nextcloud / server

lib/private/Group/MetaData.php

Indentation +171 added lines, -171 removed lines

@@ -35,175 +35,175 @@
 use OCP\IUserSession;
 
 class MetaData {
-	public const SORT_NONE = 0;
-	public const SORT_USERCOUNT = 1; // May have performance issues on LDAP backends
-	public const SORT_GROUPNAME = 2;
-
-	/** @var string */
-	protected $user;
-	/** @var bool */
-	protected $isAdmin;
-	/** @var array */
-	protected $metaData = [];
-	/** @var GroupManager */
-	protected $groupManager;
-	/** @var bool */
-	protected $sorting = false;
-	/** @var IUserSession */
-	protected $userSession;
-
-	/**
-	 * @param string $user the uid of the current user
-	 * @param bool $isAdmin whether the current users is an admin
-	 * @param IGroupManager $groupManager
-	 * @param IUserSession $userSession
-	 */
-	public function __construct(
-			$user,
-			$isAdmin,
-			IGroupManager $groupManager,
-			IUserSession $userSession
-			) {
-		$this->user = $user;
-		$this->isAdmin = (bool)$isAdmin;
-		$this->groupManager = $groupManager;
-		$this->userSession = $userSession;
-	}
-
-	/**
-	 * returns an array with meta data about all available groups
-	 * the array is structured as follows:
-	 * [0] array containing meta data about admin groups
-	 * [1] array containing meta data about unprivileged groups
-	 * @param string $groupSearch only effective when instance was created with
-	 * isAdmin being true
-	 * @param string $userSearch the pattern users are search for
-	 * @return array
-	 */
-	public function get($groupSearch = '', $userSearch = '') {
-		$key = $groupSearch . '::' . $userSearch;
-		if (isset($this->metaData[$key])) {
-			return $this->metaData[$key];
-		}
-
-		$adminGroups = [];
-		$groups = [];
-		$sortGroupsIndex = 0;
-		$sortGroupsKeys = [];
-		$sortAdminGroupsIndex = 0;
-		$sortAdminGroupsKeys = [];
-
-		foreach ($this->getGroups($groupSearch) as $group) {
-			$groupMetaData = $this->generateGroupMetaData($group, $userSearch);
-			if (strtolower($group->getGID()) !== 'admin') {
-				$this->addEntry(
-					$groups,
-					$sortGroupsKeys,
-					$sortGroupsIndex,
-					$groupMetaData);
-			} else {
-				//admin group is hard coded to 'admin' for now. In future,
-				//backends may define admin groups too. Then the if statement
-				//has to be adjusted accordingly.
-				$this->addEntry(
-					$adminGroups,
-					$sortAdminGroupsKeys,
-					$sortAdminGroupsIndex,
-					$groupMetaData);
-			}
-		}
-
-		//whether sorting is necessary is will be checked in sort()
-		$this->sort($groups, $sortGroupsKeys);
-		$this->sort($adminGroups, $sortAdminGroupsKeys);
-
-		$this->metaData[$key] = [$adminGroups, $groups];
-		return $this->metaData[$key];
-	}
-
-	/**
-	 * sets the sort mode, see SORT_* constants for supported modes
-	 *
-	 * @param int $sortMode
-	 */
-	public function setSorting($sortMode) {
-		switch ($sortMode) {
-			case self::SORT_USERCOUNT:
-			case self::SORT_GROUPNAME:
-				$this->sorting = $sortMode;
-				break;
-
-			default:
-				$this->sorting = self::SORT_NONE;
-		}
-	}
-
-	/**
-	 * adds an group entry to the resulting array
-	 * @param array $entries the resulting array, by reference
-	 * @param array $sortKeys the sort key array, by reference
-	 * @param int $sortIndex the sort key index, by reference
-	 * @param array $data the group's meta data as returned by generateGroupMetaData()
-	 */
-	private function addEntry(&$entries, &$sortKeys, &$sortIndex, $data) {
-		$entries[] = $data;
-		if ($this->sorting === self::SORT_USERCOUNT) {
-			$sortKeys[$sortIndex] = $data['usercount'];
-			$sortIndex++;
-		} elseif ($this->sorting === self::SORT_GROUPNAME) {
-			$sortKeys[$sortIndex] = $data['name'];
-			$sortIndex++;
-		}
-	}
-
-	/**
-	 * creates an array containing the group meta data
-	 * @param \OCP\IGroup $group
-	 * @param string $userSearch
-	 * @return array with the keys 'id', 'name', 'usercount' and 'disabled'
-	 */
-	private function generateGroupMetaData(\OCP\IGroup $group, $userSearch) {
-		return [
-			'id' => $group->getGID(),
-			'name' => $group->getDisplayName(),
-			'usercount' => $this->sorting === self::SORT_USERCOUNT ? $group->count($userSearch) : 0,
-			'disabled' => $group->countDisabled(),
-			'canAdd' => $group->canAddUser(),
-			'canRemove' => $group->canRemoveUser(),
-		];
-	}
-
-	/**
-	 * sorts the result array, if applicable
-	 * @param array $entries the result array, by reference
-	 * @param array $sortKeys the array containing the sort keys
-	 * @param return null
-	 */
-	private function sort(&$entries, $sortKeys) {
-		if ($this->sorting === self::SORT_USERCOUNT) {
-			array_multisort($sortKeys, SORT_DESC, $entries);
-		} elseif ($this->sorting === self::SORT_GROUPNAME) {
-			array_multisort($sortKeys, SORT_ASC, $entries);
-		}
-	}
-
-	/**
-	 * returns the available groups
-	 * @param string $search a search string
-	 * @return \OCP\IGroup[]
-	 */
-	public function getGroups($search = '') {
-		if ($this->isAdmin) {
-			return $this->groupManager->search($search);
-		} else {
-			$userObject = $this->userSession->getUser();
-			if ($userObject !== null) {
-				$groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($userObject);
-			} else {
-				$groups = [];
-			}
-
-			return $groups;
-		}
-	}
+    public const SORT_NONE = 0;
+    public const SORT_USERCOUNT = 1; // May have performance issues on LDAP backends
+    public const SORT_GROUPNAME = 2;
+
+    /** @var string */
+    protected $user;
+    /** @var bool */
+    protected $isAdmin;
+    /** @var array */
+    protected $metaData = [];
+    /** @var GroupManager */
+    protected $groupManager;
+    /** @var bool */
+    protected $sorting = false;
+    /** @var IUserSession */
+    protected $userSession;
+
+    /**
+     * @param string $user the uid of the current user
+     * @param bool $isAdmin whether the current users is an admin
+     * @param IGroupManager $groupManager
+     * @param IUserSession $userSession
+     */
+    public function __construct(
+            $user,
+            $isAdmin,
+            IGroupManager $groupManager,
+            IUserSession $userSession
+            ) {
+        $this->user = $user;
+        $this->isAdmin = (bool)$isAdmin;
+        $this->groupManager = $groupManager;
+        $this->userSession = $userSession;
+    }
+
+    /**
+     * returns an array with meta data about all available groups
+     * the array is structured as follows:
+     * [0] array containing meta data about admin groups
+     * [1] array containing meta data about unprivileged groups
+     * @param string $groupSearch only effective when instance was created with
+     * isAdmin being true
+     * @param string $userSearch the pattern users are search for
+     * @return array
+     */
+    public function get($groupSearch = '', $userSearch = '') {
+        $key = $groupSearch . '::' . $userSearch;
+        if (isset($this->metaData[$key])) {
+            return $this->metaData[$key];
+        }
+
+        $adminGroups = [];
+        $groups = [];
+        $sortGroupsIndex = 0;
+        $sortGroupsKeys = [];
+        $sortAdminGroupsIndex = 0;
+        $sortAdminGroupsKeys = [];
+
+        foreach ($this->getGroups($groupSearch) as $group) {
+            $groupMetaData = $this->generateGroupMetaData($group, $userSearch);
+            if (strtolower($group->getGID()) !== 'admin') {
+                $this->addEntry(
+                    $groups,
+                    $sortGroupsKeys,
+                    $sortGroupsIndex,
+                    $groupMetaData);
+            } else {
+                //admin group is hard coded to 'admin' for now. In future,
+                //backends may define admin groups too. Then the if statement
+                //has to be adjusted accordingly.
+                $this->addEntry(
+                    $adminGroups,
+                    $sortAdminGroupsKeys,
+                    $sortAdminGroupsIndex,
+                    $groupMetaData);
+            }
+        }
+
+        //whether sorting is necessary is will be checked in sort()
+        $this->sort($groups, $sortGroupsKeys);
+        $this->sort($adminGroups, $sortAdminGroupsKeys);
+
+        $this->metaData[$key] = [$adminGroups, $groups];
+        return $this->metaData[$key];
+    }
+
+    /**
+     * sets the sort mode, see SORT_* constants for supported modes
+     *
+     * @param int $sortMode
+     */
+    public function setSorting($sortMode) {
+        switch ($sortMode) {
+            case self::SORT_USERCOUNT:
+            case self::SORT_GROUPNAME:
+                $this->sorting = $sortMode;
+                break;
+
+            default:
+                $this->sorting = self::SORT_NONE;
+        }
+    }
+
+    /**
+     * adds an group entry to the resulting array
+     * @param array $entries the resulting array, by reference
+     * @param array $sortKeys the sort key array, by reference
+     * @param int $sortIndex the sort key index, by reference
+     * @param array $data the group's meta data as returned by generateGroupMetaData()
+     */
+    private function addEntry(&$entries, &$sortKeys, &$sortIndex, $data) {
+        $entries[] = $data;
+        if ($this->sorting === self::SORT_USERCOUNT) {
+            $sortKeys[$sortIndex] = $data['usercount'];
+            $sortIndex++;
+        } elseif ($this->sorting === self::SORT_GROUPNAME) {
+            $sortKeys[$sortIndex] = $data['name'];
+            $sortIndex++;
+        }
+    }
+
+    /**
+     * creates an array containing the group meta data
+     * @param \OCP\IGroup $group
+     * @param string $userSearch
+     * @return array with the keys 'id', 'name', 'usercount' and 'disabled'
+     */
+    private function generateGroupMetaData(\OCP\IGroup $group, $userSearch) {
+        return [
+            'id' => $group->getGID(),
+            'name' => $group->getDisplayName(),
+            'usercount' => $this->sorting === self::SORT_USERCOUNT ? $group->count($userSearch) : 0,
+            'disabled' => $group->countDisabled(),
+            'canAdd' => $group->canAddUser(),
+            'canRemove' => $group->canRemoveUser(),
+        ];
+    }
+
+    /**
+     * sorts the result array, if applicable
+     * @param array $entries the result array, by reference
+     * @param array $sortKeys the array containing the sort keys
+     * @param return null
+     */
+    private function sort(&$entries, $sortKeys) {
+        if ($this->sorting === self::SORT_USERCOUNT) {
+            array_multisort($sortKeys, SORT_DESC, $entries);
+        } elseif ($this->sorting === self::SORT_GROUPNAME) {
+            array_multisort($sortKeys, SORT_ASC, $entries);
+        }
+    }
+
+    /**
+     * returns the available groups
+     * @param string $search a search string
+     * @return \OCP\IGroup[]
+     */
+    public function getGroups($search = '') {
+        if ($this->isAdmin) {
+            return $this->groupManager->search($search);
+        } else {
+            $userObject = $this->userSession->getUser();
+            if ($userObject !== null) {
+                $groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($userObject);
+            } else {
+                $groups = [];
+            }
+
+            return $groups;
+        }
+    }
 }

