diff options
| author | Laurens Post <lkpost@scept.re> | 2015-04-04 13:24:57 +0200 |
|---|---|---|
| committer | Laurens Post <lkpost@scept.re> | 2015-04-04 13:24:57 +0200 |
| commit | d9323ca1be35ffe0a115278de29106fe37d35c63 (patch) | |
| tree | b9a78fd2e93084c1a083ad18eb56e198853e70c8 /core/command/user | |
| parent | 691c353eeda077be0fcca1e3839265815a650a90 (diff) | |
| download | nextcloud-server-d9323ca1be35ffe0a115278de29106fe37d35c63.tar.gz nextcloud-server-d9323ca1be35ffe0a115278de29106fe37d35c63.zip | |
Add password input from env variable for occ user:{add, resetpassword}
This commit adds the --password-from-env switch to the `occ user:add` and
`occ user:resetpassword` commands. When this parameter is given, Owncloud
will use the password specified in environment variable OC_PASS. This
is safer than using command line parameters, as those can be read by any
process.
Diffstat (limited to 'core/command/user')
| -rw-r--r-- | core/command/user/add.php | 41 | ||||
| -rw-r--r-- | core/command/user/resetpassword.php | 35 |
2 files changed, 54 insertions, 22 deletions
diff --git a/core/command/user/add.php b/core/command/user/add.php index 93257ea2e5a..a566ed2db7a 100644 --- a/core/command/user/add.php +++ b/core/command/user/add.php @@ -58,10 +58,10 @@ class Add extends Command { 'User ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @)' ) ->addOption( - 'password', - 'p', - InputOption::VALUE_OPTIONAL, - '' + 'password-from-env', + null, + InputOption::VALUE_NONE, + 'read password from environment variable OC_PASS' ) ->addOption( 'display-name', @@ -84,14 +84,33 @@ class Add extends Command { return; } - $password = $input->getOption('password'); - while (!$password) { - $question = new Question('Please enter a non-empty password:'); - $question->setHidden(true); - $question->setHiddenFallback(false); + if ($input->getOption('password-from-env')) { + $password = getenv('OC_PASS'); + if (!$password) { + $output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>'); + return 1; + } + } elseif ($input->isInteractive()) { + /** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */ + $dialog = $this->getHelperSet()->get('dialog'); + $password = $dialog->askHiddenResponse( + $output, + '<question>Enter password: </question>', + false + ); + $confirm = $dialog->askHiddenResponse( + $output, + '<question>Confirm password: </question>', + false + ); - $helper = $this->getHelper('question'); - $password = $helper->ask($input, $output, $question); + if ($password !== $confirm) { + $output->writeln("<error>Passwords did not match!</error>"); + return 1; + } + } else { + $output->writeln("<error>Interactive input or --password-from-env is needed for entering a password!</error>"); + return 1; } $user = $this->userManager->createUser( diff --git a/core/command/user/resetpassword.php b/core/command/user/resetpassword.php index 3afbfeeb9b9..3e16c8f79a5 100644 --- a/core/command/user/resetpassword.php +++ b/core/command/user/resetpassword.php @@ -26,6 +26,7 @@ namespace OC\Core\Command\User; use Symfony\Component\Console\Command\Command; use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Input\InputArgument; +use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; class ResetPassword extends Command { @@ -47,6 +48,12 @@ class ResetPassword extends Command { InputArgument::REQUIRED, 'Username to reset password' ) + ->addOption( + 'password-from-env', + null, + InputOption::VALUE_NONE, + 'read password from environment variable OC_PASS' + ) ; } @@ -60,7 +67,13 @@ class ResetPassword extends Command { return 1; } - if ($input->isInteractive()) { + if ($input->getOption('password-from-env')) { + $password = getenv('OC_PASS'); + if (!$password) { + $output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>'); + return 1; + } + } elseif ($input->isInteractive()) { /** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */ $dialog = $this->getHelperSet()->get('dialog'); @@ -84,20 +97,20 @@ class ResetPassword extends Command { false ); - if ($password === $confirm) { - $success = $user->setPassword($password); - if ($success) { - $output->writeln("<info>Successfully reset password for " . $username . "</info>"); - } else { - $output->writeln("<error>Error while resetting password!</error>"); - return 1; - } - } else { + if ($password !== $confirm) { $output->writeln("<error>Passwords did not match!</error>"); return 1; } } else { - $output->writeln("<error>Interactive input is needed for entering a new password!</error>"); + $output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>"); + return 1; + } + + $success = $user->setPassword($password); + if ($success) { + $output->writeln("<info>Successfully reset password for " . $username . "</info>"); + } else { + $output->writeln("<error>Error while resetting password!</error>"); return 1; } } |