aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/legacy/OC_User.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/legacy/OC_User.php')
-rw-r--r--lib/private/legacy/OC_User.php137
1 files changed, 61 insertions, 76 deletions
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php
index d2dc2a2389f..e5343864c45 100644
--- a/lib/private/legacy/OC_User.php
+++ b/lib/private/legacy/OC_User.php
@@ -1,44 +1,22 @@
<?php
+
/**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- *
- * @author Aldo "xoen" Giambelluca <xoen@xoen.org>
- * @author Andreas Fischer <bantu@owncloud.com>
- * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
- * @author Bartek Przybylski <bart.p.pl@gmail.com>
- * @author Björn Schießle <bjoern@schiessle.org>
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Georg Ehrke <oc.list@georgehrke.com>
- * @author Jakob Sack <mail@jakobsack.de>
- * @author Jörn Friedrich Dreyer <jfd@butonic.de>
- * @author Lukas Reschke <lukas@statuscode.ch>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Robin Appelman <robin@icewind.nl>
- * @author Robin McCorkell <robin@mccorkell.me.uk>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- * @author shkdee <louis.traynard@m4x.org>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- * @author Vincent Petry <vincent@nextcloud.com>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
*/
-
-use OC\User\LoginException;
+use OC\Authentication\Token\IProvider;
+use OC\User\DisabledUserException;
+use OCP\Authentication\Exceptions\InvalidTokenException;
+use OCP\Authentication\Exceptions\WipeTokenException;
+use OCP\Authentication\Token\IToken;
use OCP\EventDispatcher\IEventDispatcher;
+use OCP\IGroupManager;
+use OCP\ISession;
+use OCP\IUser;
use OCP\IUserManager;
+use OCP\Server;
+use OCP\Session\Exceptions\SessionNotAvailableException;
use OCP\User\Events\BeforeUserLoggedInEvent;
use OCP\User\Events\UserLoggedInEvent;
use Psr\Log\LoggerInterface;
@@ -62,8 +40,6 @@ use Psr\Log\LoggerInterface;
* logout()
*/
class OC_User {
- private static $_usedBackends = [];
-
private static $_setupedBackends = [];
// bool, stores if a user want to access a resource anonymously, e.g if they open a public link
@@ -74,17 +50,16 @@ class OC_User {
*
* @param string|\OCP\UserInterface $backend default: database The backend to use for user management
* @return bool
+ * @deprecated 32.0.0 Use IUserManager::registerBackend instead
*
* Set the User Authentication Module
- * @suppress PhanDeprecatedFunction
*/
public static function useBackend($backend = 'database') {
if ($backend instanceof \OCP\UserInterface) {
- self::$_usedBackends[get_class($backend)] = $backend;
- \OC::$server->getUserManager()->registerBackend($backend);
+ Server::get(IUserManager::class)->registerBackend($backend);
} else {
// You'll never know what happens
- if (null === $backend or !is_string($backend)) {
+ if ($backend === null or !is_string($backend)) {
$backend = 'database';
}
@@ -93,19 +68,16 @@ class OC_User {
case 'database':
case 'mysql':
case 'sqlite':
- \OCP\Server::get(LoggerInterface::class)->debug('Adding user backend ' . $backend . '.', ['app' => 'core']);
- self::$_usedBackends[$backend] = new \OC\User\Database();
- \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
+ Server::get(LoggerInterface::class)->debug('Adding user backend ' . $backend . '.', ['app' => 'core']);
+ Server::get(IUserManager::class)->registerBackend(new \OC\User\Database());
