From: Laurens Post Date: Sat, 4 Apr 2015 11:24:57 +0000 (+0200) Subject: Add password input from env variable for occ user:{add, resetpassword} X-Git-Tag: v8.1.0alpha1~41^2 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=d9323ca1be35ffe0a115278de29106fe37d35c63;p=nextcloud-server.git Add password input from env variable for occ user:{add, resetpassword} This commit adds the --password-from-env switch to the `occ user:add` and `occ user:resetpassword` commands. When this parameter is given, Owncloud will use the password specified in environment variable OC_PASS. This is safer than using command line parameters, as those can be read by any process. --- diff --git a/core/command/user/add.php b/core/command/user/add.php index 93257ea2e5a..a566ed2db7a 100644 --- a/core/command/user/add.php +++ b/core/command/user/add.php @@ -58,10 +58,10 @@ class Add extends Command { 'User ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @)' ) ->addOption( - 'password', - 'p', - InputOption::VALUE_OPTIONAL, - '' + 'password-from-env', + null, + InputOption::VALUE_NONE, + 'read password from environment variable OC_PASS' ) ->addOption( 'display-name', @@ -84,14 +84,33 @@ class Add extends Command { return; } - $password = $input->getOption('password'); - while (!$password) { - $question = new Question('Please enter a non-empty password:'); - $question->setHidden(true); - $question->setHiddenFallback(false); + if ($input->getOption('password-from-env')) { + $password = getenv('OC_PASS'); + if (!$password) { + $output->writeln('--password-from-env given, but OC_PASS is empty!'); + return 1; + } + } elseif ($input->isInteractive()) { + /** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */ + $dialog = $this->getHelperSet()->get('dialog'); + $password = $dialog->askHiddenResponse( + $output, + 'Enter password: ', + false + ); + $confirm = $dialog->askHiddenResponse( + $output, + 'Confirm password: ', + false + ); - $helper = $this->getHelper('question'); - $password = $helper->ask($input, $output, $question); + if ($password !== $confirm) { + $output->writeln("Passwords did not match!"); + return 1; + } + } else { + $output->writeln("Interactive input or --password-from-env is needed for entering a password!"); + return 1; } $user = $this->userManager->createUser( diff --git a/core/command/user/resetpassword.php b/core/command/user/resetpassword.php index 3afbfeeb9b9..3e16c8f79a5 100644 --- a/core/command/user/resetpassword.php +++ b/core/command/user/resetpassword.php @@ -26,6 +26,7 @@ namespace OC\Core\Command\User; use Symfony\Component\Console\Command\Command; use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Input\InputArgument; +use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; class ResetPassword extends Command { @@ -47,6 +48,12 @@ class ResetPassword extends Command { InputArgument::REQUIRED, 'Username to reset password' ) + ->addOption( + 'password-from-env', + null, + InputOption::VALUE_NONE, + 'read password from environment variable OC_PASS' + ) ; } @@ -60,7 +67,13 @@ class ResetPassword extends Command { return 1; } - if ($input->isInteractive()) { + if ($input->getOption('password-from-env')) { + $password = getenv('OC_PASS'); + if (!$password) { + $output->writeln('--password-from-env given, but OC_PASS is empty!'); + return 1; + } + } elseif ($input->isInteractive()) { /** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */ $dialog = $this->getHelperSet()->get('dialog'); @@ -84,20 +97,20 @@ class ResetPassword extends Command { false ); - if ($password === $confirm) { - $success = $user->setPassword($password); - if ($success) { - $output->writeln("Successfully reset password for " . $username . ""); - } else { - $output->writeln("Error while resetting password!"); - return 1; - } - } else { + if ($password !== $confirm) { $output->writeln("Passwords did not match!"); return 1; } } else { - $output->writeln("Interactive input is needed for entering a new password!"); + $output->writeln("Interactive input or --password-from-env is needed for entering a new password!"); + return 1; + } + + $success = $user->setPassword($password); + if ($success) { + $output->writeln("Successfully reset password for " . $username . ""); + } else { + $output->writeln("Error while resetting password!"); return 1; } }