diff options
| -rw-r--r-- | core/Controller/LostController.php | 39 | ||||
| -rw-r--r-- | core/css/inputs.scss | 17 | ||||
| -rw-r--r-- | settings/templates/users/main.php | 26 | ||||
| -rw-r--r-- | tests/Core/Controller/LostControllerTest.php | 85 |
4 files changed, 130 insertions, 37 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index 8a8a50343ed..4de1cf5eb00 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -39,6 +39,7 @@ use \OCP\IURLGenerator; use \OCP\IRequest; use \OCP\IL10N; use \OCP\IConfig; +use OCP\IUser; use OCP\IUserManager; use OCP\Mail\IMailer; use OCP\Security\ICrypto; @@ -253,16 +254,12 @@ class LostController extends Controller { } /** - * @param string $user + * @param string $input * @throws \Exception */ - protected function sendEmail($user) { - if (!$this->userManager->userExists($user)) { - throw new \Exception($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.')); - } - - $userObject = $this->userManager->get($user); - $email = $userObject->getEMailAddress(); + protected function sendEmail($input) { + $user = $this->findUserByIdOrMail($input); + $email = $user->getEMailAddress(); if (empty($email)) { throw new \Exception( @@ -281,11 +278,10 @@ class LostController extends Controller { ISecureRandom::CHAR_UPPER ); $tokenValue = $this->timeFactory->getTime() .':'. $token; - $mailAddress = !is_null($userObject->getEMailAddress()) ? $userObject->getEMailAddress() : ''; - $encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress.$this->config->getSystemValue('secret')); - $this->config->setUserValue($user, 'core', 'lostpassword', $encryptedValue); + $encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret')); + $this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue); - $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user, 'token' => $token)); + $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token)); $tmpl = new \OC_Template('core', 'lostpassword/email'); $tmpl->assign('link', $link); @@ -293,7 +289,7 @@ class LostController extends Controller { try { $message = $this->mailer->createMessage(); - $message->setTo([$email => $user]); + $message->setTo([$email => $user->getUID()]); $message->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()])); $message->setPlainBody($msg); $message->setFrom([$this->from => $this->defaults->getName()]); @@ -305,4 +301,21 @@ class LostController extends Controller { } } + /** + * @param string $input + * @return IUser + * @throws \Exception + */ + protected function findUserByIdOrMail($input) { + $user = $this->userManager->get($input); + if ($user instanceof IUser) { + return $user; + } + $users = $this->userManager->getByEmail($input); + if (count($users) === 1) { + return $users[0]; + } + + throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.')); + } } diff --git a/core/css/inputs.scss b/core/css/inputs.scss index 37405172d3a..13a164e13f2 100644 --- a/core/css/inputs.scss +++ b/core/css/inputs.scss @@ -1,12 +1,12 @@ /** * @copyright Copyright (c) 2016, John Molakvoæ <skjnldsv@protonmail.com> * @copyright Copyright (c) 2016, Morris Jobke <hey@morrisjobke.de> - * @copyright Copyright (c) 2016, Jan-Christoph Borchardt <hey@jancborchardt.net> * @copyright Copyright (c) 2016, Joas Schilling <coding@schilljs.com> * @copyright Copyright (c) 2016, Julius Haertl <jus@bitgrid.net> * @copyright Copyright (c) 2016, jowi <sjw@gmx.ch> * @copyright Copyright (c) 2015, Joas Schilling <nickvergessen@owncloud.com> * @copyright Copyright (c) 2015, Hendrik Leppelsack <hendrik@leppelsack.de> + * @copyright Copyright (c) 2014-2017, Jan-Christoph Borchardt <hey@jancborchardt.net> * * @license GNU AGPL version 3 or any later version * @@ -301,6 +301,21 @@ input { } } } +#app-settings-content { + input { + &[type='checkbox'], + &[type='radio'] { + &.radio, + &.checkbox { + + label { + display: inline-block; + width: 100%; + padding: 5px 0; + } + } + } + } +} /* Select2 overriding. Merged to core with vendor stylesheet */ .select2-drop { diff --git a/settings/templates/users/main.php b/settings/templates/users/main.php index 4fd8572029a..3688f2296cd 100644 --- a/settings/templates/users/main.php +++ b/settings/templates/users/main.php @@ -52,17 +52,24 @@ translation('settings'); </label> </p> <p> + <input type="checkbox" name="UserBackend" value="UserBackend" id="CheckboxUserBackend" + class="checkbox" <?php if ($_['show_backend'] === 'true') print_unescaped('checked="checked"'); ?> /> + <label for="CheckboxUserBackend"> + <?php p($l->t('Show user backend')) ?> + </label> + </p> + <p> <input type="checkbox" name="LastLogin" value="LastLogin" id="CheckboxLastLogin" class="checkbox" <?php if ($_['show_last_login'] === 'true') print_unescaped('checked="checked"'); ?> /> <label for="CheckboxLastLogin"> - <?php p($l->t('Show last log in')) ?> + <?php p($l->t('Show last login')) ?