nextcloud / server

lib/private/legacy/OC_Util.php

Indentation +1136 added lines, -1136 removed lines

@@ -76,1143 +76,1143 @@
 use Psr\Log\LoggerInterface;
 
 class OC_Util {
-	public static $scripts = [];
-	public static $styles = [];
-	public static $headers = [];
-
-	/** @var array Local cache of version.php */
-	private static $versionCache = null;
-
-	protected static function getAppManager() {
-		return \OC::$server->getAppManager();
-	}
-
-	/**
-	 * Setup the file system
-	 *
-	 * @param string|null $user
-	 * @return boolean
-	 * @description configure the initial filesystem based on the configuration
-	 * @suppress PhanDeprecatedFunction
-	 * @suppress PhanAccessMethodInternal
-	 */
-	public static function setupFS(?string $user = '') {
-		// If we are not forced to load a specific user we load the one that is logged in
-		if ($user === '') {
-			$userObject = \OC::$server->get(\OCP\IUserSession::class)->getUser();
-		} else {
-			$userObject = \OC::$server->get(\OCP\IUserManager::class)->get($user);
-		}
-
-		/** @var SetupManager $setupManager */
-		$setupManager = \OC::$server->get(SetupManager::class);
-
-		if ($userObject) {
-			$setupManager->setupForUser($userObject);
-		} else {
-			$setupManager->setupRoot();
-		}
-		return true;
-	}
-
-	/**
-	 * Check if a password is required for each public link
-	 *
-	 * @param bool $checkGroupMembership Check group membership exclusion
-	 * @return boolean
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function isPublicLinkPasswordRequired(bool $checkGroupMembership = true) {
-		/** @var IManager $shareManager */
-		$shareManager = \OC::$server->get(IManager::class);
-		return $shareManager->shareApiLinkEnforcePassword($checkGroupMembership);
-	}
-
-	/**
-	 * check if sharing is disabled for the current user
-	 * @param IConfig $config
-	 * @param IGroupManager $groupManager
-	 * @param IUser|null $user
-	 * @return bool
-	 */
-	public static function isSharingDisabledForUser(IConfig $config, IGroupManager $groupManager, $user) {
-		/** @var IManager $shareManager */
-		$shareManager = \OC::$server->get(IManager::class);
-		$userId = $user ? $user->getUID() : null;
-		return $shareManager->sharingDisabledForUser($userId);
-	}
-
-	/**
-	 * check if share API enforces a default expire date
-	 *
-	 * @return bool
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function isDefaultExpireDateEnforced() {
-		/** @var IManager $shareManager */
-		$shareManager = \OC::$server->get(IManager::class);
-		return $shareManager->shareApiLinkDefaultExpireDateEnforced();
-	}
-
-	/**
-	 * Get the quota of a user
-	 *
-	 * @param IUser|null $user
-	 * @return int|\OCP\Files\FileInfo::SPACE_UNLIMITED|false|float Quota bytes
-	 */
-	public static function getUserQuota(?IUser $user) {
-		if (is_null($user)) {
-			return \OCP\Files\FileInfo::SPACE_UNLIMITED;
-		}
-		$userQuota = $user->getQuota();
-		if ($userQuota === 'none') {
-			return \OCP\Files\FileInfo::SPACE_UNLIMITED;
-		}
-		return OC_Helper::computerFileSize($userQuota);
-	}
-
-	/**
-	 * copies the skeleton to the users /files
-	 *
-	 * @param string $userId
-	 * @param \OCP\Files\Folder $userDirectory
-	 * @throws \OCP\Files\NotFoundException
-	 * @throws \OCP\Files\NotPermittedException
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function copySkeleton($userId, \OCP\Files\Folder $userDirectory) {
-		/** @var LoggerInterface $logger */
-		$logger = \OC::$server->get(LoggerInterface::class);
-
-		$plainSkeletonDirectory = \OC::$server->getConfig()->getSystemValueString('skeletondirectory', \OC::$SERVERROOT . '/core/skeleton');
-		$userLang = \OC::$server->getL10NFactory()->findLanguage();
-		$skeletonDirectory = str_replace('{lang}', $userLang, $plainSkeletonDirectory);
-
-		if (!file_exists($skeletonDirectory)) {
-			$dialectStart = strpos($userLang, '_');
-			if ($dialectStart !== false) {
-				$skeletonDirectory = str_replace('{lang}', substr($userLang, 0, $dialectStart), $plainSkeletonDirectory);
-			}
-			if ($dialectStart === false || !file_exists($skeletonDirectory)) {
-				$skeletonDirectory = str_replace('{lang}', 'default', $plainSkeletonDirectory);
-			}
-			if (!file_exists($skeletonDirectory)) {
-				$skeletonDirectory = '';
-			}
-		}
-
-		$instanceId = \OC::$server->getConfig()->getSystemValue('instanceid', '');
-
-		if ($instanceId === null) {
-			throw new \RuntimeException('no instance id!');
-		}
-		$appdata = 'appdata_' . $instanceId;
-		if ($userId === $appdata) {
-			throw new \RuntimeException('username is reserved name: ' . $appdata);
-		}
-
-		if (!empty($skeletonDirectory)) {
-			$logger->debug('copying skeleton for '.$userId.' from '.$skeletonDirectory.' to '.$userDirectory->getFullPath('/'), ['app' => 'files_skeleton']);
-			self::copyr($skeletonDirectory, $userDirectory);
-			// update the file cache
-			$userDirectory->getStorage()->getScanner()->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE);
-
-			/** @var ITemplateManager $templateManager */
-			$templateManager = \OC::$server->get(ITemplateManager::class);
-			$templateManager->initializeTemplateDirectory(null, $userId);
-		}
-	}
-
-	/**
-	 * copies a directory recursively by using streams
-	 *
-	 * @param string $source
-	 * @param \OCP\Files\Folder $target
-	 * @return void
-	 */
-	public static function copyr($source, \OCP\Files\Folder $target) {
-		$logger = \OC::$server->getLogger();
-
-		// Verify if folder exists
-		$dir = opendir($source);
-		if ($dir === false) {
-			$logger->error(sprintf('Could not opendir "%s"', $source), ['app' => 'core']);
-			return;
-		}
-
-		// Copy the files
-		while (false !== ($file = readdir($dir))) {
-			if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
-				if (is_dir($source . '/' . $file)) {
-					$child = $target->newFolder($file);
-					self::copyr($source . '/' . $file, $child);
-				} else {
-					$child = $target->newFile($file);
-					$sourceStream = fopen($source . '/' . $file, 'r');
-					if ($sourceStream === false) {
-						$logger->error(sprintf('Could not fopen "%s"', $source . '/' . $file), ['app' => 'core']);
-						closedir($dir);
-						return;
-					}
-					$child->putContent($sourceStream);
-				}
-			}
-		}
-		closedir($dir);
-	}
-
-	/**
-	 * @return void
-	 * @suppress PhanUndeclaredMethod
-	 */
-	public static function tearDownFS() {
-		/** @var SetupManager $setupManager */
-		$setupManager = \OC::$server->get(SetupManager::class);
-		$setupManager->tearDown();
-	}
-
-	/**
-	 * get the current installed version of ownCloud
-	 *
-	 * @return array
-	 */
-	public static function getVersion() {
-		OC_Util::loadVersion();
-		return self::$versionCache['OC_Version'];
-	}
-
-	/**
-	 * get the current installed version string of ownCloud
-	 *
-	 * @return string
-	 */
-	public static function getVersionString() {
-		OC_Util::loadVersion();
-		return self::$versionCache['OC_VersionString'];
-	}
-
-	/**
-	 * @deprecated the value is of no use anymore
-	 * @return string
-	 */
-	public static function getEditionString() {
-		return '';
-	}
-
-	/**
-	 * @description get the update channel of the current installed of ownCloud.
-	 * @return string
-	 */
-	public static function getChannel() {
-		OC_Util::loadVersion();
-		return \OC::$server->getConfig()->getSystemValueString('updater.release.channel', self::$versionCache['OC_Channel']);
-	}
-
-	/**
-	 * @description get the build number of the current installed of ownCloud.
-	 * @return string
-	 */
-	public static function getBuild() {
-		OC_Util::loadVersion();
-		return self::$versionCache['OC_Build'];
-	}
-
-	/**
-	 * @description load the version.php into the session as cache
-	 * @suppress PhanUndeclaredVariable
-	 */
-	private static function loadVersion() {
-		if (self::$versionCache !== null) {
-			return;
-		}
-
-		require OC::$SERVERROOT . '/version.php';
-		/** @var int $timestamp */
-		self::$versionCache['OC_Version_Timestamp'] = \OC::$VERSION_MTIME;
-		/** @var string $OC_Version */
-		self::$versionCache['OC_Version'] = $OC_Version;
-		/** @var string $OC_VersionString */
-		self::$versionCache['OC_VersionString'] = $OC_VersionString;
-		/** @var string $OC_Build */
-		self::$versionCache['OC_Build'] = $OC_Build;
-
-		/** @var string $OC_Channel */
-		self::$versionCache['OC_Channel'] = $OC_Channel;
-	}
-
-	/**
-	 * generates a path for JS/CSS files. If no application is provided it will create the path for core.
