Skip to content

feat: add occ command to scan and delete orphaned keys #55556

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 10, 2025
Merged

feat: add occ command to scan and delete orphaned keys #55556

merged 1 commit into from
Nov 10, 2025
+205 −0

Conversation

@hamza221
Copy link
Contributor

@hamza221 hamza221 commented Oct 4, 2025
edited
Loading

Summary

As an administrator I want to be able to delete encryption Keys that are orphaned ( the encrypted file was deleted without the corresponding key)
encryption:clean-orphaned-keys scans all users' filesytems for default module encryption Keys and lists them with possibility to delete all of them or specific ones

TODO

  • ...

Checklist

@hamza221 hamza221 self-assigned this Oct 4, 2025
@mrsakrano

This comment was marked as spam.

Sign in to view
CarlSchwan
CarlSchwan reviewed Oct 6, 2025
View reviewed changes
come-nc
come-nc reviewed Oct 6, 2025
View reviewed changes
Copy link
Contributor

@come-nc come-nc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be better to use Node API intead of View.
Also it feels you took inspiration from EncryptAll which since got cleaned up: #55472

@hamza221 hamza221 changed the title feat: add occ command to scan and selete orphaned keys feat: add occ command to scan and delete orphaned keys Oct 15, 2025
@hamza221 hamza221 marked this pull request as ready for review October 15, 2025 15:54
@hamza221 hamza221 requested review from a team and icewind1991 as code owners October 15, 2025 15:54
@hamza221 hamza221 requested review from CarlSchwan and sorbaugh and removed request for a team October 15, 2025 15:54
@hamza221

This comment was marked as outdated.

Sign in to view
@hamza221 hamza221 added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Oct 16, 2025
CarlSchwan
CarlSchwan reviewed Oct 29, 2025
View reviewed changes
@hamza221
feat: add occ command to scan and selete orphaned keys
f1cdf68 
Signed-off-by: Hamza <hamzamahjoubi221@gmail.com>
@hamza221 hamza221 force-pushed the feat/occ/orphaned-keys branch from 9f3d73b to f1cdf68 Compare November 4, 2025 15:56
@hamza221
Copy link
Contributor Author

hamza221 commented Nov 4, 2025

/backport to stable30

@hamza221
Copy link
Contributor Author

hamza221 commented Nov 4, 2025

/backport to stable31

@hamza221
Copy link
Contributor Author

hamza221 commented Nov 6, 2025

/backport! to stable30

@backportbot backportbot bot mentioned this pull request Nov 6, 2025
Closed
@hamza221
Copy link
Contributor Author

hamza221 commented Nov 6, 2025

/backport to stable32

come-nc
come-nc approved these changes Nov 10, 2025
View reviewed changes
Copy link
Contributor

@come-nc come-nc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be better to allow either printing/deleting on the go or limit to some users to avoid having to run on all the users in one go, which on some big instances will be an issue, but this can be improved in follow-ups, we should merge this as a first version.

@hamza221 hamza221 merged commit 3d7b3ad into master Nov 10, 2025
229 of 237 checks passed
@hamza221 hamza221 deleted the feat/occ/orphaned-keys branch November 10, 2025 15:00
This was referenced Nov 10, 2025
Merged
Merged
@backportbot
Copy link

backportbot bot commented Nov 10, 2025

The backport to stable30 failed. Please do this backport manually.

# Switch to the target branch and update it
git checkout stable30
git pull origin stable30

# Create the new backport branch
git checkout -b backport/55556/stable30

# Cherry pick the change from the commit sha1 of the change against the default branch
# This might cause conflicts, resolve them
git cherry-pick f1cdf688

# Push the cherry pick commit to the remote repository and open a pull request
git push origin backport/55556/stable30

Error: Failed to create pull request: Validation Failed: {"resource":"PullRequest","code":"custom","message":"A pull request already exists for nextcloud:backport/55556/stable30."} - https://docs.github.com/rest/pulls/pulls#create-a-pull-request

Learn more about backports at https://docs.nextcloud.com/server/stable/go.php?to=developer-backports.

@hamza221 hamza221 mentioned this pull request Nov 10, 2025
Open
@hamza221
Copy link
Contributor Author

hamza221 commented Nov 10, 2025

I think it would be better to allow either printing/deleting on the go or limit to some users to avoid having to run on all the users in one go, which on some big instances will be an issue, but this can be improved in follow-ups, we should merge this as a first version.

tracked here #56349

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CarlSchwan CarlSchwan CarlSchwan approved these changes

@come-nc come-nc come-nc approved these changes

@icewind1991 icewind1991 Awaiting requested review from icewind1991 icewind1991 is a code owner

@sorbaugh sorbaugh Awaiting requested review from sorbaugh sorbaugh is a code owner automatically assigned from nextcloud/server-backend

Assignees

@hamza221 hamza221

Labels

3. to review Waiting for reviews backport-request enhancement feature: encryption (server-side) feature: occ

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@hamza221 @mrsakrano @CarlSchwan @come-nc