apps/settings/lib/Controller/UsersController.php

Indentation +472 added lines, -472 removed lines

@@ -66,476 +66,476 @@
 use function in_array;
 
 class UsersController extends Controller {
-	/** @var UserManager */
-	private $userManager;
-	/** @var GroupManager */
-	private $groupManager;
-	/** @var IUserSession */
-	private $userSession;
-	/** @var IConfig */
-	private $config;
-	/** @var bool */
-	private $isAdmin;
-	/** @var IL10N */
-	private $l10n;
-	/** @var IMailer */
-	private $mailer;
-	/** @var Factory */
-	private $l10nFactory;
-	/** @var IAppManager */
-	private $appManager;
-	/** @var AccountManager */
-	private $accountManager;
-	/** @var Manager */
-	private $keyManager;
-	/** @var IJobList */
-	private $jobList;
-	/** @var IManager */
-	private $encryptionManager;
-	/** @var IEventDispatcher */
-	private $dispatcher;
-
-
-	public function __construct(
-		string $appName,
-		IRequest $request,
-		IUserManager $userManager,
-		IGroupManager $groupManager,
-		IUserSession $userSession,
-		IConfig $config,
-		bool $isAdmin,
-		IL10N $l10n,
-		IMailer $mailer,
-		IFactory $l10nFactory,
-		IAppManager $appManager,
-		AccountManager $accountManager,
-		Manager $keyManager,
-		IJobList $jobList,
-		IManager $encryptionManager,
-		IEventDispatcher $dispatcher
-	) {
-		parent::__construct($appName, $request);
-		$this->userManager = $userManager;
-		$this->groupManager = $groupManager;
-		$this->userSession = $userSession;
-		$this->config = $config;
-		$this->isAdmin = $isAdmin;
-		$this->l10n = $l10n;
-		$this->mailer = $mailer;
-		$this->l10nFactory = $l10nFactory;
-		$this->appManager = $appManager;
-		$this->accountManager = $accountManager;
-		$this->keyManager = $keyManager;
-		$this->jobList = $jobList;
-		$this->encryptionManager = $encryptionManager;
-		$this->dispatcher = $dispatcher;
-	}
-
-
-	/**
-	 * @NoCSRFRequired
-	 * @NoAdminRequired
-	 *
-	 * Display users list template
-	 *
-	 * @return TemplateResponse
-	 */
-	public function usersListByGroup() {
-		return $this->usersList();
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @NoAdminRequired
-	 *
-	 * Display users list template
-	 *
-	 * @return TemplateResponse
-	 */
-	public function usersList() {
-		$user = $this->userSession->getUser();
-		$uid = $user->getUID();
-
-		\OC::$server->getNavigationManager()->setActiveEntry('core_users');
-
-		/* SORT OPTION: SORT_USERCOUNT or SORT_GROUPNAME */
-		$sortGroupsBy = \OC\Group\MetaData::SORT_USERCOUNT;
-		$isLDAPUsed = false;
-		if ($this->config->getSystemValue('sort_groups_by_name', false)) {
-			$sortGroupsBy = \OC\Group\MetaData::SORT_GROUPNAME;
-		} else {
-			if ($this->appManager->isEnabledForUser('user_ldap')) {
-				$isLDAPUsed =
-					$this->groupManager->isBackendUsed('\OCA\User_LDAP\Group_Proxy');
-				if ($isLDAPUsed) {
-					// LDAP user count can be slow, so we sort by group name here
-					$sortGroupsBy = \OC\Group\MetaData::SORT_GROUPNAME;
-				}
-			}
-		}
-
-		$canChangePassword = $this->canAdminChangeUserPasswords();
-
-		/* GROUPS */
-		$groupsInfo = new \OC\Group\MetaData(
-			$uid,
-			$this->isAdmin,
-			$this->groupManager,
-			$this->userSession
-		);
-
-		$groupsInfo->setSorting($sortGroupsBy);
-		list($adminGroup, $groups) = $groupsInfo->get();
-
-		if (!$isLDAPUsed && $this->appManager->isEnabledForUser('user_ldap')) {
-			$isLDAPUsed = (bool)array_reduce($this->userManager->getBackends(), function ($ldapFound, $backend) {
-				return $ldapFound || $backend instanceof User_Proxy;
-			});
-		}
-
-		$disabledUsers = -1;
-		$userCount = 0;
-
-		if (!$isLDAPUsed) {
-			if ($this->isAdmin) {
-				$disabledUsers = $this->userManager->countDisabledUsers();
-				$userCount = array_reduce($this->userManager->countUsers(), function ($v, $w) {
-					return $v + (int)$w;
-				}, 0);
-			} else {
-				// User is subadmin !
-				// Map group list to names to retrieve the countDisabledUsersOfGroups
-				$userGroups = $this->groupManager->getUserGroups($user);
-				$groupsNames = [];
-
-				foreach ($groups as $key => $group) {
-					// $userCount += (int)$group['usercount'];
-					array_push($groupsNames, $group['name']);
-					// we prevent subadmins from looking up themselves
-					// so we lower the count of the groups he belongs to
-					if (array_key_exists($group['id'], $userGroups)) {
-						$groups[$key]['usercount']--;
-						$userCount -= 1; // we also lower from one the total count
-					}
-				}
-				$userCount += $this->userManager->countUsersOfGroups($groupsInfo->getGroups());
-				$disabledUsers = $this->userManager->countDisabledUsersOfGroups($groupsNames);
-			}
-
-			$userCount -= $disabledUsers;
-		}
-
-		$disabledUsersGroup = [
-			'id' => 'disabled',
-			'name' => 'Disabled users',
-			'usercount' => $disabledUsers
-		];
-
-		/* QUOTAS PRESETS */
-		$quotaPreset = $this->parseQuotaPreset($this->config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB'));
-		$defaultQuota = $this->config->getAppValue('files', 'default_quota', 'none');
-
-		$event = new BeforeTemplateRenderedEvent();
-		$this->dispatcher->dispatch('OC\Settings\Users::loadAdditionalScripts', $event);
-		$this->dispatcher->dispatchTyped($event);
-
-		/* LANGUAGES */
-		$languages = $this->l10nFactory->getLanguages();
-
-		/* FINAL DATA */
-		$serverData = [];
-		// groups
-		$serverData['groups'] = array_merge_recursive($adminGroup, [$disabledUsersGroup], $groups);
-		// Various data
-		$serverData['isAdmin'] = $this->isAdmin;
-		$serverData['sortGroups'] = $sortGroupsBy;
-		$serverData['quotaPreset'] = $quotaPreset;
-		$serverData['userCount'] = $userCount;
-		$serverData['languages'] = $languages;
-		$serverData['defaultLanguage'] = $this->config->getSystemValue('default_language', 'en');
-		$serverData['forceLanguage'] = $this->config->getSystemValue('force_language', false);
-		// Settings
-		$serverData['defaultQuota'] = $defaultQuota;
-		$serverData['canChangePassword'] = $canChangePassword;
-		$serverData['newUserGenerateUserID'] = $this->config->getAppValue('core', 'newUser.generateUserID', 'no') === 'yes';
-		$serverData['newUserRequireEmail'] = $this->config->getAppValue('core', 'newUser.requireEmail', 'no') === 'yes';
-		$serverData['newUserSendEmail'] = $this->config->getAppValue('core', 'newUser.sendEmail', 'yes') === 'yes';
-
-		return new TemplateResponse('settings', 'settings-vue', ['serverData' => $serverData]);
-	}
-
-	/**
-	 * @param string $key
-	 * @param string $value
-	 *
-	 * @return JSONResponse
-	 */
-	public function setPreference(string $key, string $value): JSONResponse {
-		$allowed = ['newUser.sendEmail'];
-		if (!in_array($key, $allowed, true)) {
-			return new JSONResponse([], Http::STATUS_FORBIDDEN);
-		}
-
-		$this->config->setAppValue('core', $key, $value);
-
-		return new JSONResponse([]);
-	}
-
-	/**
-	 * Parse the app value for quota_present
-	 *
-	 * @param string $quotaPreset
-	 * @return array
-	 */
-	protected function parseQuotaPreset(string $quotaPreset): array {
-		// 1 GB, 5 GB, 10 GB => [1 GB, 5 GB, 10 GB]
-		$presets = array_filter(array_map('trim', explode(',', $quotaPreset)));
-		// Drop default and none, Make array indexes numerically
-		return array_values(array_diff($presets, ['default', 'none']));
-	}
-
-	/**
-	 * check if the admin can change the users password
-	 *
-	 * The admin can change the passwords if:
-	 *
-	 *   - no encryption module is loaded and encryption is disabled
-	 *   - encryption module is loaded but it doesn't require per user keys
-	 *
-	 * The admin can not change the passwords if:
-	 *
-	 *   - an encryption module is loaded and it uses per-user keys
-	 *   - encryption is enabled but no encryption modules are loaded
-	 *
-	 * @return bool
-	 */
-	protected function canAdminChangeUserPasswords() {
-		$isEncryptionEnabled = $this->encryptionManager->isEnabled();
-		try {
-			$noUserSpecificEncryptionKeys =!$this->encryptionManager->getEncryptionModule()->needDetailedAccessList();
-			$isEncryptionModuleLoaded = true;
-		} catch (ModuleDoesNotExistsException $e) {
-			$noUserSpecificEncryptionKeys = true;
-			$isEncryptionModuleLoaded = false;
-		}
-
-		$canChangePassword = ($isEncryptionEnabled && $isEncryptionModuleLoaded  && $noUserSpecificEncryptionKeys)
-			|| (!$isEncryptionEnabled && !$isEncryptionModuleLoaded)
-			|| (!$isEncryptionEnabled && $isEncryptionModuleLoaded && $noUserSpecificEncryptionKeys);
-
-		return $canChangePassword;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $avatarScope
-	 * @param string $displayname
-	 * @param string $displaynameScope
-	 * @param string $phone
-	 * @param string $phoneScope
-	 * @param string $email
-	 * @param string $emailScope
-	 * @param string $website
