5 files changed, 252 insertions, 6 deletions
diff --git a/lib/private/User/AvailabilityCoordinator.php b/lib/private/User/AvailabilityCoordinator.php
new file mode 100644
index 00000000000..8e6b73bd56d
--- /dev/null
+++ b/lib/private/User/AvailabilityCoordinator.php
@@ -0,0 +1,122 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2023 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2023 Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Richard Steinmetz <richard@steinmetz.cloud>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OC\User;
+
+use JsonException;
+use OCA\DAV\AppInfo\Application;
+use OCA\DAV\Db\AbsenceMapper;
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\ICache;
+use OCP\ICacheFactory;
+use OCP\IConfig;
+use OCP\IUser;
+use OCP\User\IAvailabilityCoordinator;
+use OCP\User\IOutOfOfficeData;
+use Psr\Log\LoggerInterface;
+
+class AvailabilityCoordinator implements IAvailabilityCoordinator {
+	private ICache $cache;
+
+	public function __construct(
+		ICacheFactory $cacheFactory,
+		private AbsenceMapper $absenceMapper,
+		private IConfig $config,
+		private LoggerInterface $logger,
+	) {
+		$this->cache = $cacheFactory->createLocal('OutOfOfficeData');
+	}
+
+	public function isEnabled(): bool {
+		return $this->config->getAppValue(
+			Application::APP_ID,
+			'hide_absence_settings',
+			'no',
+		) === 'no';
+	}
+
+	private function getCachedOutOfOfficeData(IUser $user): ?OutOfOfficeData {
+		$cachedString = $this->cache->get($user->getUID());
+		if ($cachedString === null) {
+			return null;
+		}
+
+		try {
+			$cachedData = json_decode($cachedString, true, 10, JSON_THROW_ON_ERROR);
+		} catch (JsonException $e) {
+			$this->logger->error('Failed to deserialize cached out-of-office data: ' . $e->getMessage(), [
+				'exception' => $e,
+				'json' => $cachedString,
+			]);
+			return null;
+		}
+
+		return new OutOfOfficeData(
+			$cachedData['id'],
+			$user,
+			$cachedData['startDate'],
+			$cachedData['endDate'],
+			$cachedData['shortMessage'],
+			$cachedData['message'],
+		);
+	}
+
+	private function setCachedOutOfOfficeData(IOutOfOfficeData $data): void {
+		try {
+			$cachedString = json_encode([
+				'id' => $data->getId(),
+				'startDate' => $data->getStartDate(),
+				'endDate' => $data->getEndDate(),
+				'shortMessage' => $data->getShortMessage(),
+				'message' => $data->getMessage(),
+			], JSON_THROW_ON_ERROR);
+		} catch (JsonException $e) {
+			$this->logger->error('Failed to serialize out-of-office data: ' . $e->getMessage(), [
+				'exception' => $e,
+			]);
+			return;
+		}
+
+		$this->cache->set($data->getUser()->getUID(), $cachedString, 300);
+	}
+
+	public function getCurrentOutOfOfficeData(IUser $user): ?IOutOfOfficeData {
+		$cachedData = $this->getCachedOutOfOfficeData($user);
+		if ($cachedData !== null) {
+			return $cachedData;
+		}
+
+		try {
+			$absenceData = $this->absenceMapper->findByUserId($user->getUID());
+		} catch (DoesNotExistException $e) {
+			return null;
+		}
+
+		$data = $absenceData->toOutOufOfficeData($user);
+		$this->setCachedOutOfOfficeData($data);
+		return $data;
+	}
+}
diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php
index fb1afb65825..8ec8ef0c4be 100644
--- a/lib/private/User/Manager.php
+++ b/lib/private/User/Manager.php
@@ -52,6 +52,7 @@ use OCP\User\Backend\IGetRealUIDBackend;
 use OCP\User\Backend\ISearchKnownUsersBackend;
 use OCP\User\Backend\ICheckPasswordBackend;
 use OCP\User\Backend\ICountUsersBackend;
+use OCP\User\Backend\IProvideEnabledStateBackend;
 use OCP\User\Events\BeforeUserCreatedEvent;
 use OCP\User\Events\UserCreatedEvent;
 use OCP\UserInterface;
@@ -338,6 +339,35 @@ class Manager extends PublicEmitter implements IUserManager {
 	}
 
