Merge pull request #4330 from nextcloud/activities-for-password-mail-change

Add activities when email or password is changed

4 files changed, 480 insertions, 0 deletions

diff --git a/settings/Activity/Provider.php b/settings/Activity/Provider.php
new file mode 100644
index 00000000000..f7ea425f628
--- /dev/null
+++ b/settings/Activity/Provider.php
@@ -0,0 +1,178 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Joas Schilling <coding@schilljs.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Settings\Activity;
+
+use OCP\Activity\IEvent;
+use OCP\Activity\IProvider;
+use OCP\IL10N;
+use OCP\IURLGenerator;
+use OCP\IUser;
+use OCP\IUserManager;
+use OCP\L10N\IFactory;
+
+class Provider implements IProvider {
+
+	const PASSWORD_CHANGED_BY = 'password_changed_by';
+	const PASSWORD_CHANGED_SELF = 'password_changed_self';
+	const PASSWORD_RESET = 'password_changed';
+	const EMAIL_CHANGED_BY = 'email_changed_by';
+	const EMAIL_CHANGED_SELF = 'email_changed_self';
+	const EMAIL_CHANGED = 'email_changed';
+
+	/** @var IFactory */
+	protected $languageFactory;
+
+	/** @var IL10N */
+	protected $l;
+
+	/** @var IURLGenerator */
+	protected $url;
+
+	/** @var IUserManager */
+	protected $userManager;
+
+	/** @var string[] cached displayNames - key is the UID and value the displayname */
+	protected $displayNames = [];
+
+	/**
+	 * @param IFactory $languageFactory
+	 * @param IURLGenerator $url
+	 * @param IUserManager $userManager
+	 */
+	public function __construct(IFactory $languageFactory, IURLGenerator $url, IUserManager $userManager) {
+		$this->languageFactory = $languageFactory;
+		$this->url = $url;
+		$this->userManager = $userManager;
+	}
+
+	/**
+	 * @param string $language
+	 * @param IEvent $event
+	 * @param IEvent|null $previousEvent
+	 * @return IEvent
+	 * @throws \InvalidArgumentException
+	 * @since 11.0.0
+	 */
+	public function parse($language, IEvent $event, IEvent $previousEvent = null) {
+		if ($event->getApp() !== 'settings') {
+			throw new \InvalidArgumentException();
+		}
+
+		$this->l = $this->languageFactory->get('settings', $language);
+
+		$event->setIcon($this->url->getAbsoluteURL($this->url->imagePath('settings', 'personal.svg')));
+
+		if ($event->getSubject() === self::PASSWORD_CHANGED_BY) {
+			$subject = $this->l->t('{actor} changed your password');
+		} else if ($event->getSubject() === self::PASSWORD_CHANGED_SELF) {
+			$subject = $this->l->t('You changed your password');
+		} else if ($event->getSubject() === self::PASSWORD_RESET) {
+			$subject = $this->l->t('Your password was reset by an administrator');
+
+		} else if ($event->getSubject() === self::EMAIL_CHANGED_BY) {
+			$subject = $this->l->t('{actor} changed your email');
+		} else if ($event->getSubject() === self::EMAIL_CHANGED_SELF) {
+			$subject = $this->l->t('You changed your email');
+		} else if ($event->getSubject() === self::EMAIL_CHANGED) {
+			$subject = $this->l->t('Your email was changed by an administrator');
+
+		} else {
+			throw new \InvalidArgumentException();
+		}
+
