ownCloud Server 8.1.10 RC1

Merge pull request #25393 from owncloud/stable8.1-fdb0d4ad528425b934d9b039c9f09c132b86d0f4
[stable8.1] check if renamed user is still valid by reapplying the ld…
2016-08-18 13:10:45 +02:00 · 2016-08-18 11:31:47 +02:00 · 2016-08-18 11:30:13 +02:00 · 2016-08-18 11:30:13 +02:00 · 2016-08-18 11:30:13 +02:00 · 2016-08-14 12:48:29 +02:00
330 changed files with 9059 additions and 2971 deletions
@@ -1,4 +1,4 @@
-# Version: 8.1.0
+# Version: 8.1.10
 <IfModule mod_headers.c>
  <IfModule mod_fcgid.c>
    <IfModule mod_setenvif.c>
@@ -0,0 +1,23 @@
+sudo: false
+language: php
+php:
+  - 5.4
+
+branches:
+  only:
+    - master
+    - /^stable\d+(\.\d+)?$/
+
+script:
+  - sh -c "if [ '$TC' = 'syntax' ]; then composer install && vendor/bin/parallel-lint --exclude vendor/jakub-onderka/ --exclude 3rdparty/patchwork/utf8/class/Patchwork/Utf8/Bootup/ --exclude vendor/composer/autoload_static.php --exclude 3rdparty/composer/autoload_static.php .; fi"
+
+matrix:
+  include:
+    - php: 5.4
+      env: DB=sqlite;TC=syntax
+    - php: 5.5
+      env: DB=sqlite;TC=syntax
+    - php: 5.6
+      env: DB=sqlite;TC=syntax
+
+  fast_finish: true
@@ -0,0 +1,87 @@
+#!groovy
+/*
+ * This Jenkinsfile is intended to run on https://ci.owncloud.org and may fail anywhere else.
+ * It makes assumptions about plugins being installed, labels mapping to nodes that can build what is needed, etc.
+ */
+
+timestampedNode('SLAVE') {
+    stage 'Checkout'
+        checkout scm
+        sh '''git submodule update --init'''
+
+    stage 'JavaScript Testing'
+        executeAndReport('tests/autotest-results-js.xml') {
+            sh '''./autotest-js.sh'''
+        }
+
+    stage 'PHPUnit'
+        executeAndReport('tests/autotest-results-sqlite.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.6
+            ./autotest.sh sqlite
+            '''
+        }
+        executeAndReport('tests/autotest-results-mysql.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.4
+            ./autotest.sh mysql
+            '''
+        }
+        executeAndReport('tests/autotest-results-pgsql.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.6
+            ./autotest.sh pgsql
+            '''
+        }
+        executeAndReport('tests/autotest-results-oci.xml') {
+            sh '''
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            phpenv local 5.5
+            ./autotest.sh oci
+            '''
+        }
+
+    stage 'Files External Testing'
+        executeAndReport('tests/autotest-external-results-sqlite-webdav-ownCloud.xml') {
+            sh '''phpenv local 5.6
+            export NOCOVERAGE=1
+            unset USEDOCKER
+            ./autotest-external.sh sqlite webdav-ownCloud
+            '''
+        }
+}
+
+void executeAndReport(String testResultLocation, def body) {
+    def failed = false
+    // We're wrapping this in a timeout - if it takes longer, kill it.
+    try {
+        timeout(time: 120, unit: 'MINUTES') {
+            body.call()
+        }
+    } catch (Exception e) {
+        failed = true
+        echo "Test execution failed: ${e}"
+    } finally {
+        step([$class: 'JUnitResultArchiver', testResults: testResultLocation])
+    }
+
+    if (failed) {
+        error "Test execution failed. Terminating the build"
+    }
+}
+
+// Runs the given body within a Timestamper wrapper on the given label.
+def timestampedNode(String label, Closure body) {
+    node(label) {
+        wrap([$class: 'TimestamperBuildWrapper']) {
+            body.call()
+        }
+    }
+}
@@ -17,7 +17,7 @@ Depencencies:
 [![Dependency Status](https://www.versioneye.com/user/projects/54d1f76f3ca0840b190000c0/badge.svg?style=flat)](https://www.versioneye.com/user/projects/54d1f76f3ca0840b190000c0)

 ### Installation instructions
-https://doc.owncloud.org/server/8.0/developer_manual/app/index.html
+https://doc.owncloud.org/server/8.1/developer_manual/app/index.html

 ### Contribution Guidelines
 https://owncloud.org/contribute/
@@ -35,4 +35,4 @@ https://www.transifex.com/projects/p/owncloud/
 [![Transifex](https://www.transifex.com/projects/p/owncloud/resource/core/chart/image_png)](https://www.transifex.com/projects/p/owncloud/)

 For more detailed information about translations:
-http://doc.owncloud.org/server/8.0/developer_manual/core/translation.html
+http://doc.owncloud.org/server/8.1/developer_manual/core/translation.html
@@ -81,6 +81,7 @@ class Application extends \OCP\AppFramework\App {

 			$hookManager->registerHook([
 				new UserHooks($container->query('KeyManager'),
+					$server->getUserManager(),
 					$server->getLogger(),
 					$container->query('UserSetup'),
 					$server->getUserSession(),
@@ -195,7 +196,8 @@ class Application extends \OCP\AppFramework\App {
 				$server->getUserSession(),
 				$c->query('KeyManager'),
 				$c->query('Crypt'),
-				$c->query('Session')
+				$c->query('Session'),
+				$server->getSession()
 			);
 		});

@@ -2,19 +2,14 @@
 <info>
 	<id>encryption</id>
 	<description>
-		This application encrypts all files accessed by ownCloud at rest,
-		wherever they are stored. As an example, with this application
-		enabled, external cloud based Amazon S3 storage will be encrypted,
-		protecting this data on storage outside of the control of the Admin.
-		When this application is enabled for the first time, all files are
-		encrypted as users log in and are prompted for their password. The
-		recommended recovery key option enables recovery of files in case
-		the key is lost.
-		Note that this app encrypts all files that are touched by ownCloud,
-		so external storage providers and applications such as SharePoint
-		will see new files encrypted when they are accessed. Encryption is
-		based on AES 128 or 256 bit keys. More information is available in
-		the Encryption documentation
+		In order to use this encryption module you need to enable server-side
+		encryption in the admin settings. Once enabled this module will encrypt
+		all your files transparently. The encryption is based on AES 256 keys.
+		The module won't touch existing files, only new files will be encrypted
+		after server-side encryption was enabled. It is also not possible to
+		disable the encryption again and switch back to a unencrypted system.
+		Please read the documentation to know all implications before you decide
+		to enable server-side encryption.
 	</description>
 	<name>Default encryption module</name>
 	<license>AGPL</license>
@@ -26,4 +26,5 @@ $userManager = OC::$server->getUserManager();
 $view = new \OC\Files\View();
 $config = \OC::$server->getConfig();
 $connection = \OC::$server->getDatabaseConnection();
-$application->add(new MigrateKeys($userManager, $view, $connection, $config));
+$logger = \OC::$server->getLogger();
+$application->add(new MigrateKeys($userManager, $view, $connection, $config, $logger));
@@ -27,6 +27,7 @@ use OC\Files\View;
 use OC\User\Manager;
 use OCA\Encryption\Migration;
 use OCP\IConfig;
+use OCP\ILogger;
 use OCP\IUserBackend;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Input\InputArgument;
@@ -44,22 +45,27 @@ class MigrateKeys extends Command {
 	private $connection;
 	/** @var IConfig */
 	private $config;
+	/** @var  ILogger */
+	private $logger;

 	/**
 	 * @param Manager $userManager
 	 * @param View $view
 	 * @param Connection $connection
 	 * @param IConfig $config
+	 * @param ILogger $logger
 	 */
 	public function __construct(Manager $userManager,
 								View $view,
 								Connection $connection,
-								IConfig $config) {
+								IConfig $config,
+								ILogger $logger) {

 		$this->userManager = $userManager;
 		$this->view = $view;
 		$this->connection = $connection;
 		$this->config = $config;
+		$this->logger = $logger;
 		parent::__construct();
 	}

@@ -77,7 +83,7 @@ class MigrateKeys extends Command {
 	protected function execute(InputInterface $input, OutputInterface $output) {

 		// perform system reorganization
-		$migration = new Migration($this->config, $this->view, $this->connection);
+		$migration = new Migration($this->config, $this->view, $this->connection, $this->logger);

 		$users = $input->getArgument('user_id');
 		if (!empty($users)) {
@@ -115,5 +121,7 @@ class MigrateKeys extends Command {
 			}
 		}

+		$migration->finalCleanUp();
+
 	}
 }
@@ -31,6 +31,7 @@ use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IL10N;
 use OCP\IRequest;
+use OCP\ISession;
 use OCP\IUserManager;
 use OCP\IUserSession;

@@ -54,6 +55,9 @@ class SettingsController extends Controller {
 	/** @var Session */
 	private $session;

+	/** @var ISession  */
+	private $ocSession;
+
 	/**
 	 * @param string $AppName
 	 * @param IRequest $request
@@ -63,6 +67,7 @@ class SettingsController extends Controller {
 	 * @param KeyManager $keyManager
 	 * @param Crypt $crypt
 	 * @param Session $session
+	 * @param ISession $ocSession
 	 */
 	public function __construct($AppName,
 								IRequest $request,
@@ -71,7 +76,8 @@ class SettingsController extends Controller {
 								IUserSession $userSession,
 								KeyManager $keyManager,
 								Crypt $crypt,
-								Session $session) {
+								Session $session,
+								ISession $ocSession) {
 		parent::__construct($AppName, $request);
 		$this->l = $l10n;
 		$this->userSession = $userSession;
@@ -79,6 +85,7 @@ class SettingsController extends Controller {
 		$this->keyManager = $keyManager;
 		$this->crypt = $crypt;
 		$this->session = $session;
+		$this->ocSession = $ocSession;
 	}


@@ -97,6 +104,13 @@ class SettingsController extends Controller {

 		//check if password is correct
 		$passwordCorrect = $this->userManager->checkPassword($uid, $newPassword);
+		if ($passwordCorrect === false) {
+			// if check with uid fails we need to check the password with the login name
+			// e.g. in the ldap case. For local user we need to check the password with
+			// the uid because in this case the login name is case insensitive
+			$loginName = $this->ocSession->get('loginname');
+			$passwordCorrect = $this->userManager->checkPassword($loginName, $newPassword);
+		}

 		if ($passwordCorrect !== false) {
 			$encryptedKey = $this->keyManager->getPrivateKey($uid);
@@ -24,6 +24,8 @@
 namespace OCA\Encryption\Hooks;


+use OC\Files\Filesystem;
+use OCP\IUserManager;
 use OCP\Util as OCUtil;
 use OCA\Encryption\Hooks\Contracts\IHook;
 use OCA\Encryption\KeyManager;
@@ -41,6 +43,10 @@ class UserHooks implements IHook {
 	 * @var KeyManager
 	 */
 	private $keyManager;
+	/**
+	 * @var IUserManager
+	 */
+	private $userManager;
 	/**
 	 * @var ILogger
 	 */
@@ -74,6 +80,7 @@ class UserHooks implements IHook {
 	 * UserHooks constructor.
 	 *
 	 * @param KeyManager $keyManager
+	 * @param IUserManager $userManager
 	 * @param ILogger $logger
 	 * @param Setup $userSetup
 	 * @param IUserSession $user
@@ -83,6 +90,7 @@ class UserHooks implements IHook {
 	 * @param Recovery $recovery
 	 */
 	public function __construct(KeyManager $keyManager,
+								IUserManager $userManager,
 								ILogger $logger,
 								Setup $userSetup,
 								IUserSession $user,
@@ -92,6 +100,7 @@ class UserHooks implements IHook {
 								Recovery $recovery) {

 		$this->keyManager = $keyManager;
+		$this->userManager = $userManager;
 		$this->logger = $logger;
 		$this->userSetup = $userSetup;
 		$this->user = $user;
@@ -196,7 +205,7 @@ class UserHooks implements IHook {
 	public function preSetPassphrase($params) {
 		if (App::isEnabled('encryption')) {

-			$user = $this->user->getUser();
+			$user = $this->userManager->get($params['uid']);

 			if ($user && !$user->canChangePassword()) {
 				$this->setPassphrase($params);
@@ -236,6 +245,7 @@ class UserHooks implements IHook {
 			// used to decrypt it has changed
 		} else { // admin changed the password for a different user, create new keys and re-encrypt file keys
 			$user = $params['uid'];
+			$this->initMountPoints($user);
 			$recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null;

 			// we generate new keys if...
@@ -275,6 +285,15 @@ class UserHooks implements IHook {
 		}
 	}

+	/**
+	 * init mount points for given user
+	 *
+	 * @param string $user
+	 * @throws \OC\User\NoUserException
+	 */
+	protected function initMountPoints($user) {
+		Filesystem::initMountPoints($user);
+	}


 	/**
@@ -49,7 +49,7 @@ class Crypt {
 	 */
 	private $logger;
 	/**
-	 * @var IUser
+	 * @var string
 	 */
 	private $user;
 	/**
@@ -64,7 +64,7 @@ class Crypt {
 	 */
 	public function __construct(ILogger $logger, IUserSession $userSession, IConfig $config) {
 		$this->logger = $logger;
-		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false;
+		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"';
 		$this->config = $config;
 	}

@@ -79,7 +79,7 @@ class Crypt {
 		$res = $this->getOpenSSLPKey();

 		if (!$res) {
-			$log->error("Encryption Library couldn't generate users key-pair for {$this->user->getUID()}",
+			$log->error("Encryption Library couldn't generate users key-pair for {$this->user}",
 				['app' => 'encryption']);

 			if (openssl_error_string()) {
@@ -98,7 +98,7 @@ class Crypt {
 				'privateKey' => $privateKey
 			];
 		}
-		$log->error('Encryption library couldn\'t export users private key, please check your servers OpenSSL configuration.' . $this->user->getUID(),
+		$log->error('Encryption library couldn\'t export users private key, please check your servers OpenSSL configuration.' . $this->user,
 			['app' => 'encryption']);
 		if (openssl_error_string()) {
 			$log->error('Encryption Library:' . openssl_error_string(),
@@ -311,7 +311,11 @@ class Encryption implements IEncryptionModule {

 			$publicKeys = array();
 			foreach ($accessList['users'] as $user) {
-				$publicKeys[$user] = $this->keyManager->getPublicKey($user);
+				try {
+					$publicKeys[$user] = $this->keyManager->getPublicKey($user);
+				} catch (PublicKeyMissingException $e) {
+					$this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
+				}
 			}

 			$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
@@ -406,19 +406,36 @@ class KeyManager {
 	}

 	/**
-	 * @param $userId
+	 * check if user has a private and a public key
+	 *
+	 * @param string $userId
 	 * @return bool
+	 * @throws PrivateKeyMissingException
+	 * @throws PublicKeyMissingException
 	 */
 	public function userHasKeys($userId) {
+		$privateKey = $publicKey = true;
+
 		try {
 			$this->getPrivateKey($userId);
-			$this->getPublicKey($userId);
 		} catch (PrivateKeyMissingException $e) {
-			return false;
-		} catch (PublicKeyMissingException $e) {
-			return false;
+			$privateKey = false;
+			$exception = $e;
+		}
+		try {
+			$this->getPublicKey($userId);
+		} catch (PublicKeyMissingException $e) {
+			$publicKey = false;
+			$exception = $e;
+		}
+
+		if ($privateKey && $publicKey) {
+			return true;
+		} elseif (!$privateKey && !$publicKey) {
+			return false;
+		} else {
+			throw $exception;
 		}
-		return true;
 	}

 	/**
@@ -26,6 +26,7 @@ namespace OCA\Encryption;
 use OC\DB\Connection;
 use OC\Files\View;
 use OCP\IConfig;
+use OCP\ILogger;

 class Migration {

@@ -36,21 +37,28 @@ class Migration {
 	private $connection;
 	/** @var IConfig */
 	private $config;
+	/** @var  ILogger */
+	private $logger;
+	/** @var string*/
+	protected $installedVersion;

 	/**
 	 * @param IConfig $config
 	 * @param View $view
 	 * @param Connection $connection
+	 * @param ILogger $logger
 	 */
-	public function __construct(IConfig $config, View $view, Connection $connection) {
+	public function __construct(IConfig $config, View $view, Connection $connection, ILogger $logger) {
 		$this->view = $view;
 		$this->view->getUpdater()->disable();
 		$this->connection = $connection;
 		$this->moduleId = \OCA\Encryption\Crypto\Encryption::ID;
 		$this->config = $config;
+		$this->logger = $logger;
+		$this->installedVersion = $this->config->getAppValue('files_encryption', 'installed_version', '-1');
 	}

-	public function __destruct() {
+	public function finalCleanUp() {
 		$this->view->deleteAll('files_encryption/public_keys');
 		$this->updateFileCache();
 		$this->config->deleteAppValue('files_encryption', 'installed_version');
@@ -60,12 +68,16 @@ class Migration {
 	 * update file cache, copy unencrypted_size to the 'size' column
 	 */
 	private function updateFileCache() {
-		$query = $this->connection->createQueryBuilder();
-		$query->update('`*PREFIX*filecache`')
-			->set('`size`', '`unencrypted_size`')
-			->where($query->expr()->eq('`encrypted`', ':encrypted'))
-			->setParameter('encrypted', 1);
-		$query->execute();
+		// make sure that we don't update the file cache multiple times
+		// only update during the first run
+		if ($this->installedVersion !== '-1') {
+			$query = $this->connection->createQueryBuilder();
+			$query->update('`*PREFIX*filecache`')
+				->set('`size`', '`unencrypted_size`')
+				->where($query->expr()->eq('`encrypted`', ':encrypted'))
+				->setParameter('encrypted', 1);
+			$query->execute();
+		}
 	}

 	/**
@@ -138,27 +150,43 @@ class Migration {
 	 */
 	public function updateDB() {

+		// make sure that we don't update the file cache multiple times
+		// only update during the first run
+		if ($this->installedVersion === '-1') {
+			return;
+		}
+
 		// delete left-over from old encryption which is no longer needed
 		$this->config->deleteAppValue('files_encryption', 'ocsid');
 		$this->config->deleteAppValue('files_encryption', 'types');
 		$this->config->deleteAppValue('files_encryption', 'enabled');

+		$oldAppValues = $this->connection->createQueryBuilder();
+		$oldAppValues->select('*')
+			->from('`*PREFIX*appconfig`')
+			->where($oldAppValues->expr()->eq('`appid`', ':appid'))
+			->setParameter('appid', 'files_encryption');
+		$appSettings = $oldAppValues->execute();

-		$query = $this->connection->createQueryBuilder();
-		$query->update('`*PREFIX*appconfig`')
-			->set('`appid`', ':newappid')
-			->where($query->expr()->eq('`appid`', ':oldappid'))
-			->setParameter('oldappid', 'files_encryption')
-			->setParameter('newappid', 'encryption');
-		$query->execute();
+		while ($row = $appSettings->fetch()) {
+			// 'installed_version' gets deleted at the end of the migration process
+			if ($row['configkey'] !== 'installed_version' ) {
+				$this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']);
+				$this->config->deleteAppValue('files_encryption', $row['configkey']);
+			}
+		}

-		$query = $this->connection->createQueryBuilder();
-		$query->update('`*PREFIX*preferences`')
-			->set('`appid`', ':newappid')
-			->where($query->expr()->eq('`appid`', ':oldappid'))
-			->setParameter('oldappid', 'files_encryption')
-			->setParameter('newappid', 'encryption');
-		$query->execute();
+		$oldPreferences = $this->connection->createQueryBuilder();
+		$oldPreferences->select('*')
+			->from('`*PREFIX*preferences`')
+			->where($oldPreferences->expr()->eq('`appid`', ':appid'))
+			->setParameter('appid', 'files_encryption');
+		$preferenceSettings = $oldPreferences->execute();
+
+		while ($row = $preferenceSettings->fetch()) {
+			$this->config->setUserValue($row['userid'], 'encryption', $row['configkey'], $row['configvalue']);
+			$this->config->deleteUserValue($row['userid'], 'files_encryption', $row['configkey']);
+		}
 	}

