From c800d9149eea045fe30ddff186bb2d00fae6712c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ivan=20=C4=8Cuki=C4=87?= <ivan.cukic@kde.org>
Date: Thu, 28 May 2020 20:23:55 +0200
Subject: [PATCH 1/2] Show a broken lock icon for unencrypted subdirectory
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The E2E application allows creating unencrypted subdirectories
in an encrypted parent. This is a big privacy problem.

This patch shows a red broken lock icon for these subdirectories
in the NC client UI.

Signed-off-by: Ivan Čukić <ivan.cukic@kde.org>
---
 src/gui/folderstatusmodel.cpp        |  2 ++
 src/libsync/clientsideencryption.cpp | 16 ++++++++++++++++
 src/libsync/clientsideencryption.h   |  1 +
 theme.qrc                            |  1 +
 theme/lock-broken.svg                |  1 +
 5 files changed, 21 insertions(+)
 create mode 100644 theme/lock-broken.svg

diff --git a/src/gui/folderstatusmodel.cpp b/src/gui/folderstatusmodel.cpp
index 350e5c3084..52370bfa56 100644
--- a/src/gui/folderstatusmodel.cpp
+++ b/src/gui/folderstatusmodel.cpp
@@ -158,6 +158,8 @@ QVariant FolderStatusModel::data(const QModelIndex &index, int role) const
         case Qt::DecorationRole:
             if (_accountState->account()->e2e()->isFolderEncrypted(x._path)) {
                 return QIcon(QLatin1String(":/client/theme/lock-https.svg"));
+            } else if (_accountState->account()->e2e()->isAnyParentFolderEncrypted(x._path)) {
+                return QIcon(QLatin1String(":/client/theme/lock-broken.svg"));
             }
             return QFileIconProvider().icon(x._isExternal ? QFileIconProvider::Network : QFileIconProvider::Folder);
         case Qt::ForegroundRole:
diff --git a/src/libsync/clientsideencryption.cpp b/src/libsync/clientsideencryption.cpp
index 83f6cbb03c..6401a22695 100644
--- a/src/libsync/clientsideencryption.cpp
+++ b/src/libsync/clientsideencryption.cpp
@@ -1482,6 +1482,22 @@ bool ClientSideEncryption::isFolderEncrypted(const QString& path) const {
   return (*it);
 }
 
+bool ClientSideEncryption::isAnyParentFolderEncrypted(const QString &path) const
+{
+    int slashPosition = 0;
+
+    while ((slashPosition = path.indexOf("/", slashPosition + 1)) != -1) {
+        // Ignore the last slash
+        if (slashPosition == path.length() - 1) break;
+
+        if (isFolderEncrypted(path.left(slashPosition + 1))) {
+            return true;
+        }
+    }
+
+    return false;
+}
+
 bool EncryptionHelper::fileEncryption(const QByteArray &key, const QByteArray &iv, QFile *input, QFile *output, QByteArray& returnTag)
 {
     if (!input->open(QIODevice::ReadOnly)) {
diff --git a/src/libsync/clientsideencryption.h b/src/libsync/clientsideencryption.h
index 05425a26f0..0c92ffa1c2 100644
--- a/src/libsync/clientsideencryption.h
+++ b/src/libsync/clientsideencryption.h
@@ -83,6 +83,7 @@ public:
 
     // to be used together with FolderStatusModel::FolderInfo::_path.
     bool isFolderEncrypted(const QString& path) const;
+    bool isAnyParentFolderEncrypted(const QString &path) const;
     void setFolderEncryptedStatus(const QString& path, bool status);
 
     void forgetSensitiveData();
diff --git a/theme.qrc b/theme.qrc
index 8ec17e8b34..6adcfdc460 100644
--- a/theme.qrc
+++ b/theme.qrc
@@ -153,6 +153,7 @@
         <file>theme/change.svg</file>
         <file>theme/lock-http.svg</file>
         <file>theme/lock-https.svg</file>
+        <file>theme/lock-broken.svg</file>
         <file>theme/network.svg</file>
         <file>theme/account.svg</file>
         <file>theme/colored/add.svg</file>
diff --git a/theme/lock-broken.svg b/theme/lock-broken.svg
new file mode 100644
index 0000000000..c6cfce6060
--- /dev/null
+++ b/theme/lock-broken.svg
@@ -0,0 +1 @@
+<svg width="64" height="64" version="1.1" viewBox="0 0 64 64" xmlns="http://www.w3.org/2000/svg"><path d="m32 4c-9.276 0-15.868 7.4576-16 16v10h-6v18.914l-6 6 5.6562 5.6562 50.914-50.914-5.6562-5.6562-8.7266 8.7266c-2.6278-5.2025-7.9771-8.6518-14.188-8.7266zm0 8c4.5949 0 7.4656 3.2614 7.9062 7.0078l-10.992 10.992h-4.9141v-10c0-4.696 2.988-8 8-8zm16.227 18-30 30h35.773v-30z" fill="#c13030"/></svg>

From 02a28325a89dec1c5d57ff0b3ee6ef3663cbd8be Mon Sep 17 00:00:00 2001
From: Kevin Ottens <kevin.ottens@nextcloud.com>
Date: Tue, 2 Jun 2020 16:03:50 +0200
Subject: [PATCH 2/2] Show broken encryption icon only in non-empty folders

This should address Tobias' concerns regarding the icon being
misleading. Now we basically do the following inside an encrypted folder
parent:
 * encrypted folders get the encrypted icon;
 * non-encrypted empty folders get the regular folder icon;
 * non-encrypted non-empty folders get the broken encryption icon.

Signed-off-by: Kevin Ottens <kevin.ottens@nextcloud.com>
---
 src/gui/folderstatusmodel.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/gui/folderstatusmodel.cpp b/src/gui/folderstatusmodel.cpp
index 52370bfa56..8d0c2e8816 100644
--- a/src/gui/folderstatusmodel.cpp
+++ b/src/gui/folderstatusmodel.cpp
@@ -158,7 +158,7 @@ QVariant FolderStatusModel::data(const QModelIndex &index, int role) const
         case Qt::DecorationRole:
             if (_accountState->account()->e2e()->isFolderEncrypted(x._path)) {
                 return QIcon(QLatin1String(":/client/theme/lock-https.svg"));
-            } else if (_accountState->account()->e2e()->isAnyParentFolderEncrypted(x._path)) {
+            } else if (x._size > 0 && _accountState->account()->e2e()->isAnyParentFolderEncrypted(x._path)) {
                 return QIcon(QLatin1String(":/client/theme/lock-broken.svg"));
             }
             return QFileIconProvider().icon(x._isExternal ? QFileIconProvider::Network : QFileIconProvider::Folder);