+		$parsedParameters = $this->getParameters($event);
+		$this->setSubjects($event, $subject, $parsedParameters);
+
+		return $event;
+	}
+
+	/**
+	 * @param IEvent $event
+	 * @return array
+	 * @throws \InvalidArgumentException
+	 */
+	protected function getParameters(IEvent $event) {
+		$subject = $event->getSubject();
+		$parameters = $event->getSubjectParameters();
+
+		switch ($subject) {
+			case self::PASSWORD_CHANGED_SELF:
+			case self::PASSWORD_RESET:
+			case self::EMAIL_CHANGED_SELF:
+			case self::EMAIL_CHANGED:
+				return [];
+			case self::PASSWORD_CHANGED_BY:
+			case self::EMAIL_CHANGED_BY:
+				return [
+					'actor' => $this->generateUserParameter($parameters[0]),
+				];
+		}
+
+		throw new \InvalidArgumentException();
+	}
+
+	/**
+	 * @param IEvent $event
+	 * @param string $subject
+	 * @param array $parameters
+	 * @throws \InvalidArgumentException
+	 */
+	protected function setSubjects(IEvent $event, $subject, array $parameters) {
+		$placeholders = $replacements = [];
+		foreach ($parameters as $placeholder => $parameter) {
+			$placeholders[] = '{' . $placeholder . '}';
+			$replacements[] = $parameter['name'];
+		}
+
+		$event->setParsedSubject(str_replace($placeholders, $replacements, $subject))
+			->setRichSubject($subject, $parameters);
+	}
+
+	/**
+	 * @param string $uid
+	 * @return array
+	 */
+	protected function generateUserParameter($uid) {
+		if (!isset($this->displayNames[$uid])) {
+			$this->displayNames[$uid] = $this->getDisplayName($uid);
+		}
+
+		return [
+			'type' => 'user',
+			'id' => $uid,
+			'name' => $this->displayNames[$uid],
+		];
+	}
+
+	/**
+	 * @param string $uid
+	 * @return string
+	 */
+	protected function getDisplayName($uid) {
+		$user = $this->userManager->get($uid);
+		if ($user instanceof IUser) {
+			return $user->getDisplayName();
+		}
+
+		return $uid;
+	}
+}
diff --git a/settings/Activity/Setting.php b/settings/Activity/Setting.php
new file mode 100644
index 00000000000..ec72f270b9f
--- /dev/null
+++ b/settings/Activity/Setting.php
@@ -0,0 +1,96 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Joas Schilling <coding@schilljs.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Settings\Activity;
+
+use OCP\Activity\ISetting;
+use OCP\IL10N;
+
+class Setting implements ISetting {
+
+	/** @var IL10N */
+	protected $l;
+
+	/**
+	 * @param IL10N $l10n
+	 */
+	public function __construct(IL10N $l10n) {
+		$this->l = $l10n;
+	}
+
+	/**
+	 * @return string Lowercase a-z and underscore only identifier
+	 * @since 11.0.0
+	 */
+	public function getIdentifier() {
+		return 'personal_settings';
+	}
+
+	/**
+	 * @return string A translated string
+	 * @since 11.0.0
+	 */
+	public function getName() {
+		return $this->l->t('Your <strong>password</strong> or <strong>email</strong> was modified');
+	}
+
+	/**
+	 * @return int whether the filter should be rather on the top or bottom of
+	 * the admin section. The filters are arranged in ascending order of the
+	 * priority values. It is required to return a value between 0 and 100.