 	/**
@@ -224,9 +252,10 @@ class Migration {
 	private function renameUsersPrivateKey($user) {
 		$oldPrivateKey = $user . '/files_encryption/' . $user . '.privateKey';
 		$newPrivateKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.privateKey';
-		$this->createPathForKeys(dirname($newPrivateKey));
-
-		$this->view->rename($oldPrivateKey, $newPrivateKey);
+		if ($this->view->file_exists($oldPrivateKey)) {
+			$this->createPathForKeys(dirname($newPrivateKey));
+			$this->view->rename($oldPrivateKey, $newPrivateKey);
+		}
 	}

 	/**
@@ -237,9 +266,10 @@ class Migration {
 	private function renameUsersPublicKey($user) {
 		$oldPublicKey = '/files_encryption/public_keys/' . $user . '.publicKey';
 		$newPublicKey = $user . '/files_encryption/' . $this->moduleId . '/' . $user . '.publicKey';
-		$this->createPathForKeys(dirname($newPublicKey));
-
-		$this->view->rename($oldPublicKey, $newPublicKey);
+		if ($this->view->file_exists($oldPublicKey)) {
+			$this->createPathForKeys(dirname($newPublicKey));
+			$this->view->rename($oldPublicKey, $newPublicKey);
+		}
 	}

 	/**
@@ -251,6 +281,11 @@ class Migration {
 	 */
 	private function renameFileKeys($user, $path, $trash = false) {

+		if ($this->view->is_dir($user . '/' . $path) === false) {
+			$this->logger->info('Skip dir /' . $user . '/' . $path . ': does not exist');
+			return;
+		}
+
 		$dh = $this->view->opendir($user . '/' . $path);

 		if (is_resource($dh)) {
@@ -260,8 +295,15 @@ class Migration {
 						$this->renameFileKeys($user, $path . '/' . $file, $trash);
 					} else {
 						$target = $this->getTargetDir($user, $path, $file, $trash);
-						$this->createPathForKeys(dirname($target));
-						$this->view->rename($user . '/' . $path . '/' . $file, $target);
+						if ($target !== false) {
+							$this->createPathForKeys(dirname($target));
+							$this->view->rename($user . '/' . $path . '/' . $file, $target);
+						} else {
+							$this->logger->warning(
+								'did not move key "' . $file
+								. '" could not find the corresponding file in /data/' . $user . '/files.'
+							. 'Most likely the key was already moved in a previous migration run and is already on the right place.');
+						}
 					}
 				}
 			}
@@ -269,23 +311,51 @@ class Migration {
 		}
 	}

+	/**
+	 * get system mount points
+	 * wrap static method so that it can be mocked for testing
+	 *
+	 * @internal
+	 * @return array
+	 */
+	protected function getSystemMountPoints() {
+		return \OC_Mount_Config::getSystemMountPoints();
+	}
+
 	/**
 	 * generate target directory
 	 *
 	 * @param string $user
-	 * @param string $filePath
+	 * @param string $keyPath
 	 * @param string $filename
 	 * @param bool $trash
 	 * @return string
 	 */
-	private function getTargetDir($user, $filePath, $filename, $trash) {
+	private function getTargetDir($user, $keyPath, $filename, $trash) {
 		if ($trash) {
-			$targetDir = $user . '/files_encryption/keys/files_trashbin/' . substr($filePath, strlen('/files_trashbin/keys/')) . '/' . $this->moduleId . '/' . $filename;
+			$filePath = substr($keyPath, strlen('/files_trashbin/keys/'));
+			$targetDir = $user . '/files_encryption/keys/files_trashbin/' . $filePath . '/' . $this->moduleId . '/' . $filename;
 		} else {
-			$targetDir = $user . '/files_encryption/keys/files/' . substr($filePath, strlen('/files_encryption/keys/')) . '/' . $this->moduleId . '/' . $filename;
+			$filePath = substr($keyPath, strlen('/files_encryption/keys/'));
+			$targetDir = $user . '/files_encryption/keys/files/' . $filePath . '/' . $this->moduleId . '/' . $filename;
 		}

-		return $targetDir;
+		if ($user === '') {
+			// for system wide mounts we need to check if the mount point really exists
+			$normalized = \OC\Files\Filesystem::normalizePath($filePath);
+			$systemMountPoints = $this->getSystemMountPoints();
+			foreach ($systemMountPoints as $mountPoint) {
+				$normalizedMountPoint = \OC\Files\Filesystem::normalizePath($mountPoint['mountpoint']) . '/';
+				if (strpos($normalized, $normalizedMountPoint) === 0)
+					return $targetDir;
+			}
+		} else if ($trash === false && $this->view->file_exists('/' . $user. '/files/' . $filePath)) {
+			return $targetDir;
+		} else if ($trash === true && $this->view->file_exists('/' . $user. '/files_trashbin/' . $filePath)) {
+				return $targetDir;
+			}
+
+		return false;
 	}

 	/**
@@ -54,6 +54,9 @@ class SettingsControllerTest extends TestCase {
 	/** @var \PHPUnit_Framework_MockObject_MockObject */
 	private $sessionMock;

+	/** @var  \PHPUnit_Framework_MockObject_MockObject */
+	private $ocSessionMock;
+
 	protected function setUp() {

 		parent::setUp();
@@ -91,9 +94,11 @@ class SettingsControllerTest extends TestCase {
 			])
 			->getMock();

+		$this->ocSessionMock = $this->getMockBuilder('\OCP\ISession')->disableOriginalConstructor()->getMock();
+
 		$this->userSessionMock->expects($this->any())
 			->method('getUID')
-			->willReturn('testUser');
+			->willReturn('testUserUid');

 		$this->userSessionMock->expects($this->any())
 			->method($this->anything())
@@ -110,7 +115,8 @@ class SettingsControllerTest extends TestCase {
 			$this->userSessionMock,
 			$this->keyManagerMock,
 			$this->cryptMock,
-			$this->sessionMock
+			$this->sessionMock,
+			$this->ocSessionMock
 		);
 	}

@@ -122,8 +128,10 @@ class SettingsControllerTest extends TestCase {
 		$oldPassword = 'old';
 		$newPassword = 'new';

+		$this->userSessionMock->expects($this->once())->method('getUID')->willReturn('uid');
+
 		$this->userManagerMock
-			->expects($this->once())
+			->expects($this->exactly(2))
 			->method('checkPassword')
 			->willReturn(false);

@@ -171,16 +179,22 @@ class SettingsControllerTest extends TestCase {
 		$oldPassword = 'old';
 		$newPassword = 'new';

-		$this->userSessionMock
-			->expects($this->once())
-			->method('getUID')
-			->willReturn('testUser');
+		$this->ocSessionMock->expects($this->once())
+			->method('get')->with('loginname')->willReturn('testUser');

 		$this->userManagerMock
-			->expects($this->once())
+			->expects($this->at(0))
 			->method('checkPassword')
+			->with('testUserUid', 'new')
+			->willReturn(false);
+		$this->userManagerMock
+			->expects($this->at(1))
+			->method('checkPassword')
+			->with('testUser', 'new')
 			->willReturn(true);

+
+
 		$this->cryptMock
 			->expects($this->once())
 			->method('decryptPrivateKey')
@@ -200,7 +214,7 @@ class SettingsControllerTest extends TestCase {
 		$this->keyManagerMock
 			->expects($this->once())
 			->method('setPrivateKey')
-			->with($this->equalTo('testUser'), $this->equalTo('header.encryptedKey'));
+			->with($this->equalTo('testUserUid'), $this->equalTo('header.encryptedKey'));

 		$this->sessionMock
 			->expects($this->once())
@@ -30,6 +30,12 @@ use OCA\Encryption\Crypto\Crypt;
 use OCA\Encryption\Hooks\UserHooks;
 use Test\TestCase;

+/**
+ * Class UserHooksTest
+ *
+ * @group DB
+ * @package OCA\Encryption\Tests\Hooks
+ */
 class UserHooksTest extends TestCase {
 	/**
 	 * @var \PHPUnit_Framework_MockObject_MockObject
@@ -47,6 +53,11 @@ class UserHooksTest extends TestCase {
 	 * @var \PHPUnit_Framework_MockObject_MockObject
 	 */
 	private $keyManagerMock;
+	/**
+	 * @var \PHPUnit_Framework_MockObject_MockObject
+	 */
+	private $userManagerMock;
+
 	/**
 	 * @var \PHPUnit_Framework_MockObject_MockObject
 	 */
@@ -101,11 +112,58 @@ class UserHooksTest extends TestCase {
 		$this->assertNull($this->instance->postDeleteUser($this->params));
 	}

-	public function testPreSetPassphrase() {
-		$this->userSessionMock->expects($this->once())
-			->method('canChangePassword');
+	/**
+	 * @dataProvider dataTestPreSetPassphrase
+	 */
+	public function testPreSetPassphrase($canChange) {

-		$this->assertNull($this->instance->preSetPassphrase($this->params));
+		/** @var UserHooks | \PHPUnit_Framework_MockObject_MockObject  $instance */
+		$instance = $this->getMockBuilder('OCA\Encryption\Hooks\UserHooks')
+			->setConstructorArgs(
+				[
+					$this->keyManagerMock,
+					$this->userManagerMock,
+					$this->loggerMock,
+					$this->userSetupMock,
+					$this->userSessionMock,
+					$this->utilMock,
+					$this->sessionMock,
+					$this->cryptMock,
+					$this->recoveryMock
+				]
+			)
+			->setMethods(['setPassphrase'])
+			->getMock();
+
+		$userMock = $this->getMock('OCP\IUser');
+
+		$this->userManagerMock->expects($this->once())
+			->method('get')
+			->with($this->params['uid'])
+			->willReturn($userMock);
+		$userMock->expects($this->once())
+			->method('canChangePassword')
+			->willReturn($canChange);
+
+		if ($canChange) {
+			// in this case the password will be changed in the post hook
+			$instance->expects($this->never())->method('setPassphrase');
+		} else {
+			// if user can't change the password we update the encryption
+			// key password already in the pre hook
+			$instance->expects($this->once())
+				->method('setPassphrase')
+				->with($this->params);
+		}
+
+		$instance->preSetPassphrase($this->params);
+	}
+
+	public function dataTestPreSetPassphrase() {
+		return [
+			[true],
+			[false]
+		];
 	}

 	public function testSetPassphrase() {
@@ -139,6 +197,23 @@ class UserHooksTest extends TestCase {
 			->willReturnOnConsecutiveCalls(true, false);


+		$this->instance = $this->getMockBuilder('OCA\Encryption\Hooks\UserHooks')
+			->setConstructorArgs(
+				[
+					$this->keyManagerMock,
+					$this->userManagerMock,
+					$this->loggerMock,
+					$this->userSetupMock,
+					$this->userSessionMock,
+					$this->utilMock,
+					$this->sessionMock,
+					$this->cryptMock,
+					$this->recoveryMock
+				]
+			)->setMethods(['initMountPoints'])->getMock();
+
+		$this->instance->expects($this->exactly(3))->method('initMountPoints');
+
 		// Test first if statement
 		$this->assertNull($this->instance->setPassphrase($this->params));

@@ -185,15 +260,20 @@ class UserHooksTest extends TestCase {
 			->with('testUser')
 			->willReturn(false);

-		$userHooks = new UserHooks($this->keyManagerMock,
-			$this->loggerMock,
-			$this->userSetupMock,
-			$userSessionMock,
-			$this->utilMock,
-			$this->sessionMock,
-			$this->cryptMock,
-			$this->recoveryMock
-		);
+		$userHooks = $this->getMockBuilder('OCA\Encryption\Hooks\UserHooks')
+			->setConstructorArgs(
+				[
+					$this->keyManagerMock,
+					$this->userManagerMock,
+					$this->loggerMock,
+					$this->userSetupMock,
+					$userSessionMock,
+					$this->utilMock,
+					$this->sessionMock,
+					$this->cryptMock,
+					$this->recoveryMock
+				]
+			)->setMethods(['initMountPoints'])->getMock();

 		$this->assertNull($userHooks->setPassphrase($this->params));
 	}
@@ -216,6 +296,9 @@ class UserHooksTest extends TestCase {
 		$this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager')
 			->disableOriginalConstructor()
 			->getMock();
+		$this->userManagerMock = $this->getMockBuilder('OCP\IUserManager')
+			->disableOriginalConstructor()
+			->getMock();
 		$this->userSetupMock = $this->getMockBuilder('OCA\Encryption\Users\Setup')
 			->disableOriginalConstructor()
 			->getMock();
@@ -258,6 +341,7 @@ class UserHooksTest extends TestCase {
 		$this->recoveryMock = $recoveryMock;
 		$this->utilMock = $utilMock;
 		$this->instance = new UserHooks($this->keyManagerMock,
+			$this->userManagerMock,
 			$this->loggerMock,
 			$this->userSetupMock,
 			$this->userSessionMock,
@@ -182,18 +182,62 @@ class KeyManagerTest extends TestCase {
 		);
 	}

-	public function testUserHasKeys() {
+	/**
+	 * @dataProvider dataTestUserHasKeys
+	 */
+	public function testUserHasKeys($key, $expected) {
 		$this->keyStorageMock->expects($this->exactly(2))
 			->method('getUserKey')
 			->with($this->equalTo($this->userId), $this->anything())
-			->willReturn('key');
+			->willReturn($key);


-		$this->assertTrue(
+		$this->assertSame($expected,
 			$this->instance->userHasKeys($this->userId)
 		);
 	}

+	public function dataTestUserHasKeys() {
+		return [
+			['key', true],
+			['', false]
+		];
+	}
+
+	/**
+	 * @expectedException \OCA\Encryption\Exceptions\PrivateKeyMissingException
+	 */
+	public function testUserHasKeysMissingPrivateKey() {
+		$this->keyStorageMock->expects($this->exactly(2))
+			->method('getUserKey')
+			->willReturnCallback(function ($uid, $keyID, $encryptionModuleId) {
+				if ($keyID=== 'privateKey') {
+					return '';
+				}
+				return 'key';
+			});
+
+		$this->instance->userHasKeys($this->userId);
+	}
+
+	/**
+	 * @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException
+	 */
+	public function testUserHasKeysMissingPublicKey() {
+		$this->keyStorageMock->expects($this->exactly(2))
+			->method('getUserKey')
+			->willReturnCallback(function ($uid, $keyID, $encryptionModuleId){
+				if ($keyID === 'publicKey') {
+					return '';
+				}
+				return 'key';
+			});
+
+		$this->instance->userHasKeys($this->userId);
+
+	}
+
+
 	public function testInit() {
 		$this->keyStorageMock->expects($this->any())
 			->method('getUserKey')
@@ -24,6 +24,7 @@
 namespace OCA\Encryption\Tests;

 use OCA\Encryption\Migration;
+use OCP\ILogger;

 class MigrationTest extends \Test\TestCase {

@@ -37,6 +38,9 @@ class MigrationTest extends \Test\TestCase {
 	private $recovery_key_id = 'recovery_key_id';
 	private $moduleId;

+	/** @var  PHPUnit_Framework_MockObject_MockObject | ILogger */
+	private $logger;
+
 	public static function setUpBeforeClass() {
 		parent::setUpBeforeClass();
 		\OC_User::createUser(self::TEST_ENCRYPTION_MIGRATION_USER1, 'foo');
@@ -53,6 +57,7 @@ class MigrationTest extends \Test\TestCase {


 	public function setUp() {
+		$this->logger = $this->getMockBuilder('\OCP\ILogger')->disableOriginalConstructor()->getMock();
 		$this->view = new \OC\Files\View();
 		$this->moduleId = \OCA\Encryption\Crypto\Encryption::ID;
 	}
@@ -100,6 +105,17 @@ class MigrationTest extends \Test\TestCase {
 		$this->view->file_put_contents($uid . '/files_encryption/keys/folder2/file.2.1/fileKey'  , 'data');
 	}

+	protected function createDummyFiles($uid) {
+		$this->view->mkdir($uid . '/files/folder1/folder2/folder3/file3');
+		$this->view->mkdir($uid . '/files/folder1/folder2/file2');
+		$this->view->mkdir($uid . '/files/folder1/file.1');
+		$this->view->mkdir($uid . '/files/folder2/file.2.1');
+		$this->view->file_put_contents($uid . '/files/folder1/folder2/folder3/file3/fileKey'  , 'data');
+		$this->view->file_put_contents($uid . '/files/folder1/folder2/file2/fileKey'  , 'data');
+		$this->view->file_put_contents($uid . '/files/folder1/file.1/fileKey'  , 'data');
+		$this->view->file_put_contents($uid . '/files/folder2/file.2.1/fileKey'  , 'data');
+	}
+
 	protected function createDummyFilesInTrash($uid) {
 		$this->view->mkdir($uid . '/files_trashbin/keys/file1.d5457864');
 		$this->view->mkdir($uid . '/files_trashbin/keys/folder1.d7437648723/file2');
@@ -109,6 +125,11 @@ class MigrationTest extends \Test\TestCase {

 		$this->view->file_put_contents($uid . '/files_trashbin/keys/file1.d5457864/fileKey' , 'data');
 		$this->view->file_put_contents($uid . '/files_trashbin/keys/folder1.d7437648723/file2/fileKey' , 'data');
+
+		// create the files itself
+		$this->view->mkdir($uid . '/files_trashbin/folder1.d7437648723');
+		$this->view->file_put_contents($uid . '/files_trashbin/file1.d5457864' , 'data');
+		$this->view->file_put_contents($uid . '/files_trashbin/folder1.d7437648723/file2' , 'data');
 	}

 	protected function createDummySystemWideKeys() {
@@ -118,7 +139,6 @@ class MigrationTest extends \Test\TestCase {
 		$this->view->file_put_contents('files_encryption/systemwide_2.privateKey', 'data');
 		$this->view->file_put_contents('files_encryption/public_keys/systemwide_1.publicKey', 'data');
 		$this->view->file_put_contents('files_encryption/public_keys/systemwide_2.publicKey', 'data');
-
 	}

 	public function testMigrateToNewFolderStructure() {
@@ -134,6 +154,10 @@ class MigrationTest extends \Test\TestCase {
 		$this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER2);
 		$this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER3);

+		$this->createDummyFiles(self::TEST_ENCRYPTION_MIGRATION_USER1);
+		$this->createDummyFiles(self::TEST_ENCRYPTION_MIGRATION_USER2);
+		$this->createDummyFiles(self::TEST_ENCRYPTION_MIGRATION_USER3);
+
 		$this->createDummyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2);

 		// no user for system wide mount points
@@ -142,7 +166,21 @@ class MigrationTest extends \Test\TestCase {

 		$this->createDummySystemWideKeys();

-		$m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection());
+		$m = $this->getMockBuilder('OCA\Encryption\Migration')
+			->setConstructorArgs(
+				[
+					\OC::$server->getConfig(),
+					new \OC\Files\View(),
+					\OC::$server->getDatabaseConnection(),
+					$this->logger
+				]
+			)->setMethods(['getSystemMountPoints'])->getMock();
+
+		$m->expects($this->any())->method('getSystemMountPoints')
+			->willReturn([['mountpoint' => 'folder1'], ['mountpoint' => 'folder2']]);
+
+		$m->reorganizeFolderStructure();
+		// even if it runs twice folder should always move only once
 		$m->reorganizeFolderStructure();

 		$this->assertTrue(
@@ -242,6 +280,12 @@ class MigrationTest extends \Test\TestCase {
 		$config->setAppValue('files_encryption', 'recoveryAdminEnabled', '1');
 		$config->setUserValue(self::TEST_ENCRYPTION_MIGRATION_USER1, 'files_encryption', 'recoverKeyEnabled', '1');