-	 *
-	 * @param string $application application to get the files from
-	 * @param string $directory directory within this application (css, js, vendor, etc)
-	 * @param string $file the file inside of the above folder
-	 * @return string the path
-	 */
-	private static function generatePath($application, $directory, $file) {
-		if (is_null($file)) {
-			$file = $application;
-			$application = "";
-		}
-		if (!empty($application)) {
-			return "$application/$directory/$file";
-		} else {
-			return "$directory/$file";
-		}
-	}
-
-	/**
-	 * add a javascript file
-	 *
-	 * @deprecated 24.0.0 - Use \OCP\Util::addScript
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Script to the beginning of the list
-	 * @return void
-	 */
-	public static function addScript($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'js', $file);
-
-		// core js files need separate handling
-		if ($application !== 'core' && $file !== null) {
-			self::addTranslations($application);
-		}
-		self::addExternalResource($application, $prepend, $path, "script");
-	}
-
-	/**
-	 * add a javascript file from the vendor sub folder
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Script to the beginning of the list
-	 * @return void
-	 */
-	public static function addVendorScript($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'vendor', $file);
-		self::addExternalResource($application, $prepend, $path, "script");
-	}
-
-	/**
-	 * add a translation JS file
-	 *
-	 * @deprecated 24.0.0
-	 *
-	 * @param string $application application id
-	 * @param string|null $languageCode language code, defaults to the current language
-	 * @param bool|null $prepend prepend the Script to the beginning of the list
-	 */
-	public static function addTranslations($application, $languageCode = null, $prepend = false) {
-		if (is_null($languageCode)) {
-			$languageCode = \OC::$server->getL10NFactory()->findLanguage($application);
-		}
-		if (!empty($application)) {
-			$path = "$application/l10n/$languageCode";
-		} else {
-			$path = "l10n/$languageCode";
-		}
-		self::addExternalResource($application, $prepend, $path, "script");
-	}
-
-	/**
-	 * add a css file
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Style to the beginning of the list
-	 * @return void
-	 */
-	public static function addStyle($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'css', $file);
-		self::addExternalResource($application, $prepend, $path, "style");
-	}
-
-	/**
-	 * add a css file from the vendor sub folder
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Style to the beginning of the list
-	 * @return void
-	 */
-	public static function addVendorStyle($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'vendor', $file);
-		self::addExternalResource($application, $prepend, $path, "style");
-	}
-
-	/**
-	 * add an external resource css/js file
-	 *
-	 * @param string $application application id
-	 * @param bool $prepend prepend the file to the beginning of the list
-	 * @param string $path
-	 * @param string $type (script or style)
-	 * @return void
-	 */
-	private static function addExternalResource($application, $prepend, $path, $type = "script") {
-		if ($type === "style") {
-			if (!in_array($path, self::$styles)) {
-				if ($prepend === true) {
-					array_unshift(self::$styles, $path);
-				} else {
-					self::$styles[] = $path;
-				}
-			}
-		} elseif ($type === "script") {
-			if (!in_array($path, self::$scripts)) {
-				if ($prepend === true) {
-					array_unshift(self::$scripts, $path);
-				} else {
-					self::$scripts [] = $path;
-				}
-			}
-		}
-	}
-
-	/**
-	 * Add a custom element to the header
-	 * If $text is null then the element will be written as empty element.
-	 * So use "" to get a closing tag.
-	 * @param string $tag tag name of the element
-	 * @param array $attributes array of attributes for the element
-	 * @param string $text the text content for the element
-	 * @param bool $prepend prepend the header to the beginning of the list
-	 */
-	public static function addHeader($tag, $attributes, $text = null, $prepend = false) {
-		$header = [
-			'tag' => $tag,
-			'attributes' => $attributes,
-			'text' => $text
-		];
-		if ($prepend === true) {
-			array_unshift(self::$headers, $header);
-		} else {
-			self::$headers[] = $header;
-		}
-	}
-
-	/**
-	 * check if the current server configuration is suitable for ownCloud
-	 *
-	 * @param \OC\SystemConfig $config
-	 * @return array arrays with error messages and hints
-	 */
-	public static function checkServer(\OC\SystemConfig $config) {
-		$l = \OC::$server->getL10N('lib');
-		$errors = [];
-		$CONFIG_DATADIRECTORY = $config->getValue('datadirectory', OC::$SERVERROOT . '/data');
-
-		if (!self::needUpgrade($config) && $config->getValue('installed', false)) {
-			// this check needs to be done every time
-			$errors = self::checkDataDirectoryValidity($CONFIG_DATADIRECTORY);
-		}
-
-		// Assume that if checkServer() succeeded before in this session, then all is fine.
-		if (\OC::$server->getSession()->exists('checkServer_succeeded') && \OC::$server->getSession()->get('checkServer_succeeded')) {
-			return $errors;
-		}
-
-		$webServerRestart = false;
-		$setup = new \OC\Setup(
-			$config,
-			\OC::$server->get(IniGetWrapper::class),
-			\OC::$server->getL10N('lib'),
-			\OC::$server->get(\OCP\Defaults::class),
-			\OC::$server->get(LoggerInterface::class),
-			\OC::$server->getSecureRandom(),
-			\OC::$server->get(\OC\Installer::class)
-		);
-
-		$urlGenerator = \OC::$server->getURLGenerator();
-
-		$availableDatabases = $setup->getSupportedDatabases();
-		if (empty($availableDatabases)) {
-			$errors[] = [
-				'error' => $l->t('No database drivers (sqlite, mysql, or postgresql) installed.'),
-				'hint' => '' //TODO: sane hint
-			];
-			$webServerRestart = true;
-		}
-
-		// Check if config folder is writable.
-		if (!OC_Helper::isReadOnlyConfigEnabled()) {
-			if (!is_writable(OC::$configDir) or !is_readable(OC::$configDir)) {
-				$errors[] = [
-					'error' => $l->t('Cannot write into "config" directory.'),
-					'hint' => $l->t('This can usually be fixed by giving the web server write access to the config directory. See %s',
-						[ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. '
-						. $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s',
-							[ $urlGenerator->linkToDocs('admin-config') ])
-				];
-			}
-		}
-
-		// Check if there is a writable install folder.
-		if ($config->getValue('appstoreenabled', true)) {
-			if (OC_App::getInstallPath() === null
-				|| !is_writable(OC_App::getInstallPath())
-				|| !is_readable(OC_App::getInstallPath())
-			) {
-				$errors[] = [
-					'error' => $l->t('Cannot write into "apps" directory.'),
-					'hint' => $l->t('This can usually be fixed by giving the web server write access to the apps directory'
-						. ' or disabling the App Store in the config file.')
-				];
-			}
-		}
-		// Create root dir.
-		if ($config->getValue('installed', false)) {
-			if (!is_dir($CONFIG_DATADIRECTORY)) {
-				$success = @mkdir($CONFIG_DATADIRECTORY);
-				if ($success) {
-					$errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
-				} else {
-					$errors[] = [
-						'error' => $l->t('Cannot create "data" directory.'),
-						'hint' => $l->t('This can usually be fixed by giving the web server write access to the root directory. See %s',
-							[$urlGenerator->linkToDocs('admin-dir_permissions')])
-					];
-				}
-			} elseif (!is_writable($CONFIG_DATADIRECTORY) or !is_readable($CONFIG_DATADIRECTORY)) {
-				// is_writable doesn't work for NFS mounts, so try to write a file and check if it exists.
-				$testFile = sprintf('%s/%s.tmp', $CONFIG_DATADIRECTORY, uniqid('data_dir_writability_test_'));
-				$handle = fopen($testFile, 'w');
-				if (!$handle || fwrite($handle, 'Test write operation') === false) {
-					$permissionsHint = $l->t('Permissions can usually be fixed by giving the web server write access to the root directory. See %s.',
-						[$urlGenerator->linkToDocs('admin-dir_permissions')]);
-					$errors[] = [
-						'error' => $l->t('Your data directory is not writable.'),
-						'hint' => $permissionsHint
-					];
-				} else {
-					fclose($handle);
-					unlink($testFile);
-				}
-			} else {
-				$errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
-			}
-		}
-
-		if (!OC_Util::isSetLocaleWorking()) {
-			$errors[] = [
-				'error' => $l->t('Setting locale to %s failed.',
-					['en_US.UTF-8/fr_FR.UTF-8/es_ES.UTF-8/de_DE.UTF-8/ru_RU.UTF-8/'
-						. 'pt_BR.UTF-8/it_IT.UTF-8/ja_JP.UTF-8/zh_CN.UTF-8']),
-				'hint' => $l->t('Please install one of these locales on your system and restart your web server.')
