nextcloud · nickvergessen · Oct 6, 2025 · Oct 1, 2025
@@ -7,7 +7,7 @@
 namespace OCA\Encryption\Command;
 
 use OCA\Encryption\Util;
-use OCP\IConfig;
+use OCP\AppFramework\Services\IAppConfig;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Helper\QuestionHelper;
 use Symfony\Component\Console\Input\InputInterface;
@@ -17,7 +17,7 @@
 class DisableMasterKey extends Command {
 	public function __construct(
 		protected Util $util,
-		protected IConfig $config,
+		protected IAppConfig $config,
 		protected QuestionHelper $questionHelper,
 	) {
 		parent::__construct();
@@ -45,7 +45,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 			. 'Do you really want to switch to per-user keys? (y/n) ', false);
 
 		if ($this->questionHelper->ask($input, $output, $question)) {
-			$this->config->setAppValue('encryption', 'useMasterKey', '0');
+			$this->config->setAppValueBool('useMasterKey', false);
 			$output->writeln('Master key successfully disabled.');
 			return self::SUCCESS;
 		}

@@ -11,9 +11,11 @@
 
 use OC\Encryption\Exceptions\DecryptionFailedException;
 use OC\Files\FileInfo;
+use OC\Files\SetupManager;
 use OC\Files\View;
 use OCA\Encryption\KeyManager;
 use OCP\Encryption\Exceptions\GenericEncryptionException;
+use OCP\IUser;
 use OCP\IUserManager;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Input\InputInterface;
@@ -23,8 +25,9 @@ class DropLegacyFileKey extends Command {
 	private View $rootView;
 
 	public function __construct(
-		private IUserManager $userManager,
-		private KeyManager $keyManager,
+		private readonly IUserManager $userManager,
+		private readonly KeyManager $keyManager,
+		private readonly SetupManager $setupManager,
 	) {
 		parent::__construct();
 
@@ -42,18 +45,10 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 
 		$output->writeln('<info>Scanning all files for legacy filekey</info>');
 
-		foreach ($this->userManager->getBackends() as $backend) {
-			$limit = 500;
-			$offset = 0;
-			do {
-				$users = $backend->getUsers('', $limit, $offset);
-				foreach ($users as $user) {
-					$output->writeln('Scanning all files for ' . $user);
-					$this->setupUserFS($user);
-					$result = $result && $this->scanFolder($output, '/' . $user);
-				}
-				$offset += $limit;
-			} while (count($users) >= $limit);
+		foreach ($this->userManager->getSeenUsers() as $user) {
+			$output->writeln('Scanning all files for ' . $user->getUID());
+			$this->setupUserFileSystem($user);
+			$result = $result && $this->scanFolder($output, '/' . $user->getUID());
 		}
 
 		if ($result) {
@@ -143,8 +138,8 @@ private function migrateSinglefile(string $path, FileInfo $fileInfo, OutputInter
 	/**
 	 * setup user file system
 	 */
-	protected function setupUserFS(string $uid): void {
-		\OC_Util::tearDownFS();
-		\OC_Util::setupFS($uid);
+	protected function setupUserFileSystem(IUser $user): void {
+		$this->setupManager->tearDown();
+		$this->setupManager->setupForUser($user);
 	}
 }
@@ -8,7 +8,7 @@
 namespace OCA\Encryption\Command;
 
 use OCA\Encryption\Util;
-use OCP\IConfig;
+use OCP\AppFramework\Services\IAppConfig;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Helper\QuestionHelper;
 use Symfony\Component\Console\Input\InputInterface;
@@ -18,7 +18,7 @@
 class EnableMasterKey extends Command {
 	public function __construct(
 		protected Util $util,
-		protected IConfig $config,
+		protected IAppConfig $config,
 		protected QuestionHelper $questionHelper,
 	) {
 		parent::__construct();
@@ -43,7 +43,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 			. 'There is also no way to disable it again. Do you want to continue? (y/n) ', false);
 
 		if ($this->questionHelper->ask($input, $output, $question)) {
-			$this->config->setAppValue('encryption', 'useMasterKey', '1');
+			$this->config->setAppValueBool('useMasterKey', true);
 			$output->writeln('Master key successfully enabled.');
 			return self::SUCCESS;
 		}