-	 * @param string $websiteScope
-	 * @param string $address
-	 * @param string $addressScope
-	 * @param string $twitter
-	 * @param string $twitterScope
-	 * @return DataResponse
-	 */
-	public function setUserSettings($avatarScope,
-									$displayname,
-									$displaynameScope,
-									$phone,
-									$phoneScope,
-									$email,
-									$emailScope,
-									$website,
-									$websiteScope,
-									$address,
-									$addressScope,
-									$twitter,
-									$twitterScope
-	) {
-		if (!empty($email) && !$this->mailer->validateMailAddress($email)) {
-			return new DataResponse(
-				[
-					'status' => 'error',
-					'data' => [
-						'message' => $this->l10n->t('Invalid mail address')
-					]
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-		$user = $this->userSession->getUser();
-		$data = $this->accountManager->getUser($user);
-		$data[AccountManager::PROPERTY_AVATAR] = ['scope' => $avatarScope];
-		if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
-			$data[AccountManager::PROPERTY_DISPLAYNAME] = ['value' => $displayname, 'scope' => $displaynameScope];
-			$data[AccountManager::PROPERTY_EMAIL] = ['value' => $email, 'scope' => $emailScope];
-		}
-		if ($this->appManager->isEnabledForUser('federatedfilesharing')) {
-			$shareProvider = \OC::$server->query(FederatedShareProvider::class);
-			if ($shareProvider->isLookupServerUploadEnabled()) {
-				$data[AccountManager::PROPERTY_WEBSITE] = ['value' => $website, 'scope' => $websiteScope];
-				$data[AccountManager::PROPERTY_ADDRESS] = ['value' => $address, 'scope' => $addressScope];
-				$data[AccountManager::PROPERTY_PHONE] = ['value' => $phone, 'scope' => $phoneScope];
-				$data[AccountManager::PROPERTY_TWITTER] = ['value' => $twitter, 'scope' => $twitterScope];
-			}
-		}
-		try {
-			$this->saveUserSettings($user, $data);
-			return new DataResponse(
-				[
-					'status' => 'success',
-					'data' => [
-						'userId' => $user->getUID(),
-						'avatarScope' => $data[AccountManager::PROPERTY_AVATAR]['scope'],
-						'displayname' => $data[AccountManager::PROPERTY_DISPLAYNAME]['value'],
-						'displaynameScope' => $data[AccountManager::PROPERTY_DISPLAYNAME]['scope'],
-						'email' => $data[AccountManager::PROPERTY_EMAIL]['value'],
-						'emailScope' => $data[AccountManager::PROPERTY_EMAIL]['scope'],
-						'website' => $data[AccountManager::PROPERTY_WEBSITE]['value'],
-						'websiteScope' => $data[AccountManager::PROPERTY_WEBSITE]['scope'],
-						'address' => $data[AccountManager::PROPERTY_ADDRESS]['value'],
-						'addressScope' => $data[AccountManager::PROPERTY_ADDRESS]['scope'],
-						'message' => $this->l10n->t('Settings saved')
-					]
-				],
-				Http::STATUS_OK
-			);
-		} catch (ForbiddenException $e) {
-			return new DataResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $e->getMessage()
-				],
-			]);
-		}
-	}
-	/**
-	 * update account manager with new user data
-	 *
-	 * @param IUser $user
-	 * @param array $data
-	 * @throws ForbiddenException
-	 */
-	protected function saveUserSettings(IUser $user, array $data) {
-		// keep the user back-end up-to-date with the latest display name and email
-		// address
-		$oldDisplayName = $user->getDisplayName();
-		$oldDisplayName = is_null($oldDisplayName) ? '' : $oldDisplayName;
-		if (isset($data[AccountManager::PROPERTY_DISPLAYNAME]['value'])
-			&& $oldDisplayName !== $data[AccountManager::PROPERTY_DISPLAYNAME]['value']
-		) {
-			$result = $user->setDisplayName($data[AccountManager::PROPERTY_DISPLAYNAME]['value']);
-			if ($result === false) {
-				throw new ForbiddenException($this->l10n->t('Unable to change full name'));
-			}
-		}
-		$oldEmailAddress = $user->getEMailAddress();
-		$oldEmailAddress = is_null($oldEmailAddress) ? '' : $oldEmailAddress;
-		if (isset($data[AccountManager::PROPERTY_EMAIL]['value'])
-			&& $oldEmailAddress !== $data[AccountManager::PROPERTY_EMAIL]['value']
-		) {
-			// this is the only permission a backend provides and is also used
-			// for the permission of setting a email address
-			if (!$user->canChangeDisplayName()) {
-				throw new ForbiddenException($this->l10n->t('Unable to change email address'));
-			}
-			$user->setEMailAddress($data[AccountManager::PROPERTY_EMAIL]['value']);
-		}
-		$this->accountManager->updateUser($user, $data);
-	}
-
-	/**
-	 * Set the mail address of a user
-	 *
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $account
-	 * @param bool $onlyVerificationCode only return verification code without updating the data
-	 * @return DataResponse
-	 */
-	public function getVerificationCode(string $account, bool $onlyVerificationCode): DataResponse {
-		$user = $this->userSession->getUser();
-
-		if ($user === null) {
-			return new DataResponse([], Http::STATUS_BAD_REQUEST);
-		}
-
-		$accountData = $this->accountManager->getUser($user);
-		$cloudId = $user->getCloudId();
-		$message = 'Use my Federated Cloud ID to share with me: ' . $cloudId;
-		$signature = $this->signMessage($user, $message);
-
-		$code = $message . ' ' . $signature;
-		$codeMd5 = $message . ' ' . md5($signature);
-
-		switch ($account) {
-			case 'verify-twitter':
-				$accountData[AccountManager::PROPERTY_TWITTER]['verified'] = AccountManager::VERIFICATION_IN_PROGRESS;
-				$msg = $this->l10n->t('In order to verify your Twitter account, post the following tweet on Twitter (please make sure to post it without any line breaks):');
-				$code = $codeMd5;
-				$type = AccountManager::PROPERTY_TWITTER;
-				$data = $accountData[AccountManager::PROPERTY_TWITTER]['value'];
-				$accountData[AccountManager::PROPERTY_TWITTER]['signature'] = $signature;
-				break;
-			case 'verify-website':
-				$accountData[AccountManager::PROPERTY_WEBSITE]['verified'] = AccountManager::VERIFICATION_IN_PROGRESS;
-				$msg = $this->l10n->t('In order to verify your Website, store the following content in your web-root at \'.well-known/CloudIdVerificationCode.txt\' (please make sure that the complete text is in one line):');
-				$type = AccountManager::PROPERTY_WEBSITE;
-				$data = $accountData[AccountManager::PROPERTY_WEBSITE]['value'];
-				$accountData[AccountManager::PROPERTY_WEBSITE]['signature'] = $signature;
-				break;
-			default:
-				return new DataResponse([], Http::STATUS_BAD_REQUEST);
-		}
-
-		if ($onlyVerificationCode === false) {
-			$this->accountManager->updateUser($user, $accountData);
-
-			$this->jobList->add(VerifyUserData::class,
-				[
-					'verificationCode' => $code,
-					'data' => $data,
-					'type' => $type,
-					'uid' => $user->getUID(),
-					'try' => 0,
-					'lastRun' => $this->getCurrentTime()
-				]
-			);
-		}
-
-		return new DataResponse(['msg' => $msg, 'code' => $code]);
-	}
-
-	/**
-	 * get current timestamp
-	 *
-	 * @return int
-	 */
-	protected function getCurrentTime(): int {
-		return time();
-	}
-
-	/**
-	 * sign message with users private key
-	 *
-	 * @param IUser $user
-	 * @param string $message
-	 *
-	 * @return string base64 encoded signature
-	 */
-	protected function signMessage(IUser $user, string $message): string {
-		$privateKey = $this->keyManager->getKey($user)->getPrivate();
-		openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512);
-		return base64_encode($signature);
-	}
+    /** @var UserManager */
+    private $userManager;
+    /** @var GroupManager */
+    private $groupManager;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var IConfig */
+    private $config;
+    /** @var bool */
+    private $isAdmin;
+    /** @var IL10N */
+    private $l10n;
+    /** @var IMailer */
+    private $mailer;
+    /** @var Factory */
+    private $l10nFactory;
+    /** @var IAppManager */
+    private $appManager;
+    /** @var AccountManager */
+    private $accountManager;
+    /** @var Manager */
+    private $keyManager;
+    /** @var IJobList */
+    private $jobList;
+    /** @var IManager */
+    private $encryptionManager;
+    /** @var IEventDispatcher */
+    private $dispatcher;
+
+
+    public function __construct(
+        string $appName,
+        IRequest $request,
+        IUserManager $userManager,
+        IGroupManager $groupManager,
+        IUserSession $userSession,
+        IConfig $config,
+        bool $isAdmin,
+        IL10N $l10n,
+        IMailer $mailer,
+        IFactory $l10nFactory,
+        IAppManager $appManager,
+        AccountManager $accountManager,
+        Manager $keyManager,
+        IJobList $jobList,
+        IManager $encryptionManager,
+        IEventDispatcher $dispatcher
+    ) {
+        parent::__construct($appName, $request);
+        $this->userManager = $userManager;
+        $this->groupManager = $groupManager;
+        $this->userSession = $userSession;
