summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorCarl Schwan <carl@carlschwan.eu>2022-02-15 17:45:09 +0100
committernextcloud-command <nextcloud-command@users.noreply.github.com>2022-04-05 17:04:17 +0000
commita29251e02df0157741afaddbc202617e6eb1c840 (patch)
treee6f45cc8f5f69d3358cac3f0b50c058a5cfcb1a3 /apps
parenta99fdf5600c9e4be23b4adb153c33298650e3fc1 (diff)
downloadnextcloud-server-a29251e02df0157741afaddbc202617e6eb1c840.tar.gz
nextcloud-server-a29251e02df0157741afaddbc202617e6eb1c840.zip
Allow to disable password policy enforcement for selected groups
Signed-off-by: Carl Schwan <carl@carlschwan.eu> Co-authored-by: Vincent Petry <vincent@nextcloud.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
Diffstat (limited to 'apps')
-rw-r--r--apps/files_sharing/tests/CapabilitiesTest.php12
-rw-r--r--apps/settings/lib/Settings/Admin/Sharing.php9
-rw-r--r--apps/settings/src/admin.js6
-rw-r--r--apps/settings/templates/settings/admin/sharing.php12
-rw-r--r--apps/settings/tests/Settings/Admin/SharingTest.php4
5 files changed, 41 insertions, 2 deletions
diff --git a/apps/files_sharing/tests/CapabilitiesTest.php b/apps/files_sharing/tests/CapabilitiesTest.php
index 01ef13a3e6c..673995c4216 100644
--- a/apps/files_sharing/tests/CapabilitiesTest.php
+++ b/apps/files_sharing/tests/CapabilitiesTest.php
@@ -139,6 +139,7 @@ class CapabilitiesTest extends \Test\TestCase {
$map = [
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertIsArray($result['public']);
@@ -149,6 +150,7 @@ class CapabilitiesTest extends \Test\TestCase {
$map = [
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
['core', 'shareapi_enforce_links_password', 'no', 'yes'],
];
$result = $this->getResults($map);
@@ -161,6 +163,7 @@ class CapabilitiesTest extends \Test\TestCase {
$map = [
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
['core', 'shareapi_enforce_links_password', 'no', 'no'],
];
$result = $this->getResults($map);
@@ -174,6 +177,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
['core', 'shareapi_default_expire_date', 'no', 'no'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertArrayHasKey('expire_date', $result['public']);
@@ -188,6 +192,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_default_expire_date', 'no', 'yes'],
['core', 'shareapi_expire_after_n_days', '7', '7'],
['core', 'shareapi_enforce_expire_date', 'no', 'no'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertArrayHasKey('expire_date', $result['public']);
@@ -203,6 +208,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_allow_links', 'yes', 'yes'],
['core', 'shareapi_default_expire_date', 'no', 'yes'],
['core', 'shareapi_enforce_expire_date', 'no', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertArrayHasKey('expire_date', $result['public']);
@@ -215,6 +221,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
['core', 'shareapi_allow_public_notification', 'no', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertTrue($result['public']['send_mail']);
@@ -225,6 +232,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
['core', 'shareapi_allow_public_notification', 'no', 'no'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertFalse($result['public']['send_mail']);
@@ -234,6 +242,7 @@ class CapabilitiesTest extends \Test\TestCase {
$map = [
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_resharing', 'yes', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertTrue($result['resharing']);
@@ -243,6 +252,7 @@ class CapabilitiesTest extends \Test\TestCase {
$map = [
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_resharing', 'yes', 'no'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertFalse($result['resharing']);
@@ -253,6 +263,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
['core', 'shareapi_allow_public_upload', 'yes', 'yes'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertTrue($result['public']['upload']);
@@ -264,6 +275,7 @@ class CapabilitiesTest extends \Test\TestCase {
['core', 'shareapi_enabled', 'yes', 'yes'],
['core', 'shareapi_allow_links', 'yes', 'yes'],
['core', 'shareapi_allow_public_upload', 'yes', 'no'],
+ ['core', 'shareapi_enforce_links_password_excluded_groups', '', ''],
];
$result = $this->getResults($map);
$this->assertFalse($result['public']['upload']);
diff --git a/apps/settings/lib/Settings/Admin/Sharing.php b/apps/settings/lib/Settings/Admin/Sharing.php
index 15f74c40e1e..a5f85003fa4 100644
--- a/apps/settings/lib/Settings/Admin/Sharing.php
+++ b/apps/settings/lib/Settings/Admin/Sharing.php
@@ -72,6 +72,11 @@ class Sharing implements IDelegatedSettings {
