Changing recovery key password process improvements

[enbrnz]

WHAT Needs to be Documented?

• appid is encryption not files_encryption in the database
• Process should also delete rows from oc_preferences table where configkey is recoveryEnabled and configvalue is 1, this ensures the users don't have to first disable recovery key before re-enabling it with the new key.
• Share keys should be removed as well. They are in the user data folders files_encryption/OC_DEFAULT_MODULE/<filename>/${recoveryKeyId}.shareKey

WHERE Does This Need To Be Documented (Link)?

https://doc.owncloud.com/server/10.9/admin_manual/configuration/files/encryption/encryption_configuration.html#changing-the-recovery-key-password

WHY Should This Change Be Made?

Makes it easier for admins to check whether the new recovery key has been applied to all users for migrating away from user-key-encryption

(Optional) What Type Of Content Change Is This?

• New Content Addition
• Old Content Deprecation
• Existing Content Simplification
• Bug Fix to Existing Content

(Optional) Which Manual Does This Relate To?

• Admin Manual
• Developer Manual
• User Manual
• Android
• iOS
• Branded Clients
• Desktop Client
• Other

[DeepDiver1975]

🤖 Automated issue triage by Claude Code review agent.

Confirmed: the documented "Changing the Recovery Key Password" process is factually wrong about the database appid, and is still wrong in the current docs.

Where it lives now. The content has migrated out of this repo into owncloud/docs-server: modules/admin_manual/pages/configuration/files/encryption/encryption_configuration.adoc, section "Changing the Recovery Key Password". The published page is https://doc.owncloud.com/server/next/admin_manual/configuration/files/encryption/encryption_configuration.html#changing-the-recovery-key-password

Verification against the owncloud/encryption app source:

1. Wrong appid. The doc says to remove the recoveryKeyId / recoveryAdminEnabled rows from oc_appconfig "for the appid files_encryption". The real appid is encryption:

   • appinfo/info.xml → <id>encryption</id>
   • lib/Recovery.php → setAppValue('encryption', 'recoveryAdminEnabled', ...) and the recovery key id are stored under appid encryption.
     So the oc_appconfig cleanup as written targets the wrong appid and removes nothing.

2. Missing oc_preferences cleanup. Each opted-in user's recoveryEnabled flag is a user preference (lib/Recovery.php → setUserValue($uid, 'encryption', 'recoveryEnabled', ...)), i.e. a row in oc_preferences with appid=encryption, configkey=recoveryEnabled, configvalue=1. As the reporter notes, deleting these rows lets users skip the manual disable-then-re-enable dance.

3. Stale recovery share keys. Per-user recovery share keys live under the user data folder as files_encryption/OC_DEFAULT_MODULE/<filename>/<recoveryKeyId>.shareKey and should be removed too.

Recommended doc fix (in owncloud/docs-server):

• Correct the appid from files_encryption to encryption in the oc_appconfig step.
• Add an optional step to delete oc_preferences rows where appid=encryption, configkey=recoveryEnabled, configvalue=1 to spare users the manual re-enable.
• Mention removing the stale <recoveryKeyId>.shareKey files under each user's files_encryption/OC_DEFAULT_MODULE/....

Since this repo (owncloud/docs) is now an aggregator and the affected file lives in owncloud/docs-server, a follow-up there is the right place to land the fix.