+        $this->config = $config;
+        $this->isAdmin = $isAdmin;
+        $this->l10n = $l10n;
+        $this->mailer = $mailer;
+        $this->l10nFactory = $l10nFactory;
+        $this->appManager = $appManager;
+        $this->accountManager = $accountManager;
+        $this->keyManager = $keyManager;
+        $this->jobList = $jobList;
+        $this->encryptionManager = $encryptionManager;
+        $this->dispatcher = $dispatcher;
+    }
+
+
+    /**
+     * @NoCSRFRequired
+     * @NoAdminRequired
+     *
+     * Display users list template
+     *
+     * @return TemplateResponse
+     */
+    public function usersListByGroup() {
+        return $this->usersList();
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @NoAdminRequired
+     *
+     * Display users list template
+     *
+     * @return TemplateResponse
+     */
+    public function usersList() {
+        $user = $this->userSession->getUser();
+        $uid = $user->getUID();
+
+        \OC::$server->getNavigationManager()->setActiveEntry('core_users');
+
+        /* SORT OPTION: SORT_USERCOUNT or SORT_GROUPNAME */
+        $sortGroupsBy = \OC\Group\MetaData::SORT_USERCOUNT;
+        $isLDAPUsed = false;
+        if ($this->config->getSystemValue('sort_groups_by_name', false)) {
+            $sortGroupsBy = \OC\Group\MetaData::SORT_GROUPNAME;
+        } else {
+            if ($this->appManager->isEnabledForUser('user_ldap')) {
+                $isLDAPUsed =
+                    $this->groupManager->isBackendUsed('\OCA\User_LDAP\Group_Proxy');
+                if ($isLDAPUsed) {
+                    // LDAP user count can be slow, so we sort by group name here
+                    $sortGroupsBy = \OC\Group\MetaData::SORT_GROUPNAME;
+                }
+            }
+        }
+
+        $canChangePassword = $this->canAdminChangeUserPasswords();
+
+        /* GROUPS */
+        $groupsInfo = new \OC\Group\MetaData(
+            $uid,
+            $this->isAdmin,
+            $this->groupManager,
+            $this->userSession
+        );
+
+        $groupsInfo->setSorting($sortGroupsBy);
+        list($adminGroup, $groups) = $groupsInfo->get();
+
+        if (!$isLDAPUsed && $this->appManager->isEnabledForUser('user_ldap')) {
+            $isLDAPUsed = (bool)array_reduce($this->userManager->getBackends(), function ($ldapFound, $backend) {
+                return $ldapFound || $backend instanceof User_Proxy;
+            });
+        }
+
+        $disabledUsers = -1;
+        $userCount = 0;
+
+        if (!$isLDAPUsed) {
+            if ($this->isAdmin) {
+                $disabledUsers = $this->userManager->countDisabledUsers();
+                $userCount = array_reduce($this->userManager->countUsers(), function ($v, $w) {
+                    return $v + (int)$w;
+                }, 0);
+            } else {
+                // User is subadmin !
+                // Map group list to names to retrieve the countDisabledUsersOfGroups
+                $userGroups = $this->groupManager->getUserGroups($user);
+                $groupsNames = [];
+
+                foreach ($groups as $key => $group) {
+                    // $userCount += (int)$group['usercount'];
+                    array_push($groupsNames, $group['name']);
+                    // we prevent subadmins from looking up themselves
+                    // so we lower the count of the groups he belongs to
+                    if (array_key_exists($group['id'], $userGroups)) {
+                        $groups[$key]['usercount']--;
+                        $userCount -= 1; // we also lower from one the total count
+                    }
+                }
+                $userCount += $this->userManager->countUsersOfGroups($groupsInfo->getGroups());
+                $disabledUsers = $this->userManager->countDisabledUsersOfGroups($groupsNames);
+            }
+
+            $userCount -= $disabledUsers;
+        }
+
+        $disabledUsersGroup = [
+            'id' => 'disabled',
+            'name' => 'Disabled users',
+            'usercount' => $disabledUsers
+        ];
+
+        /* QUOTAS PRESETS */
+        $quotaPreset = $this->parseQuotaPreset($this->config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB'));
+        $defaultQuota = $this->config->getAppValue('files', 'default_quota', 'none');
+
+        $event = new BeforeTemplateRenderedEvent();
+        $this->dispatcher->dispatch('OC\Settings\Users::loadAdditionalScripts', $event);
+        $this->dispatcher->dispatchTyped($event);
+
+        /* LANGUAGES */
+        $languages = $this->l10nFactory->getLanguages();
+
+        /* FINAL DATA */
+        $serverData = [];
+        // groups
+        $serverData['groups'] = array_merge_recursive($adminGroup, [$disabledUsersGroup], $groups);
+        // Various data
+        $serverData['isAdmin'] = $this->isAdmin;
+        $serverData['sortGroups'] = $sortGroupsBy;
+        $serverData['quotaPreset'] = $quotaPreset;
+        $serverData['userCount'] = $userCount;
+        $serverData['languages'] = $languages;
+        $serverData['defaultLanguage'] = $this->config->getSystemValue('default_language', 'en');
+        $serverData['forceLanguage'] = $this->config->getSystemValue('force_language', false);
+        // Settings
+        $serverData['defaultQuota'] = $defaultQuota;
+        $serverData['canChangePassword'] = $canChangePassword;
+        $serverData['newUserGenerateUserID'] = $this->config->getAppValue('core', 'newUser.generateUserID', 'no') === 'yes';
+        $serverData['newUserRequireEmail'] = $this->config->getAppValue('core', 'newUser.requireEmail', 'no') === 'yes';
+        $serverData['newUserSendEmail'] = $this->config->getAppValue('core', 'newUser.sendEmail', 'yes') === 'yes';
+
+        return new TemplateResponse('settings', 'settings-vue', ['serverData' => $serverData]);
+    }
+
+    /**
+     * @param string $key
+     * @param string $value
+     *
+     * @return JSONResponse
+     */
+    public function setPreference(string $key, string $value): JSONResponse {
+        $allowed = ['newUser.sendEmail'];
+        if (!in_array($key, $allowed, true)) {
+            return new JSONResponse([], Http::STATUS_FORBIDDEN);
+        }
+
+        $this->config->setAppValue('core', $key, $value);
+
+        return new JSONResponse([]);
+    }
+
+    /**
+     * Parse the app value for quota_present
+     *
+     * @param string $quotaPreset
+     * @return array
+     */
+    protected function parseQuotaPreset(string $quotaPreset): array {
+        // 1 GB, 5 GB, 10 GB => [1 GB, 5 GB, 10 GB]
+        $presets = array_filter(array_map('trim', explode(',', $quotaPreset)));
+        // Drop default and none, Make array indexes numerically
+        return array_values(array_diff($presets, ['default', 'none']));
+    }
+
+    /**
+     * check if the admin can change the users password
+     *
+     * The admin can change the passwords if:
+     *
+     *   - no encryption module is loaded and encryption is disabled
+     *   - encryption module is loaded but it doesn't require per user keys
+     *
+     * The admin can not change the passwords if:
+     *
+     *   - an encryption module is loaded and it uses per-user keys
+     *   - encryption is enabled but no encryption modules are loaded
+     *
+     * @return bool
+     */
+    protected function canAdminChangeUserPasswords() {
+        $isEncryptionEnabled = $this->encryptionManager->isEnabled();
+        try {
+            $noUserSpecificEncryptionKeys =!$this->encryptionManager->getEncryptionModule()->needDetailedAccessList();
+            $isEncryptionModuleLoaded = true;
+        } catch (ModuleDoesNotExistsException $e) {
+            $noUserSpecificEncryptionKeys = true;
+            $isEncryptionModuleLoaded = false;
+        }
+
+        $canChangePassword = ($isEncryptionEnabled && $isEncryptionModuleLoaded  && $noUserSpecificEncryptionKeys)
+            || (!$isEncryptionEnabled && !$isEncryptionModuleLoaded)
+            || (!$isEncryptionEnabled && $isEncryptionModuleLoaded && $noUserSpecificEncryptionKeys);
+
+        return $canChangePassword;
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $avatarScope
+     * @param string $displayname
+     * @param string $displaynameScope
+     * @param string $phone
+     * @param string $phoneScope
+     * @param string $email
+     * @param string $emailScope
+     * @param string $website
+     * @param string $websiteScope
+     * @param string $address
+     * @param string $addressScope
+     * @param string $twitter
+     * @param string $twitterScope
+     * @return DataResponse
+     */
+    public function setUserSettings($avatarScope,