$linksExcludeGroupsList = !is_null(json_decode($linksExcludedGroups))
? implode('|', json_decode($linksExcludedGroups, true)) : '';
+ $excludedPasswordGroups = $this->config->getAppValue('core', 'shareapi_enforce_links_password_excluded_groups', '');
+ $excludedPasswordGroupsList = !is_null(json_decode($excludedPasswordGroups))
+ ? implode('|', json_decode($excludedPasswordGroups, true)) : '';
+
+
$parameters = [
// Built-In Sharing
'sharingAppEnabled' => $this->appManager->isEnabledForUser('files_sharing'),
@@ -84,7 +89,9 @@ class Sharing implements IDelegatedSettings {
'restrictUserEnumerationToGroup' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no'),
'restrictUserEnumerationToPhone' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no'),
'restrictUserEnumerationFullMatch' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes'),
- 'enforceLinkPassword' => Util::isPublicLinkPasswordRequired(),
+ 'enforceLinkPassword' => Util::isPublicLinkPasswordRequired(false),
+ 'passwordExcludedGroups' => $excludedPasswordGroupsList,
+ 'passwordExcludedGroupsFeatureEnabled' => $this->config->getSystemValueBool('sharing.allow_disabled_password_enforcement_groups', false),
'onlyShareWithGroupMembers' => $this->shareManager->shareWithGroupMembersOnly(),
'shareAPIEnabled' => $this->config->getAppValue('core', 'shareapi_enabled', 'yes'),
'shareDefaultExpireDateSet' => $this->config->getAppValue('core', 'shareapi_default_expire_date', 'no'),
diff --git a/apps/settings/src/admin.js b/apps/settings/src/admin.js
index 2a8c6bb1d0c..c3704eed42c 100644
--- a/apps/settings/src/admin.js
+++ b/apps/settings/src/admin.js
@@ -1,5 +1,5 @@
window.addEventListener('DOMContentLoaded', () => {
- $('#excludedGroups,#linksExcludedGroups').each((index, element) => {
+ $('#excludedGroups,#linksExcludedGroups,#passwordsExcludedGroups').each(function(index, element) {
OC.Settings.setupGroupsSelect($(element))
$(element).change((ev) => {
let groups = ev.val || []
@@ -93,6 +93,10 @@ window.addEventListener('DOMContentLoaded', () => {
$('#setDefaultRemoteExpireDate').toggleClass('hidden', !this.checked)
})
+ $('#enforceLinkPassword').change(function() {
+ $('#selectPasswordsExcludedGroups').toggleClass('hidden', !this.checked)
+ })
+
$('#publicShareDisclaimer').change(function() {
$('#publicShareDisclaimerText').toggleClass('hidden', !this.checked)
if (!this.checked) {
diff --git a/apps/settings/templates/settings/admin/sharing.php b/apps/settings/templates/settings/admin/sharing.php
index b699e152198..b51f9339166 100644
--- a/apps/settings/templates/settings/admin/sharing.php
+++ b/apps/settings/templates/settings/admin/sharing.php
@@ -120,6 +120,18 @@
} ?> />
<label for="enforceLinkPassword"><?php p($l->t('Enforce password protection'));?></label><br/>
+<?php if ($_['passwordExcludedGroupsFeatureEnabled']) { ?>
+ <div id="selectPasswordsExcludedGroups" class="indent <?php if (!$_['enforceLinkPassword']) { p('hidden'); } ?>">
+ <div class="indent">
+ <label for="shareapi_enforce_links_password_excluded_groups"><?php p($l->t('Exclude groups from password requirements:'));?>
+ <br />
+ <input name="shareapi_enforce_links_password_excluded_groups" id="passwordsExcludedGroups" value="<?php p($_['passwordExcludedGroups']) ?>" style="width: 400px" class="noJSAutoUpdate"/>
+ </div>
+ </div>
+<?php } ?>
+
+ <input type="checkbox" name="shareapi_default_expire_date" id="shareapiDefaultExpireDate" class="checkbox" value="1" <?php if ($_['shareDefaultExpireDateSet'] === 'yes') { print_unescaped('checked="checked"'); } ?> />
+
<input type="checkbox" name="shareapi_default_expire_date" id="shareapiDefaultExpireDate" class="checkbox"
value="1" <?php if ($_['shareDefaultExpireDateSet'] === 'yes') {
print_unescaped('checked="checked"');
diff --git a/apps/settings/tests/Settings/Admin/SharingTest.php b/apps/settings/tests/Settings/Admin/SharingTest.php
index 222be5fd9dc..3ac2e878434 100644
--- a/apps/settings/tests/Settings/Admin/SharingTest.php
+++ b/apps/settings/tests/Settings/Admin/SharingTest.php
@@ -135,6 +135,8 @@ class SharingTest extends TestCase {
'shareRemoteExpireAfterNDays' => '7',
'shareRemoteEnforceExpireDate' => 'no',
'allowLinksExcludeGroups' => '',
+ 'passwordExcludedGroups' => '',
+ 'passwordExcludedGroupsFeatureEnabled' => false,
],
''
);
@@ -208,6 +210,8 @@ class SharingTest extends TestCase {
'shareRemoteExpireAfterNDays' => '7',
'shareRemoteEnforceExpireDate' => 'no',
'allowLinksExcludeGroups' => '',
+ 'passwordExcludedGroups' => '',
+ 'passwordExcludedGroupsFeatureEnabled' => false,
],
''
);