+	 * @since 11.0.0
+	 */
+	public function getPriority() {
+		return 0;
+	}
+
+	/**
+	 * @return bool True when the option can be changed for the stream
+	 * @since 11.0.0
+	 */
+	public function canChangeStream() {
+		return false;
+	}
+
+	/**
+	 * @return bool True when the option can be changed for the stream
+	 * @since 11.0.0
+	 */
+	public function isDefaultEnabledStream() {
+		return true;
+	}
+
+	/**
+	 * @return bool True when the option can be changed for the mail
+	 * @since 11.0.0
+	 */
+	public function canChangeMail() {
+		return false;
+	}
+
+	/**
+	 * @return bool True when the option can be changed for the stream
+	 * @since 11.0.0
+	 */
+	public function isDefaultEnabledMail() {
+		return false;
+	}
+}
diff --git a/settings/Application.php b/settings/Application.php
index 8ec8d5eb8a5..52661c5bae2 100644
--- a/settings/Application.php
+++ b/settings/Application.php
@@ -35,6 +35,8 @@ use OC\App\AppStore\Fetcher\CategoryFetcher;
 use OC\AppFramework\Utility\TimeFactory;
 use OC\Authentication\Token\IProvider;
 use OC\Server;
+use OC\Settings\Activity\Provider;
+use OC\Settings\Activity\Setting;
 use OC\Settings\Mailer\NewUserMailHelper;
 use OC\Settings\Middleware\SubadminMiddleware;
 use OCP\AppFramework\App;
@@ -129,4 +131,43 @@ class Application extends App {
 			);
 		});
 	}
+
+	public function register() {
+		$activityManager = $this->getContainer()->getServer()->getActivityManager();
+		$activityManager->registerSetting(Setting::class); // FIXME move to info.xml
+		$activityManager->registerProvider(Provider::class); // FIXME move to info.xml
+
+		Util::connectHook('OC_User', 'post_setPassword', $this, 'onChangePassword');
+		Util::connectHook('OC_User', 'changeUser', $this, 'onChangeInfo');
+	}
+
+	/**
+	 * @param array $parameters
+	 * @throws \InvalidArgumentException
+	 * @throws \BadMethodCallException
+	 * @throws \Exception
+	 * @throws \OCP\AppFramework\QueryException
+	 */
+	public function onChangePassword(array $parameters) {
+		/** @var Hooks $hooks */
+		$hooks = $this->getContainer()->query(Hooks::class);
+		$hooks->onChangePassword($parameters['uid']);
+	}
+
+	/**
+	 * @param array $parameters
+	 * @throws \InvalidArgumentException
+	 * @throws \BadMethodCallException
+	 * @throws \Exception
+	 * @throws \OCP\AppFramework\QueryException
+	 */
+	public function onChangeInfo(array $parameters) {
+		if ($parameters['feature'] !== 'eMailAddress') {
+			return;
+		}
+
+		/** @var Hooks $hooks */
+		$hooks = $this->getContainer()->query(Hooks::class);
+		$hooks->onChangeEmail($parameters['user'], $parameters['old_value']);
+	}
 }
diff --git a/settings/Hooks.php b/settings/Hooks.php
new file mode 100644
index 00000000000..721aeb23886
--- /dev/null
+++ b/settings/Hooks.php
@@ -0,0 +1,165 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Joas Schilling <coding@schilljs.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Settings;
+
+use OC\Settings\Activity\Provider;
+use OCP\Activity\IManager as IActivityManager;
+use OCP\IL10N;
+use OCP\IURLGenerator;
+use OCP\IUser;
+use OCP\IUserManager;
+use OCP\IUserSession;
+use OCP\Mail\IMailer;
+
+class Hooks {
+
+	/** @var IActivityManager */
+	protected $activityManager;
+	/** @var IUserManager */
+	protected $userManager;
+	/** @var IUserSession */
+	protected $userSession;
+	/** @var IURLGenerator */
+	protected $urlGenerator;
+	/** @var IMailer */
+	protected $mailer;
+	/** @var IL10N */
+	protected $l;
+
+	public function __construct(IActivityManager $activityManager, IUserManager $userManager, IUserSession $userSession, IURLGenerator $urlGenerator, IMailer $mailer, IL10N $l) {
+		$this->activityManager = $activityManager;
+		$this->userManager = $userManager;
+		$this->userSession = $userSession;
+		$this->urlGenerator = $urlGenerator;
+		$this->mailer = $mailer;
+		$this->l = $l;
+	}
+
+	/**
+	 * @param string $uid
+	 * @throws \InvalidArgumentException
+	 * @throws \BadMethodCallException
+	 * @throws \Exception
+	 */
+	public function onChangePassword($uid) {