+                                    $displayname,
+                                    $displaynameScope,
+                                    $phone,
+                                    $phoneScope,
+                                    $email,
+                                    $emailScope,
+                                    $website,
+                                    $websiteScope,
+                                    $address,
+                                    $addressScope,
+                                    $twitter,
+                                    $twitterScope
+    ) {
+        if (!empty($email) && !$this->mailer->validateMailAddress($email)) {
+            return new DataResponse(
+                [
+                    'status' => 'error',
+                    'data' => [
+                        'message' => $this->l10n->t('Invalid mail address')
+                    ]
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+        $user = $this->userSession->getUser();
+        $data = $this->accountManager->getUser($user);
+        $data[AccountManager::PROPERTY_AVATAR] = ['scope' => $avatarScope];
+        if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
+            $data[AccountManager::PROPERTY_DISPLAYNAME] = ['value' => $displayname, 'scope' => $displaynameScope];
+            $data[AccountManager::PROPERTY_EMAIL] = ['value' => $email, 'scope' => $emailScope];
+        }
+        if ($this->appManager->isEnabledForUser('federatedfilesharing')) {
+            $shareProvider = \OC::$server->query(FederatedShareProvider::class);
+            if ($shareProvider->isLookupServerUploadEnabled()) {
+                $data[AccountManager::PROPERTY_WEBSITE] = ['value' => $website, 'scope' => $websiteScope];
+                $data[AccountManager::PROPERTY_ADDRESS] = ['value' => $address, 'scope' => $addressScope];
+                $data[AccountManager::PROPERTY_PHONE] = ['value' => $phone, 'scope' => $phoneScope];
+                $data[AccountManager::PROPERTY_TWITTER] = ['value' => $twitter, 'scope' => $twitterScope];
+            }
+        }
+        try {
+            $this->saveUserSettings($user, $data);
+            return new DataResponse(
+                [
+                    'status' => 'success',
+                    'data' => [
+                        'userId' => $user->getUID(),
+                        'avatarScope' => $data[AccountManager::PROPERTY_AVATAR]['scope'],
+                        'displayname' => $data[AccountManager::PROPERTY_DISPLAYNAME]['value'],
+                        'displaynameScope' => $data[AccountManager::PROPERTY_DISPLAYNAME]['scope'],
+                        'email' => $data[AccountManager::PROPERTY_EMAIL]['value'],
+                        'emailScope' => $data[AccountManager::PROPERTY_EMAIL]['scope'],
+                        'website' => $data[AccountManager::PROPERTY_WEBSITE]['value'],
+                        'websiteScope' => $data[AccountManager::PROPERTY_WEBSITE]['scope'],
+                        'address' => $data[AccountManager::PROPERTY_ADDRESS]['value'],
+                        'addressScope' => $data[AccountManager::PROPERTY_ADDRESS]['scope'],
+                        'message' => $this->l10n->t('Settings saved')
+                    ]
+                ],
+                Http::STATUS_OK
+            );
+        } catch (ForbiddenException $e) {
+            return new DataResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $e->getMessage()
+                ],
+            ]);
+        }
+    }
+    /**
+     * update account manager with new user data
+     *
+     * @param IUser $user
+     * @param array $data
+     * @throws ForbiddenException
+     */
+    protected function saveUserSettings(IUser $user, array $data) {
+        // keep the user back-end up-to-date with the latest display name and email
+        // address
+        $oldDisplayName = $user->getDisplayName();
+        $oldDisplayName = is_null($oldDisplayName) ? '' : $oldDisplayName;
+        if (isset($data[AccountManager::PROPERTY_DISPLAYNAME]['value'])
+            && $oldDisplayName !== $data[AccountManager::PROPERTY_DISPLAYNAME]['value']
+        ) {
+            $result = $user->setDisplayName($data[AccountManager::PROPERTY_DISPLAYNAME]['value']);
+            if ($result === false) {
+                throw new ForbiddenException($this->l10n->t('Unable to change full name'));
+            }
+        }
+        $oldEmailAddress = $user->getEMailAddress();
+        $oldEmailAddress = is_null($oldEmailAddress) ? '' : $oldEmailAddress;
+        if (isset($data[AccountManager::PROPERTY_EMAIL]['value'])
+            && $oldEmailAddress !== $data[AccountManager::PROPERTY_EMAIL]['value']
+        ) {
+            // this is the only permission a backend provides and is also used
+            // for the permission of setting a email address
+            if (!$user->canChangeDisplayName()) {
+                throw new ForbiddenException($this->l10n->t('Unable to change email address'));
+            }
+            $user->setEMailAddress($data[AccountManager::PROPERTY_EMAIL]['value']);
+        }
+        $this->accountManager->updateUser($user, $data);
+    }
+
+    /**
+     * Set the mail address of a user
+     *
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $account
+     * @param bool $onlyVerificationCode only return verification code without updating the data
+     * @return DataResponse
+     */
+    public function getVerificationCode(string $account, bool $onlyVerificationCode): DataResponse {
+        $user = $this->userSession->getUser();
+
+        if ($user === null) {
+            return new DataResponse([], Http::STATUS_BAD_REQUEST);
+        }
+
+        $accountData = $this->accountManager->getUser($user);
+        $cloudId = $user->getCloudId();
+        $message = 'Use my Federated Cloud ID to share with me: ' . $cloudId;
+        $signature = $this->signMessage($user, $message);
+
+        $code = $message . ' ' . $signature;
+        $codeMd5 = $message . ' ' . md5($signature);
+
+        switch ($account) {
+            case 'verify-twitter':
+                $accountData[AccountManager::PROPERTY_TWITTER]['verified'] = AccountManager::VERIFICATION_IN_PROGRESS;
+                $msg = $this->l10n->t('In order to verify your Twitter account, post the following tweet on Twitter (please make sure to post it without any line breaks):');
+                $code = $codeMd5;
+                $type = AccountManager::PROPERTY_TWITTER;
+                $data = $accountData[AccountManager::PROPERTY_TWITTER]['value'];
+                $accountData[AccountManager::PROPERTY_TWITTER]['signature'] = $signature;
+                break;
+            case 'verify-website':
+                $accountData[AccountManager::PROPERTY_WEBSITE]['verified'] = AccountManager::VERIFICATION_IN_PROGRESS;
+                $msg = $this->l10n->t('In order to verify your Website, store the following content in your web-root at \'.well-known/CloudIdVerificationCode.txt\' (please make sure that the complete text is in one line):');
+                $type = AccountManager::PROPERTY_WEBSITE;
+                $data = $accountData[AccountManager::PROPERTY_WEBSITE]['value'];
+                $accountData[AccountManager::PROPERTY_WEBSITE]['signature'] = $signature;
+                break;
+            default:
+                return new DataResponse([], Http::STATUS_BAD_REQUEST);
+        }
+
+        if ($onlyVerificationCode === false) {
+            $this->accountManager->updateUser($user, $accountData);
+
+            $this->jobList->add(VerifyUserData::class,
+                [
+                    'verificationCode' => $code,
+                    'data' => $data,
+                    'type' => $type,
+                    'uid' => $user->getUID(),
+                    'try' => 0,
+                    'lastRun' => $this->getCurrentTime()
+                ]
+            );
+        }
+
+        return new DataResponse(['msg' => $msg, 'code' => $code]);
+    }
+
+    /**
+     * get current timestamp
+     *
+     * @return int
+     */
+    protected function getCurrentTime(): int {
+        return time();
+    }
+
+    /**
+     * sign message with users private key
+     *
+     * @param IUser $user
+     * @param string $message
+     *
+     * @return string base64 encoded signature
+     */
+    protected function signMessage(IUser $user, string $message): string {
+        $privateKey = $this->keyManager->getKey($user)->getPrivate();
+        openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512);
+        return base64_encode($signature);
+    }
 }

