cod

iOSClient/Networking/E2EE/NCEndToEndMetadata.swift

@@ -137,7 +137,7 @@ class NCEndToEndMetadata: NSObject {
     // MARK: Encode JSON Metadata Bridge
     // --------------------------------------------------------------------------------------------
 
-    func encoderMetadata(account: String, serverUrl: String, userId: String, shareUserId: String? = nil, shareUserIdCertificate: String? = nil) -> (metadata: String?, signature: String?) {
+    func encoderMetadata(account: String, serverUrl: String, userId: String, addUserId: String? = nil, addCertificate: String? = nil) -> (metadata: String?, signature: String?) {
 
         let e2EEApiVersion = NCGlobal.shared.capabilityE2EEApiVersion
 
@@ -149,7 +149,7 @@ class NCEndToEndMetadata: NSObject {
         case "1.2":
             return encoderMetadataV12(account: account, serverUrl: serverUrl, ocIdServerUrl: directory.ocId)
         case "2.0":
-            return encoderMetadataV20(account: account, serverUrl: serverUrl, ocIdServerUrl: directory.ocId, userId: userId, shareUserId: shareUserId, shareUserIdCertificate: shareUserIdCertificate)
+            return encoderMetadataV20(account: account, serverUrl: serverUrl, ocIdServerUrl: directory.ocId, userId: userId, addUserId: addUserId, addCertificate: addCertificate)
         default:
             return (nil, nil)
         }

iOSClient/Networking/E2EE/NCEndToEndMetadataV20.swift

@@ -31,10 +31,11 @@ extension NCEndToEndMetadata {
     // MARK: Ecode JSON Metadata V2.0
     // --------------------------------------------------------------------------------------------
 
-    func encoderMetadataV20(account: String, serverUrl: String, ocIdServerUrl: String, userId: String, shareUserId: String?, shareUserIdCertificate: String?) -> (metadata: String?, signature: String?) {
+    func encoderMetadataV20(account: String, serverUrl: String, ocIdServerUrl: String, userId: String, addUserId: String?, addCertificate: String?) -> (metadata: String?, signature: String?) {
 
         guard let keyGenerated = NCEndToEndEncryption.sharedManager()?.generateKey() as? Data,
-              let directoryTop = NCUtility.shared.getDirectoryE2EETop(serverUrl: serverUrl, account: account) else {
+              let directoryTop = NCUtility.shared.getDirectoryE2EETop(serverUrl: serverUrl, account: account),
+              let ownerId = NCManageDatabase.shared.getMetadataFromOcId(ocIdServerUrl)?.ownerId else {
             return (nil, nil)
         }
 
@@ -47,25 +48,36 @@ extension NCEndToEndMetadata {
         var e2eeJson: String?
         var signature: String?
 
-        func addUser(userId: String, certificate: String, privateKey: String?) -> Bool {
+        // USERS
+
+        func addUser(userId: String, certificate: String, privateKey: String? = nil) {
 
             let decryptedMetadataKey = keyGenerated
             let metadataKey = keyGenerated.base64EncodedString()
-            guard let metadataKeyEncrypted = NCEndToEndEncryption.sharedManager().encryptAsymmetricData(keyGenerated, certificate: certificate, privateKey: privateKey) else { return false }
-            let encryptedMetadataKey = metadataKeyEncrypted.base64EncodedString()
 
-            NCManageDatabase.shared.addE2EUsersV2(account: account, serverUrl: serverUrl, ocIdServerUrl: ocIdServerUrl, userId: userId, certificate: certificate, encryptedFiledropKey: nil, encryptedMetadataKey: encryptedMetadataKey, decryptedFiledropKey: nil, decryptedMetadataKey: decryptedMetadataKey, filedropKey: nil, metadataKey: metadataKey)
+            if let metadataKeyEncrypted = NCEndToEndEncryption.sharedManager().encryptAsymmetricData(keyGenerated, certificate: certificate, privateKey: privateKey) {
+
+                let encryptedMetadataKey = metadataKeyEncrypted.base64EncodedString()
+                NCManageDatabase.shared.addE2EUsersV2(account: account, serverUrl: serverUrl, ocIdServerUrl: ocIdServerUrl, userId: userId, certificate: certificate, encryptedFiledropKey: nil, encryptedMetadataKey: encryptedMetadataKey, decryptedFiledropKey: nil, decryptedMetadataKey: decryptedMetadataKey, filedropKey: nil, metadataKey: metadataKey)
+            }
+        }
 
