feat(encryption): Support running decrypt-all when encryption is already disabled

This was an arbitrary limitation since the first thing the command does
 is disabling encryption anyway, it makes little sence to force the admin
 to enable encryption first.

Signed-off-by: Côme Chilliet <[email protected]>
Signed-off-by: Edward Ly <[email protected]>

Author: edward-ly

core/Command/Encryption/DecryptAll.php

@@ -5,10 +5,11 @@
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  * SPDX-License-Identifier: AGPL-3.0-only
  */
+
 namespace OC\Core\Command\Encryption;
 
 use OCP\App\IAppManager;
-use OCP\Encryption\IManager;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Helper\QuestionHelper;
@@ -22,9 +23,9 @@ class DecryptAll extends Command {
 	protected bool $wasMaintenanceModeEnabled = false;
 
 	public function __construct(
-		protected IManager $encryptionManager,
 		protected IAppManager $appManager,
 		protected IConfig $config,
+		protected IAppConfig $appConfig,
 		protected \OC\Encryption\DecryptAll $decryptAll,
 		protected QuestionHelper $questionHelper,
 	) {
@@ -88,14 +89,14 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 			return 1;
 		}
 
+		$originallyEnabled = $this->appConfig->getValueBool('core', 'encryption_enabled');
 		try {
-			if ($this->encryptionManager->isEnabled() === true) {
+			if ($originallyEnabled) {
 				$output->write('Disable server side encryption... ');
-				$this->config->setAppValue('core', 'encryption_enabled', 'no');
+				$this->appConfig->setValueBool('core', 'encryption_enabled', false);
 				$output->writeln('done.');
 			} else {
 				$output->writeln('Server side encryption not enabled. Nothing to do.');
-				return 0;
 			}
 
 			$uid = $input->getArgument('user');
@@ -118,23 +119,29 @@ protected function execute(InputInterface $input, OutputInterface $output): int
 				$result = $this->decryptAll->decryptAll($input, $output, $user);
 				if ($result === false) {
 					$output->writeln(' aborted.');
+					if ($originallyEnabled) {
+						$output->writeln('Server side encryption remains enabled');
+						$this->appConfig->setValueBool('core', 'encryption_enabled', true);
+					}
+				} elseif (($uid !== '') && $originallyEnabled) {
 					$output->writeln('Server side encryption remains enabled');
-					$this->config->setAppValue('core', 'encryption_enabled', 'yes');
-				} elseif ($uid !== '') {
-					$output->writeln('Server side encryption remains enabled');
-					$this->config->setAppValue('core', 'encryption_enabled', 'yes');
+					$this->appConfig->setValueBool('core', 'encryption_enabled', true);
 				}
 				$this->resetMaintenanceAndTrashbin();
 				return 0;
 			}
-			$output->write('Enable server side encryption... ');
-			$this->config->setAppValue('core', 'encryption_enabled', 'yes');
-			$output->writeln('done.');
+			if ($originallyEnabled) {
+				$output->write('Enable server side encryption... ');
+				$this->appConfig->setValueBool('core', 'encryption_enabled', true);
+				$output->writeln('done.');
+			}
 			$output->writeln('aborted');
 			return 1;
 		} catch (\Exception $e) {
 			// enable server side encryption again if something went wrong
-			$this->config->setAppValue('core', 'encryption_enabled', 'yes');
+			if ($originallyEnabled) {
+				$this->appConfig->setValueBool('core', 'encryption_enabled', true);
+			}
 			$this->resetMaintenanceAndTrashbin();
 			throw $e;
 		}