apps/settings/lib/Controller/ChangePasswordController.php

Indentation +212 added lines, -212 removed lines

@@ -50,234 +50,234 @@
 
 class ChangePasswordController extends Controller {
 
-	/** @var string */
-	private $userId;
+    /** @var string */
+    private $userId;
 
-	/** @var IUserManager */
-	private $userManager;
+    /** @var IUserManager */
+    private $userManager;
 
-	/** @var IL10N */
-	private $l;
+    /** @var IL10N */
+    private $l;
 
-	/** @var GroupManager */
-	private $groupManager;
+    /** @var GroupManager */
+    private $groupManager;
 
-	/** @var Session */
-	private $userSession;
+    /** @var Session */
+    private $userSession;
 
-	/** @var IAppManager */
-	private $appManager;
+    /** @var IAppManager */
+    private $appManager;
 
-	public function __construct(string $appName,
-								IRequest $request,
-								string $userId,
-								IUserManager $userManager,
-								IUserSession $userSession,
-								IGroupManager $groupManager,
-								IAppManager $appManager,
-								IL10N $l) {
-		parent::__construct($appName, $request);
+    public function __construct(string $appName,
+                                IRequest $request,
+                                string $userId,
+                                IUserManager $userManager,
+                                IUserSession $userSession,
+                                IGroupManager $groupManager,
+                                IAppManager $appManager,
+                                IL10N $l) {
+        parent::__construct($appName, $request);
 
-		$this->userId = $userId;
-		$this->userManager = $userManager;
-		$this->userSession = $userSession;
-		$this->groupManager = $groupManager;
-		$this->appManager = $appManager;
-		$this->l = $l;
-	}
+        $this->userId = $userId;
+        $this->userManager = $userManager;
+        $this->userSession = $userSession;
+        $this->groupManager = $groupManager;
+        $this->appManager = $appManager;
+        $this->l = $l;
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 * @BruteForceProtection(action=changePersonalPassword)
-	 */
-	public function changePersonalPassword(string $oldpassword = '', string $newpassword = null): JSONResponse {
-		$loginName = $this->userSession->getLoginName();
-		/** @var IUser $user */
-		$user = $this->userManager->checkPassword($loginName, $oldpassword);
-		if ($user === false) {
-			$response = new JSONResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $this->l->t('Wrong password'),
-				],
-			]);
-			$response->throttle();
-			return $response;
-		}
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     * @BruteForceProtection(action=changePersonalPassword)
+     */
+    public function changePersonalPassword(string $oldpassword = '', string $newpassword = null): JSONResponse {
+        $loginName = $this->userSession->getLoginName();
+        /** @var IUser $user */
+        $user = $this->userManager->checkPassword($loginName, $oldpassword);
+        if ($user === false) {
+            $response = new JSONResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $this->l->t('Wrong password'),
+                ],
+            ]);
+            $response->throttle();
+            return $response;
+        }
 
-		try {
-			if ($newpassword === null || $user->setPassword($newpassword) === false) {
-				return new JSONResponse([
-					'status' => 'error'
-				]);
-			}
-			// password policy app throws exception
-		} catch (HintException $e) {
-			return new JSONResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $e->getHint(),
-				],
-			]);
-		}
+        try {
+            if ($newpassword === null || $user->setPassword($newpassword) === false) {
+                return new JSONResponse([
+                    'status' => 'error'
+                ]);
+            }
+            // password policy app throws exception
+        } catch (HintException $e) {
+            return new JSONResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $e->getHint(),
+                ],
+            ]);
+        }
 
-		$this->userSession->updateSessionTokenPassword($newpassword);
+        $this->userSession->updateSessionTokenPassword($newpassword);
 
-		return new JSONResponse([
-			'status' => 'success',
-			'data' => [
-				'message' => $this->l->t('Saved'),
-			],
-		]);
-	}
+        return new JSONResponse([
+            'status' => 'success',
+            'data' => [
+                'message' => $this->l->t('Saved'),
+            ],
+        ]);
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @PasswordConfirmationRequired
-	 */
-	public function changeUserPassword(string $username = null, string $password = null, string $recoveryPassword = null): JSONResponse {
-		if ($username === null) {
-			return new JSONResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $this->l->t('No user supplied'),
-				],
-			]);
-		}
+    /**
+     * @NoAdminRequired
+     * @PasswordConfirmationRequired
+     */
+    public function changeUserPassword(string $username = null, string $password = null, string $recoveryPassword = null): JSONResponse {
+        if ($username === null) {
+            return new JSONResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $this->l->t('No user supplied'),
+                ],
+            ]);
+        }
 
-		if ($password === null) {
-			return new JSONResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $this->l->t('Unable to change password'),
-				],
-			]);
-		}
+        if ($password === null) {
+            return new JSONResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $this->l->t('Unable to change password'),
+                ],
+            ]);
+        }
 
-		$currentUser = $this->userSession->getUser();
-		$targetUser = $this->userManager->get($username);
-		if ($currentUser === null || $targetUser === null ||
-			!($this->groupManager->isAdmin($this->userId) ||
-			 $this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $targetUser))
-		) {
-			return new JSONResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $this->l->t('Authentication error'),
-				],
-			]);
-		}
+        $currentUser = $this->userSession->getUser();
+        $targetUser = $this->userManager->get($username);
+        if ($currentUser === null || $targetUser === null ||
+            !($this->groupManager->isAdmin($this->userId) ||
+             $this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $targetUser))
+        ) {
+            return new JSONResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $this->l->t('Authentication error'),
+                ],
+            ]);
+        }
 
-		if ($this->appManager->isEnabledForUser('encryption')) {
-			//handle the recovery case
-			$crypt = new \OCA\Encryption\Crypto\Crypt(
-				\OC::$server->getLogger(),
-				\OC::$server->getUserSession(),
-				\OC::$server->getConfig(),
-				\OC::$server->getL10N('encryption'));
-			$keyStorage = \OC::$server->getEncryptionKeyStorage();
-			$util = new \OCA\Encryption\Util(
-				new \OC\Files\View(),
-				$crypt,
-				\OC::$server->getLogger(),
-				\OC::$server->getUserSession(),
-				\OC::$server->getConfig(),
-				\OC::$server->getUserManager());
-			$keyManager = new \OCA\Encryption\KeyManager(
-				$keyStorage,
-				$crypt,
-				\OC::$server->getConfig(),
-				\OC::$server->getUserSession(),
-				new \OCA\Encryption\Session(\OC::$server->getSession()),
-				\OC::$server->getLogger(),
-				$util,
-				\OC::$server->getLockingProvider()
-			);
-			$recovery = new \OCA\Encryption\Recovery(
-				\OC::$server->getUserSession(),
-				$crypt,
-				$keyManager,
-				\OC::$server->getConfig(),
-				\OC::$server->getEncryptionFilesHelper(),
-				new \OC\Files\View());
-			$recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled();
+        if ($this->appManager->isEnabledForUser('encryption')) {
+            //handle the recovery case
+            $crypt = new \OCA\Encryption\Crypto\Crypt(
+                \OC::$server->getLogger(),
+                \OC::$server->getUserSession(),
+                \OC::$server->getConfig(),
+                \OC::$server->getL10N('encryption'));
+            $keyStorage = \OC::$server->getEncryptionKeyStorage();
+            $util = new \OCA\Encryption\Util(
+                new \OC\Files\View(),
+                $crypt,
+                \OC::$server->getLogger(),
+                \OC::$server->getUserSession(),
+                \OC::$server->getConfig(),
+                \OC::$server->getUserManager());
+            $keyManager = new \OCA\Encryption\KeyManager(
+                $keyStorage,
+                $crypt,
+                \OC::$server->getConfig(),
+                \OC::$server->getUserSession(),
+                new \OCA\Encryption\Session(\OC::$server->getSession()),
+                \OC::$server->getLogger(),
+                $util,
+                \OC::$server->getLockingProvider()
+            );
+            $recovery = new \OCA\Encryption\Recovery(
+                \OC::$server->getUserSession(),
+                $crypt,
+                $keyManager,
+                \OC::$server->getConfig(),
+                \OC::$server->getEncryptionFilesHelper(),
+                new \OC\Files\View());
+            $recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled();
 
-			$validRecoveryPassword = false;
-			$recoveryEnabledForUser = false;
-			if ($recoveryAdminEnabled) {
-				$validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword);
-				$recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username);
-			}
+            $validRecoveryPassword = false;
+            $recoveryEnabledForUser = false;
+            if ($recoveryAdminEnabled) {
+                $validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword);
+                $recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username);
+            }
 