break;
case 'dummy':
- self::$_usedBackends[$backend] = new \Test\Util\User\Dummy();
- \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
+ Server::get(IUserManager::class)->registerBackend(new \Test\Util\User\Dummy());
break;
default:
- \OCP\Server::get(LoggerInterface::class)->debug('Adding default user backend ' . $backend . '.', ['app' => 'core']);
+ Server::get(LoggerInterface::class)->debug('Adding default user backend ' . $backend . '.', ['app' => 'core']);
$className = 'OC_USER_' . strtoupper($backend);
- self::$_usedBackends[$backend] = new $className();
- \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
+ Server::get(IUserManager::class)->registerBackend(new $className());
break;
}
}
@@ -114,10 +86,10 @@ class OC_User {
/**
* remove all used backends
+ * @deprecated 32.0.0 Use IUserManager::clearBackends instead
*/
public static function clearBackends() {
- self::$_usedBackends = [];
- \OC::$server->getUserManager()->clearBackends();
+ Server::get(IUserManager::class)->clearBackends();
}
/**
@@ -147,10 +119,10 @@ class OC_User {
self::useBackend($backend);
self::$_setupedBackends[] = $i;
} else {
- \OCP\Server::get(LoggerInterface::class)->debug('User backend ' . $class . ' already initialized.', ['app' => 'core']);
+ Server::get(LoggerInterface::class)->debug('User backend ' . $class . ' already initialized.', ['app' => 'core']);
}
} else {
- \OCP\Server::get(LoggerInterface::class)->error('User backend ' . $class . ' not found.', ['app' => 'core']);
+ Server::get(LoggerInterface::class)->error('User backend ' . $class . ' not found.', ['app' => 'core']);
}
}
}
@@ -167,7 +139,7 @@ class OC_User {
public static function loginWithApache(\OCP\Authentication\IApacheBackend $backend) {
$uid = $backend->getCurrentUserId();
$run = true;
- OC_Hook::emit("OC_User", "pre_login", ["run" => &$run, "uid" => $uid, 'backend' => $backend]);
+ OC_Hook::emit('OC_User', 'pre_login', ['run' => &$run, 'uid' => $uid, 'backend' => $backend]);
if ($uid) {
if (self::getUser() !== $uid) {
@@ -178,8 +150,8 @@ class OC_User {
$dispatcher = \OC::$server->get(IEventDispatcher::class);
if ($userSession->getUser() && !$userSession->getUser()->isEnabled()) {
- $message = \OC::$server->getL10N('lib')->t('User disabled');
- throw new LoginException($message);
+ $message = \OC::$server->getL10N('lib')->t('Account disabled');
+ throw new DisabledUserException($message);
}
$userSession->setLoginName($uid);
$request = OC::$server->getRequest();
@@ -193,6 +165,22 @@ class OC_User {
$userSession->createSessionToken($request, $uid, $uid, $password);
$userSession->createRememberMeToken($userSession->getUser());
+
+ if (empty($password)) {
+ $tokenProvider = \OC::$server->get(IProvider::class);
+ try {
+ $token = $tokenProvider->getToken($userSession->getSession()->getId());
+ $token->setScope([
+ IToken::SCOPE_SKIP_PASSWORD_VALIDATION => true,
+ IToken::SCOPE_FILESYSTEM => true,
+ ]);
+ $tokenProvider->updateToken($token);
+ } catch (InvalidTokenException|WipeTokenException|SessionNotAvailableException) {
+ // swallow the exceptions as we do not deal with them here
+ // simply skip updating the token when is it missing
+ }
+ }
+
// setup the filesystem
OC_Util::setupFS($uid);
// first call the post_login hooks, the login-process needs to be
@@ -227,9 +215,9 @@ class OC_User {
* Verify with Apache whether user is authenticated.