+		$user = $this->userManager->get($uid);
+
+		if (!$user instanceof IUser || $user->getEMailAddress() === null) {
+			return;
+		}
+
+		$event = $this->activityManager->generateEvent();
+		$event->setApp('settings')
+			->setType('personal_settings')
+			->setAffectedUser($user->getUID());
+
+		$instanceUrl = $this->urlGenerator->getAbsoluteURL('/');
+
+		$actor = $this->userSession->getUser();
+		if ($actor instanceof IUser) {
+			if ($actor->getUID() !== $user->getUID()) {
+				$text = $this->l->t('%1$s changed your password on %2$s.', [$actor->getDisplayName(), $instanceUrl]);
+				$event->setAuthor($actor->getUID())
+					->setSubject(Provider::PASSWORD_CHANGED_BY, [$actor->getUID()]);
+			} else {
+				$text = $this->l->t('Your password on %s was changed.', [$instanceUrl]);
+				$event->setAuthor($actor->getUID())
+					->setSubject(Provider::PASSWORD_CHANGED_SELF);
+			}
+		} else {
+			$text = $this->l->t('Your password on %s was reset by an administrator.', [$instanceUrl]);
+			$event->setSubject(Provider::PASSWORD_RESET);
+		}
+
+		$this->activityManager->publish($event);
+
+		if ($user->getEMailAddress() !== null) {
+			$template = $this->mailer->createEMailTemplate();
+			$template->addHeader();
+			$template->addHeading($this->l->t('Password changed for %s', $user->getDisplayName()), false);
+			$template->addBodyText($text . ' ' . $this->l->t('If you did not request this, please contact an administrator.'));
+			$template->addFooter();
+
+
+			$message = $this->mailer->createMessage();
+			$message->setTo([$user->getEMailAddress() => $user->getDisplayName()]);
+			$message->setSubject($this->l->t('Password for %1$s changed on %2$s', [$user->getDisplayName(), $instanceUrl]));
+			$message->setBody($template->renderText(), 'text/plain');
+			$message->setHtmlBody($template->renderHTML());
+
+			$this->mailer->send($message);
+		}
+	}
+
+	/**
+	 * @param IUser $user
+	 * @param string|null $oldMailAddress
+	 * @throws \InvalidArgumentException
+	 * @throws \BadMethodCallException
+	 */
+	public function onChangeEmail(IUser $user, $oldMailAddress) {
+		$event = $this->activityManager->generateEvent();
+		$event->setApp('settings')
+			->setType('personal_settings')
+			->setAffectedUser($user->getUID());
+
+		$instanceUrl = $this->urlGenerator->getAbsoluteURL('/');
+
+		$actor = $this->userSession->getUser();
+		if ($actor instanceof IUser) {
+			if ($actor->getUID() !== $user->getUID()) {
+				$text = $this->l->t('%1$s changed your email address on %2$s.', [$actor->getDisplayName(), $instanceUrl]);
+				$event->setAuthor($actor->getUID())
+					->setSubject(Provider::EMAIL_CHANGED_BY, [$actor->getUID()]);
+			} else {
+				$text = $this->l->t('Your email address on %s was changed.', [$instanceUrl]);
+				$event->setAuthor($actor->getUID())
+					->setSubject(Provider::EMAIL_CHANGED_SELF);
+			}
+		} else {
+			$text = $this->l->t('Your email address on %s was changed by an administrator.', [$instanceUrl]);
+			$event->setSubject(Provider::EMAIL_CHANGED);
+		}
+		$this->activityManager->publish($event);
+
+
+		if ($oldMailAddress !== null) {
+			$template = $this->mailer->createEMailTemplate();
+			$template->addHeader();
+			$template->addHeading($this->l->t('Email address changed for %s', $user->getDisplayName()), false);
+			$template->addBodyText($text . ' ' . $this->l->t('If you did not request this, please contact an administrator.'));
+			if ($user->getEMailAddress()) {
+				$template->addBodyText($this->l->t('The new email address is %s', $user->getEMailAddress()));
+			}
+			$template->addFooter();
+
+
+			$message = $this->mailer->createMessage();
+			$message->setTo([$oldMailAddress => $user->getDisplayName()]);
+			$message->setSubject($this->l->t('Email address for %1$s changed on %2$s', [$user->getDisplayName(), $instanceUrl]));
+			$message->setBody($template->renderText(), 'text/plain');
+			$message->setHtmlBody($template->renderHTML());
+
+			$this->mailer->send($message);
+		}
+	}
+}