-			if ($recoveryEnabledForUser && $recoveryPassword === '') {
-				return new JSONResponse([
-					'status' => 'error',
-					'data' => [
-						'message' => $this->l->t('Please provide an admin recovery password; otherwise, all user data will be lost.'),
-					]
-				]);
-			} elseif ($recoveryEnabledForUser && ! $validRecoveryPassword) {
-				return new JSONResponse([
-					'status' => 'error',
-					'data' => [
-						'message' => $this->l->t('Wrong admin recovery password. Please check the password and try again.'),
-					]
-				]);
-			} else { // now we know that everything is fine regarding the recovery password, let's try to change the password
-				try {
-					$result = $targetUser->setPassword($password, $recoveryPassword);
-					// password policy app throws exception
-				} catch (HintException $e) {
-					return new JSONResponse([
-						'status' => 'error',
-						'data' => [
-							'message' => $e->getHint(),
-						],
-					]);
-				}
-				if (!$result && $recoveryEnabledForUser) {
-					return new JSONResponse([
-						'status' => 'error',
-						'data' => [
-							'message' => $this->l->t('Backend doesn\'t support password change, but the user\'s encryption key was updated.'),
-						]
-					]);
-				} elseif (!$result && !$recoveryEnabledForUser) {
-					return new JSONResponse([
-						'status' => 'error',
-						'data' => [
-							'message' => $this->l->t('Unable to change password'),
-						]
-					]);
-				}
-			}
-		} else {
-			try {
-				if ($targetUser->setPassword($password) === false) {
-					return new JSONResponse([
-						'status' => 'error',
-						'data' => [
-							'message' => $this->l->t('Unable to change password'),
-						],
-					]);
-				}
-				// password policy app throws exception
-			} catch (HintException $e) {
-				return new JSONResponse([
-					'status' => 'error',
-					'data' => [
-						'message' => $e->getHint(),
-					],
-				]);
-			}
-		}
+            if ($recoveryEnabledForUser && $recoveryPassword === '') {
+                return new JSONResponse([
+                    'status' => 'error',
+                    'data' => [
+                        'message' => $this->l->t('Please provide an admin recovery password; otherwise, all user data will be lost.'),
+                    ]
+                ]);
+            } elseif ($recoveryEnabledForUser && ! $validRecoveryPassword) {
+                return new JSONResponse([
+                    'status' => 'error',
+                    'data' => [
+                        'message' => $this->l->t('Wrong admin recovery password. Please check the password and try again.'),
+                    ]
+                ]);
+            } else { // now we know that everything is fine regarding the recovery password, let's try to change the password
+                try {
+                    $result = $targetUser->setPassword($password, $recoveryPassword);
+                    // password policy app throws exception
+                } catch (HintException $e) {
+                    return new JSONResponse([
+                        'status' => 'error',
+                        'data' => [
+                            'message' => $e->getHint(),
+                        ],
+                    ]);
+                }
+                if (!$result && $recoveryEnabledForUser) {
+                    return new JSONResponse([
+                        'status' => 'error',
+                        'data' => [
+                            'message' => $this->l->t('Backend doesn\'t support password change, but the user\'s encryption key was updated.'),
+                        ]
+                    ]);
+                } elseif (!$result && !$recoveryEnabledForUser) {
+                    return new JSONResponse([
+                        'status' => 'error',
+                        'data' => [
+                            'message' => $this->l->t('Unable to change password'),
+                        ]
+                    ]);
+                }
+            }
+        } else {
+            try {
+                if ($targetUser->setPassword($password) === false) {
+                    return new JSONResponse([
+                        'status' => 'error',
+                        'data' => [
+                            'message' => $this->l->t('Unable to change password'),
+                        ],
+                    ]);
+                }
+                // password policy app throws exception
+            } catch (HintException $e) {
+                return new JSONResponse([
+                    'status' => 'error',
+                    'data' => [
+                        'message' => $e->getHint(),
+                    ],
+                ]);
+            }
+        }
 
-		return new JSONResponse([
-			'status' => 'success',
-			'data' => [
-				'username' => $username,
-			],
-		]);
-	}
+        return new JSONResponse([
+            'status' => 'success',
+            'data' => [
+                'username' => $username,
+            ],
+        ]);
+    }
 }

apps/admin_audit/lib/AppInfo/Application.php

Indentation +205 added lines, -205 removed lines

@@ -69,216 +69,216 @@
 
 class Application extends App implements IBootstrap {
 
-	/** @var ILogger */
-	protected $logger;
+    /** @var ILogger */
+    protected $logger;
 
-	public function __construct() {
-		parent::__construct('admin_audit');
-	}
+    public function __construct() {
+        parent::__construct('admin_audit');
+    }
 
-	public function register(IRegistrationContext $context): void {
-	}
+    public function register(IRegistrationContext $context): void {
+    }
 
-	public function boot(IBootContext $context): void {
-		/** @var ILogger $logger */
-		$logger = $context->injectFn(
-			Closure::fromCallable([$this, 'getLogger'])
-		);
+    public function boot(IBootContext $context): void {
+        /** @var ILogger $logger */
+        $logger = $context->injectFn(
+            Closure::fromCallable([$this, 'getLogger'])
+        );
 