@@ -8,12 +8,12 @@
 
 namespace OCA\Encryption\Command;
 
+use OC\Files\SetupManager;
 use OC\Files\Storage\Wrapper\Encryption;
 use OC\Files\View;
 use OC\ServerNotAvailableException;
 use OCA\Encryption\Util;
 use OCP\Encryption\Exceptions\InvalidHeaderException;
-use OCP\Files\IRootFolder;
 use OCP\HintException;
 use OCP\IConfig;
 use OCP\IUser;
@@ -29,12 +29,12 @@ class FixEncryptedVersion extends Command {
 	private bool $supportLegacy = false;
 
 	public function __construct(
-		private IConfig $config,
-		private LoggerInterface $logger,
-		private IRootFolder $rootFolder,
-		private IUserManager $userManager,
-		private Util $util,
-		private View $view,
+		private readonly IConfig $config,
+		private readonly LoggerInterface $logger,
+		private readonly IUserManager $userManager,
+		private readonly Util $util,
+		private readonly View $view,
+		private readonly SetupManager $setupManager,
 	) {
 		parent::__construct();
 	}
@@ -91,45 +91,43 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 				return self::FAILURE;
 			}
 
-			if ($this->userManager->get($user) === null) {
+			$user = $this->userManager->get($user);
+			if ($user === null) {
 				$output->writeln("<error>User id $user does not exist. Please provide a valid user id</error>");
 				return self::FAILURE;
 			}
 
-			return $this->runForUser($user, $pathOption, $output);
+			return $this->runForUser($user, $pathOption, $output) ? self::SUCCESS : self::FAILURE;
 		}
 
-		$result = 0;
-		$this->userManager->callForSeenUsers(function (IUser $user) use ($pathOption, $output, &$result) {
+		foreach ($this->userManager->getSeenUsers() as $user) {
 			$output->writeln('Processing files for ' . $user->getUID());
-			$result = $this->runForUser($user->getUID(), $pathOption, $output);
-			return $result === 0;
-		});
-		return $result;
+			if (!$this->runForUser($user, $pathOption, $output)) {
+				return self::FAILURE;
+			}
+		}
+		return self::SUCCESS;
 	}
 
-	private function runForUser(string $user, string $pathOption, OutputInterface $output): int {
-		$pathToWalk = "/$user/files";
+	private function runForUser(IUser $user, string $pathOption, OutputInterface $output): bool {
+		$pathToWalk = '/' . $user->getUID() . '/files';
 		if ($pathOption !== '') {
 			$pathToWalk = "$pathToWalk/$pathOption";
 		}
 		return $this->walkPathOfUser($user, $pathToWalk, $output);
 	}
 
-	/**
-	 * @return int 0 for success, 1 for error
-	 */
-	private function walkPathOfUser(string $user, string $path, OutputInterface $output): int {
-		$this->setupUserFs($user);
+	private function walkPathOfUser(IUser $user, string $path, OutputInterface $output): bool {
+		$this->setupUserFileSystem($user);
 		if (!$this->view->file_exists($path)) {
 			$output->writeln("<error>Path \"$path\" does not exist. Please provide a valid path.</error>");
-			return self::FAILURE;
+			return false;
 		}
 
 		if ($this->view->is_file($path)) {
 			$output->writeln("Verifying the content of file \"$path\"");
 			$this->verifyFileContent($path, $output);
-			return self::SUCCESS;
+			return true;
 		}
 		$directories = [];
 		$directories[] = $path;
@@ -145,7 +143,7 @@ private function walkPathOfUser(string $user, string $path, OutputInterface $out
 				}
 			}
 		}
-		return self::SUCCESS;
+		return true;
 	}
 