 	/**
+	 * @return IUser[]
+	 */
+	public function getDisabledUsers(?int $limit = null, int $offset = 0): array {
+		$users = $this->config->getUsersForUserValue('core', 'enabled', 'false');
+		$users = array_combine(
+			$users,
+			array_map(
+				fn (string $uid): IUser => new LazyUser($uid, $this),
+				$users
+			)
+		);
+
+		$tempLimit = ($limit === null ? null : $limit + $offset);
+		foreach ($this->backends as $backend) {
+			if (($tempLimit !== null) && (count($users) >= $tempLimit)) {
+				break;
+			}
+			if ($backend instanceof IProvideEnabledStateBackend) {
+				$backendUsers = $backend->getDisabledUserList(($tempLimit === null ? null : $tempLimit - count($users)));
+				foreach ($backendUsers as $uid) {
+					$users[$uid] = new LazyUser($uid, $this, null, $backend);
+				}
+			}
+		}
+
+		return array_slice($users, $offset, $limit);
+	}
+
+	/**
 	 * Search known users (from phonebook sync) by displayName
 	 *
 	 * @param string $searcher
diff --git a/lib/private/User/OutOfOfficeData.php b/lib/private/User/OutOfOfficeData.php
new file mode 100644
index 00000000000..12b7e03a0ae
--- /dev/null
+++ b/lib/private/User/OutOfOfficeData.php
@@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2023 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2023 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OC\User;
+
+use OCP\IUser;
+use OCP\User\IOutOfOfficeData;
+
+class OutOfOfficeData implements IOutOfOfficeData {
+	public function __construct(private string $id,
+		private IUser $user,
+		private int $startDate,
+		private int $endDate,
+		private string $shortMessage,
+		private string $message) {
+	}
+
+	public function getId(): string {
+		return $this->id;
+	}
+
+	public function getUser(): IUser {
+		return $this->user;
+	}
+
+	public function getStartDate(): int {
+		return $this->startDate;
+	}
+
+	public function getEndDate(): int {
+		return $this->endDate;
+	}
+
+	public function getShortMessage(): string {
+		return $this->shortMessage;
+	}
+
+	public function getMessage(): string {
+		return $this->message;
+	}
+}
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 82887f8d029..f8578ee616c 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -783,6 +783,11 @@ class Session implements IUserSession, Emitter {
 		try {
 			$dbToken = $this->tokenProvider->getToken($token);
 		} catch (InvalidTokenException $ex) {
+			$this->logger->debug('Session token is invalid because it does not exist', [
+				'app' => 'core',
+				'user' => $user,
+				'exception' => $ex,
+			]);
 			return false;
 		}
 
@@ -794,12 +799,18 @@ class Session implements IUserSession, Emitter {
 			$this->logger->error('App token login name does not match', [
 				'tokenLoginName' => $dbToken->getLoginName(),
 				'sessionLoginName' => $user,
+				'app' => 'core',
+				'user' => $dbToken->getUID(),
 			]);
 
 			return false;
 		}
 
 		if (!$this->checkTokenCredentials($dbToken, $token)) {
+			$this->logger->warning('Session token credentials are invalid', [
+				'app' => 'core',
+				'user' => $user,
+			]);
 			return false;
 		}
 
@@ -875,9 +886,9 @@ class Session implements IUserSession, Emitter {
 		$tokens = $this->config->getUserKeys($uid, 'login_token');
 		// test cookies token against stored tokens
 		if (!in_array($currentToken, $tokens, true)) {
-			$this->logger->info('Tried to log in {uid} but could not verify token', [
+			$this->logger->info('Tried to log in but could not verify token', [
 				'app' => 'core',
-				'uid' => $uid,
+				'user' => $uid,
 			]);
 			return false;
 		}
@@ -885,18 +896,31 @@ class Session implements IUserSession, Emitter {
 		$this->config->deleteUserValue($uid, 'login_token', $currentToken);
 		$newToken = $this->random->generate(32);
 		$this->config->setUserValue($uid, 'login_token', $newToken, (string)$this->timeFactory->getTime());
+		$this->logger->debug('Remember-me token replaced', [
+			'app' => 'core',
+			'user' => $uid,
+		]);
 
 		try {
 			$sessionId = $this->session->getId();
 			$token = $this->tokenProvider->renewSessionToken($oldSessionId, $sessionId);
+			$this->logger->debug('Session token replaced', [
+				'app' => 'core',
+				'user' => $uid,
+			]);
 		} catch (SessionNotAvailableException $ex) {
-			$this->logger->warning('Could not renew session token for {uid} because the session is unavailable', [
+			$this->logger->critical('Could not renew session token for {uid} because the session is unavailable', [
 				'app' => 'core',
 				'uid' => $uid,
+				'user' => $uid,
 			]);
 			return false;
 		} catch (InvalidTokenException $ex) {
-			$this->logger->warning('Renewing session token failed', ['app' => 'core']);
+			$this->logger->error('Renewing session token failed: ' . $ex->getMessage(), [
+				'app' => 'core',
+				'user' => $uid,
+				'exception' => $ex,
+			]);
 			return false;
 		}
 
@@ -935,10 +959,17 @@ class Session implements IUserSession, Emitter {
 		$this->manager->emit('\OC\User', 'logout', [$user]);
 		if ($user !== null) {
 			try {
-				$this->tokenProvider->invalidateToken($this->session->getId());
+				$token = $this->session->getId();
+				$this->tokenProvider->invalidateToken($token);
+				$this->logger->debug('Session token invalidated before logout', [
+					'user' => $user->getUID(),
+				]);
 			} catch (SessionNotAvailableException $ex) {
 			}
 		}
+		$this->logger->debug('Logging out', [
+			'user' => $user === null ? null : $user->getUID(),
+		]);
 		$this->setUser(null);
 		$this->setLoginName(null);
 		$this->setToken(null);
diff --git a/lib/private/User/User.php b/lib/private/User/User.php
index 3362367fff1..c62d14d9450 100644
--- a/lib/private/User/User.php
+++ b/lib/private/User/User.php
@@ -597,7 +597,7 @@ class User implements IUser {
 	public function getCloudId() {
 		$uid = $this->getUID();
 		$server = rtrim($this->urlGenerator->getAbsoluteURL('/'), '/');
-		if (substr($server, -10) === '/index.php') {
+		if (str_ends_with($server, '/index.php')) {
 			$server = substr($server, 0, -10);
 		}
 		$server = $this->removeProtocolFromUrl($server);