fix(encryption): Refactor EncryptionWrapper with HomeMountPoint support#60001
Open
cuppett wants to merge 1 commit intonextcloud:masterfrom
Open
fix(encryption): Refactor EncryptionWrapper with HomeMountPoint support#60001cuppett wants to merge 1 commit intonextcloud:masterfrom
cuppett wants to merge 1 commit intonextcloud:masterfrom
Conversation
Rewrite conditional flow to use early-return guards: skip IDisableEncryptionStorage, skip the root mount, respect encryptHomeStorage for HomeMountPoints. Uses IAppConfig for the encryptHomeStorage setting with a legacy string fallback for the upgrade window. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Stephen Cuppett <steve@cuppett.com>
cuppett
requested review from
Altahrim,
ArtificialOwl,
leftybournes and
salmart-dev
and removed request for
a team
cuppett
added
3. to review
cuppett
commented
Apr 30, 2026
Comment on lines
+123
to
+125
| private function parseLegacyBoolString(string $value): bool { | ||
| return in_array(strtolower(trim($value)), ['1', 'true', 'yes', 'on'], true); | ||
| } |
Contributor
Author
There was a problem hiding this comment.
I think this should be refactored out as well after #60002.
cuppett
added
feature: encryption (server-side)
and removed
feature: encryption (client-side)
labels
artonge
reviewed
Apr 30, 2026
| } | ||
|
|
||
| private function shouldEncryptHomeStorage(): bool { | ||
| $appConfig = Server::get(IAppConfig::class); |
Collaborator
There was a problem hiding this comment.
Can't we use dependency injection in the constructor?
Comment on lines
+111
to
116
| } catch (AppConfigTypeConflictException) { | ||
| // Stored as VALUE_STRING from a pre-upgrade installation. | ||
| // RetypeEncryptionConfigKeys repair step will fix the type on occ upgrade. | ||
| return $this->parseLegacyBoolString( | ||
| $appConfig->getValueString('encryption', 'encryptHomeStorage', '1') | ||
| ); |
| return $storage; | ||
| } catch (\Throwable) { | ||
| // DB not ready (e.g. oc_appconfig does not yet exist during install). | ||
| return true; |
Contributor
Author
There was a problem hiding this comment.
This likely goes away if we can use the constructor injection you asked about. This Throwable is triggered if $appConfig is null from the fetch above. I'll make those two adjustments and trigger the tests locally.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Rewrite conditional flow to use early-return guards: skip IDisableEncryptionStorage, skip the root mount, respect encryptHomeStorage for HomeMountPoints. Uses IAppConfig for the encryptHomeStorage setting with a legacy string fallback for the upgrade window.
Spawned from #57279
Checklist
3. to review, feature component)stable32)AI (if applicable)