 	/**
@@ -309,8 +307,8 @@ private function correctEncryptedVersion(string $path, OutputInterface $output,
 	/**
 	 * Setup user file system
 	 */
-	private function setupUserFs(string $uid): void {
-		\OC_Util::tearDownFS();
-		\OC_Util::setupFS($uid);
+	private function setupUserFileSystem(IUser $user): void {
+		$this->setupManager->tearDown();
+		$this->setupManager->setupForUser($user);
 	}
 }
@@ -10,6 +10,7 @@
 
 use OC\Encryption\Manager;
 use OC\Encryption\Util;
+use OC\Files\SetupManager;
 use OC\Files\Storage\Wrapper\Encryption;
 use OC\Files\View;
 use OCP\Encryption\IManager;
@@ -33,10 +34,11 @@ class FixKeyLocation extends Command {
 	private Manager $encryptionManager;
 
 	public function __construct(
-		private IUserManager $userManager,
-		private IUserMountCache $userMountCache,
-		private Util $encryptionUtil,
-		private IRootFolder $rootFolder,
+		private readonly IUserManager $userManager,
+		private readonly IUserMountCache $userMountCache,
+		private readonly Util $encryptionUtil,
+		private readonly IRootFolder $rootFolder,
+		private readonly SetupManager $setupManager,
 		IManager $encryptionManager,
 	) {
 		$this->keyRootDirectory = rtrim($this->encryptionUtil->getKeyStorageRoot(), '/');
@@ -69,7 +71,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 			return self::FAILURE;
 		}
 
-		\OC_Util::setupFS($user->getUID());
+		$this->setupManager->setupForUser($user);
 
 		$mounts = $this->getSystemMountsForUser($user);
 		foreach ($mounts as $mount) {
@@ -179,11 +181,12 @@ private function getSystemMountsForUser(IUser $user): array {
 	 *
 	 * @return \Generator<File>
 	 */
-	private function getAllEncryptedFiles(Folder $folder) {
+	private function getAllEncryptedFiles(Folder $folder): \Generator {
 		foreach ($folder->getDirectoryListing() as $child) {
 			if ($child instanceof Folder) {
 				yield from $this->getAllEncryptedFiles($child);
 			} else {
+				/** @var File $child */
 				if (substr($child->getName(), -4) !== '.bak' && $child->isEncrypted()) {
 					yield $child;
 				}

@@ -8,9 +8,11 @@
  */
 namespace OCA\Encryption\Command;
 
+use OC\Files\SetupManager;
 use OC\Files\View;
 use OCA\Encryption\Util;
 use OCP\IConfig;
+use OCP\IUser;
 use OCP\IUserManager;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Helper\QuestionHelper;
@@ -21,10 +23,11 @@ class ScanLegacyFormat extends Command {
 	private View $rootView;
 
 	public function __construct(
-		protected Util $util,
-		protected IConfig $config,
-		protected QuestionHelper $questionHelper,
-		private IUserManager $userManager,
+		protected readonly Util $util,
+		protected readonly IConfig $config,
+		protected readonly QuestionHelper $questionHelper,
+		private readonly IUserManager $userManager,
+		private readonly SetupManager $setupManager,
 	) {
 		parent::__construct();
 
@@ -42,18 +45,10 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 
 		$output->writeln('Scanning all files for legacy encryption');
 
-		foreach ($this->userManager->getBackends() as $backend) {
-			$limit = 500;
-			$offset = 0;
-			do {
-				$users = $backend->getUsers('', $limit, $offset);
-				foreach ($users as $user) {
-					$output->writeln('Scanning all files for ' . $user);
-					$this->setupUserFS($user);
-					$result = $result && $this->scanFolder($output, '/' . $user);
-				}
-				$offset += $limit;
-			} while (count($users) >= $limit);
+		foreach ($this->userManager->getSeenUsers() as $user) {
+			$output->writeln('Scanning all files for ' . $user->getUID());
+			$this->setupUserFileSystem($user);
+			$result = $result && $this->scanFolder($output, '/' . $user->getUID());
 		}
 
 		if ($result) {
@@ -93,8 +88,8 @@ private function scanFolder(OutputInterface $output, string $folder): bool {
 	/**
 	 * setup user file system
 	 */
-	protected function setupUserFS(string $uid): void {
-		\OC_Util::tearDownFS();
-		\OC_Util::setupFS($uid);
+	protected function setupUserFileSystem(IUser $user): void {
+		$this->setupManager->tearDown();
+		$this->setupManager->setupForUser($user);
 	}
 }