Mirrors/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2024-08-22 05:55:27 +02:00
Code Issues Actions 27 Packages Projects Releases Wiki Activity

Merge pull request #31519 from nextcloud/bugfix/noid/fix-occ-user-add-apppassword

Browse Source 
Fix occ user:add-app-password
This commit is contained in:
Vincent Petry 2022-03-11 11:55:01 +01:00 committed by GitHub
commit cec00df21c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 28 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/settings/lib/Activity/Provider.php
View File

@ -115,7 +115,11 @@ class Provider implements IProvider {
} elseif ($event->getSubject() === self::EMAIL_CHANGED) {
$subject = $this->l->t('Your email address was changed by an administrator');
} elseif ($event->getSubject() === self::APP_TOKEN_CREATED) {
$subject = $this->l->t('You created app password "{token}"');
if ($event->getAffectedUser() === $event->getAuthor()) {
$subject = $this->l->t('You created app password "{token}"');
} else {
$subject = $this->l->t('An administrator created app password "{token}"');
}
} elseif ($event->getSubject() === self::APP_TOKEN_DELETED) {
$subject = $this->l->t('You deleted app password "{token}"');
} elseif ($event->getSubject() === self::APP_TOKEN_RENAMED) {

8
apps/settings/lib/Listener/AppPasswordCreatedActivityListener.php
View File

@ -31,6 +31,7 @@ use OCA\Settings\Activity\Provider;
use OCP\Activity\IManager as IActivityManager;
use OCP\EventDispatcher\Event;
use OCP\EventDispatcher\IEventListener;
use OCP\IUserSession;
use Psr\Log\LoggerInterface;
/**
@ -40,12 +41,17 @@ class AppPasswordCreatedActivityListener implements IEventListener {
/** @var IActivityManager */
private $activityManager;
/** @var IUserSession */
private $userSession;
/** @var LoggerInterface */
private $logger;
public function __construct(IActivityManager $activityManager,
IUserSession $userSession,
LoggerInterface $logger) {
$this->activityManager = $activityManager;
$this->userSession = $userSession;
$this->logger = $logger;
}
@ -58,7 +64,7 @@ class AppPasswordCreatedActivityListener implements IEventListener {
$activity->setApp('settings')
->setType('security')
->setAffectedUser($event->getToken()->getUID())
->setAuthor($event->getToken()->getUID())
->setAuthor($this->userSession->getUser() ? $this->userSession->getUser()->getUID() : '')
->setSubject(Provider::APP_TOKEN_CREATED, ['name' => $event->getToken()->getName()])
->setObject('app_token', $event->getToken()->getId());

23
core/Command/User/AddAppPassword.php
View File

@ -23,10 +23,11 @@
*/
namespace OC\Core\Command\User;
use OC\Authentication\Events\AppPasswordCreatedEvent;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IUserManager;
use OCP\Security\ICrypto;
use OCP\Security\ISecureRandom;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Helper\QuestionHelper;
@ -44,17 +45,17 @@ class AddAppPassword extends Command {
protected $tokenProvider;
/** @var ISecureRandom */
private $random;
/** @var ICrypto */
private $crypto;
/** @var IEventDispatcher */
private $eventDispatcher;
public function __construct(IUserManager $userManager,
IProvider $tokenProvider,
ISecureRandom $random,
ICrypto $crypto) {
IEventDispatcher $eventDispatcher) {
$this->tokenProvider = $tokenProvider;
$this->userManager = $userManager;
$this->random = $random;
$this->crypto = $crypto;
$this->eventDispatcher = $eventDispatcher;
parent::__construct();
}
@ -108,11 +109,13 @@ class AddAppPassword extends Command {
return 1;
}
$output->writeln('<info>The password is not validated so what you provide is what gets recorded in the token</info>');
if (!$this->userManager->checkPassword($user->getUID(), $password)) {
$output->writeln('<error>The provided password is invalid</error>');
return 1;
}
$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
$this->tokenProvider->generateToken(
$generatedToken = $this->tokenProvider->generateToken(
$token,
$user->getUID(),
$user->getUID(),
@ -122,6 +125,10 @@ class AddAppPassword extends Command {
IToken::DO_NOT_REMEMBER
);
$this->eventDispatcher->dispatchTyped(
new AppPasswordCreatedEvent($generatedToken)
);
$output->writeln('app password:');
$output->writeln($token);

2
core/register_command.php
View File

@ -187,7 +187,7 @@ if (\OC::$server->getConfig()->getSystemValue('installed', false)) {
$application->add(new OC\Core\Command\User\Setting(\OC::$server->getUserManager(), \OC::$server->getConfig()));
$application->add(new OC\Core\Command\User\ListCommand(\OC::$server->getUserManager(), \OC::$server->getGroupManager()));
$application->add(new OC\Core\Command\User\Info(\OC::$server->getUserManager(), \OC::$server->getGroupManager()));
$application->add(new OC\Core\Command\User\AddAppPassword(\OC::$server->get(\OCP\IUserManager::class), \OC::$server->get(\OC\Authentication\Token\IProvider::class), \OC::$server->get(\OCP\Security\ISecureRandom::class), \OC::$server->get(\OCP\Security\ICrypto::class)));
$application->add(new OC\Core\Command\User\AddAppPassword(\OC::$server->get(\OCP\IUserManager::class), \OC::$server->get(\OC\Authentication\Token\IProvider::class), \OC::$server->get(\OCP\Security\ISecureRandom::class), \OC::$server->get(\OCP\EventDispatcher\IEventDispatcher::class)));
$application->add(new OC\Core\Command\Group\Add(\OC::$server->getGroupManager()));
$application->add(new OC\Core\Command\Group\Delete(\OC::$server->getGroupManager()));