob/master/lib/Controller/WopiController.php#L407). Setting a specific user causes the usage of the user-specific encryption key instead of using the incognito mode (like it's done in
getFile
: https://github.com/nextcloud/richdocuments/blob/master/lib/Controller/WopiController.php#L349).Checklist