-            return true
+        if userId == ownerId {
+            addUser(userId: userId, certificate: CCUtility.getEndToEndCertificate(account), privateKey: CCUtility.getEndToEndPrivateKey(account))
         }
 
         if isDirectoryTop {
 
-            if !addUser(userId: userId, certificate: CCUtility.getEndToEndCertificate(account), privateKey: CCUtility.getEndToEndPrivateKey(account)) {
-                return (nil, nil)
+            if let addUserId, let addCertificate {
+                addUser(userId: addUserId, certificate: addCertificate)
             }
-            if let shareUserId, let shareUserIdCertificate, !addUser(userId: shareUserId, certificate: shareUserIdCertificate, privateKey: nil) {
-                return (nil, nil)
+
+            if let users = NCManageDatabase.shared.getE2EUsersV2(account: account, ocIdServerUrl: ocIdServerUrl) {
+                for user in users {
+                    if user.userId != ownerId {
+                        addUser(userId: user.userId, certificate: user.certificate)
+                    }
+                }
             }
         }
 
@@ -78,8 +90,8 @@ extension NCEndToEndMetadata {
                 if let hash = NCEndToEndEncryption.sharedManager().createSHA256(user.decryptedMetadataKey) {
                     keyChecksums.append(hash)
                 }
-                if let shareUserId {
-                    if user.userId == shareUserId {
+                if let addUserId {
+                    if user.userId == addUserId {
                         metadataKey = user.metadataKey
                     }
                 } else if user.userId == userId {

iOSClient/Networking/E2EE/NCNetworkingE2EE.swift

@@ -38,21 +38,21 @@ class NCNetworkingE2EE: NSObject {
         return UUID
     }
 
-    func uploadMetadata(account: String, serverUrl: String, userId: String, shareUserId: String?) async -> (NKError) {
+    func uploadMetadata(account: String, serverUrl: String, userId: String, addUserId: String?) async -> (NKError) {
 
         var error = NKError()
-        var shareUserIdCertificate: String?
+        var addCertificate: String?
 
-        if let shareUserId {
-            let results = await NextcloudKit.shared.getE2EECertificate(user: shareUserId)
+        if let addUserId {
+            let results = await NextcloudKit.shared.getE2EECertificate(user: addUserId)
             if results.error == .success, let certificateUser = results.certificateUser {
-                shareUserIdCertificate = certificateUser
+                addCertificate = certificateUser
             } else {
                 return results.error
             }
         }
 
-        let encoderResults = NCEndToEndMetadata().encoderMetadata(account: account, serverUrl: serverUrl, userId: userId, shareUserId: shareUserId, shareUserIdCertificate: shareUserIdCertificate)
+        let encoderResults = NCEndToEndMetadata().encoderMetadata(account: account, serverUrl: serverUrl, userId: userId, addUserId: addUserId, addCertificate: addCertificate)
 
         guard let metadata = encoderResults.metadata, let signature = encoderResults.signature else {
             return NKError(errorCode: NCGlobal.shared.errorInternalError, errorDescription: NSLocalizedString("_e2e_error_encode_metadata_", comment: ""))

iOSClient/Share/Advanced/NCShareAdvancePermission.swift

@@ -48,7 +48,7 @@ class NCShareAdvancePermission: UITableViewController, NCShareAdvanceFotterDeleg
         Task {
             if metadata.e2eEncrypted {
                 let serverUrl = metadata.serverUrl + "/" + metadata.fileName
-                let error = await NCNetworkingE2EE.shared.uploadMetadata(account: metadata.account, serverUrl: serverUrl, userId: metadata.userId, shareUserId: share.shareWith)
+                let error = await NCNetworkingE2EE.shared.uploadMetadata(account: metadata.account, serverUrl: serverUrl, userId: metadata.userId, addUserId: share.shareWith)
                 if error != .success {
                     NCContentPresenter.shared.showError(error: error)
                 }