+		//$this->invokePrivate($config, 'cache', [[]]);
+		$cache = $this->invokePrivate(\OC::$server->getAppConfig(), 'cache');
+		unset($cache['encryption']);
+		unset($cache['files_encryption']);
+		$this->invokePrivate(\OC::$server->getAppConfig(), 'cache', [$cache]);
+
 		// delete default values set by the encryption app during initialization

 		/** @var \OC\DB\Connection $connection */
@@ -261,7 +305,8 @@ class MigrationTest extends \Test\TestCase {
 	public function testUpdateDB() {
 		$this->prepareDB();

-		$m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection());
+		$m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection(), $this->logger);
+		$this->invokePrivate($m, 'installedVersion', ['0.7']);
 		$m->updateDB();

 		$this->verifyDB('`*PREFIX*appconfig`', 'files_encryption', 0);
@@ -271,6 +316,59 @@ class MigrationTest extends \Test\TestCase {

 	}

+	/**
+	 * test update db if the db already contain some existing new values
+	 */
+	public function testUpdateDBExistingNewConfig() {
+		$this->prepareDB();
+		$config = \OC::$server->getConfig();
+		$config->setAppValue('encryption', 'publicShareKeyId', 'wrong_share_id');
+		$config->setUserValue(self::TEST_ENCRYPTION_MIGRATION_USER1, 'encryption', 'recoverKeyEnabled', '9');
+
+		$m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection(), $this->logger);
+		$this->invokePrivate($m, 'installedVersion', ['0.7']);
+		$m->updateDB();
+
+		$this->verifyDB('`*PREFIX*appconfig`', 'files_encryption', 0);
+		$this->verifyDB('`*PREFIX*preferences`', 'files_encryption', 0);
+		$this->verifyDB('`*PREFIX*appconfig`', 'encryption', 3);
+		$this->verifyDB('`*PREFIX*preferences`', 'encryption', 1);
+
+		// check if the existing values where overwritten correctly
+		/** @var \OC\DB\Connection $connection */
+		$connection = \OC::$server->getDatabaseConnection();
+		$query = $connection->createQueryBuilder();
+		$query->select('`configvalue`')
+			->from('`*PREFIX*appconfig`')
+			->where($query->expr()->andX(
+				$query->expr()->eq('`appid`', ':appid'),
+				$query->expr()->eq('`configkey`', ':configkey')
+			))
+			->setParameter('appid', 'encryption')
+			->setParameter('configkey', 'publicShareKeyId');
+		$result = $query->execute();
+		$value = $result->fetch();
+		$this->assertTrue(isset($value['configvalue']));
+		$this->assertSame('share_id', $value['configvalue']);
+
+		$query = $connection->createQueryBuilder();
+		$query->select('`configvalue`')
+			->from('`*PREFIX*preferences`')
+			->where($query->expr()->andX(
+				$query->expr()->eq('`appid`', ':appid'),
+				$query->expr()->eq('`configkey`', ':configkey'),
+				$query->expr()->eq('`userid`', ':userid')
+			))
+			->setParameter('appid', 'encryption')
+			->setParameter('configkey', 'recoverKeyEnabled')
+			->setParameter('userid', self::TEST_ENCRYPTION_MIGRATION_USER1);
+		$result = $query->execute();
+		$value = $result->fetch();
+		$this->assertTrue(isset($value['configvalue']));
+		$this->assertSame('1', $value['configvalue']);
+
+	}
+
 	public function verifyDB($table, $appid, $expected) {
 		/** @var \OC\DB\Connection $connection */
 		$connection = \OC::$server->getDatabaseConnection();
@@ -291,7 +389,8 @@ class MigrationTest extends \Test\TestCase {
 	 */
 	public function testUpdateFileCache() {
 		$this->prepareFileCache();
-		$m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection());
+		$m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection(), $this->logger);
+		$this->invokePrivate($m, 'installedVersion', ['0.7']);
 		self::invokePrivate($m, 'updateFileCache');

 		// check results
@@ -353,4 +452,80 @@ class MigrationTest extends \Test\TestCase {
 		$this->assertSame(19, count($result));
 	}

+	/**
+	 * @dataProvider dataTestGetTargetDir
+	 */
+	public function testGetTargetDir($user, $keyPath, $filename, $trash, $systemMounts, $expected) {
+
+		$updater = $this->getMockBuilder('\OC\Files\Cache\Updater')
+			->disableOriginalConstructor()->getMock();
+		$view = $this->getMockBuilder('\OC\Files\View')
+			->disableOriginalConstructor()->getMock();
+		$view->expects($this->any())->method('file_exists')->willReturn(true);
+		$view->expects($this->any())->method('getUpdater')->willReturn($updater);
+
+
+		$m = $this->getMockBuilder('OCA\Encryption\Migration')
+			->setConstructorArgs(
+				[
+					\OC::$server->getConfig(),
+					$view,
+					\OC::$server->getDatabaseConnection(),
+					$this->logger
+				]
+			)->setMethods(['getSystemMountPoints'])->getMock();
+
+		$m->expects($this->any())->method('getSystemMountPoints')
+			->willReturn($systemMounts);
+
+		$this->assertSame($expected,
+			$this->invokePrivate($m, 'getTargetDir', [$user, $keyPath, $filename, $trash])
+		);
+	}
+
+	public function dataTestGetTargetDir() {
+		return [
+			[
+				'user1',
+				'/files_encryption/keys/foo/bar.txt',
+				'user1.shareKey',
+				false,
+				[],
+				'user1/files_encryption/keys/files/foo/bar.txt/OC_DEFAULT_MODULE/user1.shareKey'
+			],
+			[
+				'user1',
+				'/files_trashbin/keys/foo/bar.txt',
+				'user1.shareKey',
+				true,
+				[],
+				'user1/files_encryption/keys/files_trashbin/foo/bar.txt/OC_DEFAULT_MODULE/user1.shareKey'
+			],
+			[
+				'',
+				'/files_encryption/keys/foo/bar.txt',
+				'user1.shareKey',
+				false,
+				[['mountpoint' => 'foo']],
+				'/files_encryption/keys/files/foo/bar.txt/OC_DEFAULT_MODULE/user1.shareKey'
+			],
+			[
+				'',
+				'/files_encryption/keys/foo/bar.txt',
+				'user1.shareKey',
+				false,
+				[['mountpoint' => 'foobar']],
+				false
+			],
+			[
+				'',
+				'/files_encryption/keys/foobar/bar.txt',
+				'user1.shareKey',
+				false,
+				[['mountpoint' => 'foo']],
+				false
+			]
+		];
+	}
+
 }
@@ -224,7 +224,6 @@ class EncryptionTest extends TestCase {
 		$this->assertSame($expected,
 			$this->instance->update('path', 'user1', ['users' => ['user1']])
 		);
-
 	}

 	public function dataTestUpdate() {
@@ -234,6 +233,43 @@ class EncryptionTest extends TestCase {
 		);
 	}

+	/**
+	 * Test case if the public key is missing. ownCloud should still encrypt
+	 * the file for the remaining users
+	 */
+	public function testUpdateMissingPublicKey() {
+		$this->keyManagerMock->expects($this->once())
+			->method('getFileKey')->willReturn('fileKey');
+
+		$this->keyManagerMock->expects($this->any())
+			->method('getPublicKey')->willReturnCallback(
+				function($user) {
+					throw new PublicKeyMissingException($user);
+				}
+			);
+
+		$this->keyManagerMock->expects($this->any())
+			->method('addSystemKeys')
+			->willReturnCallback(function($accessList, $publicKeys) {
+				return $publicKeys;
+			});
+
+		$this->cryptMock->expects($this->once())->method('multiKeyEncrypt')
+			->willReturnCallback(
+				function($fileKey, $publicKeys) {
+					$this->assertEmpty($publicKeys);
+					$this->assertSame('fileKey', $fileKey);
+				}
+			);
+
+		$this->keyManagerMock->expects($this->never())->method('getVersion');
+		$this->keyManagerMock->expects($this->never())->method('setVersion');
+
+		$this->assertTrue(
+			$this->instance->update('path', 'user1', ['users' => ['user1']])
+		);
+	}
+
 	/**
 	 * by default the encryption module should encrypt regular files, files in
 	 * files_versions and files in files_trashbin
@@ -46,13 +46,18 @@ $listener = new ScanListener($eventSource);

 foreach ($users as $user) {
 	$eventSource->send('user', $user);
-	$scanner = new \OC\Files\Utils\Scanner($user, \OC::$server->getDatabaseConnection());
-	$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', array($listener, 'file'));
-	$scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', array($listener, 'folder'));
-	if ($force) {
-		$scanner->scan($dir);
-	} else {
-		$scanner->backgroundScan($dir);
+	$scanner = new \OC\Files\Utils\Scanner($user, \OC::$server->getDatabaseConnection(), \OC::$server->getLogger());
+	$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function () use ($listener) {
+		$listener->file();
+	});
+	try {
+		if ($force) {
+			$scanner->scan($dir);
+		} else {
+			$scanner->backgroundScan($dir);
+		}
+	} catch (\Exception $e) {
+		$eventSource->send('error', get_class($e) . ': ' . $e->getMessage());
 	}
 }

@@ -76,13 +81,6 @@ class ScanListener {
 		$this->eventSource = $eventSource;
 	}

-	/**
-	 * @param string $path
-	 */
-	public function folder($path) {
-		$this->eventSource->send('folder', $path);
-	}
-
 	public function file() {
 		$this->fileCount++;
 		if ($this->fileCount > $this->lastCount + 20) { //send a count update every 20 files
@@ -148,7 +148,7 @@ if ($maxUploadFileSize >= 0 and $totalSize > $maxUploadFileSize) {
 }

 $result = array();
-if (strpos($dir, '..') === false) {
+if (\OC\Files\Filesystem::isValidPath($dir) === true) {
 	$fileCount = count($files['name']);
 	for ($i = 0; $i < $fileCount; $i++) {

@@ -45,12 +45,12 @@ $server->setBaseUri($baseuri);

 // Load plugins
 $defaults = new OC_Defaults();
+$server->addPlugin(new \OC\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig()));
 $server->addPlugin(new \OC\Connector\Sabre\BlockLegacyClientPlugin(\OC::$server->getConfig()));
 $server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend, $defaults->getName()));
 // FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
 $server->addPlugin(new \OC\Connector\Sabre\DummyGetResponsePlugin());
 $server->addPlugin(new \OC\Connector\Sabre\FilesPlugin($objectTree));
-$server->addPlugin(new \OC\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig()));
 $server->addPlugin(new \OC\Connector\Sabre\ExceptionLoggerPlugin('webdav', \OC::$server->getLogger()));

 // wait with registering these until auth is handled and the filesystem is setup
@@ -0,0 +1,96 @@
+<?php
+/**
+ * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+$installedVersion = \OC::$server->getConfig()->getAppValue('files', 'installed_version');
+$ocVersion = explode('.', \OC::$server->getSystemConfig()->getValue('version'));
+
+/**
+ * In case encryption was not enabled, we accidently set encrypted = 1 for
+ * files inside mount points, since 8.1.0. This breaks opening the files in
+ * 8.1.1 because we fixed the code that checks if a file is encrypted.
+ * In order to fix the file, we need to reset the flag of the file. However,
+ * the flag might be set because the file is in fact encrypted because it was
+ * uploaded at a time where encryption was enabled.
+ *
+ * So we can only do this when:
+ * - Current version of ownCloud before the update is 8.1.0 or 8.2.0.(0-2)
+ * - Encryption is disabled
+ * - files_encryption is not known in the app config
+ *
+ * If the first two are not the case, we are save. However, if files_encryption
+ * values exist in the config, we might have a false negative here.
+ * Now if there is no file with unencrypted size greater 0, that means there are
+ * no files that are still encrypted with "files_encryption" encryption. So we
+ * can also safely reset the flag here.
+ *
+ * If this is not the case, we go with "better save then sorry" and don't change
+ * the flag but write a message to the ownCloud log file.
+ */
+
+/**
+ * @param \OCP\IDBConnection $conn
+ */
+function owncloud_reset_encrypted_flag(\OCP\IDBConnection $conn) {
+	$conn->executeUpdate('UPDATE `*PREFIX*filecache` SET `encrypted` = 0 WHERE `encrypted` = 1');
+}
+
+// Current version of ownCloud before the update is 8.1.0 or 8.2.0.(0-2)
+if ($installedVersion === '1.1.9' && (
+		// 8.1.0.x
+		(((int) $ocVersion[0]) === 8 && ((int) $ocVersion[1]) === 1 && ((int) $ocVersion[2]) === 0)
+		||
+		// < 8.1.1.1
+		(((int) $ocVersion[0]) === 8 && ((int) $ocVersion[1]) === 1 && ((int) $ocVersion[2]) === 1 && ((int) $ocVersion[3]) < 1)
+	)) {
+
+	// Encryption is not enabled
+	if (!\OC::$server->getEncryptionManager()->isEnabled()) {
+		$conn = \OC::$server->getDatabaseConnection();
+
+		// Old encryption is not known in app config
+		$oldEncryption = \OC::$server->getConfig()->getAppKeys('files_encryption');
+		if (empty($oldEncryption)) {
+			owncloud_reset_encrypted_flag($conn);
+		} else {
+			$query = $conn->prepare('SELECT * FROM `*PREFIX*filecache` WHERE `encrypted` = 1 AND `unencrypted_size` > 0', 1);
+			$query->execute();
+			$empty = $query->fetch();
+
+			if (empty($empty)) {
+				owncloud_reset_encrypted_flag($conn);
+			} else {
+				/**
+				 * Sorry in case you are a false positive, but we are not 100% that
+				 * you don't have any encrypted files anymore, so we can not reset
+				 * the value safely
+				 */
+				\OC::$server->getLogger()->warning(
+					'If you have a problem with files not being accessible and '
+					. 'you are not using encryption, please have a look at the following'
+					. 'issue: {issue}',
+					[
+						'issue' => 'https://github.com/owncloud/core/issues/17846',
+					]
+				);
+			}
+		}
+	}
+}
@@ -1 +1 @@
-1.1.9
+1.1.10
@@ -26,6 +26,7 @@
 namespace OCA\Files\Command;

 use OC\ForbiddenException;
+use OCP\Files\StorageNotAvailableException;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputInterface;
@@ -74,7 +75,7 @@ class Scan extends Command {
 	}

 	protected function scanFiles($user, $path, $quiet, OutputInterface $output) {
-		$scanner = new \OC\Files\Utils\Scanner($user, \OC::$server->getDatabaseConnection());
+		$scanner = new \OC\Files\Utils\Scanner($user, \OC::$server->getDatabaseConnection(), \OC::$server->getLogger());
 		if (!$quiet) {
 			$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
 				$output->writeln("Scanning file   <info>$path</info>");
@@ -82,6 +83,9 @@ class Scan extends Command {
 			$scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
 				$output->writeln("Scanning folder <info>$path</info>");
 			});
+			$scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
+				$output->writeln("Error while scanning, storage not available (" . $e->getMessage() . ")");
+			});
 		}
 		try {
 			$scanner->scan($path);
@@ -92,10 +96,10 @@ class Scan extends Command {
 	}

 	protected function execute(InputInterface $input, OutputInterface $output) {
-		$path = $input->getOption('path');
-		if ($path) {
-			$path = '/'.trim($path, '/');
-			list (, $user, ) = explode('/', $path, 3);
+		$inputPath = $input->getOption('path');
+		if ($inputPath) {
+			$inputPath = '/' . trim($inputPath, '/');
+			list (, $user,) = explode('/', $inputPath, 3);
 			$users = array($user);
 		} else if ($input->getOption('all')) {
 			$users = $this->userManager->search('');
@@ -114,6 +118,7 @@ class Scan extends Command {
 			if (is_object($user)) {
 				$user = $user->getUID();
 			}
+			$path = $inputPath ? $inputPath : '/' . $user;
 			if ($this->userManager->userExists($user)) {
 				$this->scanFiles($user, $path, $quiet, $output);
 			} else {
@@ -276,8 +276,6 @@
 			containerWidth -= $('#app-navigation-toggle').width();

 			this.breadcrumb.setMaxWidth(containerWidth - actionsWidth - 10);
-
-			this.updateSearch();
 		},

 		/**
@@ -1659,6 +1657,7 @@
 			}

 			this.$table.addClass('hidden');
+			this.$el.find('#emptycontent').addClass('hidden');

 			$mask = $('<div class="mask transparent"></div>');

@@ -116,7 +116,7 @@
 				ownerDisplayName = $('#ownerDisplayName').val();
 			if (usedSpacePercent > 98) {
 				if (owner !== oc_current_user) {
-					OC.Notification.show(t('files', 'Storage of {owner} is full, files can not be updated or synced anymore!',
+					OC.Notification.showTemporary(t('files', 'Storage of {owner} is full, files can not be updated or synced anymore!',
 						{ owner: ownerDisplayName }));
 					return;
 				}
@@ -125,7 +125,7 @@
 			}
 			if (usedSpacePercent > 90) {
 				if (owner !== oc_current_user) {
-					OC.Notification.show(t('files', 'Storage of {owner} is almost full ({usedSpacePercent}%)',
+					OC.Notification.showTemporary(t('files', 'Storage of {owner} is almost full ({usedSpacePercent}%)',
 						{ usedSpacePercent: usedSpacePercent,  owner: ownerDisplayName }));
 					return;
 				}
@@ -239,7 +239,6 @@

 			// display storage warnings
 			setTimeout(Files.displayStorageWarnings, 100);
-			OC.Notification.setDefault(Files.displayStorageWarnings);

 			// only possible at the moment if user is logged in or the files app is loaded
 			if (OC.currentUser && OCA.Files.App) {
@@ -1,6 +0,0 @@
-OC.L10N.register(
-    "files",
-    {
-    "Download" : "Download"
-},
-"nplurals=2; plural=(n != 1);");
@@ -1,4 +0,0 @@
-{ "translations": {
-    "Download" : "Download"
-},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
@@ -136,25 +136,26 @@ class Activity implements IExtension {
 			return false;
 		}

+		$l = $this->getL10N($languageCode);
 		switch ($text) {
 			case 'created_self':
-				return (string) $this->l->t('You created %1$s', $params);
+				return (string) $l->t('You created %1$s', $params);
 			case 'created_by':
-				return (string) $this->l->t('%2$s created %1$s', $params);
+				return (string) $l->t('%2$s created %1$s', $params);
 			case 'created_public':
-				return (string) $this->l->t('%1$s was created in a public folder', $params);
+				return (string) $l->t('%1$s was created in a public folder', $params);
 			case 'changed_self':
-				return (string) $this->l->t('You changed %1$s', $params);
+				return (string) $l->t('You changed %1$s', $params);
 			case 'changed_by':
-				return (string) $this->l->t('%2$s changed %1$s', $params);
+				return (string) $l->t('%2$s changed %1$s', $params);
 			case 'deleted_self':
-				return (string) $this->l->t('You deleted %1$s', $params);
+				return (string) $l->t('You deleted %1$s', $params);
 			case 'deleted_by':
-				return (string) $this->l->t('%2$s deleted %1$s', $params);
+				return (string) $l->t('%2$s deleted %1$s', $params);
 			case 'restored_self':
-				return (string) $this->l->t('You restored %1$s', $params);
+				return (string) $l->t('You restored %1$s', $params);
 			case 'restored_by':
-				return (string) $this->l->t('%2$s restored %1$s', $params);
+				return (string) $l->t('%2$s restored %1$s', $params);

 			default:
 				return false;
@@ -332,6 +333,7 @@ class Activity implements IExtension {
 			 */
 			$parameters = $fileQueryList = [];
 			$parameters[] = 'files';
+			$parameters[] = 'files';

 			$fileQueryList[] = '(`type` <> ? AND `type` <> ?)';
 			$parameters[] = self::TYPE_SHARE_CREATED;
@@ -346,10 +348,12 @@ class Activity implements IExtension {
 				$parameters[] = $favorite . '/%';
 			}

-			$parameters[] = 'files';
-
 			return [
-				' CASE WHEN `app` = ? THEN (' . implode(' OR ', $fileQueryList) . ') ELSE `app` <> ? END ',
+				' CASE '
+					. 'WHEN `app` <> ? THEN 1 '
+					. 'WHEN `app` = ? AND (' . implode(' OR ', $fileQueryList) . ') THEN 1 '
+					. 'ELSE 0 '
+				. 'END = 1 ',
 				$parameters,
 			];
 		}
@@ -42,6 +42,9 @@ class ActivityTest extends TestCase {
 	/** @var \PHPUnit_Framework_MockObject_MockObject */
 	protected $activityHelper;

+	/** @var \PHPUnit_Framework_MockObject_MockObject */
+	protected $l10nFactory;
+
 	/** @var \OCA\Files\Activity */
 	protected $activityExtension;

@@ -67,8 +70,28 @@ class ActivityTest extends TestCase {
 			$this->config
 		);

+		$this->l10nFactory = $this->getMockBuilder('OC\L10N\Factory')
+			->disableOriginalConstructor()
+			->getMock();
+		$deL10n = $this->getMockBuilder('OC_L10N')
+			->disableOriginalConstructor()
+			->getMock();
+		$deL10n->expects($this->any())
+			->method('t')
+			->willReturnCallback(function ($argument) {
+				return 'translate(' . $argument . ')';
+			});
+
+		$this->l10nFactory->expects($this->any())
+			->method('get')
+			->willReturnMap([
+				['files', null, new \OC_L10N('files', 'en')],
+				['files', 'en', new \OC_L10N('files', 'en')],
+				['files', 'de', $deL10n],
+			]);
+
 		$this->activityExtension = $activityExtension = new Activity(
-			new \OC\L10N\Factory(),
+			$this->l10nFactory,
 			$this->getMockBuilder('OCP\IURLGenerator')->disableOriginalConstructor()->getMock(),
 			$this->activityManager,
 			$this->activityHelper,
@@ -111,6 +134,26 @@ class ActivityTest extends TestCase {
 			$this->activityExtension->translate('files_sharing', '', [], false, false, 'en'),
 			'Asserting that no translations are set for files_sharing'
 		);
+
+		// Test english
+		$this->assertNotFalse(
+			$this->activityExtension->translate('files', 'deleted_self', ['file'], false, false, 'en'),
+			'Asserting that translations are set for files.deleted_self'
+		);
+		$this->assertStringStartsWith(
+			'You deleted ',
+			$this->activityExtension->translate('files', 'deleted_self', ['file'], false, false, 'en')
+		);
+
+		// Test translation
+		$this->assertNotFalse(
+			$this->activityExtension->translate('files', 'deleted_self', ['file'], false, false, 'de'),
+			'Asserting that translations are set for files.deleted_self'
+		);
+		$this->assertStringStartsWith(
+			'translate(You deleted ',
+			$this->activityExtension->translate('files', 'deleted_self', ['file'], false, false, 'de')
+		);
 	}

 	public function testGetSpecialParameterList() {
@@ -247,16 +290,16 @@ class ActivityTest extends TestCase {
 					'items' => [],
 					'folders' => [],
 				],
-				' CASE WHEN `app` = ? THEN ((`type` <> ? AND `type` <> ?)) ELSE `app` <> ? END ',
-				['files', Activity::TYPE_SHARE_CREATED, Activity::TYPE_SHARE_CHANGED, 'files']
+				' CASE WHEN `app` <> ? THEN 1 WHEN `app` = ? AND ((`type` <> ? AND `type` <> ?)) THEN 1 ELSE 0 END = 1 ',
+				['files', 'files', Activity::TYPE_SHARE_CREATED, Activity::TYPE_SHARE_CHANGED]
 			],
 			[
 				[
 					'items' => ['file.txt', 'folder'],
 					'folders' => ['folder'],
 				],
-				' CASE WHEN `app` = ? THEN ((`type` <> ? AND `type` <> ?) OR `file` = ? OR `file` = ? OR `file` LIKE ?) ELSE `app` <> ? END ',
-				['files', Activity::TYPE_SHARE_CREATED, Activity::TYPE_SHARE_CHANGED, 'file.txt', 'folder', 'folder/%', 'files']
+				' CASE WHEN `app` <> ? THEN 1 WHEN `app` = ? AND ((`type` <> ? AND `type` <> ?) OR `file` = ? OR `file` = ? OR `file` LIKE ?) THEN 1 ELSE 0 END = 1 ',
+				['files', 'files', Activity::TYPE_SHARE_CREATED, Activity::TYPE_SHARE_CHANGED, 'file.txt', 'folder', 'folder/%']
 			],
 		];
 	}
@@ -290,6 +333,19 @@ class ActivityTest extends TestCase {

 		$result = $this->activityExtension->getQueryForFilter('all');
 		$this->assertEquals([$query, $parameters], $result);
+
+		$this->executeQueryForFilter($result);
+	}
+
+	public function executeQueryForFilter(array $result) {
+		list($resultQuery, $resultParameters) = $result;
+		$resultQuery = str_replace('`file`', '`user`', $resultQuery);
+		$resultQuery = str_replace('`type`', '`key`', $resultQuery);
+
+		$connection = \OC::$server->getDatabaseConnection();
+		$result = $connection->executeQuery('SELECT * FROM `*PREFIX*privatedata` WHERE ' . $resultQuery, $resultParameters);
+		$rows = $result->fetchAll();
+		$result->closeCursor();
 	}

 	protected function mockUserSession($user) {
@@ -93,6 +93,7 @@ class ApiControllerTest extends TestCase {
 			[
 				'mtime' => 55,
 				'mimetype' => 'application/pdf',
+				'permissions' => 31,
 				'size' => 1234,
 				'etag' => 'MyEtag',
 			],
@@ -114,7 +115,7 @@ class ApiControllerTest extends TestCase {
 					'mtime' => 55000,
 					'icon' => \OCA\Files\Helper::determineIcon($fileInfo),
 					'name' => 'root.txt',
-					'permissions' => null,
+					'permissions' => 31,
 					'mimetype' => 'application/pdf',
 					'size' => 1234,
 					'type' => 'file',
@@ -142,6 +143,7 @@ class ApiControllerTest extends TestCase {
 			[
 				'mtime' => 55,
 				'mimetype' => 'application/pdf',
+				'permissions' => 31,
 				'size' => 1234,
 				'etag' => 'MyEtag',
 			],
@@ -158,6 +160,7 @@ class ApiControllerTest extends TestCase {
 			[
 				'mtime' => 999,
 				'mimetype' => 'application/binary',
+				'permissions' => 31,
 				'size' => 9876,
 				'etag' => 'SubEtag',
 			],
@@ -179,7 +182,7 @@ class ApiControllerTest extends TestCase {
 					'mtime' => 55000,
 					'icon' => \OCA\Files\Helper::determineIcon($fileInfo1),
 					'name' => 'root.txt',
-					'permissions' => null,
+					'permissions' => 31,
 					'mimetype' => 'application/pdf',
 					'size' => 1234,
 					'type' => 'file',
@@ -198,7 +201,7 @@ class ApiControllerTest extends TestCase {
 					'mtime' => 999000,
 					'icon' => \OCA\Files\Helper::determineIcon($fileInfo2),
 					'name' => 'root.txt',
-					'permissions' => null,
+					'permissions' => 31,
 					'mimetype' => 'application/binary',
 					'size' => 9876,
 					'type' => 'file',
@@ -1 +1,4 @@
 example.php
+icewind/smb/tests
+icewind/smb/install_libsmbclient.sh
+icewind/smb/.travis.yml
@@ -6,7 +6,7 @@
 		"vendor-dir": "."
 	},
 	"require": {
-		"icewind/smb": "1.0.1",
+		"icewind/smb": "1.0.4",
 		"icewind/streams": "0.2"
 	}
 }
@@ -1,23 +1,23 @@
 {
    "_readme": [
        "This file locks the dependencies of your project to a known state",
-        "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
+        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
        "This file is @generated automatically"
    ],
-    "hash": "7b46d64e33feb600c5f0ec830b211e6f",
+    "hash": "5c612406bc1235075305b09a5d6996a9",
    "packages": [
        {
            "name": "icewind/smb",
-            "version": "v1.0.1",
+            "version": "v1.0.4",
            "source": {
                "type": "git",
                "url": "https://github.com/icewind1991/SMB.git",
-                "reference": "8041bc1960bf2da94e60b88b34e5c78300eac476"
+                "reference": "9277bd20262a01b38a33cc7356e98055f2262d32"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/icewind1991/SMB/zipball/8041bc1960bf2da94e60b88b34e5c78300eac476",
-                "reference": "8041bc1960bf2da94e60b88b34e5c78300eac476",
+                "url": "https://api.github.com/repos/icewind1991/SMB/zipball/9277bd20262a01b38a33cc7356e98055f2262d32",
+                "reference": "9277bd20262a01b38a33cc7356e98055f2262d32",
                "shasum": ""
            },
            "require": {
@@ -45,7 +45,7 @@
                }
            ],
            "description": "php wrapper for smbclient and libsmbclient-php",
-            "time": "2015-04-20 11:16:24"
+            "time": "2015-08-17 14:20:38"
        },
        {
            "name": "icewind/streams",
@@ -43,17 +43,17 @@
    },
    {
        "name": "icewind/smb",
-        "version": "v1.0.1",
-        "version_normalized": "1.0.1.0",
+        "version": "v1.0.4",
+        "version_normalized": "1.0.4.0",
        "source": {
            "type": "git",
            "url": "https://github.com/icewind1991/SMB.git",
-            "reference": "8041bc1960bf2da94e60b88b34e5c78300eac476"
+            "reference": "9277bd20262a01b38a33cc7356e98055f2262d32"
        },
        "dist": {
            "type": "zip",
-            "url": "https://api.github.com/repos/icewind1991/SMB/zipball/8041bc1960bf2da94e60b88b34e5c78300eac476",
-            "reference": "8041bc1960bf2da94e60b88b34e5c78300eac476",
+            "url": "https://api.github.com/repos/icewind1991/SMB/zipball/9277bd20262a01b38a33cc7356e98055f2262d32",
+            "reference": "9277bd20262a01b38a33cc7356e98055f2262d32",
            "shasum": ""
        },
        "require": {
@@ -63,7 +63,7 @@
        "require-dev": {
            "satooshi/php-coveralls": "dev-master"
        },
-        "time": "2015-04-20 11:16:24",
+        "time": "2015-08-17 14:20:38",
        "type": "library",
        "installation-source": "source",
        "autoload": {
@@ -1,50 +0,0 @@
-language: php
-php:
-  - 5.3
-  - 5.4
-  - 5.5
-
-env:
-  global:
-    - CURRENT_DIR=`pwd`
-
-before_install:
-  - pass=$(perl -e 'print crypt("test", "password")')
-  - sudo useradd -m -p $pass test
-  - sudo apt-get update -qq
-  - sudo apt-get install samba smbclient libsmbclient-dev libsmbclient
-  - wget -O /tmp/libsmbclient-php.zip https://github.com/eduardok/libsmbclient-php/archive/master.zip
-  - unzip /tmp/libsmbclient-php.zip -d /tmp
-  - cd /tmp/libsmbclient-php-master
-  - phpize && ./configure && make && sudo make install
-  - echo 'extension="libsmbclient.so"' >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini
-  - cd $CURRENT_DIR
-  - chmod go+w $HOME
-  - printf "%s\n%s\n" test test|sudo smbpasswd -s test
-  - sudo mkdir /home/test/test
-  - sudo chown test /home/test/test
-  - |
-    echo "[test]
-    comment = test
-    path = /home/test
-    guest ok = yes
-    writeable = yes
-    map archive = yes
-    map system = yes
-    map hidden = yes
-    create mask = 0777
-    inherit permissions = yes" | sudo tee -a /etc/samba/smb.conf
-  - sudo service smbd restart
-  - testparm -s
-
-install:
-  - composer install --dev --no-interaction
-
-script:
-  - mkdir -p build/logs
-  - cd tests
-  - phpunit --coverage-clover ../build/logs/clover.xml --configuration phpunit.xml
-
-after_script:
- - cd $CURRENT_DIR
- - php vendor/bin/coveralls -v
@@ -0,0 +1,26 @@
+<?php
+/**
+ * Copyright (c) 2015 Robin Appelman <icewind@owncloud.com>
+ * This file is licensed under the Licensed under the MIT license:
+ * http://opensource.org/licenses/MIT
+ */
+
+namespace Icewind\SMB;
+
+use Icewind\SMB\Exception\InvalidPathException;
+
+abstract class AbstractShare implements IShare {
+	private $forbiddenCharacters;
+
+	public function __construct() {
+		$this->forbiddenCharacters = array('?', '<', '>', ':', '*', '|', '"', chr(0), "\n", "\r");
+	}
+
+	protected function verifyPath($path) {
+		foreach ($this->forbiddenCharacters as $char) {
+			if (strpos($path, $char) !== false) {
+				throw new InvalidPathException('Invalid path, "' . $char . '" is not allowed');
+			}
+		}
+	}
+}
@@ -8,8 +8,10 @@
 namespace Icewind\SMB;

 use Icewind\SMB\Exception\AuthenticationException;
+use Icewind\SMB\Exception\ConnectException;
 use Icewind\SMB\Exception\ConnectionException;
 use Icewind\SMB\Exception\InvalidHostException;
+use Icewind\SMB\Exception\NoLoginServerException;

 class Connection extends RawConnection {
 	const DELIMITER = 'smb:';
@@ -26,18 +28,25 @@ class Connection extends RawConnection {
 	/**
 	 * get all unprocessed output from smbclient until the next prompt
 	 *
-	 * @throws ConnectionException
 	 * @return string
+	 * @throws AuthenticationException
+	 * @throws ConnectException
+	 * @throws ConnectionException
+	 * @throws InvalidHostException
+	 * @throws NoLoginServerException
 	 */
 	public function read() {
 		if (!$this->isValid()) {
-			throw new ConnectionException();
+			throw new ConnectionException('Connection not valid');
 		}
 		$line = $this->readLine(); //first line is prompt
 		$this->checkConnectionError($line);

 		$output = array();
 		$line = $this->readLine();
+		if ($line === false) {
+			throw new ConnectException('Unknown error');
+		}
 		$length = mb_strlen(self::DELIMITER);
 		while (mb_substr($line, 0, $length) !== self::DELIMITER) { //next prompt functions as delimiter
 			$output[] .= $line;
@@ -52,20 +61,24 @@ class Connection extends RawConnection {
 	 * @param $line
 	 * @throws AuthenticationException
 	 * @throws InvalidHostException
+	 * @throws NoLoginServerException
 	 */
 	private function checkConnectionError($line) {
 		$line = rtrim($line, ')');
 		if (substr($line, -23) === ErrorCodes::LogonFailure) {
-			throw new AuthenticationException();
+			throw new AuthenticationException('Invalid login');
 		}
 		if (substr($line, -26) === ErrorCodes::BadHostName) {
-			throw new InvalidHostException();
+			throw new InvalidHostException('Invalid hostname');
 		}
 		if (substr($line, -22) === ErrorCodes::Unsuccessful) {
-			throw new InvalidHostException();
+			throw new InvalidHostException('Connection unsuccessful');
 		}
 		if (substr($line, -28) === ErrorCodes::ConnectionRefused) {
-			throw new InvalidHostException();
+			throw new InvalidHostException('Connection refused');
+		}
+		if (substr($line, -26) === ErrorCodes::NoLogonServers) {
+			throw new NoLoginServerException('No login server');
 		}
 	}

@@ -15,6 +15,7 @@ class ErrorCodes {
 	const BadHostName = 'NT_STATUS_BAD_NETWORK_NAME';
 	const Unsuccessful = 'NT_STATUS_UNSUCCESSFUL';
 	const ConnectionRefused = 'NT_STATUS_CONNECTION_REFUSED';
+	const NoLogonServers =  'NT_STATUS_NO_LOGON_SERVERS';

 	const PathNotFound = 'NT_STATUS_OBJECT_PATH_NOT_FOUND';
 	const NoSuchFile = 'NT_STATUS_NO_SUCH_FILE';
@@ -0,0 +1,10 @@
+<?php
+/**
+ * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
+ * This file is licensed under the Licensed under the MIT license:
+ * http://opensource.org/licenses/MIT
+ */
+
+namespace Icewind\SMB\Exception;
+
+class InvalidPathException extends InvalidRequestException {}
@@ -5,5 +5,6 @@
 * http://opensource.org/licenses/MIT
 */

-date_default_timezone_set('UTC');
-require_once __DIR__.'/../vendor/autoload.php';
+namespace Icewind\SMB\Exception;
+
+class NoLoginServerException extends ConnectException {}
@@ -24,12 +24,7 @@ class NativeServer extends Server {
 	}

 	protected function connect() {
-		$user = $this->getUser();
-		$workgroup = null;
-		if (strpos($user, '/')) {
-			list($workgroup, $user) = explode($user, '/');
-		}
-		$this->state->init($workgroup, $user, $this->getPassword());
+		$this->state->init($this->getWorkgroup(), $this->getUser(), $this->getPassword());
 	}

 	/**
@@ -7,7 +7,7 @@

 namespace Icewind\SMB;

-class NativeShare implements IShare {
+class NativeShare extends AbstractShare {
 	/**
 	 * @var Server $server
 	 */
@@ -28,6 +28,7 @@ class NativeShare implements IShare {
 	 * @param string $name
 	 */
 	public function __construct($server, $name) {
+		parent::__construct();
 		$this->server = $server;
 		$this->name = $name;
 		$this->state = new NativeState();
@@ -43,15 +44,7 @@ class NativeShare implements IShare {
 			return;
 		}

-		$user = $this->server->getUser();
-		if (strpos($user, '/')) {
-			list($workgroup, $user) = explode('/', $user);
-		} elseif (strpos($user, '\\')) {
-			list($workgroup, $user) = explode('\\', $user);
-		} else {
-			$workgroup = null;
-		}
-		$this->state->init($workgroup, $user, $this->server->getPassword());
+		$this->state->init($this->server->getWorkgroup(), $this->server->getUser(), $this->server->getPassword());
 	}

 	/**
@@ -64,6 +57,7 @@ class NativeShare implements IShare {
 	}

 	private function buildUrl($path) {
+		$this->verifyPath($path);
 		$url = sprintf('smb://%s/%s', $this->server->getHost(), $this->name);
 		if ($path) {
 			$path = trim($path, '/');
@@ -149,6 +143,7 @@ class NativeShare implements IShare {
 	 * @throws \Icewind\SMB\Exception\InvalidTypeException
 	 */
 	public function del($path) {
+		$this->connect();
 		return $this->state->unlink($this->buildUrl($path));
 	}

@@ -29,6 +29,11 @@ class Server {
 	 */
 	protected $password;

+	/**
+	 * @var string $workgroup
+	 */
+	protected $workgroup;
+
 	/**
 	 * Check if the smbclient php extension is available
 	 *
@@ -45,10 +50,28 @@ class Server {
 	 */
 	public function __construct($host, $user, $password) {
 		$this->host = $host;
+		list($workgroup, $user) = $this->splitUser($user);
 		$this->user = $user;
+		$this->workgroup = $workgroup;
 		$this->password = $password;
 	}

+	/**
+	 * Split workgroup from username
+	 *
+	 * @param $user
+	 * @return string[] [$workgroup, $user]
+	 */
+	public function splitUser($user) {
+		if (strpos($user, '/')) {
+			return explode('/', $user, 2);
+		} elseif (strpos($user, '\\')) {
+			return explode('\\', $user);
+		} else {
+			return array(null, $user);
+		}
+	}
+
 	/**
 	 * @return string
 	 */
@@ -77,6 +100,13 @@ class Server {
 		return $this->host;
 	}

+	/**
+	 * @return string
+	 */
+	public function getWorkgroup() {
+		return $this->workgroup;
+	}
+
 	/**
 	 * @return \Icewind\SMB\IShare[]
 	 *
@@ -84,7 +114,8 @@ class Server {
 	 * @throws \Icewind\SMB\Exception\InvalidHostException
 	 */
 	public function listShares() {
-		$command = Server::CLIENT . ' --authentication-file=/proc/self/fd/3' .
+		$workgroupArgument = ($this->workgroup) ? ' -W ' . escapeshellarg($this->workgroup) : '';
+		$command = Server::CLIENT . $workgroupArgument . ' --authentication-file=/proc/self/fd/3' .
 			' -gL ' . escapeshellarg($this->getHost());
 		$connection = new RawConnection($command);
 		$connection->writeAuthentication($this->getUser(), $this->getPassword());
@@ -7,17 +7,13 @@

 namespace Icewind\SMB;

-use Icewind\SMB\Exception\AccessDeniedException;
-use Icewind\SMB\Exception\AlreadyExistsException;
 use Icewind\SMB\Exception\ConnectionException;
-use Icewind\SMB\Exception\Exception;
 use Icewind\SMB\Exception\FileInUseException;
 use Icewind\SMB\Exception\InvalidTypeException;
-use Icewind\SMB\Exception\NotEmptyException;
 use Icewind\SMB\Exception\NotFoundException;
 use Icewind\Streams\CallbackWrapper;

-class Share implements IShare {
+class Share extends AbstractShare {
 	/**
 	 * @var Server $server
 	 */
@@ -43,6 +39,7 @@ class Share implements IShare {
 	 * @param string $name
 	 */
 	public function __construct($server, $name) {
+		parent::__construct();
 		$this->server = $server;
 		$this->name = $name;
 		$this->parser = new Parser(new TimeZoneProvider($this->server->getHost()));
@@ -57,10 +54,11 @@ class Share implements IShare {
 		if ($this->connection and $this->connection->isValid()) {
 			return;
 		}
-		$command = sprintf('%s --authentication-file=/proc/self/fd/3 //%s/%s',
+		$workgroupArgument = ($this->server->getWorkgroup()) ? ' -W ' . escapeshellarg($this->server->getWorkgroup()) : '';
+		$command = sprintf('%s %s --authentication-file=/proc/self/fd/3 %s',
 			Server::CLIENT,
-			$this->server->getHost(),
-			$this->name
+			$workgroupArgument,
+			escapeshellarg('//' . $this->server->getHost() . '/' . $this->name)
 		);
 		$this->connection = new Connection($command);
 		$this->connection->writeAuthentication($this->server->getUser(), $this->server->getPassword());
@@ -256,18 +254,18 @@ class Share implements IShare {
 	 */
 	public function read($source) {
 		$source = $this->escapePath($source);
-		// close the single quote, open a double quote where we put the single quote...
-		$source = str_replace('\'', '\'"\'"\'', $source);
 		// since returned stream is closed by the caller we need to create a new instance
 		// since we can't re-use the same file descriptor over multiple calls
-		$command = sprintf('%s --authentication-file=/proc/self/fd/3 //%s/%s -c \'get %s /proc/self/fd/5\'',
+		$workgroupArgument = ($this->server->getWorkgroup()) ? ' -W ' . escapeshellarg($this->server->getWorkgroup()) : '';
+		$command = sprintf('%s %s --authentication-file=/proc/self/fd/3 %s',
 			Server::CLIENT,
-			$this->server->getHost(),
-			$this->name,
-			$source
+			$workgroupArgument,
+			escapeshellarg('//' . $this->server->getHost() . '/' . $this->name)
 		);
 		$connection = new Connection($command);
 		$connection->writeAuthentication($this->server->getUser(), $this->server->getPassword());
+		$connection->write('get ' . $source . ' /proc/self/fd/5');
+		$connection->write('exit');
 		$fh = $connection->getFileOutputStream();
 		stream_context_set_option($fh, 'file', 'connection', $connection);
 		return $fh;
@@ -284,23 +282,24 @@ class Share implements IShare {
 	 */
 	public function write($target) {
 		$target = $this->escapePath($target);
-		// close the single quote, open a double quote where we put the single quote...
-		$target = str_replace('\'', '\'"\'"\'', $target);
 		// since returned stream is closed by the caller we need to create a new instance
 		// since we can't re-use the same file descriptor over multiple calls
-		$command = sprintf('%s --authentication-file=/proc/self/fd/3 //%s/%s -c \'put /proc/self/fd/4 %s\'',
+		$workgroupArgument = ($this->server->getWorkgroup()) ? ' -W ' . escapeshellarg($this->server->getWorkgroup()) : '';
+		$command = sprintf('%s %s --authentication-file=/proc/self/fd/3 %s',
 			Server::CLIENT,
-			$this->server->getHost(),
-			$this->name,
-			$target
+			$workgroupArgument,
+			escapeshellarg('//' . $this->server->getHost() . '/' . $this->name)
 		);
-		$connection = new RawConnection($command);
+		$connection = new Connection($command);
 		$connection->writeAuthentication($this->server->getUser(), $this->server->getPassword());
 		$fh = $connection->getFileInputStream();

+		$connection->write('put /proc/self/fd/4 ' . $target);
+		$connection->write('exit');
+
 		// use a close callback to ensure the upload is finished before continuing
 		// this also serves as a way to keep the connection in scope
-		return CallbackWrapper::wrap($fh, null, null, function () use ($connection) {
+		return CallbackWrapper::wrap($fh, null, null, function () use ($connection, $target) {
 			$connection->close(false); // dont terminate, give the upload some time
 		});
 	}
@@ -378,6 +377,7 @@ class Share implements IShare {
 	 * @return string
 	 */
 	protected function escapePath($path) {
+		$this->verifyPath($path);
 		if ($path === '/') {
 			$path = '';
 		}
@@ -1,539 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Licensed under the MIT license:
- * http://opensource.org/licenses/MIT
- */
-
-namespace Icewind\SMB\Test;
-
-use Icewind\SMB\FileInfo;
-
-abstract class AbstractShare extends \PHPUnit_Framework_TestCase {
-	/**
-	 * @var \Icewind\SMB\Server $server
-	 */
-	protected $server;
-
-	/**
-	 * @var \Icewind\SMB\IShare $share
-	 */
-	protected $share;
-
-	/**
-	 * @var string $root
-	 */
-	protected $root;
-
-	protected $config;
-
-	public function tearDown() {
-		try {
-			if ($this->share) {
-				$this->cleanDir($this->root);
-			}
-			unset($this->share);
-		} catch (\Exception $e) {
-			unset($this->share);
-			throw $e;
-		}
-	}
-
-	public function nameProvider() {
-		// / ? < > \ : * | " are illegal characters in path on windows
-		return array(
-			array('simple'),
-			array('with spaces_and-underscores'),
-			array("single'quote'"),
-			array('日本語'),
-			array('url %2F +encode'),
-			array('a somewhat longer filename than the other with more charaters as the all the other filenames'),
-			array('$as#d€££Ö€ßœĚęĘĞĜΣΥΦΩΫ')
-		);
-	}
-
-	public function fileDataProvider() {
-		return array(
-			array('Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua'),
-			array('Mixed language, 日本語　が　わからか and Various _/* characters \\|” €')
-		);
-	}
-
-	public function nameAndDataProvider() {
-		$names = $this->nameProvider();
-		$data = $this->fileDataProvider();
-		$result = array();
-		foreach ($names as $name) {
-			foreach ($data as $text) {
-				$result[] = array($name[0], $text[0]);
-			}
-		}
-		return $result;
-	}
-
-	public function cleanDir($dir) {
-		$content = $this->share->dir($dir);
-		foreach ($content as $metadata) {
-			if ($metadata->isDirectory()) {
-				$this->cleanDir($metadata->getPath());
-			} else {
-				$this->share->del($metadata->getPath());
-			}
-		}
-		$this->share->rmdir($dir);
-	}
-
-	private function getTextFile($text = '') {
-		if (!$text) {
-			$text = 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua';
-		}
-		$file = tempnam('/tmp', 'smb_test_');
-		file_put_contents($file, $text);
-		return $file;
-	}
-
-	public function testListShares() {
-		$shares = $this->server->listShares();
-		foreach ($shares as $share) {
-			if ($share->getName() === $this->config->share) {
-				return;
-			}
-		}
-		$this->fail('Share "' . $this->config->share . '" not found');
-	}
-
-	public function testRootStartsEmpty() {
-		$this->assertEquals(array(), $this->share->dir($this->root));
-	}
-
-	/**
-	 * @dataProvider nameProvider
-	 */
-	public function testMkdir($name) {
-		$this->share->mkdir($this->root . '/' . $name);
-		$dirs = $this->share->dir($this->root);
-		$this->assertCount(1, $dirs);
-		$this->assertEquals($name, $dirs[0]->getName());
-		$this->assertTrue($dirs[0]->isDirectory());
-	}
-
-	/**
-	 * @dataProvider nameProvider
-	 */
-	public function testRenameDirectory($name) {
-		$this->share->mkdir($this->root . '/' . $name);
-		$this->share->rename($this->root . '/' . $name, $this->root . '/' . $name . '_rename');
-		$dirs = $this->share->dir($this->root);
-		$this->assertEquals(1, count($dirs));
-		$this->assertEquals($name . '_rename', $dirs[0]->getName());
-	}
-
-	/**
-	 * @dataProvider nameProvider
-	 */
-	public function testRmdir($name) {
-		$this->share->mkdir($this->root . '/' . $name);
-		$this->share->rmdir($this->root . '/' . $name);
-		$this->assertCount(0, $this->share->dir($this->root));
-	}
-
-	/**
-	 * @dataProvider nameAndDataProvider
-	 */
-	public function testPut($name, $text) {
-		$tmpFile = $this->getTextFile($text);
-		$size = filesize($tmpFile);
-
-		$this->share->put($tmpFile, $this->root . '/' . $name);
-		unlink($tmpFile);
-
-		$files = $this->share->dir($this->root);
-		$this->assertCount(1, $files);
-		$this->assertEquals($name, $files[0]->getName());
-		$this->assertEquals($size, $files[0]->getSize());
-		$this->assertFalse($files[0]->isDirectory());
-	}
-
-	/**
-	 * @dataProvider nameProvider
-	 */
-	public function testRenameFile($name) {
-		$tmpFile = $this->getTextFile();
-
-		$this->share->put($tmpFile, $this->root . '/' . $name);
-		unlink($tmpFile);
-
-		$this->share->rename($this->root . '/' . $name, $this->root . '/' . $name . '_renamed');
-
-		$files = $this->share->dir($this->root);
-		$this->assertEquals(1, count($files));
-		$this->assertEquals($name . '_renamed', $files[0]->getName());
-	}
-
-	/**
-	 * @dataProvider nameAndDataProvider
-	 */
-	public function testGet($name, $text) {
-		$tmpFile = $this->getTextFile($text);
-
-		$this->share->put($tmpFile, $this->root . '/' . $name);
-		unlink($tmpFile);
-
-		$targetFile = tempnam('/tmp', 'smb_test_');
-		$this->share->get($this->root . '/' . $name, $targetFile);
-
-		$this->assertEquals($text, file_get_contents($targetFile));
-		unlink($targetFile);
-	}
-
-	/**
-	 * @dataProvider nameProvider
-	 */
-	public function testDel($name) {
-		$tmpFile = $this->getTextFile();
-
-		$this->share->put($tmpFile, $this->root . '/' . $name);
-		unlink($tmpFile);
-
-		$this->share->del($this->root . '/' . $name);
-		$this->assertCount(0, $this->share->dir($this->root));
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testCreateFolderInNonExistingFolder() {
-		$this->share->mkdir($this->root . '/foo/bar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testRemoveFolderInNonExistingFolder() {
-		$this->share->rmdir($this->root . '/foo/bar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testRemoveNonExistingFolder() {
-		$this->share->rmdir($this->root . '/foo');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\AlreadyExistsException
-	 */
-	public function testCreateExistingFolder() {
-		$this->share->mkdir($this->root . '/bar');
-		$this->share->mkdir($this->root . '/bar');
-		$this->share->rmdir($this->root . '/bar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\InvalidTypeException
-	 */
-	public function testCreateFileExistingFolder() {
-		$this->share->mkdir($this->root . '/bar');
-		$this->share->put($this->getTextFile(), $this->root . '/bar');
-		$this->share->rmdir($this->root . '/bar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testCreateFileInNonExistingFolder() {
-		$this->share->put($this->getTextFile(), $this->root . '/foo/bar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testTestRemoveNonExistingFile() {
-		$this->share->del($this->root . '/foo');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testDownloadNonExistingFile() {
-		$this->share->get($this->root . '/foo', '/dev/null');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\InvalidTypeException
-	 */
-	public function testDownloadFolder() {
-		$this->share->mkdir($this->root . '/foobar');
-		$this->share->get($this->root . '/foobar', '/dev/null');
-		$this->share->rmdir($this->root . '/foobar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\InvalidTypeException
-	 */
-	public function testDelFolder() {
-		$this->share->mkdir($this->root . '/foobar');
-		$this->share->del($this->root . '/foobar');
-		$this->share->rmdir($this->root . '/foobar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\InvalidTypeException
-	 */
-	public function testRmdirFile() {
-		$this->share->put($this->getTextFile(), $this->root . '/foobar');
-		$this->share->rmdir($this->root . '/foobar');
-		$this->share->del($this->root . '/foobar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotEmptyException
-	 */
-	public function testRmdirNotEmpty() {
-		$this->share->mkdir($this->root . '/foobar');
-		$this->share->put($this->getTextFile(), $this->root . '/foobar/asd');
-		$this->share->rmdir($this->root . '/foobar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testDirNonExisting() {
-		$this->share->dir('/foobar/asd');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testRmDirNonExisting() {
-		$this->share->rmdir('/foobar/asd');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testRenameNonExisting() {
-		$this->share->rename('/foobar/asd', '/foobar/bar');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testRenameTargetNonExisting() {
-		$txt = $this->getTextFile();
-		$this->share->put($txt, $this->root . '/foo.txt');
-		unlink($txt);
-		$this->share->rename($this->root . '/foo.txt', $this->root . '/bar/foo.txt');
-	}
-
-	public function testModifiedDate() {
-		$now = time();
-		$this->share->put($this->getTextFile(), $this->root . '/foo.txt');
-		$dir = $this->share->dir($this->root);
-		$mtime = $dir[0]->getMTime();
-		$this->assertTrue(abs($now - $mtime) <= 2, 'Modified time differs by ' . abs($now - $mtime) . ' seconds');
-		$this->share->del($this->root . '/foo.txt');
-	}
-
-	/**
-	 * @dataProvider nameAndDataProvider
-	 */
-	public function testReadStream($name, $text) {
-		$sourceFile = $this->getTextFile($text);
-		$this->share->put($sourceFile, $this->root . '/' . $name);
-		$fh = $this->share->read($this->root . '/' . $name);
-		$content = stream_get_contents($fh);
-		fclose($fh);
-		$this->share->del($this->root . '/' . $name);
-
-		$this->assertEquals(file_get_contents($sourceFile), $content);
-	}
-
-	/**
-	 * @dataProvider nameAndDataProvider
-	 */
-	public function testWriteStream($name, $text) {
-		$fh = $this->share->write($this->root . '/' . $name);
-		fwrite($fh, $text);
-		fclose($fh);
-
-		$tmpFile1 = tempnam('/tmp', 'smb_test_');
-		$this->share->get($this->root . '/' . $name, $tmpFile1);
-		$this->assertEquals($text, file_get_contents($tmpFile1));
-		$this->share->del($this->root . '/' . $name);
-		unlink($tmpFile1);
-	}
-
-	public function testDir() {
-		$txtFile = $this->getTextFile();
-
-		$this->share->mkdir($this->root . '/dir');
-		$this->share->put($txtFile, $this->root . '/file.txt');
-		unlink($txtFile);
-
-		$dir = $this->share->dir($this->root);
-		if ($dir[0]->getName() === 'dir') {
-			$dirEntry = $dir[0];
-		} else {
-			$dirEntry = $dir[1];
-		}
-		$this->assertTrue($dirEntry->isDirectory());
-		$this->assertFalse($dirEntry->isReadOnly());
-		$this->assertFalse($dirEntry->isReadOnly());
-
-		if ($dir[0]->getName() === 'file.txt') {
-			$fileEntry = $dir[0];
-		} else {
-			$fileEntry = $dir[1];
-		}
-		$this->assertFalse($fileEntry->isDirectory());
-		$this->assertFalse($fileEntry->isReadOnly());
-		$this->assertFalse($fileEntry->isReadOnly());
-	}
-
-	/**
-	 * @dataProvider nameProvider
-	 */
-	public function testStat($name) {
-		$txtFile = $this->getTextFile();
-		$size = filesize($txtFile);
-
-		$this->share->put($txtFile, $this->root . '/' . $name);
-		unlink($txtFile);
-
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertEquals($size, $info->getSize());
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\NotFoundException
-	 */
-	public function testStatNonExisting() {
-		$this->share->stat($this->root . '/fo.txt');
-	}
-
-	/**
-	 * note setting archive and system bit is not supported
-	 *
-	 * @dataProvider nameProvider
-	 */
-	public function testSetMode($name) {
-		$txtFile = $this->getTextFile();
-
-		$this->share->put($txtFile, $this->root . '/' . $name);
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_NORMAL);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertFalse($info->isReadOnly());
-		$this->assertFalse($info->isArchived());
-		$this->assertFalse($info->isSystem());
-		$this->assertFalse($info->isHidden());
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_READONLY);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertTrue($info->isReadOnly());
-		$this->assertFalse($info->isArchived());
-		$this->assertFalse($info->isSystem());
-		$this->assertFalse($info->isHidden());
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_ARCHIVE);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertFalse($info->isReadOnly());
-		$this->assertTrue($info->isArchived());
-		$this->assertFalse($info->isSystem());
-		$this->assertFalse($info->isHidden());
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_READONLY | FileInfo::MODE_ARCHIVE);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertTrue($info->isReadOnly());
-		$this->assertTrue($info->isArchived());
-		$this->assertFalse($info->isSystem());
-		$this->assertFalse($info->isHidden());
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_HIDDEN);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertFalse($info->isReadOnly());
-		$this->assertFalse($info->isArchived());
-		$this->assertFalse($info->isSystem());
-		$this->assertTrue($info->isHidden());
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_SYSTEM);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertFalse($info->isReadOnly());
-		$this->assertFalse($info->isArchived());
-		$this->assertTrue($info->isSystem());
-		$this->assertFalse($info->isHidden());
-
-		$this->share->setMode($this->root . '/' . $name, FileInfo::MODE_NORMAL);
-		$info = $this->share->stat($this->root . '/' . $name);
-		$this->assertFalse($info->isReadOnly());
-		$this->assertFalse($info->isArchived());
-		$this->assertFalse($info->isSystem());
-		$this->assertFalse($info->isHidden());
-	}
-
-	public function pathProvider() {
-		// / ? < > \ : * | " are illegal characters in path on windows
-		return array(
-			array('dir/sub/foo.txt'),
-			array('bar.txt'),
-			array("single'quote'/sub/foo.txt"),
-			array('日本語/url %2F +encode/asd.txt'),
-			array(
-				'a somewhat longer folder than the other with more charaters as the all the other filenames/' .
-				'followed by a somewhat long file name after that.txt'
-			)
-		);
-	}
-
-	/**
-	 * @dataProvider pathProvider
-	 */
-	public function testSubDirs($path) {
-		$dirs = explode('/', $path);
-		$name = array_pop($dirs);
-		$fullPath = '';
-		foreach ($dirs as $dir) {
-			$fullPath .= '/' . $dir;
-			$this->share->mkdir($this->root . $fullPath);
-		}
-		$txtFile = $this->getTextFile();
-		$size = filesize($txtFile);
-		$this->share->put($txtFile, $this->root . $fullPath . '/' . $name);
-		unlink($txtFile);
-		$info = $this->share->stat($this->root . $fullPath . '/' . $name);
-		$this->assertEquals($size, $info->getSize());
-		$this->assertFalse($info->isHidden());
-	}
-
-	public function testDelAfterStat() {
-		$name = 'foo.txt';
-		$txtFile = $this->getTextFile();
-
-		$this->share->put($txtFile, $this->root . '/' . $name);
-		unlink($txtFile);
-
-		$this->share->stat($this->root . '/' . $name);
-		$this->share->del($this->root . '/foo.txt');
-	}
-
-	/**
-	 * @param $name
-	 * @dataProvider nameProvider
-	 */
-	public function testDirPaths($name) {
-		$txtFile = $this->getTextFile();
-		$this->share->mkdir($this->root . '/' . $name);
-		$this->share->put($txtFile, $this->root . '/' . $name . '/' . $name);
-		unlink($txtFile);
-
-		$content = $this->share->dir($this->root . '/' . $name);
-		$this->assertCount(1, $content);
-		$this->assertEquals($name, $content[0]->getName());
-	}
-
-	public function testStatRoot() {
-		$info = $this->share->stat('/');
-		$this->assertInstanceOf('\Icewind\SMB\IFileInfo', $info);
-	}
-}
@@ -1,27 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Licensed under the MIT license:
- * http://opensource.org/licenses/MIT
- */
-
-namespace Icewind\SMB\Test;
-
-use Icewind\SMB\NativeServer;
-
-class NativeShare extends AbstractShare {
-	public function setUp() {
-		if (!function_exists('smbclient_state_new')) {
-			$this->markTestSkipped('libsmbclient php extension not installed');
-		}
-		$this->config = json_decode(file_get_contents(__DIR__ . '/config.json'));
-		$this->server = new NativeServer($this->config->host, $this->config->user, $this->config->password);
-		$this->share = $this->server->getShare($this->config->share);
-		if ($this->config->root) {
-			$this->root = '/' . $this->config->root . '/' . uniqid();
-		} else {
-			$this->root = '/' . uniqid();
-		}
-		$this->share->mkdir($this->root);
-	}
-}
@@ -1,143 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Licensed under the MIT license:
- * http://opensource.org/licenses/MIT
- */
-
-namespace Icewind\SMB\Test;
-
-use Icewind\SMB\NativeServer;
-
-class NativeStream extends \PHPUnit_Framework_TestCase {
-	/**
-	 * @var \Icewind\SMB\Server $server
-	 */
-	protected $server;
-
-	/**
-	 * @var \Icewind\SMB\NativeShare $share
-	 */
-	protected $share;
-
-	/**
-	 * @var string $root
-	 */
-	protected $root;
-
-	protected $config;
-
-	public function setUp() {
-		if (!function_exists('smbclient_state_new')) {
-			$this->markTestSkipped('libsmbclient php extension not installed');
-		}
-		$this->config = json_decode(file_get_contents(__DIR__ . '/config.json'));
-		$this->server = new NativeServer($this->config->host, $this->config->user, $this->config->password);
-		$this->share = $this->server->getShare($this->config->share);
-		if ($this->config->root) {
-			$this->root = '/' . $this->config->root . '/' . uniqid();
-		} else {
-			$this->root = '/' . uniqid();
-		}
-		$this->share->mkdir($this->root);
-	}
-
-	private function getTextFile() {
-		$text = 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua';
-		$file = tempnam('/tmp', 'smb_test_');
-		file_put_contents($file, $text);
-		return $file;
-	}
-
-	public function testSeekTell() {
-		$sourceFile = $this->getTextFile();
-		$this->share->put($sourceFile, $this->root . '/foobar');
-		$fh = $this->share->read($this->root . '/foobar');
-		$content = fread($fh, 3);
-		$this->assertEquals('Lor', $content);
-
-		fseek($fh, -2, SEEK_CUR);
-
-		$content = fread($fh, 3);
-		$this->assertEquals('ore', $content);
-
-		fseek($fh, 3, SEEK_SET);
-
-		$content = fread($fh, 3);
-		$this->assertEquals('em ', $content);
-
-		fseek($fh, -3, SEEK_END);
-
-		$content = fread($fh, 3);
-		$this->assertEquals('qua', $content);
-
-		fseek($fh, -3, SEEK_END);
-		$this->assertEquals(120, ftell($fh));
-	}
-
-	public function testStat() {
-		$sourceFile = $this->getTextFile();
-		$this->share->put($sourceFile, $this->root . '/foobar');
-		$fh = $this->share->read($this->root . '/foobar');
-		$stat = fstat($fh);
-		$this->assertEquals(filesize($sourceFile), $stat['size']);
-		unlink($sourceFile);
-	}
-
-	public function testTruncate() {
-		if (version_compare(phpversion(), '5.4.0', '<')) {
-			$this->markTestSkipped('php <5.4 doesn\'t support truncate for stream wrappers');
-		}
-		$fh = $this->share->write($this->root . '/foobar');
-		fwrite($fh, 'foobar');
-		ftruncate($fh, 3);
-		fclose($fh);
-
-		$fh = $this->share->read($this->root . '/foobar');
-		$this->assertEquals('foo', stream_get_contents($fh));
-	}
-
-	public function testEOF() {
-		if (version_compare(phpversion(), '5.4.0', '<')) {
-			$this->markTestSkipped('php <5.4 doesn\'t support truncate for stream wrappers');
-		}
-		$fh = $this->share->write($this->root . '/foobar');
-		fwrite($fh, 'foobar');
-		fclose($fh);
-
-		$fh = $this->share->read($this->root . '/foobar');
-		fread($fh, 3);
-		$this->assertFalse(feof($fh));
-		fread($fh, 5);
-		$this->assertTrue(feof($fh));
-	}
-
-	public function testLockUnsupported() {
-		$fh = $this->share->write($this->root . '/foobar');
-		$this->assertFalse(flock($fh, LOCK_SH));
-	}
-
-	public function testSetOptionUnsupported() {
-		$fh = $this->share->write($this->root . '/foobar');
-		$this->assertFalse(stream_set_blocking($fh, false));
-	}
-
-	public function tearDown() {
-		if ($this->share) {
-			$this->cleanDir($this->root);
-		}
-		unset($this->share);
-	}
-
-	public function cleanDir($dir) {
-		$content = $this->share->dir($dir);
-		foreach ($content as $metadata) {
-			if ($metadata->isDirectory()) {
-				$this->cleanDir($metadata->getPath());
-			} else {
-				$this->share->del($metadata->getPath());
-			}
-		}
-		$this->share->rmdir($dir);
-	}
-}
@@ -1,103 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Licensed under the MIT license:
- * http://opensource.org/licenses/MIT
- */
-
-namespace Icewind\SMB\Test;
-
-
-use Icewind\SMB\FileInfo;
-
-class Parser extends \PHPUnit_Framework_TestCase {
-	public function modeProvider() {
-		return array(
-			array('D', FileInfo::MODE_DIRECTORY),
-			array('A', FileInfo::MODE_ARCHIVE),
-			array('S', FileInfo::MODE_SYSTEM),
-			array('H', FileInfo::MODE_HIDDEN),
-			array('R', FileInfo::MODE_READONLY),
-			array('N', FileInfo::MODE_NORMAL),
-			array('RA', FileInfo::MODE_READONLY | FileInfo::MODE_ARCHIVE),
-			array('RAH', FileInfo::MODE_READONLY | FileInfo::MODE_ARCHIVE | FileInfo::MODE_HIDDEN)
-		);
-	}
-
-	/**
-	 * @param string $timeZone
-	 * @return \Icewind\SMB\TimeZoneProvider
-	 */
-	private function getTimeZoneProvider($timeZone) {
-		$mock = $this->getMockBuilder('\Icewind\SMB\TimeZoneProvider')
-			->disableOriginalConstructor()
-			->getMock();
-		$mock->expects($this->any())
-			->method('get')
-			->will($this->returnValue($timeZone));
-		return $mock;
-	}
-
-	/**
-	 * @dataProvider modeProvider
-	 */
-	public function testParseMode($string, $mode) {
-		$parser = new \Icewind\SMB\Parser($this->getTimeZoneProvider('UTC'));
-		$this->assertEquals($mode, $parser->parseMode($string), 'Failed parsing ' . $string);
-	}
-
-	public function statProvider() {
-		return array(
-			array(
-				array(
-					'altname: test.txt',
-					'create_time:    Sat Oct 12 07:05:58 PM 2013 CEST',
-					'access_time:    Tue Oct 15 02:58:48 PM 2013 CEST',
-					'write_time:     Sat Oct 12 07:05:58 PM 2013 CEST',
-					'change_time:    Sat Oct 12 07:05:58 PM 2013 CEST',
-					'attributes:  (80)',
-					'stream: [::$DATA], 29634 bytes'
-				),
-				array(
-					'mtime' => strtotime('12 Oct 2013 19:05:58 CEST'),
-					'mode' => FileInfo::MODE_NORMAL,
-					'size' => 29634
-				)
-			)
-		);
-	}
-
-	/**
-	 * @dataProvider statProvider
-	 */
-	public function testStat($output, $stat) {
-		$parser = new \Icewind\SMB\Parser($this->getTimeZoneProvider('UTC'));
-		$this->assertEquals($stat, $parser->parseStat($output));
-	}
-
-	public function dirProvider() {
-		return array(
-			array(
-				array(
-					'  .                                   D        0  Tue Aug 26 19:11:56 2014',
-					'  ..                                 DR        0  Sun Oct 28 15:24:02 2012',
-					'  c.pdf                               N    29634  Sat Oct 12 19:05:58 2013',
-					'',
-					'                62536 blocks of size 8388608. 57113 blocks available'
-				),
-				array(
-					new FileInfo('/c.pdf', 'c.pdf', 29634, strtotime('12 Oct 2013 19:05:58 CEST'),
-						FileInfo::MODE_NORMAL)
-				)
-			)
-		);
-	}
-
-	/**
-	 * @dataProvider dirProvider
-	 */
-	public function testDir($output, $dir) {
-		$parser = new \Icewind\SMB\Parser($this->getTimeZoneProvider('CEST'));
-		$this->assertEquals($dir, $parser->parseDir($output, ''));
-	}
-}
@@ -1,57 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Licensed under the MIT license:
- * http://opensource.org/licenses/MIT
- */
-
-namespace Icewind\SMB\Test;
-
-class Server extends \PHPUnit_Framework_TestCase {
-	/**
-	 * @var \Icewind\SMB\Server $server
-	 */
-	private $server;
-
-	private $config;
-
-	public function setUp() {
-		$this->config = json_decode(file_get_contents(__DIR__ . '/config.json'));
-		$this->server = new \Icewind\SMB\Server($this->config->host, $this->config->user, $this->config->password);
-	}
-
-	public function testListShares() {
-		$shares = $this->server->listShares();
-		foreach ($shares as $share) {
-			if ($share->getName() === $this->config->share) {
-				return;
-			}
-		}
-		$this->fail('Share "' . $this->config->share . '" not found');
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\AuthenticationException
-	 */
-	public function testWrongUserName() {
-		$this->markTestSkipped('This fails for no reason on travis');
-		$server = new \Icewind\SMB\Server($this->config->host, uniqid(), uniqid());
-		$server->listShares();
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\AuthenticationException
-	 */
-	public function testWrongPassword() {
-		$server = new \Icewind\SMB\Server($this->config->host, $this->config->user, uniqid());
-		$server->listShares();
-	}
-
-	/**
-	 * @expectedException \Icewind\SMB\Exception\InvalidHostException
-	 */
-	public function testWrongHost() {
-		$server = new \Icewind\SMB\Server(uniqid(), $this->config->user, $this->config->password);
-		$server->listShares();
-	}
-}
@@ -1,24 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
- * This file is licensed under the Licensed under the MIT license:
- * http://opensource.org/licenses/MIT
- */
-
-namespace Icewind\SMB\Test;
-
-use Icewind\SMB\Server as NormalServer;
-
-class Share extends AbstractShare {
-	public function setUp() {
-		$this->config = json_decode(file_get_contents(__DIR__ . '/config.json'));
-		$this->server = new NormalServer($this->config->host, $this->config->user, $this->config->password);
-		$this->share = $this->server->getShare($this->config->share);
-		if ($this->config->root) {
-			$this->root = '/' . $this->config->root . '/' . uniqid();
-		} else {
-			$this->root = '/' . uniqid();
-		}
-		$this->share->mkdir($this->root);
-	}
-}
@@ -1,7 +0,0 @@
-{
-	"host": "localhost",
-	"user": "test",
-	"password": "test",
-	"share": "test",
-	"root": "test"
-}
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<phpunit bootstrap="bootstrap.php">
-	<testsuite name='SMB'>
-		<directory suffix='.php'>./</directory>
-	</testsuite>
-</phpunit>
@@ -39,6 +39,7 @@ if (isset($_POST['client_id']) && isset($_POST['client_secret']) && isset($_POST
 	$client->setClientSecret((string)$_POST['client_secret']);
 	$client->setRedirectUri((string)$_POST['redirect']);
 	$client->setScopes(array('https://www.googleapis.com/auth/drive'));
+	$client->setApprovalPrompt('force');
 	$client->setAccessType('offline');
 	if (isset($_POST['step'])) {
 		$step = $_POST['step'];
@@ -90,6 +90,15 @@ abstract class StoragesController extends Controller {
 		}

 		// TODO: validate that other attrs are set
+		if ($storage->getBackendOption('objectstore')) {
+			// objectstore must not be sent from client side
+			return new DataResponse(
+				array(
+					'message' => (string)$this->l10n->t('Objectstore forbidden')
+				),
+				Http::STATUS_UNPROCESSABLE_ENTITY
+			);
+		}

 		$backends = \OC_Mount_Config::getBackends();
 		if (!isset($backends[$storage->getBackendClass()])) {
@@ -1,6 +0,0 @@
-OC.L10N.register(
-    "files_external",
-    {
-    "Password" : "Secret Code"
-},
-"nplurals=2; plural=(n != 1);");
@@ -1,4 +0,0 @@
-{ "translations": {
-    "Password" : "Secret Code"
-},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
@@ -121,7 +121,7 @@ class AmazonS3 extends \OC\Files\Storage\Common {
 		$params['region'] = empty($params['region']) ? 'eu-west-1' : $params['region'];
 		$params['hostname'] = empty($params['hostname']) ? 's3.amazonaws.com' : $params['hostname'];
 		if (!isset($params['port']) || $params['port'] === '') {
-			$params['port'] = ($params['use_ssl'] === 'false') ? 80 : 443;
+			$params['port'] = ($params['use_ssl'] === false || $params['use_ssl'] === 'false') ? 80 : 443;
 		}
 		$this->params = $params;
 	}
@@ -586,7 +586,7 @@ class AmazonS3 extends \OC\Files\Storage\Common {
 			return $this->connection;
 		}

-		$scheme = ($this->params['use_ssl'] === 'false') ? 'http' : 'https';
+		$scheme = ($this->params['use_ssl'] === false || $this->params['use_ssl'] === 'false') ? 'http' : 'https';
 		$base_url = $scheme . '://' . $this->params['hostname'] . ':' . $this->params['port'] . '/';

 		$this->connection = S3Client::factory(array(
@@ -297,7 +297,9 @@ class OC_Mount_Config {
 				}
 			}
 		} else {
-			$input = str_replace('$user', $user, $input);
+			if (is_string($input)) {
+				$input = str_replace('$user', $user, $input);
+			}
 		}
 		return $input;
 	}
@@ -291,6 +291,8 @@ class Google extends \OC\Files\Storage\Common {
 				}
 				$pageToken = $children->getNextPageToken();
 			}
+			// reindex values to compensate for removed duplicates
+			$files = array_values($files);
 			\OC\Files\Stream\Dir::register('google'.$path, $files);
 			return opendir('fakedir://google'.$path);
 		} else {
@@ -35,6 +35,7 @@ use Icewind\SMB\NativeServer;
 use Icewind\SMB\Server;
 use Icewind\Streams\CallbackWrapper;
 use Icewind\Streams\IteratorDirectory;
+use OC\Cache\CappedMemoryCache;
 use OC\Files\Filesystem;

 class SMB extends Common {
@@ -48,10 +49,15 @@ class SMB extends Common {
 	 */
 	protected $share;

+	/**
+	 * @var string
+	 */
+	protected $root;
+
 	/**
 	 * @var \Icewind\SMB\FileInfo[]
 	 */
-	protected $statCache = array();
+	protected $statCache;

 	public function __construct($params) {
 		if (isset($params['host']) && isset($params['user']) && isset($params['password']) && isset($params['share'])) {
@@ -72,13 +78,17 @@ class SMB extends Common {
 		} else {
 			throw new \Exception('Invalid configuration');
 		}
+		$this->statCache = new CappedMemoryCache();
 	}

 	/**
 	 * @return string
 	 */
 	public function getId() {
-		return 'smb::' . $this->server->getUser() . '@' . $this->server->getHost() . '/' . $this->share->getName() . '/' . $this->root;
+		// FIXME: double slash to keep compatible with the old storage ids,
+		// failure to do so will lead to creation of a new storage id and
+		// loss of shares from the storage
+		return 'smb::' . $this->server->getUser() . '@' . $this->server->getHost() . '//' . $this->share->getName() . '/' . $this->root;
 	}

 	/**
@@ -295,7 +305,9 @@ class SMB extends Common {
 	 * check if smbclient is installed
 	 */
 	public static function checkDependencies() {
-		$smbClientExists = (bool)\OC_Helper::findBinaryPath('smbclient');
-		return $smbClientExists ? true : array('smbclient');
+		return (
+			(bool)\OC_Helper::findBinaryPath('smbclient')
+			|| Server::NativeAvailable()
+		) ? true : ['smbclient'];
 	}
 }
@@ -39,7 +39,7 @@ class SMB_OC extends SMB {
 	public function __construct($params) {
 		if (isset($params['host'])) {
 			$host = $params['host'];
-			$this->username_as_share = ($params['username_as_share'] === 'true');
+			$this->username_as_share = ($params['username_as_share'] === true);

 			// dummy credentials, unused, to satisfy constructor
 			$user = 'foo';
@@ -173,6 +173,25 @@ class StorageConfig implements \JsonSerializable {
 		$this->backendOptions = $backendOptions;
 	}

+	/**
+	 * @param string $option
+	 * @return mixed
+	 */
+	public function getBackendOption($key) {
+		if (isset($this->backendOptions[$key])) {
+			return $this->backendOptions[$key];
+		}
+		return null;
+	}
+
+	/**
+	 * @param string $option
+	 * @param mixed $value
+	 */
+	public function setBackendOption($key, $value) {
+		$this->backendOptions[$key] = $value;
+	}
+
 	/**
 	 * Returns the mount priority
 	 *
@@ -40,8 +40,11 @@ abstract class StreamWrapper extends Common {
 	}

 	public function rmdir($path) {
-		if ($this->file_exists($path) && $this->isDeletable($path)) {
+		if ($this->is_dir($path) && $this->isDeletable($path)) {
 			$dh = $this->opendir($path);
+			if (!is_resource($dh)) {
+				return false;
+			}
 			while (($file = readdir($dh)) !== false) {
 				if ($this->is_dir($path . '/' . $file)) {
 					$this->rmdir($path . '/' . $file);
@@ -352,10 +352,14 @@ abstract class StoragesService {
 		if (!isset($allStorages[$id])) {
 			throw new NotFoundException('Storage with id "' . $id . '" not found');
 		}
-
 		$oldStorage = $allStorages[$id];
-		$allStorages[$id] = $updatedStorage;

+		// ensure objectstore is persistent
+		if ($objectstore = $oldStorage->getBackendOption('objectstore')) {
+			$updatedStorage->setBackendOption('objectstore', $objectstore);
+		}
+
+		$allStorages[$id] = $updatedStorage;
 		$this->writeConfig($allStorages);

 		$this->triggerChangeHooks($oldStorage, $updatedStorage);
@@ -60,7 +60,7 @@
 								<?php elseif (strpos($placeholder, '!') === 0): ?>
 									<label><input type="checkbox"
 												  data-parameter="<?php p($parameter); ?>"
-												  <?php if ($value == 'true'): ?> checked="checked"<?php endif; ?>
+												  <?php if ($value === true || $value === 'true'): ?> checked="checked"<?php endif; ?>
 												  /><?php p(substr($placeholder, 1)); ?></label>
 								<?php elseif (strpos($placeholder, '#') === 0): ?>
 									<input type="hidden"
@@ -61,4 +61,16 @@ class SMB extends Storage {
 		$this->assertTrue($result);
 		$this->assertTrue($this->instance->is_dir('foo bar'));
 	}
+
+	public function testStorageId() {
+		$this->instance = new \OC\Files\Storage\SMB([
+			'host' => 'testhost',
+			'user' => 'testuser',
+			'password' => 'somepass',
+			'share' => 'someshare',
+			'root' => 'someroot',
+		]);
+		$this->assertEquals('smb::testuser@testhost//someshare//someroot/', $this->instance->getId());
+		$this->instance = null;
+	}
 }
@@ -38,6 +38,7 @@ if (OCA\Files_Sharing\Helper::isIncomingServer2serverShareEnabled() === false) {
 $token = $_POST['token'];
 $remote = $_POST['remote'];
 $owner = $_POST['owner'];
+$ownerDisplayName = $_POST['ownerDisplayName'];
 $name = $_POST['name'];
 $password = $_POST['password'];

@@ -47,6 +48,14 @@ if(!\OCP\Util::isValidFileName($name)) {
 	exit();
 }

+$currentUser = \OC::$server->getUserSession()->getUser()->getUID();
+$currentServer = \OC::$server->getURLGenerator()->getAbsoluteURL('/');
+if (\OC\Share\Helper::isSameUserOnSameServer($owner, $remote, $currentUser, $currentServer )) {
+	\OCP\JSON::error(array('data' => array('message' => $l->t('Not allowed to create a federated share with the same user server'))));
+	exit();
+}
+
+
 $externalManager = new \OCA\Files_Sharing\External\Manager(
 		\OC::$server->getDatabaseConnection(),
 		\OC\Files\Filesystem::getMountManager(),
@@ -56,11 +65,12 @@ $externalManager = new \OCA\Files_Sharing\External\Manager(
 );

 // check for ssl cert
+
 if (substr($remote, 0, 5) === 'https' and !OC_Util::getUrlContent($remote)) {
 	\OCP\JSON::error(array('data' => array('message' => $l->t('Invalid or untrusted SSL certificate'))));
 	exit;
 } else {
-	$mount = $externalManager->addShare($remote, $token, $password, $name, $owner, true);
+	$mount = $externalManager->addShare($remote, $token, $password, $name, $ownerDisplayName, true);

 	/**
 	 * @var \OCA\Files_Sharing\External\Storage $storage
@@ -170,8 +170,14 @@ class Server2Server {
 			$query = \OCP\DB::prepare('DELETE FROM `*PREFIX*share_external` WHERE `remote_id` = ? AND `share_token` = ?');
 			$query->execute(array($id, $token));

+			if ($share['accepted']) {
+				$path = trim($mountpoint, '/');
+			} else {
+				$path = trim($share['name'], '/');
+			}
+
 			\OC::$server->getActivityManager()->publishActivity(
-				'files_sharing', \OCA\Files_Sharing\Activity::SUBJECT_REMOTE_SHARE_UNSHARED, array($owner, $mountpoint), '', array(),
+				'files_sharing', \OCA\Files_Sharing\Activity::SUBJECT_REMOTE_SHARE_UNSHARED, array($owner, $path), '', array(),
 				'', '', $user, \OCA\Files_Sharing\Activity::TYPE_REMOTE_SHARE, \OCA\Files_Sharing\Activity::PRIORITY_MEDIUM);
 		}

@@ -39,9 +39,6 @@ $l = \OC::$server->getL10N('files_sharing');
 \OC::$CLASSPATH['OCA\Files\Share\Maintainer'] = 'files_sharing/lib/maintainer.php';
 \OC::$CLASSPATH['OCA\Files\Share\Proxy'] = 'files_sharing/lib/proxy.php';

-// Exceptions
-\OC::$CLASSPATH['OCA\Files_Sharing\Exceptions\BrokenPath'] = 'files_sharing/lib/exceptions.php';
-
 $application = new Application();
 $application->registerMountProviders();
 $application->setupPropagation();
@@ -55,11 +52,10 @@ $application->setupPropagation();
 \OCP\Share::registerBackend('folder', 'OC_Share_Backend_Folder', 'file');

 \OCP\Util::addScript('files_sharing', 'share');
-\OCP\Util::addScript('files_sharing', 'external');

-// FIXME: registering a job here will cause additional useless SQL queries
-// when the route is not cron.php, needs a better way
-\OC::$server->getJobList()->add('OCA\Files_sharing\Lib\DeleteOrphanedSharesJob');
+if (\OC::$server->getConfig()->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'yes') {
+	\OCP\Util::addScript('files_sharing', 'external');
+}

 \OC::$server->getActivityManager()->registerExtension(function() {
 		return new \OCA\Files_Sharing\Activity(
@@ -59,7 +59,6 @@ class Application extends App {
 			return new ExternalSharesController(
 				$c->query('AppName'),
 				$c->query('Request'),
-				$c->query('IsIncomingShareEnabled'),
 				$c->query('ExternalManager')
 			);
 		});
@@ -76,9 +75,6 @@ class Application extends App {
 		$container->registerService('UserManager', function (SimpleContainer $c) use ($server) {
 			return $server->getUserManager();
 		});
-		$container->registerService('IsIncomingShareEnabled', function (SimpleContainer $c) {
-			return Helper::isIncomingServer2serverShareEnabled();
-		});
 		$container->registerService('ExternalManager', function (SimpleContainer $c) use ($server) {
 			$user = $server->getUserSession()->getUser();
 			$uid = $user ? $user->getUID() : null;
@@ -98,7 +94,8 @@ class Application extends App {
 			return new SharingCheckMiddleware(
 				$c->query('AppName'),
 				$server->getConfig(),
-				$server->getAppManager()
+				$server->getAppManager(),
+				$c['ControllerMethodReflector']
 			);
 		});

@@ -19,5 +19,4 @@ Turning the feature off removes shared files and folders on the server for all s
 		<files>public.php</files>
 		<webdav>publicwebdav.php</webdav>
 	</public>
-	<ocsid>166050</ocsid>
 </info>
@@ -0,0 +1,22 @@
+<?php
+/**
+ * @author Joas Schilling <nickvergessen@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+\OC::$server->getJobList()->add('OCA\Files_sharing\Lib\DeleteOrphanedSharesJob');
@@ -28,3 +28,4 @@ if (version_compare($installedVersion, '0.6.0', '<')) {
 	$m->addAcceptRow();
 }

+\OC::$server->getJobList()->add('OCA\Files_sharing\Lib\DeleteOrphanedSharesJob');
@@ -1 +1 @@
-0.6.1
+0.6.3
@@ -72,7 +72,7 @@ thead {
 }

 /* keep long file names in one line to not overflow download button on mobile */
-.directDownload #download {
+.directDownload #downloadFile {
 	white-space: nowrap;
 	overflow: hidden;
 	text-overflow: ellipsis;
@@ -19,7 +19,7 @@
 	 */
 	OCA.Sharing.showAddExternalDialog = function (share, passwordProtected, callback) {
 		var remote = share.remote;
-		var owner = share.owner;
+		var owner = share.ownerDisplayName || share.owner;
 		var name = share.name;
 		var remoteClean = (remote.substr(0, 8) === 'https://') ? remote.substr(8) : remote.substr(7);

@@ -92,6 +92,7 @@
 							remote: share.remote,
 							token: share.token,
 							owner: share.owner,
+							ownerDisplayName: share.ownerDisplayName || share.owner,
 							name: share.name,
 							password: password}, function(result) {
 							if (result.status === 'error') {
@@ -158,9 +158,18 @@ OCA.Sharing.PublicApp = {
 			};

 			this.fileList.generatePreviewUrl = function (urlSpec) {
+				urlSpec = urlSpec || {};
+				if (!urlSpec.x) {
+					urlSpec.x = 36;
+				}
+				if (!urlSpec.y) {
+					urlSpec.y = 36;
+				}
+				urlSpec.x *= window.devicePixelRatio;
+				urlSpec.y *= window.devicePixelRatio;
+				urlSpec.x = Math.floor(urlSpec.x);
+				urlSpec.y = Math.floor(urlSpec.y);
 				urlSpec.t = $('#dirToken').val();
-				urlSpec.y = Math.floor(36 * window.devicePixelRatio);
-				urlSpec.x = Math.floor(36 * window.devicePixelRatio);
 				return OC.generateUrl('/apps/files_sharing/ajax/publicpreview.php?') + $.param(urlSpec);
 			};

@@ -213,9 +222,10 @@ OCA.Sharing.PublicApp = {
 			var remote = $(this).find('input[type="text"]').val();
 			var token = $('#sharingToken').val();
 			var owner = $('#save').data('owner');
+			var ownerDisplayName = $('#save').data('owner-display-name');
 			var name = $('#save').data('name');
 			var isProtected = $('#save').data('protected') ? 1 : 0;
-			OCA.Sharing.PublicApp._saveToOwnCloud(remote, token, owner, name, isProtected);
+			OCA.Sharing.PublicApp._saveToOwnCloud(remote, token, owner, ownerDisplayName, name, isProtected);
 		});

 		$('#save #save-button').click(function () {
@@ -254,11 +264,11 @@ OCA.Sharing.PublicApp = {
 		this.fileList.changeDirectory(params.path || params.dir, false, true);
 	},

-	_saveToOwnCloud: function (remote, token, owner, name, isProtected) {
+	_saveToOwnCloud: function (remote, token, owner, ownerDisplayName, name, isProtected) {
 		var location = window.location.protocol + '//' + window.location.host + OC.webroot;

 		var url = remote + '/index.php/apps/files#' + 'remote=' + encodeURIComponent(location) // our location is the remote for the other server
-			+ "&token=" + encodeURIComponent(token) + "&owner=" + encodeURIComponent(owner) + "&name=" + encodeURIComponent(name) + "&protected=" + isProtected;
+			+ "&token=" + encodeURIComponent(token) + "&owner=" + encodeURIComponent(owner) +"&ownerDisplayName=" + encodeURIComponent(ownerDisplayName) + "&name=" + encodeURIComponent(name) + "&protected=" + isProtected;


 		if (remote.indexOf('://') > 0) {
@@ -292,15 +302,8 @@ $(document).ready(function () {

 	if (window.Files) {
 		// HACK: for oc-dialogs previews that depends on Files:
-		Files.lazyLoadPreview = function (path, mime, ready, width, height, etag) {
-			return App.fileList.lazyLoadPreview({
-				path: path,
-				mime: mime,
-				callback: ready,
-				width: width,
-				height: height,
-				etag: etag
-			});
+		Files.generatePreviewUrl = function (urlSpec) {
+			return App.fileList.generatePreviewUrl(urlSpec);
 		};
 	}
 });
@@ -25,6 +25,10 @@
 		 * @param {OCA.Files.FileList} fileList file list to be extended
 		 */
 		attach: function(fileList) {
+			// core sharing is disabled/not loaded
+			if (!OC.Share) {
+				return;
+			}
 			if (fileList.id === 'trashbin' || fileList.id === 'files.public') {
 				return;
 			}
@@ -151,7 +155,7 @@
 				var permissions = $tr.data('permissions');
 				var hasLink = !!(shareStatus && shareStatus.link);
 				OC.Share.markFileAsShared($tr, true, hasLink);
-				if ((permissions & OC.PERMISSION_SHARE) === 0) {
+				if ((permissions & OC.PERMISSION_SHARE) === 0 && $tr.attr('data-share-owner')) {
 					// if no share action exists because the admin disabled sharing for this user
 					// we create a share notification action to inform the user about files
 					// shared with him otherwise we just update the existing share action.
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "files_sharing",
-    {
-    "Password" : "Secret Code",
-    "Download" : "Download"
-},
-"nplurals=2; plural=(n != 1);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Password" : "Secret Code",
-    "Download" : "Download"
-},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
@@ -190,12 +190,12 @@ class Activity implements IExtension {
 		if ($app === self::FILES_SHARING_APP) {
 			switch ($text) {
 				case self::SUBJECT_REMOTE_SHARE_RECEIVED:
+				case self::SUBJECT_REMOTE_SHARE_UNSHARED:
 					return array(
 						0 => '',// We can not use 'username' since the user is in a different ownCloud
 					);
 				case self::SUBJECT_REMOTE_SHARE_ACCEPTED:
 				case self::SUBJECT_REMOTE_SHARE_DECLINED:
-				case self::SUBJECT_REMOTE_SHARE_UNSHARED:
 					return array(
 						0 => '',// We can not use 'username' since the user is in a different ownCloud
 						1 => 'file',
@@ -31,6 +31,7 @@

 namespace OC\Files\Cache;

+use OC\User\NoUserException;
 use OCP\Share_Backend_Collection;

 /**
@@ -60,9 +61,14 @@ class Shared_Cache extends Cache {
 		if ($target === false || $target === $this->storage->getMountPoint()) {
 			$target = '';
 		}
-		$source = \OC_Share_Backend_File::getSource($target, $this->storage->getMountPoint(), $this->storage->getItemType());
+		$source = \OC_Share_Backend_File::getSource($target, $this->storage->getShare());
 		if (isset($source['path']) && isset($source['fileOwner'])) {
-			\OC\Files\Filesystem::initMountPoints($source['fileOwner']);
+			try {
+				\OC\Files\Filesystem::initMountPoints($source['fileOwner']);
+			} catch(NoUserException $e) {
+				\OCP\Util::logException('files_sharing', $e);
+				return false;
+			}
 			$mounts = \OC\Files\Filesystem::getMountByNumericId($source['storage']);
 			if (is_array($mounts) and !empty($mounts)) {
 				$fullPath = $mounts[0]->getMountPoint() . $source['path'];
@@ -242,7 +248,7 @@ class Shared_Cache extends Cache {
 	 */
 	protected function getMoveInfo($path) {
 		$cache = $this->getSourceCache($path);
-		$file = \OC_Share_Backend_File::getSource($path, $this->storage->getMountPoint(), $this->storage->getItemType());
+		$file = \OC_Share_Backend_File::getSource($path, $this->storage->getShare());
 		return [$cache->getNumericStorageId(), $file['path']];
 	}

@@ -59,20 +59,20 @@ class Capabilities {
 		$public['enabled'] = $this->config->getAppValue('core', 'shareapi_allow_links', 'yes') === 'yes';
 		if ($public['enabled']) {
 			$public['password'] = [];
-			$public['password']['enforced'] = ($this->config->getAppValue('core', 'shareapi_enforce_links_password', 'yes') === 'yes');
+			$public['password']['enforced'] = ($this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes');

 			$public['expire_date'] = [];
-			$public['expire_date']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_expire_date', 'yes') === 'yes';
+			$public['expire_date']['enabled'] = $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no') === 'yes';
 			if ($public['expire_date']['enabled']) {
 				$public['expire_date']['days'] = $this->config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
-				$public['expire_date']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'yes') === 'yes';
+				$public['expire_date']['enforced'] = $this->config->getAppValue('core', 'shareapi_enforce_expire_date', 'no') === 'yes';
 			}

-			$public['send_mail'] = $this->config->getAppValue('core', 'shareapi_allow_public_notification', 'yes') === 'yes';
+			$public['send_mail'] = $this->config->getAppValue('core', 'shareapi_allow_public_notification', 'no') === 'yes';
 		}
 		$res["public"] = $public;

-		$res['user']['send_mail'] = $this->config->getAppValue('core', 'shareapi_allow_mail_notification', 'yes') === 'yes';
+		$res['user']['send_mail'] = $this->config->getAppValue('core', 'shareapi_allow_mail_notification', 'no') === 'yes';

 		$res['resharing'] = $this->config->getAppValue('core', 'shareapi_allow_resharing', 'yes') === 'yes';

@@ -60,6 +60,11 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 			return false;
 		}

+		if ((int)$linkItem['share_type'] === \OCP\Share::SHARE_TYPE_LINK &&
+			$this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes') !== 'yes') {
+			$this->share['permissions'] &= ~(\OCP\Constants::PERMISSION_CREATE | \OCP\Constants::PERMISSION_UPDATE);
+		}
+
 		// check if the share is password protected
 		if (isset($linkItem['share_with'])) {
 			if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
@@ -82,10 +87,13 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {

 					}
 					return true;
+				} else if (\OC::$server->getSession()->exists('public_link_authenticated')
+					&& \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id']) {
+					return true;
 				} else {
 					return false;
 				}
-			} elseif ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_REMOTE) {
+			} else if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_REMOTE) {
 				return true;
 			} else {
 				return false;
@@ -36,8 +36,6 @@ use OCP\AppFramework\Http\JSONResponse;
 */
 class ExternalSharesController extends Controller {

-	/** @var bool */
-	private $incomingShareEnabled;
 	/** @var \OCA\Files_Sharing\External\Manager */
 	private $externalManager;

@@ -49,52 +47,42 @@ class ExternalSharesController extends Controller {
 	 */
 	public function __construct($appName,
 								IRequest $request,
-								$incomingShareEnabled,
 								\OCA\Files_Sharing\External\Manager $externalManager) {
 		parent::__construct($appName, $request);
-		$this->incomingShareEnabled = $incomingShareEnabled;
 		$this->externalManager = $externalManager;
 	}

 	/**
 	 * @NoAdminRequired
+	 * @NoOutgoingFederatedSharingRequired
 	 *
 	 * @return JSONResponse
 	 */
 	public function index() {
-		$shares = [];
-		if ($this->incomingShareEnabled) {
-			$shares = $this->externalManager->getOpenShares();
-		}
-		return new JSONResponse($shares);
+		return new JSONResponse($this->externalManager->getOpenShares());
 	}

 	/**
 	 * @NoAdminRequired
+	 * @NoOutgoingFederatedSharingRequired
 	 *
 	 * @param int $id
 	 * @return JSONResponse
 	 */
 	public function create($id) {
-		if ($this->incomingShareEnabled) {
-			$this->externalManager->acceptShare($id);
-		}
-
+		$this->externalManager->acceptShare($id);
 		return new JSONResponse();
 	}

 	/**
 	 * @NoAdminRequired
+	 * @NoOutgoingFederatedSharingRequired
 	 *
 	 * @param $id
 	 * @return JSONResponse
 	 */
 	public function destroy($id) {
-		if ($this->incomingShareEnabled) {
-			$this->externalManager->declineShare($id);
-		}
-
+		$this->externalManager->declineShare($id);
 		return new JSONResponse();
 	}
-
 }
@@ -46,6 +46,7 @@ use OCA\Files_Sharing\Helper;
 use OCP\User;
 use OCP\Util;
 use OCA\Files_Sharing\Activity;
+use \OCP\Files\NotFoundException;

 /**
 * Class ShareController
@@ -148,6 +149,7 @@ class ShareController extends Controller {
 	 * @param string $token
 	 * @param string $path
 	 * @return TemplateResponse|RedirectResponse
+	 * @throws NotFoundException
 	 */
 	public function showShare($token, $path = '') {
 		\OC_User::setIncognitoMode(true);
@@ -171,13 +173,14 @@ class ShareController extends Controller {
 			$getPath = Filesystem::normalizePath($path);
 			$originalSharePath .= $path;
 		} else {
-			throw new OCP\Files\NotFoundException();
+			throw new NotFoundException();
 		}

 		$file = basename($originalSharePath);

 		$shareTmpl = [];
 		$shareTmpl['displayName'] = User::getDisplayName($shareOwner);
+		$shareTmpl['owner'] = $shareOwner;
 		$shareTmpl['filename'] = $file;
 		$shareTmpl['directory_path'] = $linkItem['file_target'];
 		$shareTmpl['mimetype'] = Filesystem::getMimeType($originalSharePath);
@@ -303,7 +306,7 @@ class ShareController extends Controller {
 	/**
 	 * @param string $token
 	 * @return string Resolved file path of the token
-	 * @throws \Exception In case share could not get properly resolved
+	 * @throws NotFoundException In case share could not get properly resolved
 	 */
 	private function getPath($token) {
 		$linkItem = Share::getShareByToken($token, false);
@@ -312,7 +315,7 @@ class ShareController extends Controller {
 			$rootLinkItem = Share::resolveReShare($linkItem);
 			if (isset($rootLinkItem['uid_owner'])) {
 				if(!$this->userManager->userExists($rootLinkItem['uid_owner'])) {
-					throw new \Exception('Owner of the share does not exist anymore');
+					throw new NotFoundException('Owner of the share does not exist anymore');
 				}
 				OC_Util::tearDownFS();
 				OC_Util::setupFS($rootLinkItem['uid_owner']);
@@ -324,6 +327,6 @@ class ShareController extends Controller {
 			}
 		}

-		throw new \Exception('No file found belonging to file.');
+		throw new NotFoundException('No file found belonging to file.');
 	}
 }
@@ -0,0 +1,26 @@
+<?php
+/**
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_Sharing\Exceptions;
+
+/**
+ * S2S sharing not allowed
+ */
+class S2SException extends \Exception {
+}
@@ -48,9 +48,10 @@ class Scanner extends \OC\Files\Cache\Scanner {
 	 * @param int $reuseExisting
 	 * @param int $parentId
 	 * @param array | null $cacheData existing data in the cache for the file to be scanned
+	 * @param bool $lock set to false to disable getting an additional read lock during scanning
 	 * @return array an array of metadata of the scanned file
 	 */
-	public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null) {
+	public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true) {
 		try {
 			return parent::scanFile($file, $reuseExisting);
 		} catch (ForbiddenException $e) {
@@ -191,7 +191,7 @@ class Storage extends DAV implements ISharedStorage {
 				throw new StorageInvalidException();
 			} else {
 				// ownCloud instance is gone, likely to be a temporary server configuration error
-				throw $e;
+				throw new StorageNotAvailableException();
 			}
 		} catch (ForbiddenException $e) {
 			// auth error, remove share for now (provide a dialog in the future)
@@ -201,10 +201,7 @@ class Storage extends DAV implements ISharedStorage {
 		} catch (\GuzzleHttp\Exception\ConnectException $e) {
 			throw new StorageNotAvailableException();
 		} catch (\GuzzleHttp\Exception\RequestException $e) {
-			if ($e->getCode() === 503) {
-				throw new StorageNotAvailableException();
-			}
-			throw $e;
+			throw new StorageNotAvailableException();
 		} catch (\Exception $e) {
 			throw $e;
 		}
@@ -250,18 +247,25 @@ class Storage extends DAV implements ISharedStorage {
 		try {
 			$response = $client->post($url, ['body' => ['password' => $password]]);
 		} catch (\GuzzleHttp\Exception\RequestException $e) {
-			switch ($e->getCode()) {
-				case 401:
-				case 403:
+			if ($e->getCode() === 401 || $e->getCode() === 403) {
 					throw new ForbiddenException();
-				case 404:
-					throw new NotFoundException();
-				case 500:
-					throw new \Exception();
 			}
-			throw $e;
+			if ($e->getCode() === 404) {
+				throw new NotFoundException();
+			}
+			// throw this to be on the safe side: the share will still be visible
+			// in the UI in case the failure is intermittent, and the user will
+			// be able to decide whether to remove it if it's really gone
+			throw new StorageNotAvailableException();
 		}

 		return json_decode($response->getBody(), true);
 	}
+
+	public function isSharable($path) {
+		if (\OCP\Util::isSharingDisabledForUser() || !\OC\Share\Share::isResharingAllowed()) {
+			return false;
+		}
+		return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_SHARE);
+	}
 }
@@ -27,7 +27,11 @@ use OCP\App\IAppManager;
 use OCP\AppFramework\Http\NotFoundResponse;
 use OCP\AppFramework\Middleware;
 use OCP\AppFramework\Http\TemplateResponse;
+use OCP\Files\NotFoundException;
 use OCP\IConfig;
+use OCP\AppFramework\Utility\IControllerMethodReflector;
+use OCA\Files_Sharing\Exceptions\S2SException;
+use OCP\AppFramework\Http\JSONResponse;

 /**
 * Checks whether the "sharing check" is enabled
@@ -42,6 +46,8 @@ class SharingCheckMiddleware extends Middleware {
 	protected $config;
 	/** @var IAppManager */
 	protected $appManager;
+	/** @var IControllerMethodReflector */
+	protected $reflector;

 	/***
 	 * @param string $appName
@@ -50,30 +56,74 @@ class SharingCheckMiddleware extends Middleware {
 	 */
 	public function __construct($appName,
 								IConfig $config,
-								IAppManager $appManager) {
+								IAppManager $appManager,
+								IControllerMethodReflector $reflector
+								) {
 		$this->appName = $appName;
 		$this->config = $config;
 		$this->appManager = $appManager;
+		$this->reflector = $reflector;
 	}

 	/**
 	 * Check if sharing is enabled before the controllers is executed
+	 *
+	 * @param \OCP\AppFramework\Controller $controller
+	 * @param string $methodName
+	 * @throws NotFoundException
 	 */
 	public function beforeController($controller, $methodName) {
 		if(!$this->isSharingEnabled()) {
-			throw new \Exception('Sharing is disabled.');
+			throw new NotFoundException('Sharing is disabled.');
+		}
+
+		if ($controller instanceof \OCA\Files_Sharing\Controllers\ExternalSharesController &&
+			!$this->externalSharesChecks()) {
+			throw new S2SException('Federated sharing not allowed');
+		} else if ($controller instanceof \OCA\Files_Sharing\Controllers\ShareController &&
+			!$this->isLinkSharingEnabled()) {
+			throw new NotFoundException('Link sharing is disabled');
 		}
 	}

 	/**
-	 * Return 404 page in case of an exception
+	 * Return 404 page in case of a not found exception
+	 *
 	 * @param \OCP\AppFramework\Controller $controller
 	 * @param string $methodName
 	 * @param \Exception $exception
-	 * @return TemplateResponse
+	 * @return NotFoundResponse
+	 * @throws \Exception
 	 */
-	public function afterException($controller, $methodName, \Exception $exception){
-		return new NotFoundResponse();
+	public function afterException($controller, $methodName, \Exception $exception) {
+		if(is_a($exception, '\OCP\Files\NotFoundException')) {
+			return new NotFoundResponse();
+		}
+
+		if (is_a($exception, '\OCA\Files_Sharing\Exceptions\S2SException')) {
+			return new JSONResponse($exception->getMessage(), 405);
+		}
+
+		throw $exception;
+	}
+
+	/**
+	 * Checks for externalshares controller
+	 * @return bool
+	 */
+	private function externalSharesChecks() {
+
+		if (!$this->reflector->hasAnnotation('NoIncomingFederatedSharingRequired') &&
+			$this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') !== 'yes') {
+			return false;
+		}
+
+		if (!$this->reflector->hasAnnotation('NoOutgoingFederatedSharingRequired') &&
+		    $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') !== 'yes') {
+			return false;
+		}
+
+		return true;
 	}

 	/**
@@ -87,6 +137,19 @@ class SharingCheckMiddleware extends Middleware {
 			return false;
 		}

+		return true;
+	}
+
+	/**
+	 * Check if link sharing is allowed
+	 * @return bool
+	 */
+	private function isLinkSharingEnabled() {
+		// Check if the shareAPI is enabled
+		if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') {
+			return false;
+		}
+
 		// Check whether public sharing is enabled
 		if($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
 			return false;
@@ -66,12 +66,6 @@ class MountProvider implements IMountProvider {
 			return $share['permissions'] > 0;
 		});
 		$shares = array_map(function ($share) use ($user, $storageFactory) {
-			try {
-				Filesystem::initMountPoints($share['uid_owner']);
-			} catch(NoUserException $e) {
-				\OC::$server->getLogger()->warning('The user \'' . $share['uid_owner'] . '\' of share with ID \'' . $share['id'] . '\' can\'t be retrieved.', array('app' => 'files_sharing'));
-				return null;
-			}
 			// for updating etags for the share owner when we make changes to this share.
 			$ownerPropagator = $this->propagationManager->getChangePropagator($share['uid_owner']);

@@ -126,20 +126,28 @@ class RecipientPropagator {
 		});
 	}

+	protected $propagatingIds = [];
+
 	public function propagateById($id) {
+		if (isset($this->propagatingIds[$id])) {
+			return;
+		}
+		$this->propagatingIds[$id] = true;
 		$shares = Share::getAllSharesForFileId($id);
 		foreach ($shares as $share) {
 			// propagate down the share tree
 			$this->markDirty($share, microtime(true));

 			// propagate up the share tree
-			$user = $share['uid_owner'];
-			if($user !== $this->userId) {
+			if ($share['share_with'] === $this->userId) {
+				$user = $share['uid_owner'];
 				$view = new View('/' . $user . '/files');
 				$path = $view->getPath($share['file_source']);
 				$watcher = new ChangeWatcher($view, $this->manager->getSharePropagator($user));
 				$watcher->writeHook(['path' => $path]);
 			}
 		}
+
+		unset($this->propagatingIds[$id]);
 	}
 }
@@ -206,27 +206,15 @@ class OC_Share_Backend_File implements OCP\Share_Backend_File_Dependent {

 	/**
 	 * @param string $target
-	 * @param string $mountPoint
-	 * @param string $itemType
+	 * @param array $share
 	 * @return array|false source item
 	 */
-	public static function getSource($target, $mountPoint, $itemType) {
-		if ($itemType === 'folder') {
-			$source = \OCP\Share::getItemSharedWith('folder', $mountPoint, \OC_Share_Backend_File::FORMAT_SHARED_STORAGE);
-			if ($source && $target !== '') {
-				// note: in case of ext storage mount points the path might be empty
-				// which would cause a leading slash to appear
-				$source['path'] = ltrim($source['path'] . '/' . $target, '/');
-			}
-		} else {
-			$source = \OCP\Share::getItemSharedWith('file', $mountPoint, \OC_Share_Backend_File::FORMAT_SHARED_STORAGE);
+	public static function getSource($target, $share) {
+		if ($share['item_type'] === 'folder' && $target !== '') {
+			// note: in case of ext storage mount points the path might be empty
+			// which would cause a leading slash to appear
+			$share['path'] = ltrim($share['path'] . '/' . $target, '/');
 		}
-		if ($source) {
-			return self::resolveReshares($source);
-		}
-
-		\OCP\Util::writeLog('files_sharing', 'File source not found for: '.$target, \OCP\Util::DEBUG);
-		return false;
+		return self::resolveReshares($share);
 	}
-
 }
@@ -41,35 +41,47 @@ class SharedMount extends MountPoint implements MoveableMount {
 	 */
 	protected $ownerPropagator;

+	/**
+	 * @var \OC\Files\View
+	 */
+	private $recipientView;
+
+	/**
+	 * @var string
+	 */
+	private $user;
+
 	public function __construct($storage, $mountpoint, $arguments = null, $loader = null) {
 		// first update the mount point before creating the parent
 		$this->ownerPropagator = $arguments['propagator'];
-		$newMountPoint = $this->verifyMountPoint($arguments['share'], $arguments['user']);
-		$absMountPoint = '/' . $arguments['user'] . '/files' . $newMountPoint;
+		$this->user = $arguments['user'];
+		$this->recipientView = new View('/' . $this->user . '/files');
+		$newMountPoint = $this->verifyMountPoint($arguments['share']);
+		$absMountPoint = '/' . $this->user . '/files' . $newMountPoint;
+		$arguments['ownerView'] = new View('/' . $arguments['share']['uid_owner'] . '/files');
 		parent::__construct($storage, $absMountPoint, $arguments, $loader);
 	}

 	/**
 	 * check if the parent folder exists otherwise move the mount point up
 	 */
-	private function verifyMountPoint(&$share, $user) {
+	private function verifyMountPoint(&$share) {

 		$mountPoint = basename($share['file_target']);
 		$parent = dirname($share['file_target']);
-		$view = new View('/' . $user . '/files');

-		if (!$view->is_dir($parent)) {
+		if (!$this->recipientView->is_dir($parent)) {
 			$parent = Helper::getShareFolder();
 		}

 		$newMountPoint = \OCA\Files_Sharing\Helper::generateUniqueTarget(
-				\OC\Files\Filesystem::normalizePath($parent . '/' . $mountPoint),
-				array(),
-				new \OC\Files\View('/' . $user . '/files')
-				);
+			\OC\Files\Filesystem::normalizePath($parent . '/' . $mountPoint),
+			[],
+			$this->recipientView
+		);

-		if($newMountPoint !== $share['file_target']) {
-			self::updateFileTarget($newMountPoint, $share);
+		if ($newMountPoint !== $share['file_target']) {
+			$this->updateFileTarget($newMountPoint, $share);
 			$share['file_target'] = $newMountPoint;
 			$share['unique_name'] = true;
 		}
@@ -79,11 +91,12 @@ class SharedMount extends MountPoint implements MoveableMount {

 	/**
 	 * update fileTarget in the database if the mount point changed
+	 *
 	 * @param string $newPath
 	 * @param array $share reference to the share which should be modified
 	 * @return bool
 	 */
-	private static function updateFileTarget($newPath, &$share) {
+	private function updateFileTarget($newPath, &$share) {
 		// if the user renames a mount point from a group share we need to create a new db entry
 		// for the unique name
 		if ($share['share_type'] === \OCP\Share::SHARE_TYPE_GROUP && empty($share['unique_name'])) {
@@ -91,7 +104,7 @@ class SharedMount extends MountPoint implements MoveableMount {
 			.' `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`,'
 			.' `file_target`, `token`, `parent`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?)');
 			$arguments = array($share['item_type'], $share['item_source'], $share['item_target'],
-				2, \OCP\User::getUser(), $share['uid_owner'], $share['permissions'], $share['stime'], $share['file_source'],
+				2, $this->user, $share['uid_owner'], $share['permissions'], $share['stime'], $share['file_source'],
 				$newPath, $share['token'], $share['id']);
 		} else {
 			// rename mount point
@@ -99,7 +112,7 @@ class SharedMount extends MountPoint implements MoveableMount {
 					'Update `*PREFIX*share`
 						SET `file_target` = ?
 						WHERE `id` = ?'
-					);
+			);
 			$arguments = array($newPath, $share['id']);
 		}

@@ -45,8 +45,18 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 	private $files = array();
 	private static $isInitialized = array();

+	/**
+	 * @var \OC\Files\View
+	 */
+	private $ownerView;
+
 	public function __construct($arguments) {
 		$this->share = $arguments['share'];
+		$this->ownerView = $arguments['ownerView'];
+	}
+
+	private function init() {
+		Filesystem::initMountPoints($this->share['uid_owner']);
 	}

 	/**
@@ -74,17 +84,18 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 	 * @return array Returns array with the keys path, permissions, and owner or false if not found
 	 */
 	public function getFile($target) {
+		$this->init();
 		if (!isset($this->files[$target])) {
 			// Check for partial files
 			if (pathinfo($target, PATHINFO_EXTENSION) === 'part') {
-				$source = \OC_Share_Backend_File::getSource(substr($target, 0, -5), $this->getMountPoint(), $this->getItemType());
+				$source = \OC_Share_Backend_File::getSource(substr($target, 0, -5), $this->getShare());
 				if ($source) {
 					$source['path'] .= '.part';
 					// All partial files have delete permission
 					$source['permissions'] |= \OCP\Constants::PERMISSION_DELETE;
 				}
 			} else {
-				$source = \OC_Share_Backend_File::getSource($target, $this->getMountPoint(), $this->getItemType());
+				$source = \OC_Share_Backend_File::getSource($target, $this->getShare());
 			}
 			$this->files[$target] = $source;
 		}
@@ -236,7 +247,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 	}

 	public function isSharable($path) {
-		if (\OCP\Util::isSharingDisabledForUser()) {
+		if (\OCP\Util::isSharingDisabledForUser() || !\OC\Share\Share::isResharingAllowed()) {
 			return false;
 		}
 		return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_SHARE);
@@ -313,7 +324,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 	}

 	public function rename($path1, $path2) {
-
+		$this->init();
 		// we need the paths relative to data/user/files
 		$relPath1 = $this->getMountPoint() . '/' . $path1;
 		$relPath2 = $this->getMountPoint() . '/' . $path2;
@@ -623,6 +634,11 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 		/** @var \OCP\Files\Storage $targetStorage */
 		list($targetStorage, $targetInternalPath) = $this->resolvePath($path);
 		$targetStorage->acquireLock($targetInternalPath, $type, $provider);
+		// lock the parent folders of the owner when locking the share as recipient
+		if ($path === '') {
+			$sourcePath = $this->ownerView->getPath($this->share['file_source']);
+			$this->ownerView->lockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
+		}
 	}

 	/**
@@ -634,6 +650,11 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage {
 		/** @var \OCP\Files\Storage $targetStorage */
 		list($targetStorage, $targetInternalPath) = $this->resolvePath($path);
 		$targetStorage->releaseLock($targetInternalPath, $type, $provider);
+		// unlock the parent folders of the owner when unlocking the share as recipient
+		if ($path === '') {
+			$sourcePath = $this->ownerView->getPath($this->share['file_source']);
+			$this->ownerView->unlockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
+		}
 	}

 	/**
@@ -56,6 +56,50 @@ class Shared_Updater {
 	 */
 	static public function renameHook($params) {
 		self::renameChildren($params['oldpath'], $params['newpath']);
+		self::moveShareToShare($params['newpath']);
+	}
+
+	/**
+	 * Fix for https://github.com/owncloud/core/issues/20769
+	 *
+	 * The owner is allowed to move their files (if they are shared) into a receiving folder
+	 * In this case we need to update the parent of the moved share. Since they are
+	 * effectively handing over ownership of the file the rest of the code needs to know
+	 * they need to build up the reshare tree.
+	 *
+	 * @param string $path
+	 */
+	static private function moveShareToShare($path) {
+		$userFolder = \OC::$server->getUserFolder();
+
+		// If the user folder can't be constructed (e.g. link share) just return.
+		if ($userFolder === null) {
+			return;
+		}
+
+		$src = $userFolder->get($path);
+
+		$type = $src instanceof \OCP\Files\File ? 'file' : 'folder';
+		$shares = \OCP\Share::getItemShared($type, $src->getId());
+
+		// If the path we move is not a share we don't care
+		if (empty($shares)) {
+			return;
+		}
+
+		// Check if the destination is inside a share
+		$mountManager = \OC\Files\Filesystem::getMountManager();
+		$dstMount = $mountManager->find($src->getPath());
+		if (!($dstMount instanceof \OCA\Files_Sharing\SharedMount)) {
+			return;
+		}
+
+		$parenShare = $dstMount->getShare();
+
+		foreach ($shares as $share) {
+			$query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `parent` = ? WHERE `id` = ?');
+			$query->execute([$parenShare['id'], $share['id']]);
+		}
 	}

 	/**
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .1.9
 .1.10
@@ -1 +1 @@
 .6.1
 .6.3