> </label> </p> <p> - <input type="checkbox" name="UserBackend" value="UserBackend" id="CheckboxUserBackend" - class="checkbox" <?php if ($_['show_backend'] === 'true') print_unescaped('checked="checked"'); ?> /> - <label for="CheckboxUserBackend"> - <?php p($l->t('Show user backend')) ?> + <input type="checkbox" name="EmailAddress" value="EmailAddress" id="CheckboxEmailAddress" + class="checkbox" <?php if ($_['show_email'] === 'true') print_unescaped('checked="checked"'); ?> /> + <label for="CheckboxEmailAddress"> + <?php p($l->t('Show email address')) ?> </label> </p> <p> @@ -73,14 +80,7 @@ translation('settings'); </label> </p> <p class="info-text"> - <?php p($l->t('When the password of the new user is left empty an activation email with a link to set the password is send to the user')) ?> - </p> - <p> - <input type="checkbox" name="EmailAddress" value="EmailAddress" id="CheckboxEmailAddress" - class="checkbox" <?php if ($_['show_email'] === 'true') print_unescaped('checked="checked"'); ?> /> - <label for="CheckboxEmailAddress"> - <?php p($l->t('Show email address')) ?> - </label> + <?php p($l->t('When the password of a new user is left empty, an activation email with a link to set the password is sent.')) ?> </p> </div> </div> diff --git a/tests/Core/Controller/LostControllerTest.php b/tests/Core/Controller/LostControllerTest.php index 0f9dcaead35..255c6ace359 100644 --- a/tests/Core/Controller/LostControllerTest.php +++ b/tests/Core/Controller/LostControllerTest.php @@ -76,8 +76,12 @@ class LostControllerTest extends \Test\TestCase { parent::setUp(); $this->existingUser = $this->createMock(IUser::class); - $this->existingUser->method('getEMailAddress') + $this->existingUser->expects($this->any()) + ->method('getEMailAddress') ->willReturn('test@example.com'); + $this->existingUser->expects($this->any()) + ->method('getUID') + ->willReturn('ExistingUser'); $this->config = $this->createMock(IConfig::class); $this->config->method('getSystemValue') @@ -280,11 +284,6 @@ class LostControllerTest extends \Test\TestCase { ->with('21') ->will($this->returnValue('ThisIsMaybeANotSoSecretToken!')); $this->userManager - ->expects($this->once()) - ->method('userExists') - ->with('ExistingUser') - ->will($this->returnValue(true)); - $this->userManager ->expects($this->any()) ->method('get') ->with('ExistingUser') @@ -344,17 +343,83 @@ class LostControllerTest extends \Test\TestCase { $this->assertSame($expectedResponse, $response); } - public function testEmailCantSendException() { + public function testEmailWithMailSuccessful() { $this->secureRandom ->expects($this->once()) ->method('generate') ->with('21') ->will($this->returnValue('ThisIsMaybeANotSoSecretToken!')); $this->userManager + ->expects($this->any()) + ->method('get') + ->with('test@example.com') + ->willReturn(null); + $this->userManager + ->expects($this->any()) + ->method('getByEmail') + ->with('test@example.com') + ->willReturn([$this->existingUser]); + $this->timeFactory ->expects($this->once()) - ->method('userExists') - ->with('ExistingUser') - ->will($this->returnValue(true)); + ->method('getTime') + ->will($this->returnValue(12348)); + $this->config + ->expects($this->once()) + ->method('setUserValue') + ->with('ExistingUser', 'core', 'lostpassword', 'encryptedToken'); + $this->urlGenerator + ->expects($this->once()) + ->method('linkToRouteAbsolute') + ->with('core.lost.resetform', array('userId' => 'ExistingUser', 'token' => 'ThisIsMaybeANotSoSecretToken!')) + ->will($this->returnValue('https://example.tld/index.php/lostpassword/')); + $message = $this->getMockBuilder('\OC\Mail\Message') + ->disableOriginalConstructor()->getMock(); + $message + ->expects($this->at(0)) + ->method('setTo') + ->with(['test@example.com' => 'ExistingUser']); + $message + ->expects($this->at(1)) + ->method('setSubject') + ->with(' password reset'); + $message + ->expects($this->at(2)) + ->method('setPlainBody') + ->with('Use the following link to reset your password: https://example.tld/index.php/lostpassword/'); + $message + ->expects($this->at(3)) + ->method('setFrom') + ->with(['lostpassword-noreply@localhost' => null]); + $this->mailer + ->expects($this->at(0)) + ->method('createMessage') + ->will($this->returnValue($message)); + $this->mailer + ->expects($this->at(1)) + ->method('send') + ->with($message); + + $this->config->method('getSystemValue') + ->with('secret', '') + ->willReturn('SECRET'); + + $this->crypto->method('encrypt') + ->with( + $this->equalTo('12348:ThisIsMaybeANotSoSecretToken!'), + $this->equalTo('test@example.comSECRET') + )->willReturn('encryptedToken'); + + $response = $this->lostController->email('test@example.com'); + $expectedResponse = array('status' => 'success'); + $this->assertSame($expectedResponse, $response); + } + + public function testEmailCantSendException() { + $this->secureRandom + ->expects($this->once()) + ->method('generate') + ->with('21') + ->will($this->returnValue('ThisIsMaybeANotSoSecretToken!')); $this->userManager ->expects($this->any()) ->method('get') |