-			];
-		}
-
-		// Contains the dependencies that should be checked against
-		// classes = class_exists
-		// functions = function_exists
-		// defined = defined
-		// ini = ini_get
-		// If the dependency is not found the missing module name is shown to the EndUser
-		// When adding new checks always verify that they pass on Travis as well
-		// for ini settings, see https://github.com/owncloud/administration/blob/master/travis-ci/custom.ini
-		$dependencies = [
-			'classes' => [
-				'ZipArchive' => 'zip',
-				'DOMDocument' => 'dom',
-				'XMLWriter' => 'XMLWriter',
-				'XMLReader' => 'XMLReader',
-			],
-			'functions' => [
-				'xml_parser_create' => 'libxml',
-				'mb_strcut' => 'mbstring',
-				'ctype_digit' => 'ctype',
-				'json_encode' => 'JSON',
-				'gd_info' => 'GD',
-				'gzencode' => 'zlib',
-				'simplexml_load_string' => 'SimpleXML',
-				'hash' => 'HASH Message Digest Framework',
-				'curl_init' => 'cURL',
-				'openssl_verify' => 'OpenSSL',
-			],
-			'defined' => [
-				'PDO::ATTR_DRIVER_NAME' => 'PDO'
-			],
-			'ini' => [
-				'default_charset' => 'UTF-8',
-			],
-		];
-		$missingDependencies = [];
-		$invalidIniSettings = [];
-
-		$iniWrapper = \OC::$server->get(IniGetWrapper::class);
-		foreach ($dependencies['classes'] as $class => $module) {
-			if (!class_exists($class)) {
-				$missingDependencies[] = $module;
-			}
-		}
-		foreach ($dependencies['functions'] as $function => $module) {
-			if (!function_exists($function)) {
-				$missingDependencies[] = $module;
-			}
-		}
-		foreach ($dependencies['defined'] as $defined => $module) {
-			if (!defined($defined)) {
-				$missingDependencies[] = $module;
-			}
-		}
-		foreach ($dependencies['ini'] as $setting => $expected) {
-			if (strtolower($iniWrapper->getString($setting)) !== strtolower($expected)) {
-				$invalidIniSettings[] = [$setting, $expected];
-			}
-		}
-
-		foreach ($missingDependencies as $missingDependency) {
-			$errors[] = [
-				'error' => $l->t('PHP module %s not installed.', [$missingDependency]),
-				'hint' => $l->t('Please ask your server administrator to install the module.'),
-			];
-			$webServerRestart = true;
-		}
-		foreach ($invalidIniSettings as $setting) {
-			$errors[] = [
-				'error' => $l->t('PHP setting "%s" is not set to "%s".', [$setting[0], var_export($setting[1], true)]),
-				'hint' => $l->t('Adjusting this setting in php.ini will make Nextcloud run again')
-			];
-			$webServerRestart = true;
-		}
-
-		/**
-		 * The mbstring.func_overload check can only be performed if the mbstring
-		 * module is installed as it will return null if the checking setting is
-		 * not available and thus a check on the boolean value fails.
-		 *
-		 * TODO: Should probably be implemented in the above generic dependency
-		 *       check somehow in the long-term.
-		 */
-		if ($iniWrapper->getBool('mbstring.func_overload') !== null &&
-			$iniWrapper->getBool('mbstring.func_overload') === true) {
-			$errors[] = [
-				'error' => $l->t('<code>mbstring.func_overload</code> is set to <code>%s</code> instead of the expected value <code>0</code>.', [$iniWrapper->getString('mbstring.func_overload')]),
-				'hint' => $l->t('To fix this issue set <code>mbstring.func_overload</code> to <code>0</code> in your php.ini.')
-			];
-		}
-
-		if (!self::isAnnotationsWorking()) {
-			$errors[] = [
-				'error' => $l->t('PHP is apparently set up to strip inline doc blocks. This will make several core apps inaccessible.'),
-				'hint' => $l->t('This is probably caused by a cache/accelerator such as Zend OPcache or eAccelerator.')
-			];
-		}
-
-		if (!\OC::$CLI && $webServerRestart) {
-			$errors[] = [
-				'error' => $l->t('PHP modules have been installed, but they are still listed as missing?'),
-				'hint' => $l->t('Please ask your server administrator to restart the web server.')
-			];
-		}
-
-		foreach (['secret', 'instanceid', 'passwordsalt'] as $requiredConfig) {
-			if ($config->getValue($requiredConfig, '') === '' && !\OC::$CLI && $config->getValue('installed', false)) {
-				$errors[] = [
-					'error' => $l->t('The required %s config variable is not configured in the config.php file.', [$requiredConfig]),
-					'hint' => $l->t('Please ask your server administrator to check the Nextcloud configuration.')
-				];
-			}
-		}
-
-		$errors = array_merge($errors, self::checkDatabaseVersion());
-
-		// Cache the result of this function
-		\OC::$server->getSession()->set('checkServer_succeeded', count($errors) == 0);
-
-		return $errors;
-	}
-
-	/**
-	 * Check the database version
-	 *
-	 * @return array errors array
-	 */
-	public static function checkDatabaseVersion() {
-		$l = \OC::$server->getL10N('lib');
-		$errors = [];
-		$dbType = \OC::$server->getSystemConfig()->getValue('dbtype', 'sqlite');
-		if ($dbType === 'pgsql') {
-			// check PostgreSQL version
-			// TODO latest postgresql 8 released was 8 years ago, maybe remove the
-			// check completely?
-			try {
-				/** @var IDBConnection $connection */
-				$connection = \OC::$server->get(IDBConnection::class);
-				$result = $connection->executeQuery('SHOW SERVER_VERSION');
-				$data = $result->fetch();
-				$result->closeCursor();
-				if (isset($data['server_version'])) {
-					$version = $data['server_version'];
-					if (version_compare($version, '9.0.0', '<')) {
-						$errors[] = [
-							'error' => $l->t('PostgreSQL >= 9 required.'),
-							'hint' => $l->t('Please upgrade your database version.')
-						];
-					}
-				}
-			} catch (\Doctrine\DBAL\Exception $e) {
-				$logger = \OC::$server->getLogger();
-				$logger->warning('Error occurred while checking PostgreSQL version, assuming >= 9');
-				$logger->logException($e);
-			}
-		}
-		return $errors;
-	}
-
-	/**
-	 * Check for correct file permissions of data directory
-	 *
-	 * @param string $dataDirectory
-	 * @return array arrays with error messages and hints
-	 */
-	public static function checkDataDirectoryPermissions($dataDirectory) {
-		if (!\OC::$server->getConfig()->getSystemValueBool('check_data_directory_permissions', true)) {
-			return  [];
-		}
-
-		$perms = substr(decoct(@fileperms($dataDirectory)), -3);
-		if (substr($perms, -1) !== '0') {
-			chmod($dataDirectory, 0770);
-			clearstatcache();
-			$perms = substr(decoct(@fileperms($dataDirectory)), -3);
-			if ($perms[2] !== '0') {
-				$l = \OC::$server->getL10N('lib');
-				return [[
-					'error' => $l->t('Your data directory is readable by other users.'),
-					'hint' => $l->t('Please change the permissions to 0770 so that the directory cannot be listed by other users.'),
-				]];
-			}
-		}
-		return [];
-	}
-
-	/**
-	 * Check that the data directory exists and is valid by
-	 * checking the existence of the ".ocdata" file.
-	 *
-	 * @param string $dataDirectory data directory path
-	 * @return array errors found
-	 */
-	public static function checkDataDirectoryValidity($dataDirectory) {
-		$l = \OC::$server->getL10N('lib');
-		$errors = [];
-		if ($dataDirectory[0] !== '/') {
-			$errors[] = [
-				'error' => $l->t('Your data directory must be an absolute path.'),
-				'hint' => $l->t('Check the value of "datadirectory" in your configuration.')
-			];
-		}
-		if (!file_exists($dataDirectory . '/.ocdata')) {
-			$errors[] = [
-				'error' => $l->t('Your data directory is invalid.'),
-				'hint' => $l->t('Ensure there is a file called ".ocdata"' .
-					' in the root of the data directory.')
-			];
-		}
-		return $errors;
-	}
-
-	/**
-	 * Check if the user is logged in, redirects to home if not. With
-	 * redirect URL parameter to the request URI.
-	 *
-	 * @return void
-	 */
-	public static function checkLoggedIn() {
-		// Check if we are a user
-		if (!\OC::$server->getUserSession()->isLoggedIn()) {
-			header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute(
-				'core.login.showLoginForm',
-				[
-					'redirect_url' => \OC::$server->getRequest()->getRequestUri(),
-				]
-			)
-			);
-			exit();
-		}
-		// Redirect to 2FA challenge selection if 2FA challenge was not solved yet
-		if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
-			header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
-			exit();
-		}
-	}
-
-	/**
-	 * Check if the user is a admin, redirects to home if not
-	 *
-	 * @return void
-	 */
-	public static function checkAdminUser() {
-		OC_Util::checkLoggedIn();
-		if (!OC_User::isAdminUser(OC_User::getUser())) {
-			header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
-			exit();
-		}
-	}
-
-	/**
-	 * Returns the URL of the default page
-	 * based on the system configuration and
-	 * the apps visible for the current user
-	 *
-	 * @return string URL
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function getDefaultPageUrl() {
-		/** @var IURLGenerator $urlGenerator */
-		$urlGenerator = \OC::$server->get(IURLGenerator::class);
-		return $urlGenerator->linkToDefaultPageUrl();
-	}
-
-	/**
-	 * Redirect to the user default page
-	 *
-	 * @return void
-	 */
-	public static function redirectToDefaultPage() {
-		$location = self::getDefaultPageUrl();
-		header('Location: ' . $location);
-		exit();
-	}
-
-	/**
-	 * get an id unique for this instance
-	 *
-	 * @return string
-	 */
-	public static function getInstanceId() {
-		$id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
-		if (is_null($id)) {
-			// We need to guarantee at least one letter in instanceid so it can be used as the session_name
-			$id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
-			\OC::$server->getSystemConfig()->setValue('instanceid', $id);
-		}
-		return $id;
-	}
-
-	/**
-	 * Public function to sanitize HTML
-	 *
-	 * This function is used to sanitize HTML and should be applied on any
-	 * string or array of strings before displaying it on a web page.
-	 *
-	 * @param string|string[] $value
-	 * @return string|string[] an array of sanitized strings or a single sanitized string, depends on the input parameter.
-	 */
-	public static function sanitizeHTML($value) {
-		if (is_array($value)) {
-			/** @var string[] $value */
-			$value = array_map(function ($value) {
-				return self::sanitizeHTML($value);
-			}, $value);
-		} else {
-			// Specify encoding for PHP<5.4
-			$value = htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
-		}
-		return $value;
-	}
-
-	/**
-	 * Public function to encode url parameters
-	 *
-	 * This function is used to encode path to file before output.
-	 * Encoding is done according to RFC 3986 with one exception:
-	 * Character '/' is preserved as is.
-	 *
-	 * @param string $component part of URI to encode
-	 * @return string
-	 */
-	public static function encodePath($component) {
-		$encoded = rawurlencode($component);
-		$encoded = str_replace('%2F', '/', $encoded);
-		return $encoded;
-	}
-
-
-	public function createHtaccessTestFile(\OCP\IConfig $config) {
-		// php dev server does not support htaccess
-		if (php_sapi_name() === 'cli-server') {
-			return false;
-		}
-
-		// testdata
-		$fileName = '/htaccesstest.txt';
-		$testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.';
-
-		// creating a test file
-		$testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
-
-		if (file_exists($testFile)) {// already running this test, possible recursive call
-			return false;
-		}
-
-		$fp = @fopen($testFile, 'w');
-		if (!$fp) {
-			throw new \OCP\HintException('Can\'t create test file to check for working .htaccess file.',
-				'Make sure it is possible for the web server to write to ' . $testFile);
-		}
-		fwrite($fp, $testContent);
-		fclose($fp);
-
-		return $testContent;
-	}
-
-	/**
-	 * Check if the .htaccess file is working
-	 *
-	 * @param \OCP\IConfig $config
-	 * @return bool
-	 * @throws Exception
-	 * @throws \OCP\HintException If the test file can't get written.
-	 */
-	public function isHtaccessWorking(\OCP\IConfig $config) {
-		if (\OC::$CLI || !$config->getSystemValueBool('check_for_working_htaccess', true)) {
-			return true;
-		}
-
-		$testContent = $this->createHtaccessTestFile($config);
-		if ($testContent === false) {
-			return false;
-		}
-
-		$fileName = '/htaccesstest.txt';
-		$testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
-
-		// accessing the file via http
-		$url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName);
-		try {
-			$content = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
-		} catch (\Exception $e) {
-			$content = false;
-		}
-
-		if (str_starts_with($url, 'https:')) {
-			$url = 'http:' . substr($url, 6);
-		} else {
-			$url = 'https:' . substr($url, 5);
-		}
-
-		try {
-			$fallbackContent = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
-		} catch (\Exception $e) {
-			$fallbackContent = false;
-		}
-
-		// cleanup
-		@unlink($testFile);
-
-		/*
+    public static $scripts = [];
+    public static $styles = [];
+    public static $headers = [];
+
+    /** @var array Local cache of version.php */
+    private static $versionCache = null;
+
+    protected static function getAppManager() {
+        return \OC::$server->getAppManager();
+    }
+
+    /**
+     * Setup the file system
+     *
+     * @param string|null $user
+     * @return boolean
+     * @description configure the initial filesystem based on the configuration
+     * @suppress PhanDeprecatedFunction
+     * @suppress PhanAccessMethodInternal
+     */
+    public static function setupFS(?string $user = '') {
+        // If we are not forced to load a specific user we load the one that is logged in
+        if ($user === '') {
+            $userObject = \OC::$server->get(\OCP\IUserSession::class)->getUser();
+        } else {
+            $userObject = \OC::$server->get(\OCP\IUserManager::class)->get($user);
+        }
+
+        /** @var SetupManager $setupManager */
+        $setupManager = \OC::$server->get(SetupManager::class);
+
+        if ($userObject) {
+            $setupManager->setupForUser($userObject);
+        } else {
+            $setupManager->setupRoot();
+        }
+        return true;
+    }
+
+    /**
+     * Check if a password is required for each public link
+     *
+     * @param bool $checkGroupMembership Check group membership exclusion
+     * @return boolean
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function isPublicLinkPasswordRequired(bool $checkGroupMembership = true) {
+        /** @var IManager $shareManager */
+        $shareManager = \OC::$server->get(IManager::class);
+        return $shareManager->shareApiLinkEnforcePassword($checkGroupMembership);
+    }
+
+    /**
+     * check if sharing is disabled for the current user
+     * @param IConfig $config
+     * @param IGroupManager $groupManager
+     * @param IUser|null $user
+     * @return bool
+     */
+    public static function isSharingDisabledForUser(IConfig $config, IGroupManager $groupManager, $user) {
+        /** @var IManager $shareManager */
+        $shareManager = \OC::$server->get(IManager::class);
+        $userId = $user ? $user->getUID() : null;
+        return $shareManager->sharingDisabledForUser($userId);
+    }
+
+    /**
+     * check if share API enforces a default expire date
+     *
+     * @return bool
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function isDefaultExpireDateEnforced() {
+        /** @var IManager $shareManager */
+        $shareManager = \OC::$server->get(IManager::class);
+        return $shareManager->shareApiLinkDefaultExpireDateEnforced();
+    }
+
+    /**
+     * Get the quota of a user
+     *
+     * @param IUser|null $user
+     * @return int|\OCP\Files\FileInfo::SPACE_UNLIMITED|false|float Quota bytes
+     */
+    public static function getUserQuota(?IUser $user) {
+        if (is_null($user)) {
+            return \OCP\Files\FileInfo::SPACE_UNLIMITED;
+        }
+        $userQuota = $user->getQuota();
+        if ($userQuota === 'none') {
+            return \OCP\Files\FileInfo::SPACE_UNLIMITED;
+        }
+        return OC_Helper::computerFileSize($userQuota);
+    }
+
+    /**
+     * copies the skeleton to the users /files
+     *
+     * @param string $userId
+     * @param \OCP\Files\Folder $userDirectory
+     * @throws \OCP\Files\NotFoundException
+     * @throws \OCP\Files\NotPermittedException
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function copySkeleton($userId, \OCP\Files\Folder $userDirectory) {
+        /** @var LoggerInterface $logger */
+        $logger = \OC::$server->get(LoggerInterface::class);
+
+        $plainSkeletonDirectory = \OC::$server->getConfig()->getSystemValueString('skeletondirectory', \OC::$SERVERROOT . '/core/skeleton');
+        $userLang = \OC::$server->getL10NFactory()->findLanguage();
+        $skeletonDirectory = str_replace('{lang}', $userLang, $plainSkeletonDirectory);
+
+        if (!file_exists($skeletonDirectory)) {
+            $dialectStart = strpos($userLang, '_');
+            if ($dialectStart !== false) {
+                $skeletonDirectory = str_replace('{lang}', substr($userLang, 0, $dialectStart), $plainSkeletonDirectory);
+            }
+            if ($dialectStart === false || !file_exists($skeletonDirectory)) {
+                $skeletonDirectory = str_replace('{lang}', 'default', $plainSkeletonDirectory);
+            }
+            if (!file_exists($skeletonDirectory)) {
+                $skeletonDirectory = '';
+            }
+        }
+
+        $instanceId = \OC::$server->getConfig()->getSystemValue('instanceid', '');
+
+        if ($instanceId === null) {
+            throw new \RuntimeException('no instance id!');
+        }
+        $appdata = 'appdata_' . $instanceId;
+        if ($userId === $appdata) {
+            throw new \RuntimeException('username is reserved name: ' . $appdata);
+        }
+
+        if (!empty($skeletonDirectory)) {
+            $logger->debug('copying skeleton for '.$userId.' from '.$skeletonDirectory.' to '.$userDirectory->getFullPath('/'), ['app' => 'files_skeleton']);
+            self::copyr($skeletonDirectory, $userDirectory);
+            // update the file cache
+            $userDirectory->getStorage()->getScanner()->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE);
+
+            /** @var ITemplateManager $templateManager */
+            $templateManager = \OC::$server->get(ITemplateManager::class);
+            $templateManager->initializeTemplateDirectory(null, $userId);
+        }
+    }
+
+    /**
+     * copies a directory recursively by using streams
+     *
+     * @param string $source
+     * @param \OCP\Files\Folder $target
+     * @return void
+     */
+    public static function copyr($source, \OCP\Files\Folder $target) {
+        $logger = \OC::$server->getLogger();
+
+        // Verify if folder exists
+        $dir = opendir($source);
+        if ($dir === false) {
+            $logger->error(sprintf('Could not opendir "%s"', $source), ['app' => 'core']);
+            return;
+        }
+
+        // Copy the files
+        while (false !== ($file = readdir($dir))) {
+            if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+                if (is_dir($source . '/' . $file)) {
+                    $child = $target->newFolder($file);
+                    self::copyr($source . '/' . $file, $child);
+                } else {
+                    $child = $target->newFile($file);
+                    $sourceStream = fopen($source . '/' . $file, 'r');
+                    if ($sourceStream === false) {
+                        $logger->error(sprintf('Could not fopen "%s"', $source . '/' . $file), ['app' => 'core']);
+                        closedir($dir);
+                        return;
+                    }
+                    $child->putContent($sourceStream);
+                }
+            }
+        }
+        closedir($dir);
+    }
+
+    /**
+     * @return void
+     * @suppress PhanUndeclaredMethod
+     */
+    public static function tearDownFS() {
+        /** @var SetupManager $setupManager */
+        $setupManager = \OC::$server->get(SetupManager::class);
+        $setupManager->tearDown();
+    }
+
+    /**
+     * get the current installed version of ownCloud
+     *
+     * @return array
+     */
+    public static function getVersion() {
+        OC_Util::loadVersion();
+        return self::$versionCache['OC_Version'];
+    }
+
+    /**
+     * get the current installed version string of ownCloud
+     *
+     * @return string
+     */
+    public static function getVersionString() {
+        OC_Util::loadVersion();
+        return self::$versionCache['OC_VersionString'];
+    }
+
+    /**
+     * @deprecated the value is of no use anymore
+     * @return string
+     */
+    public static function getEditionString() {
+        return '';
+    }
+
+    /**
+     * @description get the update channel of the current installed of ownCloud.
+     * @return string
+     */
+    public static function getChannel() {
+        OC_Util::loadVersion();
+        return \OC::$server->getConfig()->getSystemValueString('updater.release.channel', self::$versionCache['OC_Channel']);
+    }
+
+    /**
+     * @description get the build number of the current installed of ownCloud.
+     * @return string
+     */
+    public static function getBuild() {
+        OC_Util::loadVersion();
+        return self::$versionCache['OC_Build'];
+    }
+
+    /**
+     * @description load the version.php into the session as cache
+     * @suppress PhanUndeclaredVariable
+     */
+    private static function loadVersion() {
+        if (self::$versionCache !== null) {
+            return;
+        }
+
+        require OC::$SERVERROOT . '/version.php';
+        /** @var int $timestamp */
+        self::$versionCache['OC_Version_Timestamp'] = \OC::$VERSION_MTIME;
+        /** @var string $OC_Version */
+        self::$versionCache['OC_Version'] = $OC_Version;
+        /** @var string $OC_VersionString */
+        self::$versionCache['OC_VersionString'] = $OC_VersionString;
+        /** @var string $OC_Build */
+        self::$versionCache['OC_Build'] = $OC_Build;
+
+        /** @var string $OC_Channel */
+        self::$versionCache['OC_Channel'] = $OC_Channel;
+    }
+
+    /**
+     * generates a path for JS/CSS files. If no application is provided it will create the path for core.
+     *
+     * @param string $application application to get the files from
+     * @param string $directory directory within this application (css, js, vendor, etc)
+     * @param string $file the file inside of the above folder
+     * @return string the path
+     */
+    private static function generatePath($application, $directory, $file) {
+        if (is_null($file)) {
+            $file = $application;
+            $application = "";
+        }
+        if (!empty($application)) {
+            return "$application/$directory/$file";
+        } else {
+            return "$directory/$file";
+        }
+    }
+
+    /**
+     * add a javascript file
+     *
+     * @deprecated 24.0.0 - Use \OCP\Util::addScript
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Script to the beginning of the list
+     * @return void
+     */
+    public static function addScript($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'js', $file);
+
+        // core js files need separate handling
+        if ($application !== 'core' && $file !== null) {
+            self::addTranslations($application);
+        }
+        self::addExternalResource($application, $prepend, $path, "script");
+    }
+
+    /**
+     * add a javascript file from the vendor sub folder
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Script to the beginning of the list
+     * @return void
+     */
+    public static function addVendorScript($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'vendor', $file);
+        self::addExternalResource($application, $prepend, $path, "script");
+    }
+
+    /**
+     * add a translation JS file
+     *
+     * @deprecated 24.0.0
+     *
+     * @param string $application application id
+     * @param string|null $languageCode language code, defaults to the current language
+     * @param bool|null $prepend prepend the Script to the beginning of the list
+     */
+    public static function addTranslations($application, $languageCode = null, $prepend = false) {
+        if (is_null($languageCode)) {
+            $languageCode = \OC::$server->getL10NFactory()->findLanguage($application);
+        }
+        if (!empty($application)) {
+            $path = "$application/l10n/$languageCode";
+        } else {
+            $path = "l10n/$languageCode";
+        }
+        self::addExternalResource($application, $prepend, $path, "script");
+    }
+
+    /**
+     * add a css file
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Style to the beginning of the list
+     * @return void
+     */
+    public static function addStyle($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'css', $file);
+        self::addExternalResource($application, $prepend, $path, "style");
+    }
+
+    /**
+     * add a css file from the vendor sub folder
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Style to the beginning of the list
+     * @return void
+     */
+    public static function addVendorStyle($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'vendor', $file);
+        self::addExternalResource($application, $prepend, $path, "style");
+    }
+
+    /**
+     * add an external resource css/js file
+     *
+     * @param string $application application id
+     * @param bool $prepend prepend the file to the beginning of the list
+     * @param string $path
+     * @param string $type (script or style)
+     * @return void
+     */
+    private static function addExternalResource($application, $prepend, $path, $type = "script") {
+        if ($type === "style") {
+            if (!in_array($path, self::$styles)) {
+                if ($prepend === true) {
+                    array_unshift(self::$styles, $path);
+                } else {
+                    self::$styles[] = $path;
+                }
+            }
+        } elseif ($type === "script") {
+            if (!in_array($path, self::$scripts)) {
+                if ($prepend === true) {
+                    array_unshift(self::$scripts, $path);
+                } else {
+                    self::$scripts [] = $path;
+                }
+            }
+        }
+    }
+
+    /**
+     * Add a custom element to the header
+     * If $text is null then the element will be written as empty element.
+     * So use "" to get a closing tag.
+     * @param string $tag tag name of the element
+     * @param array $attributes array of attributes for the element
+     * @param string $text the text content for the element
+     * @param bool $prepend prepend the header to the beginning of the list
+     */
+    public static function addHeader($tag, $attributes, $text = null, $prepend = false) {
+        $header = [
+            'tag' => $tag,
+            'attributes' => $attributes,
+            'text' => $text
+        ];
+        if ($prepend === true) {
+            array_unshift(self::$headers, $header);
+        } else {
+            self::$headers[] = $header;
+        }
+    }
+
+    /**
+     * check if the current server configuration is suitable for ownCloud
+     *
+     * @param \OC\SystemConfig $config
+     * @return array arrays with error messages and hints
+     */
+    public static function checkServer(\OC\SystemConfig $config) {
+        $l = \OC::$server->getL10N('lib');
+        $errors = [];
+        $CONFIG_DATADIRECTORY = $config->getValue('datadirectory', OC::$SERVERROOT . '/data');
+
+        if (!self::needUpgrade($config) && $config->getValue('installed', false)) {
+            // this check needs to be done every time
+            $errors = self::checkDataDirectoryValidity($CONFIG_DATADIRECTORY);
+        }
+
+        // Assume that if checkServer() succeeded before in this session, then all is fine.
+        if (\OC::$server->getSession()->exists('checkServer_succeeded') && \OC::$server->getSession()->get('checkServer_succeeded')) {
+            return $errors;
+        }
+
+        $webServerRestart = false;
+        $setup = new \OC\Setup(
+            $config,
+            \OC::$server->get(IniGetWrapper::class),
+            \OC::$server->getL10N('lib'),
+            \OC::$server->get(\OCP\Defaults::class),
+            \OC::$server->get(LoggerInterface::class),
+            \OC::$server->getSecureRandom(),
+            \OC::$server->get(\OC\Installer::class)
+        );
+
+        $urlGenerator = \OC::$server->getURLGenerator();
+
+        $availableDatabases = $setup->getSupportedDatabases();
+        if (empty($availableDatabases)) {
+            $errors[] = [
+                'error' => $l->t('No database drivers (sqlite, mysql, or postgresql) installed.'),
+                'hint' => '' //TODO: sane hint
+            ];
+            $webServerRestart = true;
+        }
+
+        // Check if config folder is writable.
+        if (!OC_Helper::isReadOnlyConfigEnabled()) {
+            if (!is_writable(OC::$configDir) or !is_readable(OC::$configDir)) {
+                $errors[] = [
+                    'error' => $l->t('Cannot write into "config" directory.'),
+                    'hint' => $l->t('This can usually be fixed by giving the web server write access to the config directory. See %s',
+                        [ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. '
+                        . $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s',
+                            [ $urlGenerator->linkToDocs('admin-config') ])
+                ];
+            }
+        }
+
+        // Check if there is a writable install folder.
+        if ($config->getValue('appstoreenabled', true)) {
+            if (OC_App::getInstallPath() === null
+                || !is_writable(OC_App::getInstallPath())
+                || !is_readable(OC_App::getInstallPath())
+            ) {
+                $errors[] = [
+                    'error' => $l->t('Cannot write into "apps" directory.'),
+                    'hint' => $l->t('This can usually be fixed by giving the web server write access to the apps directory'
+                        . ' or disabling the App Store in the config file.')
+                ];
+            }
+        }
+        // Create root dir.
+        if ($config->getValue('installed', false)) {
+            if (!is_dir($CONFIG_DATADIRECTORY)) {
+                $success = @mkdir($CONFIG_DATADIRECTORY);
+                if ($success) {
+                    $errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
+                } else {
+                    $errors[] = [
+                        'error' => $l->t('Cannot create "data" directory.'),
+                        'hint' => $l->t('This can usually be fixed by giving the web server write access to the root directory. See %s',
+                            [$urlGenerator->linkToDocs('admin-dir_permissions')])
+                    ];
+                }
+            } elseif (!is_writable($CONFIG_DATADIRECTORY) or !is_readable($CONFIG_DATADIRECTORY)) {
+                // is_writable doesn't work for NFS mounts, so try to write a file and check if it exists.
+                $testFile = sprintf('%s/%s.tmp', $CONFIG_DATADIRECTORY, uniqid('data_dir_writability_test_'));
+                $handle = fopen($testFile, 'w');
+                if (!$handle || fwrite($handle, 'Test write operation') === false) {
+                    $permissionsHint = $l->t('Permissions can usually be fixed by giving the web server write access to the root directory. See %s.',
+                        [$urlGenerator->linkToDocs('admin-dir_permissions')]);
+                    $errors[] = [
+                        'error' => $l->t('Your data directory is not writable.'),
+                        'hint' => $permissionsHint
+                    ];
+                } else {
+                    fclose($handle);
+                    unlink($testFile);
+                }
+            } else {
+                $errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
+            }
+        }
+
+        if (!OC_Util::isSetLocaleWorking()) {
+            $errors[] = [
+                'error' => $l->t('Setting locale to %s failed.',
+                    ['en_US.UTF-8/fr_FR.UTF-8/es_ES.UTF-8/de_DE.UTF-8/ru_RU.UTF-8/'
+                        . 'pt_BR.UTF-8/it_IT.UTF-8/ja_JP.UTF-8/zh_CN.UTF-8']),
+                'hint' => $l->t('Please install one of these locales on your system and restart your web server.')
+            ];
+        }
+
+        // Contains the dependencies that should be checked against
+        // classes = class_exists
+        // functions = function_exists
+        // defined = defined
+        // ini = ini_get
+        // If the dependency is not found the missing module name is shown to the EndUser
+        // When adding new checks always verify that they pass on Travis as well
+        // for ini settings, see https://github.com/owncloud/administration/blob/master/travis-ci/custom.ini
+        $dependencies = [
+            'classes' => [
+                'ZipArchive' => 'zip',
+                'DOMDocument' => 'dom',
+                'XMLWriter' => 'XMLWriter',
+                'XMLReader' => 'XMLReader',
+            ],
+            'functions' => [
+                'xml_parser_create' => 'libxml',
+                'mb_strcut' => 'mbstring',
+                'ctype_digit' => 'ctype',
+                'json_encode' => 'JSON',
+                'gd_info' => 'GD',
+                'gzencode' => 'zlib',
+                'simplexml_load_string' => 'SimpleXML',
+                'hash' => 'HASH Message Digest Framework',
+                'curl_init' => 'cURL',
+                'openssl_verify' => 'OpenSSL',
+            ],
+            'defined' => [
+                'PDO::ATTR_DRIVER_NAME' => 'PDO'
+            ],
+            'ini' => [
+                'default_charset' => 'UTF-8',
+            ],
+        ];
+        $missingDependencies = [];
+        $invalidIniSettings = [];
+
+        $iniWrapper = \OC::$server->get(IniGetWrapper::class);
+        foreach ($dependencies['classes'] as $class => $module) {
+            if (!class_exists($class)) {
+                $missingDependencies[] = $module;
+            }
+        }
+        foreach ($dependencies['functions'] as $function => $module) {
+            if (!function_exists($function)) {
+                $missingDependencies[] = $module;
+            }
+        }
+        foreach ($dependencies['defined'] as $defined => $module) {
+            if (!defined($defined)) {
+                $missingDependencies[] = $module;
+            }
+        }
+        foreach ($dependencies['ini'] as $setting => $expected) {
+            if (strtolower($iniWrapper->getString($setting)) !== strtolower($expected)) {
+                $invalidIniSettings[] = [$setting, $expected];
+            }
+        }
+
+        foreach ($missingDependencies as $missingDependency) {
+            $errors[] = [
+                'error' => $l->t('PHP module %s not installed.', [$missingDependency]),
+                'hint' => $l->t('Please ask your server administrator to install the module.'),
+            ];
+            $webServerRestart = true;
+        }
+        foreach ($invalidIniSettings as $setting) {
+            $errors[] = [
+                'error' => $l->t('PHP setting "%s" is not set to "%s".', [$setting[0], var_export($setting[1], true)]),
+                'hint' => $l->t('Adjusting this setting in php.ini will make Nextcloud run again')
+            ];
+            $webServerRestart = true;
+        }
+
+        /**
+         * The mbstring.func_overload check can only be performed if the mbstring
+         * module is installed as it will return null if the checking setting is
+         * not available and thus a check on the boolean value fails.
+         *
+         * TODO: Should probably be implemented in the above generic dependency
+         *       check somehow in the long-term.
+         */
+        if ($iniWrapper->getBool('mbstring.func_overload') !== null &&
+            $iniWrapper->getBool('mbstring.func_overload') === true) {
+            $errors[] = [
+                'error' => $l->t('<code>mbstring.func_overload</code> is set to <code>%s</code> instead of the expected value <code>0</code>.', [$iniWrapper->getString('mbstring.func_overload')]),
+                'hint' => $l->t('To fix this issue set <code>mbstring.func_overload</code> to <code>0</code> in your php.ini.')
+            ];
+        }
+
+        if (!self::isAnnotationsWorking()) {
+            $errors[] = [
+                'error' => $l->t('PHP is apparently set up to strip inline doc blocks. This will make several core apps inaccessible.'),
+                'hint' => $l->t('This is probably caused by a cache/accelerator such as Zend OPcache or eAccelerator.')
+            ];
+        }
+
+        if (!\OC::$CLI && $webServerRestart) {
+            $errors[] = [
+                'error' => $l->t('PHP modules have been installed, but they are still listed as missing?'),
+                'hint' => $l->t('Please ask your server administrator to restart the web server.')
+            ];
+        }
+
+        foreach (['secret', 'instanceid', 'passwordsalt'] as $requiredConfig) {
+            if ($config->getValue($requiredConfig, '') === '' && !\OC::$CLI && $config->getValue('installed', false)) {
+                $errors[] = [
+                    'error' => $l->t('The required %s config variable is not configured in the config.php file.', [$requiredConfig]),
+                    'hint' => $l->t('Please ask your server administrator to check the Nextcloud configuration.')
+                ];
+            }
+        }
+
+        $errors = array_merge($errors, self::checkDatabaseVersion());
+
+        // Cache the result of this function
+        \OC::$server->getSession()->set('checkServer_succeeded', count($errors) == 0);
+
+        return $errors;
+    }
+
+    /**
+     * Check the database version
+     *
+     * @return array errors array
+     */
+    public static function checkDatabaseVersion() {
+        $l = \OC::$server->getL10N('lib');
+        $errors = [];
+        $dbType = \OC::$server->getSystemConfig()->getValue('dbtype', 'sqlite');
+        if ($dbType === 'pgsql') {
+            // check PostgreSQL version
+            // TODO latest postgresql 8 released was 8 years ago, maybe remove the
+            // check completely?
+            try {
+                /** @var IDBConnection $connection */
+                $connection = \OC::$server->get(IDBConnection::class);
+                $result = $connection->executeQuery('SHOW SERVER_VERSION');
+                $data = $result->fetch();
+                $result->closeCursor();
+                if (isset($data['server_version'])) {
+                    $version = $data['server_version'];
+                    if (version_compare($version, '9.0.0', '<')) {
+                        $errors[] = [
+                            'error' => $l->t('PostgreSQL >= 9 required.'),
+                            'hint' => $l->t('Please upgrade your database version.')
+                        ];
+                    }
+                }
+            } catch (\Doctrine\DBAL\Exception $e) {
+                $logger = \OC::$server->getLogger();
+                $logger->warning('Error occurred while checking PostgreSQL version, assuming >= 9');
+                $logger->logException($e);
+            }
+        }
+        return $errors;
+    }
+
+    /**
+     * Check for correct file permissions of data directory
+     *
+     * @param string $dataDirectory
+     * @return array arrays with error messages and hints
+     */
+    public static function checkDataDirectoryPermissions($dataDirectory) {
+        if (!\OC::$server->getConfig()->getSystemValueBool('check_data_directory_permissions', true)) {
+            return  [];
+        }
+
+        $perms = substr(decoct(@fileperms($dataDirectory)), -3);
+        if (substr($perms, -1) !== '0') {
+            chmod($dataDirectory, 0770);
+            clearstatcache();
+            $perms = substr(decoct(@fileperms($dataDirectory)), -3);
+            if ($perms[2] !== '0') {
+                $l = \OC::$server->getL10N('lib');
+                return [[
+                    'error' => $l->t('Your data directory is readable by other users.'),
+                    'hint' => $l->t('Please change the permissions to 0770 so that the directory cannot be listed by other users.'),
+                ]];
+            }
+        }
+        return [];
+    }
+
+    /**
+     * Check that the data directory exists and is valid by
+     * checking the existence of the ".ocdata" file.
+     *
+     * @param string $dataDirectory data directory path
+     * @return array errors found
+     */
+    public static function checkDataDirectoryValidity($dataDirectory) {
+        $l = \OC::$server->getL10N('lib');
+        $errors = [];
+        if ($dataDirectory[0] !== '/') {
+            $errors[] = [
+                'error' => $l->t('Your data directory must be an absolute path.'),
+                'hint' => $l->t('Check the value of "datadirectory" in your configuration.')
+            ];
+        }
+        if (!file_exists($dataDirectory . '/.ocdata')) {
+            $errors[] = [
+                'error' => $l->t('Your data directory is invalid.'),
+                'hint' => $l->t('Ensure there is a file called ".ocdata"' .
+                    ' in the root of the data directory.')
+            ];
+        }
+        return $errors;
+    }
+
+    /**
+     * Check if the user is logged in, redirects to home if not. With
+     * redirect URL parameter to the request URI.
+     *
+     * @return void
+     */
+    public static function checkLoggedIn() {
+        // Check if we are a user
+        if (!\OC::$server->getUserSession()->isLoggedIn()) {
+            header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute(
+                'core.login.showLoginForm',
+                [
+                    'redirect_url' => \OC::$server->getRequest()->getRequestUri(),
+                ]
+            )
+            );
+            exit();
+        }
+        // Redirect to 2FA challenge selection if 2FA challenge was not solved yet
+        if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
+            header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
+            exit();
+        }
+    }
+
+    /**
+     * Check if the user is a admin, redirects to home if not
+     *
+     * @return void
+     */
+    public static function checkAdminUser() {
+        OC_Util::checkLoggedIn();
+        if (!OC_User::isAdminUser(OC_User::getUser())) {
+            header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
+            exit();
+        }
+    }
+
+    /**
+     * Returns the URL of the default page
+     * based on the system configuration and
+     * the apps visible for the current user
+     *
+     * @return string URL
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function getDefaultPageUrl() {
+        /** @var IURLGenerator $urlGenerator */
+        $urlGenerator = \OC::$server->get(IURLGenerator::class);
+        return $urlGenerator->linkToDefaultPageUrl();
+    }
+
+    /**
+     * Redirect to the user default page
+     *
+     * @return void
+     */
+    public static function redirectToDefaultPage() {
+        $location = self::getDefaultPageUrl();
+        header('Location: ' . $location);
+        exit();
+    }
+
+    /**
+     * get an id unique for this instance
+     *
+     * @return string
+     */
+    public static function getInstanceId() {
+        $id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
+        if (is_null($id)) {
+            // We need to guarantee at least one letter in instanceid so it can be used as the session_name
+            $id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
+            \OC::$server->getSystemConfig()->setValue('instanceid', $id);
+        }
+        return $id;
+    }
+
+    /**
+     * Public function to sanitize HTML
+     *
+     * This function is used to sanitize HTML and should be applied on any
+     * string or array of strings before displaying it on a web page.
+     *
+     * @param string|string[] $value
+     * @return string|string[] an array of sanitized strings or a single sanitized string, depends on the input parameter.
+     */
+    public static function sanitizeHTML($value) {
+        if (is_array($value)) {
+            /** @var string[] $value */
+            $value = array_map(function ($value) {
+                return self::sanitizeHTML($value);
+            }, $value);
+        } else {
+            // Specify encoding for PHP<5.4
+            $value = htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
+        }
+        return $value;
+    }
+
+    /**
+     * Public function to encode url parameters
+     *
+     * This function is used to encode path to file before output.
+     * Encoding is done according to RFC 3986 with one exception:
+     * Character '/' is preserved as is.
+     *
+     * @param string $component part of URI to encode
+     * @return string
+     */
+    public static function encodePath($component) {
+        $encoded = rawurlencode($component);
+        $encoded = str_replace('%2F', '/', $encoded);
+        return $encoded;
+    }
+
+
+    public function createHtaccessTestFile(\OCP\IConfig $config) {
+        // php dev server does not support htaccess
+        if (php_sapi_name() === 'cli-server') {
+            return false;
+        }
+
+        // testdata
+        $fileName = '/htaccesstest.txt';
+        $testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.';
+
+        // creating a test file
+        $testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
+
+        if (file_exists($testFile)) {// already running this test, possible recursive call
+            return false;
+        }
+
+        $fp = @fopen($testFile, 'w');
+        if (!$fp) {
+            throw new \OCP\HintException('Can\'t create test file to check for working .htaccess file.',
+                'Make sure it is possible for the web server to write to ' . $testFile);
+        }
+        fwrite($fp, $testContent);
+        fclose($fp);
+
+        return $testContent;
+    }
+
+    /**
+     * Check if the .htaccess file is working
+     *
+     * @param \OCP\IConfig $config
+     * @return bool
+     * @throws Exception
+     * @throws \OCP\HintException If the test file can't get written.
+     */
+    public function isHtaccessWorking(\OCP\IConfig $config) {
+        if (\OC::$CLI || !$config->getSystemValueBool('check_for_working_htaccess', true)) {
+            return true;
+        }
+
+        $testContent = $this->createHtaccessTestFile($config);
+        if ($testContent === false) {
+            return false;
+        }
+
+        $fileName = '/htaccesstest.txt';
+        $testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
+
+        // accessing the file via http
+        $url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName);
+        try {
+            $content = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
+        } catch (\Exception $e) {
+            $content = false;
+        }
+
+        if (str_starts_with($url, 'https:')) {
+            $url = 'http:' . substr($url, 6);
+        } else {
+            $url = 'https:' . substr($url, 5);
+        }
+
+        try {
+            $fallbackContent = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
+        } catch (\Exception $e) {
+            $fallbackContent = false;
+        }
+
+        // cleanup
+        @unlink($testFile);
+
+        /*
 		 * If the content is not equal to test content our .htaccess
 		 * is working as required
 		 */
-		return $content !== $testContent && $fallbackContent !== $testContent;
-	}
-
-	/**
-	 * Check if current locale is non-UTF8
-	 *
-	 * @return bool
-	 */
-	private static function isNonUTF8Locale() {
-		if (function_exists('escapeshellcmd')) {
-			return '' === escapeshellcmd('§');
-		} elseif (function_exists('escapeshellarg')) {
-			return '\'\'' === escapeshellarg('§');
-		} else {
-			return 0 === preg_match('/utf-?8/i', setlocale(LC_CTYPE, 0));
-		}
-	}
-
-	/**
-	 * Check if the setlocale call does not work. This can happen if the right
-	 * local packages are not available on the server.