*
* @return boolean|null
- * true: authenticated
- * false: not authenticated
- * null: not handled / no backend available
+ * true: authenticated
+ * false: not authenticated
+ * null: not handled / no backend available
*/
public static function handleApacheAuth() {
$backend = self::findFirstActiveUsedBackend();
@@ -254,7 +242,7 @@ class OC_User {
*/
public static function setUserId($uid) {
$userSession = \OC::$server->getUserSession();
- $userManager = \OC::$server->getUserManager();
+ $userManager = Server::get(IUserManager::class);
if ($user = $userManager->get($uid)) {
$userSession->setUser($user);
} else {
@@ -265,7 +253,7 @@ class OC_User {
/**
* Check if the user is logged in, considers also the HTTP basic credentials
*
- * @deprecated use \OC::$server->getUserSession()->isLoggedIn()
+ * @deprecated 12.0.0 use \OC::$server->getUserSession()->isLoggedIn()
* @return bool
*/
public static function isLoggedIn() {
@@ -303,7 +291,7 @@ class OC_User {
}
$user = \OC::$server->getUserSession()->getUser();
- if ($user instanceof \OCP\IUser) {
+ if ($user instanceof IUser) {
$backend = $user->getBackend();
if ($backend instanceof \OCP\User\Backend\ICustomLogout) {
return $backend->getLogoutUrl();
@@ -323,12 +311,9 @@ class OC_User {
* @return bool
*/
public static function isAdminUser($uid) {
- $group = \OC::$server->getGroupManager()->get('admin');
- $user = \OC::$server->getUserManager()->get($uid);
- if ($group && $user && $group->inGroup($user) && self::$incognitoMode === false) {
- return true;
- }
- return false;
+ $user = Server::get(IUserManager::class)->get($uid);
+ $isAdmin = $user && Server::get(IGroupManager::class)->isAdmin($user->getUID());
+ return $isAdmin && self::$incognitoMode === false;
}
@@ -338,7 +323,7 @@ class OC_User {
* @return string|false uid or false
*/
public static function getUser() {
- $uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
+ $uid = Server::get(ISession::class)?->get('user_id');
if (!is_null($uid) && self::$incognitoMode === false) {
return $uid;
} else {
@@ -357,7 +342,7 @@ class OC_User {
* Change the password of a user
*/
public static function setPassword($uid, $password, $recoveryPassword = null) {
- $user = \OC::$server->getUserManager()->get($uid);
+ $user = Server::get(IUserManager::class)->get($uid);
if ($user) {
return $user->setPassword($password, $recoveryPassword);
} else {
@@ -370,10 +355,10 @@ class OC_User {
* @return string
*
* returns the path to the users home directory
- * @deprecated Use \OC::$server->getUserManager->getHome()
+ * @deprecated 12.0.0 Use \OC::$server->getUserManager->getHome()
*/
public static function getHome($uid) {
- $user = \OC::$server->getUserManager()->get($uid);
+ $user = Server::get(IUserManager::class)->get($uid);
if ($user) {
return $user->getHome();
} else {
@@ -390,11 +375,11 @@ class OC_User {
* @return array associative array with all display names (value) and corresponding uids (key)
*
* Get a list of all display names and user ids.
- * @deprecated Use \OC::$server->getUserManager->searchDisplayName($search, $limit, $offset) instead.
+ * @deprecated 12.0.0 Use \OC::$server->getUserManager->searchDisplayName($search, $limit, $offset) instead.
*/
public static function getDisplayNames($search = '', $limit = null, $offset = null) {
$displayNames = [];
- $users = \OC::$server->getUserManager()->searchDisplayName($search, $limit, $offset);
+ $users = Server::get(IUserManager::class)->searchDisplayName($search, $limit, $offset);
foreach ($users as $user) {
$displayNames[$user->getUID()] = $user->getDisplayName();
}
@@ -407,7 +392,7 @@ class OC_User {
* @return OCP\Authentication\IApacheBackend|null if no backend active, otherwise OCP\Authentication\IApacheBackend
*/
private static function findFirstActiveUsedBackend() {
- foreach (self::$_usedBackends as $backend) {
+ foreach (Server::get(IUserManager::class)->getBackends() as $backend) {
if ($backend instanceof OCP\Authentication\IApacheBackend) {
if ($backend->isSessionActive()) {
return $backend;
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-16 05:27:36 +0000