Skip to content

Cleanup alternate storage location keys of user#16

Merged
sharidas merged 1 commit into
masterfrom
listen-event-delete-userkeys-alt-storage
Oct 6, 2017
Merged

Cleanup alternate storage location keys of user#16
sharidas merged 1 commit into
masterfrom
listen-event-delete-userkeys-alt-storage

Conversation

@sharidas

@sharidas sharidas commented Oct 4, 2017

Copy link
Copy Markdown
Contributor

This is to make sure that there are no user
specific folders if the keys are stored in
alternate location apart from the default
location, when a user is deleted. Hence the
keys inside user folder in the alternate
location would be deleted.

Signed-off-by: Sujith H sharidasan@owncloud.com

@sharidas sharidas self-assigned this Oct 4, 2017
@sharidas sharidas requested a review from DeepDiver1975 October 4, 2017 13:00
@sharidas sharidas added this to the development milestone Oct 4, 2017
@sharidas sharidas force-pushed the listen-event-delete-userkeys-alt-storage branch from c606dae to 837bc98 Compare October 5, 2017 06:58
@sharidas sharidas changed the title Listen to event when user is deleted Cleanup alternate storage location keys of user Oct 5, 2017
Comment thread lib/Hooks/UserHooks.php Outdated
$this->keyManager->deletePublicKey($params['uid']);
}

\OC::$server->getEncryptionKeyStorage()->deleteAltUserStorageKeys($params['uid']);

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could the key storage be injected?

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this piece be executed only if the encryption app is enable? (just asking)

@jvillafanez

Copy link
Copy Markdown
Member

Specify what you've tested in the comments in case there are some scenarios that you didn't consider.

Some questions I have:

  • What happens in the keys aren't in the alternate location? Code shouldn't explode and just ignore
  • What happens if the user uid is null, empty or other weird scenario?

@sharidas

sharidas commented Oct 6, 2017

Copy link
Copy Markdown
Contributor Author

So the behaviour without this change:

  • When keys are stored in default location, the deletion of user will clean up the keys associated with the users.
  • When keys are changed to some different location ( obviously relative to data folder ), the deletion of user will not clean up the keys associated with the users.
    After applying this change:
  • The keys are deleted even if the storage location of keys are not default for the users, when the user is deleted.
  • If keys are in the default location, code wont explode.

Do we really need to check if the uid exists, if its null/empty? Because all we are trying to achieve here is a simple remove operation if : the storage location is not default one.

@jvillafanez

Copy link
Copy Markdown
Member

Do we really need to check if the uid exists, if its null/empty?

According to what I see in https://github.com/owncloud/core/blob/17691e444641a84103387ef118beee9b0df4f112/lib/private/Encryption/Keys/Storage.php#L197 if somehow the user uid is empty, it could imply that all the user keys are deleted. This is really bad.
Is it possible that such scenario happen? I don't really know, but I'd rather stay on the safe side and make sure it won't ever happen. If you assure that the uid will always contain something and such scenario won't happen, I'm fine if you add a comment there.

@sharidas sharidas force-pushed the listen-event-delete-userkeys-alt-storage branch from 837bc98 to 8688c95 Compare October 6, 2017 10:06
@sharidas

sharidas commented Oct 6, 2017

Copy link
Copy Markdown
Contributor Author

I have verified both using UI and command to delete user, uid wasn't found null/empty or so. You are right, if the uid becomes empty then it would delete the entire folder. So I have added a check before calling the method to make sure its not null or empty.

Comment thread lib/Hooks/UserHooks.php Outdated
$this->keyManager->deletePublicKey($params['uid']);
}

if (!is_null($params['uid']) && ($params['uid'] !== '')) {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's better to move this inside the App::isEnabled('encryption') check, just for consistency. Maybe we can remove the App::isEnabled('encryption') check and remove the keys in any case. It's weird that some keys are removed if the encryption is disabled but others not.

If this is the right behaviour, add a comment explaining.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved the piece of code inside App::isEnabled('encryption') check. Since its a hook, imho it would not be a good idea to remove the check App::isEnabled('encryption').

This is to make sure that there are no user
specific folders if the keys are stored in
alternate location apart from the default
location, when a user is deleted. Hence the
keys inside user folder in the alternate
location would be deleted.

Signed-off-by: Sujith H <sharidasan@owncloud.com>
@sharidas sharidas force-pushed the listen-event-delete-userkeys-alt-storage branch from 8688c95 to d3a9f95 Compare October 6, 2017 11:42
@sharidas sharidas merged commit eeac020 into master Oct 6, 2017
@patrickjahns patrickjahns removed this from the QA milestone Aug 13, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants