From 4784b6499d7a277c4a14d0fdef2429eb17c40c08 Mon Sep 17 00:00:00 2001
From: Michael Kaye <1917473+michaelkaye@users.noreply.github.com>
Date: Wed, 14 Nov 2018 13:37:51 +0000
Subject: [PATCH] Always make a copy of a file.

If decryption is not required, copy the file anyway so the logic
around removing the "decrypted" version of the file can still exist.

This allows us to serve the "undecrypted" file back to the client even
if we're secure-deleting the "decrypted" file here.

I believe this fixes #30
---
 src/reporting.js | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/reporting.js b/src/reporting.js
index f91e4a5..e24eadd 100644
--- a/src/reporting.js
+++ b/src/reporting.js
@@ -258,11 +258,10 @@ async function generateReport(console, httpUrl, matrixFile, filePath, tempDir, s
         return reportCache[reportHash];
     }
 
-    // By default, the file is considered decrypted
-    let decryptedFilePath = filePath;
+    // Always make a decryptedFile on disk
+    let decryptedFilePath = path.join(tempDir, 'unsafeDownloadedDecryptedFile');
 
     if (matrixFile && matrixFile.key) {
-        decryptedFilePath = path.join(tempDir, 'unsafeDownloadedDecryptedFile');
         console.info(`Decrypting ${filePath}, writing to ${decryptedFilePath}`);
 
         try {
@@ -271,6 +270,13 @@ async function generateReport(console, httpUrl, matrixFile, filePath, tempDir, s
             console.error(err);
             throw new ClientError(400, 'Failed to decrypt file', 'MCS_MEDIA_FAILED_TO_DECRYPT');
         }
+    } else {
+        try {
+            fs.copyFileSync(filePath, decryptedFilePath);
+        } catch (err) {
+            console.error(err);
+            throw new ClientError(400, 'Failed to copy file for decryption', 'MCS_MEDIA_FAILED_TO_DECRYPT');
+        }
     }
 
     const cmd = script + ' ' + decryptedFilePath;