-		/*
+        /*
 		 * TODO: once the hooks are migrated to lazy events, this should be done
 		 *       in \OCA\AdminAudit\AppInfo\Application::register
 		 */
-		$this->registerHooks($logger, $context->getServerContainer());
-	}
-
-	private function getLogger(IConfig $config,
-							   ILogger $logger,
-							   ILogFactory $logFactory): ILogger {
-		$default = $config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/audit.log';
-		$logFile = $config->getAppValue('admin_audit', 'logfile', $default);
-
-		if ($logFile === null) {
-			return $logger;
-		}
-		return $logFactory->getCustomLogger($logFile);
-	}
-
-	/**
-	 * Register hooks in order to log them
-	 */
-	private function registerHooks(ILogger $logger,
-									 IServerContainer $serverContainer) {
-		$this->userManagementHooks($logger, $serverContainer->get(IUserSession::class));
-		$this->groupHooks($logger, $serverContainer->get(IGroupManager::class));
-		$this->authHooks($logger);
-
-		/** @var EventDispatcherInterface $eventDispatcher */
-		$eventDispatcher = $serverContainer->get(EventDispatcherInterface::class);
-		$this->consoleHooks($logger, $eventDispatcher);
-		$this->appHooks($logger, $eventDispatcher);
-
-		$this->sharingHooks($logger);
-
-		$this->fileHooks($logger, $eventDispatcher);
-		$this->trashbinHooks($logger);
-		$this->versionsHooks($logger);
-
-		$this->securityHooks($logger, $eventDispatcher);
-	}
-
-	private function userManagementHooks(ILogger $logger,
-										 IUserSession $userSession) {
-		$userActions = new UserManagement($logger);
-
-		Util::connectHook('OC_User', 'post_createUser', $userActions, 'create');
-		Util::connectHook('OC_User', 'post_deleteUser', $userActions, 'delete');
-		Util::connectHook('OC_User', 'changeUser', $userActions, 'change');
-
-		assert($userSession instanceof UserSession);
-		$userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']);
-		$userSession->listen('\OC\User', 'assignedUserId', [$userActions, 'assign']);
-		$userSession->listen('\OC\User', 'postUnassignedUserId', [$userActions, 'unassign']);
-	}
-
-	private function groupHooks(ILogger $logger,
-								IGroupManager $groupManager) {
-		$groupActions = new GroupManagement($logger);
-
-		assert($groupManager instanceof GroupManager);
-		$groupManager->listen('\OC\Group', 'postRemoveUser', [$groupActions, 'removeUser']);
-		$groupManager->listen('\OC\Group', 'postAddUser', [$groupActions, 'addUser']);
-		$groupManager->listen('\OC\Group', 'postDelete', [$groupActions, 'deleteGroup']);
-		$groupManager->listen('\OC\Group', 'postCreate', [$groupActions, 'createGroup']);
-	}
-
-	private function sharingHooks(ILogger $logger) {
-		$shareActions = new Sharing($logger);
-
-		Util::connectHook(Share::class, 'post_shared', $shareActions, 'shared');
-		Util::connectHook(Share::class, 'post_unshare', $shareActions, 'unshare');
-		Util::connectHook(Share::class, 'post_unshareFromSelf', $shareActions, 'unshare');
-		Util::connectHook(Share::class, 'post_update_permissions', $shareActions, 'updatePermissions');
-		Util::connectHook(Share::class, 'post_update_password', $shareActions, 'updatePassword');
-		Util::connectHook(Share::class, 'post_set_expiration_date', $shareActions, 'updateExpirationDate');
-		Util::connectHook(Share::class, 'share_link_access', $shareActions, 'shareAccessed');
-	}
-
-	private function authHooks(ILogger $logger) {
-		$authActions = new Auth($logger);
-
-		Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt');
-		Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful');
-		Util::connectHook('OC_User', 'logout', $authActions, 'logout');
-	}
-
-	private function appHooks(ILogger $logger,
-							  EventDispatcherInterface $eventDispatcher) {
-		$eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE, function (ManagerEvent $event) use ($logger) {
-			$appActions = new AppManagement($logger);
-			$appActions->enableApp($event->getAppID());
-		});
-		$eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE_FOR_GROUPS, function (ManagerEvent $event) use ($logger) {
-			$appActions = new AppManagement($logger);
-			$appActions->enableAppForGroups($event->getAppID(), $event->getGroups());
-		});
-		$eventDispatcher->addListener(ManagerEvent::EVENT_APP_DISABLE, function (ManagerEvent $event) use ($logger) {
-			$appActions = new AppManagement($logger);
-			$appActions->disableApp($event->getAppID());
-		});
-	}
-
-	private function consoleHooks(ILogger $logger,
-								  EventDispatcherInterface $eventDispatcher) {
-		$eventDispatcher->addListener(ConsoleEvent::EVENT_RUN, function (ConsoleEvent $event) use ($logger) {
-			$appActions = new Console($logger);
-			$appActions->runCommand($event->getArguments());
-		});
-	}
-
-	private function fileHooks(ILogger $logger,
-							   EventDispatcherInterface $eventDispatcher) {
-		$fileActions = new Files($logger);
-		$eventDispatcher->addListener(
-			IPreview::EVENT,
-			function (GenericEvent $event) use ($fileActions) {
-				/** @var File $file */
-				$file = $event->getSubject();
-				$fileActions->preview([
-					'path' => mb_substr($file->getInternalPath(), 5),
-					'width' => $event->getArguments()['width'],
-					'height' => $event->getArguments()['height'],
-					'crop' => $event->getArguments()['crop'],
-					'mode' => $event->getArguments()['mode']
-				]);
-			}
-		);
-
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_post_rename,
-			$fileActions,
-			'rename'
-		);
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_post_create,
-			$fileActions,
-			'create'
-		);
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_post_copy,
-			$fileActions,
-			'copy'
-		);
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_post_write,
-			$fileActions,
-			'write'
-		);
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_post_update,
-			$fileActions,
-			'update'
-		);
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_read,
-			$fileActions,
-			'read'
-		);
-		Util::connectHook(
-			Filesystem::CLASSNAME,
-			Filesystem::signal_delete,
-			$fileActions,
-			'delete'
-		);
-	}
-
-	private function versionsHooks(ILogger $logger) {
-		$versionsActions = new Versions($logger);
-		Util::connectHook('\OCP\Versions', 'rollback', $versionsActions, 'rollback');
-		Util::connectHook('\OCP\Versions', 'delete', $versionsActions, 'delete');
-	}
-
-	private function trashbinHooks(ILogger $logger) {
-		$trashActions = new Trashbin($logger);
-		Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
-		Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
-	}
-
-	private function securityHooks(ILogger $logger,
-								   EventDispatcherInterface $eventDispatcher) {
-		$eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function (GenericEvent $event) use ($logger) {
-			$security = new Security($logger);
-			$security->twofactorSuccess($event->getSubject(), $event->getArguments());
-		});
-		$eventDispatcher->addListener(IProvider::EVENT_FAILED, function (GenericEvent $event) use ($logger) {
-			$security = new Security($logger);
-			$security->twofactorFailed($event->getSubject(), $event->getArguments());
-		});
-	}
+        $this->registerHooks($logger, $context->getServerContainer());
+    }
+
+    private function getLogger(IConfig $config,
+                                ILogger $logger,
+                                ILogFactory $logFactory): ILogger {
+        $default = $config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/audit.log';
+        $logFile = $config->getAppValue('admin_audit', 'logfile', $default);
+
+        if ($logFile === null) {
+            return $logger;
+        }
+        return $logFactory->getCustomLogger($logFile);
+    }
+
+    /**
+     * Register hooks in order to log them
+     */
+    private function registerHooks(ILogger $logger,
+                                        IServerContainer $serverContainer) {
+        $this->userManagementHooks($logger, $serverContainer->get(IUserSession::class));
+        $this->groupHooks($logger, $serverContainer->get(IGroupManager::class));
+        $this->authHooks($logger);
+
+        /** @var EventDispatcherInterface $eventDispatcher */
+        $eventDispatcher = $serverContainer->get(EventDispatcherInterface::class);
+        $this->consoleHooks($logger, $eventDispatcher);
+        $this->appHooks($logger, $eventDispatcher);
+
+        $this->sharingHooks($logger);
+
+        $this->fileHooks($logger, $eventDispatcher);
+        $this->trashbinHooks($logger);
+        $this->versionsHooks($logger);
+
+        $this->securityHooks($logger, $eventDispatcher);
+    }
+
+    private function userManagementHooks(ILogger $logger,
+                                            IUserSession $userSession) {
+        $userActions = new UserManagement($logger);
+
+        Util::connectHook('OC_User', 'post_createUser', $userActions, 'create');
+        Util::connectHook('OC_User', 'post_deleteUser', $userActions, 'delete');
+        Util::connectHook('OC_User', 'changeUser', $userActions, 'change');
+
+        assert($userSession instanceof UserSession);
+        $userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']);
+        $userSession->listen('\OC\User', 'assignedUserId', [$userActions, 'assign']);
+        $userSession->listen('\OC\User', 'postUnassignedUserId', [$userActions, 'unassign']);
+    }
+
+    private function groupHooks(ILogger $logger,
+                                IGroupManager $groupManager) {
+        $groupActions = new GroupManagement($logger);
+
+        assert($groupManager instanceof GroupManager);
+        $groupManager->listen('\OC\Group', 'postRemoveUser', [$groupActions, 'removeUser']);
+        $groupManager->listen('\OC\Group', 'postAddUser', [$groupActions, 'addUser']);
+        $groupManager->listen('\OC\Group', 'postDelete', [$groupActions, 'deleteGroup']);
+        $groupManager->listen('\OC\Group', 'postCreate', [$groupActions, 'createGroup']);
+    }
+
+    private function sharingHooks(ILogger $logger) {
+        $shareActions = new Sharing($logger);
+
+        Util::connectHook(Share::class, 'post_shared', $shareActions, 'shared');
+        Util::connectHook(Share::class, 'post_unshare', $shareActions, 'unshare');
+        Util::connectHook(Share::class, 'post_unshareFromSelf', $shareActions, 'unshare');
+        Util::connectHook(Share::class, 'post_update_permissions', $shareActions, 'updatePermissions');
+        Util::connectHook(Share::class, 'post_update_password', $shareActions, 'updatePassword');
+        Util::connectHook(Share::class, 'post_set_expiration_date', $shareActions, 'updateExpirationDate');
+        Util::connectHook(Share::class, 'share_link_access', $shareActions, 'shareAccessed');
+    }
+
+    private function authHooks(ILogger $logger) {
+        $authActions = new Auth($logger);
+
+        Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt');
+        Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful');
+        Util::connectHook('OC_User', 'logout', $authActions, 'logout');
+    }
+
+    private function appHooks(ILogger $logger,
+                                EventDispatcherInterface $eventDispatcher) {
+        $eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE, function (ManagerEvent $event) use ($logger) {
+            $appActions = new AppManagement($logger);
+            $appActions->enableApp($event->getAppID());
+        });
+        $eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE_FOR_GROUPS, function (ManagerEvent $event) use ($logger) {
+            $appActions = new AppManagement($logger);
+            $appActions->enableAppForGroups($event->getAppID(), $event->getGroups());
+        });
+        $eventDispatcher->addListener(ManagerEvent::EVENT_APP_DISABLE, function (ManagerEvent $event) use ($logger) {
+            $appActions = new AppManagement($logger);
+            $appActions->disableApp($event->getAppID());
+        });
+    }
+
+    private function consoleHooks(ILogger $logger,
+                                    EventDispatcherInterface $eventDispatcher) {
+        $eventDispatcher->addListener(ConsoleEvent::EVENT_RUN, function (ConsoleEvent $event) use ($logger) {
+            $appActions = new Console($logger);
+            $appActions->runCommand($event->getArguments());
+        });
+    }
+
+    private function fileHooks(ILogger $logger,
+                                EventDispatcherInterface $eventDispatcher) {
+        $fileActions = new Files($logger);
+        $eventDispatcher->addListener(
+            IPreview::EVENT,
+            function (GenericEvent $event) use ($fileActions) {
+                /** @var File $file */
+                $file = $event->getSubject();
+                $fileActions->preview([
+                    'path' => mb_substr($file->getInternalPath(), 5),
+                    'width' => $event->getArguments()['width'],
+                    'height' => $event->getArguments()['height'],
+                    'crop' => $event->getArguments()['crop'],
+                    'mode' => $event->getArguments()['mode']
+                ]);
+            }
+        );
+
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_post_rename,
+            $fileActions,
+            'rename'
+        );
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_post_create,
+            $fileActions,
+            'create'
+        );
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_post_copy,
+            $fileActions,
+            'copy'
+        );
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_post_write,
+            $fileActions,
+            'write'
+        );
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_post_update,
+            $fileActions,
+            'update'
+        );
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_read,
+            $fileActions,
+            'read'
+        );
+        Util::connectHook(
+            Filesystem::CLASSNAME,
+            Filesystem::signal_delete,
+            $fileActions,
+            'delete'
+        );
+    }
+
+    private function versionsHooks(ILogger $logger) {
+        $versionsActions = new Versions($logger);
+        Util::connectHook('\OCP\Versions', 'rollback', $versionsActions, 'rollback');
+        Util::connectHook('\OCP\Versions', 'delete', $versionsActions, 'delete');
+    }
+
+    private function trashbinHooks(ILogger $logger) {
+        $trashActions = new Trashbin($logger);
+        Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
+        Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
+    }
+
+    private function securityHooks(ILogger $logger,
+                                    EventDispatcherInterface $eventDispatcher) {
+        $eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function (GenericEvent $event) use ($logger) {
+            $security = new Security($logger);
+            $security->twofactorSuccess($event->getSubject(), $event->getArguments());
+        });
+        $eventDispatcher->addListener(IProvider::EVENT_FAILED, function (GenericEvent $event) use ($logger) {
+            $security = new Security($logger);
+            $security->twofactorFailed($event->getSubject(), $event->getArguments());
+        });
+    }
 }