1 files changed, 78 insertions, 44 deletions
diff --git a/core/Command/User/Add.php b/core/Command/User/Add.php
index 24d11fbee6e..4de4e247991 100644
--- a/core/Command/User/Add.php
+++ b/core/Command/User/Add.php
@@ -1,35 +1,23 @@
 <?php
+
 /**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- *
- * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Joas Schilling <coding@schilljs.com>
- * @author Laurens Post <lkpost@scept.re>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
  */
 namespace OC\Core\Command\User;
 
 use OC\Files\Filesystem;
+use OCA\Settings\Mailer\NewUserMailHelper;
+use OCP\EventDispatcher\IEventDispatcher;
+use OCP\IAppConfig;
 use OCP\IGroup;
 use OCP\IGroupManager;
 use OCP\IUser;
 use OCP\IUserManager;
+use OCP\Mail\IMailer;
+use OCP\Security\Events\GenerateSecurePasswordEvent;
+use OCP\Security\ISecureRandom;
 use Symfony\Component\Console\Command\Command;
 use Symfony\Component\Console\Helper\QuestionHelper;
 use Symfony\Component\Console\Input\InputArgument;
@@ -39,57 +27,80 @@ use Symfony\Component\Console\Output\OutputInterface;
 use Symfony\Component\Console\Question\Question;
 
 class Add extends Command {
-	protected IUserManager $userManager;
-	protected IGroupManager $groupManager;
-
-	public function __construct(IUserManager $userManager, IGroupManager $groupManager) {
+	public function __construct(
+		protected IUserManager $userManager,
+		protected IGroupManager $groupManager,
+		protected IMailer $mailer,
+		private IAppConfig $appConfig,
+		private NewUserMailHelper $mailHelper,
+		private IEventDispatcher $eventDispatcher,
+		private ISecureRandom $secureRandom,
+	) {
 		parent::__construct();
-		$this->userManager = $userManager;
-		$this->groupManager = $groupManager;
 	}
 
-	protected function configure() {
+	protected function configure(): void {
 		$this
 			->setName('user:add')
-			->setDescription('adds a user')
+			->setDescription('adds an account')
 			->addArgument(
 				'uid',
 				InputArgument::REQUIRED,
-				'User ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @)'
+				'Account ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @)'
 			)
 			->addOption(
 				'password-from-env',
 				null,
 				InputOption::VALUE_NONE,
-				'read password from environment variable OC_PASS'
+				'read password from environment variable NC_PASS/OC_PASS'
+			)
+			->addOption(
+				'generate-password',
+				null,
+				InputOption::VALUE_NONE,
+				'Generate a secure password. A welcome email with a reset link will be sent to the user via an email if --email option and newUser.sendEmail config are set'
 			)
 			->addOption(
 				'display-name',
 				null,
 				InputOption::VALUE_OPTIONAL,
-				'User name used in the web UI (can contain any characters)'
+				'Login used in the web UI (can contain any characters)'
 			)
 			->addOption(
 				'group',
 				'g',
 				InputOption::VALUE_OPTIONAL | InputOption::VALUE_IS_ARRAY,
-				'groups the user should be added to (The group will be created if it does not exist)'
+				'groups the account should be added to (The group will be created if it does not exist)'
+			)
+			->addOption(
+				'email',
+				null,
+				InputOption::VALUE_REQUIRED,
+				'When set, users may register using the default email verification workflow'
 			);
 	}
 
 	protected function execute(InputInterface $input, OutputInterface $output): int {
 		$uid = $input->getArgument('uid');
 		if ($this->userManager->userExists($uid)) {
-			$output->writeln('<error>The user "' . $uid . '" already exists.</error>');
+			$output->writeln('<error>The account "' . $uid . '" already exists.</error>');
 			return 1;
 		}
 
+		$password = '';
+
+		// Setup password.
 		if ($input->getOption('password-from-env')) {
-			$password = getenv('OC_PASS');
+			$password = getenv('NC_PASS') ?: getenv('OC_PASS');
+
 			if (!$password) {
-				$output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>');
+				$output->writeln('<error>--password-from-env given, but NC_PASS/OC_PASS is empty!</error>');
 				return 1;
 			}
+		} elseif ($input->getOption('generate-password')) {
+			$passwordEvent = new GenerateSecurePasswordEvent();
+			$this->eventDispatcher->dispatchTyped($passwordEvent);
+			$password = $passwordEvent->getPassword() ?? $this->secureRandom->generate(20);
 		} elseif ($input->isInteractive()) {
 			/** @var QuestionHelper $helper */
 			$helper = $this->getHelper('question');
@@ -103,29 +114,28 @@ class Add extends Command {
 			$confirm = $helper->ask($input, $output, $question);
 
 			if ($password !== $confirm) {
-				$output->writeln("<error>Passwords did not match!</error>");
+				$output->writeln('<error>Passwords did not match!</error>');
 				return 1;
 			}
 		} else {
-			$output->writeln("<error>Interactive input or --password-from-env is needed for entering a password!</error>");
+			$output->writeln('<error>Interactive input or --password-from-env or --generate-password is needed for setting a password!</error>');
 			return 1;
 		}
 
 		try {
 			$user = $this->userManager->createUser(
 				$input->getArgument('uid'),
-				$password
+				$password,
 			);
 		} catch (\Exception $e) {
 			$output->writeln('<error>' . $e->getMessage() . '</error>');
 			return 1;
 		}
 
-
 		if ($user instanceof IUser) {
-			$output->writeln('<info>The user "' . $user->getUID() . '" was created successfully</info>');
+			$output->writeln('<info>The account "' . $user->getUID() . '" was created successfully</info>');
 		} else {
-			$output->writeln('<error>An error occurred while creating the user</error>');
+			$output->writeln('<error>An error occurred while creating the account</error>');
 			return 1;
 		}
 
@@ -153,9 +163,33 @@ class Add extends Command {
 			}
 			if ($group instanceof IGroup) {
 				$group->addUser($user);
-				$output->writeln('User "' . $user->getUID() . '" added to group "' . $group->getGID() . '"');
+				$output->writeln('Account "' . $user->getUID() . '" added to group "' . $group->getGID() . '"');
 			}
 		}
+
+		$email = $input->getOption('email');
+		if (!empty($email)) {
+			if (!$this->mailer->validateMailAddress($email)) {
+				$output->writeln(\sprintf(
+					'<error>The given email address "%s" is invalid. Email not set for the user.</error>',
+					$email,
+				));
+
+				return 1;
+			}
+
+			$user->setSystemEMailAddress($email);
+
+			if ($this->appConfig->getValueString('core', 'newUser.sendEmail', 'yes') === 'yes') {
+				try {
+					$this->mailHelper->sendMail($user, $this->mailHelper->generateTemplate($user, true));
+					$output->writeln('Welcome email sent to ' . $email);
+				} catch (\Exception $e) {
+					$output->writeln('Unable to send the welcome email to ' . $email);
+				}
+			}
+		}
+
 		return 0;
 	}
 }