diff --git a/core/Command/User/Add.php b/core/Command/User/Add.php index 5e8ab92070d77..b670756c7aef1 100644 --- a/core/Command/User/Add.php +++ b/core/Command/User/Add.php @@ -25,11 +25,18 @@ */ namespace OC\Core\Command\User; +use Egulias\EmailValidator\EmailValidator; +use Egulias\EmailValidator\Validation\RFCValidation; use OC\Files\Filesystem; +use OCA\Settings\Mailer\NewUserMailHelper; +use OCP\EventDispatcher\IEventDispatcher; +use OCP\IConfig; use OCP\IGroup; use OCP\IGroupManager; use OCP\IUser; use OCP\IUserManager; +use OCP\Security\Events\GenerateSecurePasswordEvent; +use OCP\Security\ISecureRandom; use Symfony\Component\Console\Command\Command; use Symfony\Component\Console\Helper\QuestionHelper; use Symfony\Component\Console\Input\InputArgument; @@ -39,11 +46,63 @@ use Symfony\Component\Console\Question\Question; class Add extends Command { + /** + * @var IUserManager + */ + protected $userManager; + + /** + * @var IGroupManager + */ + protected $groupManager; + + /** + * @var EmailValidator + */ + protected $emailValidator; + + /** + * @var IConfig + */ + private $config; + + /** + * @var NewUserMailHelper + */ + private $mailHelper; + + /** + * @var IEventDispatcher + */ + private $eventDispatcher; + + /** + * @var ISecureRandom + */ + private $secureRandom; + + /** + * @param IUserManager $userManager + * @param IGroupManager $groupManager + * @param EmailValidator $emailValidator + */ public function __construct( - protected IUserManager $userManager, - protected IGroupManager $groupManager, + IUserManager $userManager, + IGroupManager $groupManager, + EmailValidator $emailValidator, + IConfig $config, + NewUserMailHelper $mailHelper, + IEventDispatcher $eventDispatcher, + ISecureRandom $secureRandom ) { parent::__construct(); + $this->userManager = $userManager; + $this->groupManager = $groupManager; + $this->emailValidator = $emailValidator; + $this->config = $config; + $this->mailHelper = $mailHelper; + $this->eventDispatcher = $eventDispatcher; + $this->secureRandom = $secureRandom; } protected function configure() { @@ -72,11 +131,22 @@ protected function configure() { 'g', InputOption::VALUE_OPTIONAL | InputOption::VALUE_IS_ARRAY, 'groups the user should be added to (The group will be created if it does not exist)' + ) + ->addOption( + 'email', + null, + InputOption::VALUE_REQUIRED, + 'When set, users may register using the default E-Mail verification workflow' ); } protected function execute(InputInterface $input, OutputInterface $output): int { $uid = $input->getArgument('uid'); + $emailIsSet = \is_string($input->getOption('email')) && \mb_strlen($input->getOption('email')) > 0; + $emailIsValid = $this->emailValidator->isValid($input->getOption('email') ?? '', new RFCValidation()); + $password = ''; + $temporaryPassword = ''; + if ($this->userManager->userExists($uid)) { $output->writeln('The user "' . $uid . '" already exists.'); return 1; @@ -84,6 +154,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int if ($input->getOption('password-from-env')) { $password = getenv('OC_PASS'); + if (!$password) { $output->writeln('--password-from-env given, but OC_PASS is empty!'); return 1; @@ -109,17 +180,32 @@ protected function execute(InputInterface $input, OutputInterface $output): int return 1; } + if (trim($password) === '' && $emailIsSet) { + if ($emailIsValid) { + $output->writeln('Setting a temporary password.'); + + $temporaryPassword = $this->getTemporaryPassword(); + } else { + $output->writeln(\sprintf( + 'The given E-Mail address "%s" is invalid: %s', + $input->getOption('email'), + $this->emailValidator->getError()->description() + )); + + return 1; + } + } + try { $user = $this->userManager->createUser( $input->getArgument('uid'), - $password + $password ?: $temporaryPassword ); } catch (\Exception $e) { $output->writeln('' . $e->getMessage() . ''); return 1; } - if ($user instanceof IUser) { $output->writeln('The user "' . $user->getUID() . '" was created successfully'); } else { @@ -129,7 +215,24 @@ protected function execute(InputInterface $input, OutputInterface $output): int if ($input->getOption('display-name')) { $user->setDisplayName($input->getOption('display-name')); - $output->writeln('Display name set to "' . $user->getDisplayName() . '"'); + $output->writeln(sprintf('Display name set to "%s"', $user->getDisplayName())); + } + + if ($emailIsSet && $emailIsValid) { + $user->setSystemEMailAddress($input->getOption('email')); + $output->writeln(sprintf('E-Mail set to "%s"', (string) $user->getSystemEMailAddress())); + + if (trim($password) === '' && $this->config->getAppValue('core', 'newUser.sendEmail', 'yes') === 'yes') { + try { + $this->mailHelper->sendMail( + $user, + $this->mailHelper->generateTemplate($user, true) + ); + $output->writeln('Invitation E-Mail sent.'); + } catch (\Exception $e) { + $output->writeln(\sprintf('Unable to send the invitation mail to %s', $user->getEMailAddress())); + } + } } $groups = $input->getOption('group'); @@ -156,4 +259,16 @@ protected function execute(InputInterface $input, OutputInterface $output): int } return 0; } + + /** + * @return string + */ + protected function getTemporaryPassword(): string + { + $passwordEvent = new GenerateSecurePasswordEvent(); + + $this->eventDispatcher->dispatchTyped($passwordEvent); + + return $passwordEvent->getPassword() ?? $this->secureRandom->generate(20); + } } diff --git a/core/register_command.php b/core/register_command.php index d9e5dfcd775eb..fe6f78458337a 100644 --- a/core/register_command.php +++ b/core/register_command.php @@ -48,6 +48,7 @@ * along with this program. If not, see * */ + use Psr\Log\LoggerInterface; $application->add(new \Stecman\Component\Symfony\Console\BashCompletion\CompletionCommand()); @@ -182,7 +183,7 @@ $application->add(\OC::$server->query(\OC\Core\Command\Preview\Repair::class)); $application->add(\OC::$server->query(\OC\Core\Command\Preview\ResetRenderedTexts::class)); - $application->add(new OC\Core\Command\User\Add(\OC::$server->getUserManager(), \OC::$server->getGroupManager())); + $application->add(new OC\Core\Command\User\Add(\OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->get(Egulias\EmailValidator\EmailValidator::class), \OC::$server->get(\OC\AllConfig::class), \OC::$server->get(\OCA\Settings\Mailer\NewUserMailHelper::class), \OC::$server->get(\OCP\EventDispatcher\IEventDispatcher::class), \OC::$server->get(\OCP\Security\ISecureRandom::class))); $application->add(new OC\Core\Command\User\Delete(\OC::$server->getUserManager())); $application->add(new OC\Core\Command\User\Disable(\OC::$server->getUserManager())); $application->add(new OC\Core\Command\User\Enable(\OC::$server->getUserManager())); diff --git a/tests/Core/Command/User/AddTest.php b/tests/Core/Command/User/AddTest.php new file mode 100644 index 0000000000000..1445e3cfec6b2 --- /dev/null +++ b/tests/Core/Command/User/AddTest.php @@ -0,0 +1,126 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +declare(strict_types=1); + +namespace Core\Command\User; + +use Egulias\EmailValidator\EmailValidator; +use OC\Core\Command\User\Add; +use OCA\Settings\Mailer\NewUserMailHelper; +use OCP\EventDispatcher\IEventDispatcher; +use OCP\IConfig; +use OCP\IGroupManager; +use OCP\IUser; +use OCP\IUserManager; +use OCP\Mail\IEMailTemplate; +use OCP\Security\ISecureRandom; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Output\OutputInterface; +use Test\TestCase; + +class AddTest extends TestCase { + + /** + * @dataProvider addEmailDataProvider + */ + public function testAddEmail(?string $email, bool $isValid, bool $shouldSendMail): void { + $userManager = static::createMock(IUserManager::class); + $groupManager = static::createStub(IGroupManager::class); + $user = static::createMock(IUser::class); + $config = static::createMock(IConfig::class); + $mailHelper = static::createMock(NewUserMailHelper::class); + $eventDispatcher = static::createStub(IEventDispatcher::class); + $secureRandom = static::createStub(ISecureRandom::class); + + $consoleInput = static::createMock(InputInterface::class); + $consoleOutput = static::createMock(OutputInterface::class); + + $user->expects($isValid ? static::once() : static::never()) + ->method('setSystemEMailAddress') + ->with(static::equalTo($email)); + + $userManager->method('createUser') + ->willReturn($user); + + $config->method('getAppValue') + ->willReturn($shouldSendMail ? 'yes' : 'no'); + + $mailHelper->method('generateTemplate') + ->willReturn(static::createMock(IEMailTemplate::class)); + + $mailHelper->expects($isValid && $shouldSendMail ? static::once() : static::never()) + ->method('sendMail'); + + $consoleInput->method('getOption') + ->will(static::returnValueMap([ + ['password-from-env', ''], + ['email', $email], + ['group', []], + ])); + + $addCommand = new Add( + $userManager, + $groupManager, + new EmailValidator(), + $config, + $mailHelper, + $eventDispatcher, + $secureRandom + ); + + $this->invokePrivate($addCommand, 'execute', [ + $consoleInput, + $consoleOutput + ]); + } + + /** + * @return \Generator + */ + public function addEmailDataProvider(): \Generator { + yield 'Valid E-Mail' => [ + 'info@example.com', + true, + true, + ]; + + yield 'Invalid E-Mail' => [ + 'info@@example.com', + false, + true, + ]; + + yield 'No E-Mail' => [ + '', + false, + true, + ]; + + yield 'Valid E-Mail, but no mail should be sent' => [ + 'info@example.com', + true, + false, + ]; + } +}