-	 *
-	 * @return bool
-	 */
-	public static function isSetLocaleWorking() {
-		if (self::isNonUTF8Locale()) {
-			// Borrowed from \Patchwork\Utf8\Bootup::initLocale
-			setlocale(LC_ALL, 'C.UTF-8', 'C');
-			setlocale(LC_CTYPE, 'en_US.UTF-8', 'fr_FR.UTF-8', 'es_ES.UTF-8', 'de_DE.UTF-8', 'ru_RU.UTF-8', 'pt_BR.UTF-8', 'it_IT.UTF-8', 'ja_JP.UTF-8', 'zh_CN.UTF-8', '0');
-
-			// Check again
-			if (self::isNonUTF8Locale()) {
-				return false;
-			}
-		}
-
-		return true;
-	}
-
-	/**
-	 * Check if it's possible to get the inline annotations
-	 *
-	 * @return bool
-	 */
-	public static function isAnnotationsWorking() {
-		$reflection = new \ReflectionMethod(__METHOD__);
-		$docs = $reflection->getDocComment();
-
-		return (is_string($docs) && strlen($docs) > 50);
-	}
-
-	/**
-	 * Check if the PHP module fileinfo is loaded.
-	 *
-	 * @return bool
-	 */
-	public static function fileInfoLoaded() {
-		return function_exists('finfo_open');
-	}
-
-	/**
-	 * clear all levels of output buffering
-	 *
-	 * @return void
-	 */
-	public static function obEnd() {
-		while (ob_get_level()) {
-			ob_end_clean();
-		}
-	}
-
-	/**
-	 * Checks whether the server is running on Mac OS X
-	 *
-	 * @return bool true if running on Mac OS X, false otherwise
-	 */
-	public static function runningOnMac() {
-		return (strtoupper(substr(PHP_OS, 0, 6)) === 'DARWIN');
-	}
-
-	/**
-	 * Handles the case that there may not be a theme, then check if a "default"
-	 * theme exists and take that one
-	 *
-	 * @return string the theme
-	 */
-	public static function getTheme() {
-		$theme = \OC::$server->getSystemConfig()->getValue("theme", '');
-
-		if ($theme === '') {
-			if (is_dir(OC::$SERVERROOT . '/themes/default')) {
-				$theme = 'default';
-			}
-		}
-
-		return $theme;
-	}
-
-	/**
-	 * Normalize a unicode string
-	 *
-	 * @param string $value a not normalized string
-	 * @return bool|string
-	 */
-	public static function normalizeUnicode($value) {
-		if (Normalizer::isNormalized($value)) {
-			return $value;
-		}
-
-		$normalizedValue = Normalizer::normalize($value);
-		if ($normalizedValue === null || $normalizedValue === false) {
-			\OC::$server->getLogger()->warning('normalizing failed for "' . $value . '"', ['app' => 'core']);
-			return $value;
-		}
-
-		return $normalizedValue;
-	}
-
-	/**
-	 * A human readable string is generated based on version and build number
-	 *
-	 * @return string
-	 */
-	public static function getHumanVersion() {
-		$version = OC_Util::getVersionString();
-		$build = OC_Util::getBuild();
-		if (!empty($build) and OC_Util::getChannel() === 'daily') {
-			$version .= ' Build:' . $build;
-		}
-		return $version;
-	}
-
-	/**
-	 * Returns whether the given file name is valid
-	 *
-	 * @param string $file file name to check
-	 * @return bool true if the file name is valid, false otherwise
-	 * @deprecated use \OC\Files\View::verifyPath()
-	 */
-	public static function isValidFileName($file) {
-		$trimmed = trim($file);
-		if ($trimmed === '') {
-			return false;
-		}
-		if (\OC\Files\Filesystem::isIgnoredDir($trimmed)) {
-			return false;
-		}
-
-		// detect part files
-		if (preg_match('/' . \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX . '/', $trimmed) !== 0) {
-			return false;
-		}
-
-		foreach (str_split($trimmed) as $char) {
-			if (str_contains(\OCP\Constants::FILENAME_INVALID_CHARS, $char)) {
-				return false;
-			}
-		}
-		return true;
-	}
-
-	/**
-	 * Check whether the instance needs to perform an upgrade,
-	 * either when the core version is higher or any app requires
-	 * an upgrade.
-	 *
-	 * @param \OC\SystemConfig $config
-	 * @return bool whether the core or any app needs an upgrade
-	 * @throws \OCP\HintException When the upgrade from the given version is not allowed
-	 */
-	public static function needUpgrade(\OC\SystemConfig $config) {
-		if ($config->getValue('installed', false)) {
-			$installedVersion = $config->getValue('version', '0.0.0');
-			$currentVersion = implode('.', \OCP\Util::getVersion());
-			$versionDiff = version_compare($currentVersion, $installedVersion);
-			if ($versionDiff > 0) {
-				return true;
-			} elseif ($config->getValue('debug', false) && $versionDiff < 0) {
-				// downgrade with debug
-				$installedMajor = explode('.', $installedVersion);
-				$installedMajor = $installedMajor[0] . '.' . $installedMajor[1];
-				$currentMajor = explode('.', $currentVersion);
-				$currentMajor = $currentMajor[0] . '.' . $currentMajor[1];
-				if ($installedMajor === $currentMajor) {
-					// Same major, allow downgrade for developers
-					return true;
-				} else {
-					// downgrade attempt, throw exception
-					throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
-				}
-			} elseif ($versionDiff < 0) {
-				// downgrade attempt, throw exception
-				throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
-			}
-
-			// also check for upgrades for apps (independently from the user)
-			$apps = \OC_App::getEnabledApps(false, true);
-			$shouldUpgrade = false;
-			foreach ($apps as $app) {
-				if (\OC_App::shouldUpgrade($app)) {
-					$shouldUpgrade = true;
-					break;
-				}
-			}
-			return $shouldUpgrade;
-		} else {
-			return false;
-		}
-	}
+        return $content !== $testContent && $fallbackContent !== $testContent;
+    }
+
+    /**
+     * Check if current locale is non-UTF8
+     *
+     * @return bool
+     */
+    private static function isNonUTF8Locale() {
+        if (function_exists('escapeshellcmd')) {
+            return '' === escapeshellcmd('§');
+        } elseif (function_exists('escapeshellarg')) {
+            return '\'\'' === escapeshellarg('§');
+        } else {
+            return 0 === preg_match('/utf-?8/i', setlocale(LC_CTYPE, 0));
+        }
+    }
+
+    /**
+     * Check if the setlocale call does not work. This can happen if the right
+     * local packages are not available on the server.
+     *
+     * @return bool
+     */
+    public static function isSetLocaleWorking() {
+        if (self::isNonUTF8Locale()) {
+            // Borrowed from \Patchwork\Utf8\Bootup::initLocale
+            setlocale(LC_ALL, 'C.UTF-8', 'C');
+            setlocale(LC_CTYPE, 'en_US.UTF-8', 'fr_FR.UTF-8', 'es_ES.UTF-8', 'de_DE.UTF-8', 'ru_RU.UTF-8', 'pt_BR.UTF-8', 'it_IT.UTF-8', 'ja_JP.UTF-8', 'zh_CN.UTF-8', '0');
+
+            // Check again
+            if (self::isNonUTF8Locale()) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Check if it's possible to get the inline annotations
+     *
+     * @return bool
+     */
+    public static function isAnnotationsWorking() {
+        $reflection = new \ReflectionMethod(__METHOD__);
+        $docs = $reflection->getDocComment();
+
+        return (is_string($docs) && strlen($docs) > 50);
+    }
+
+    /**
+     * Check if the PHP module fileinfo is loaded.
+     *
+     * @return bool
+     */
+    public static function fileInfoLoaded() {
+        return function_exists('finfo_open');
+    }
+
+    /**
+     * clear all levels of output buffering
+     *
+     * @return void
+     */
+    public static function obEnd() {
+        while (ob_get_level()) {
+            ob_end_clean();
+        }
+    }
+
+    /**
+     * Checks whether the server is running on Mac OS X
+     *
+     * @return bool true if running on Mac OS X, false otherwise
+     */
+    public static function runningOnMac() {
+        return (strtoupper(substr(PHP_OS, 0, 6)) === 'DARWIN');
+    }
+
+    /**
+     * Handles the case that there may not be a theme, then check if a "default"
+     * theme exists and take that one
+     *
+     * @return string the theme
+     */
+    public static function getTheme() {
+        $theme = \OC::$server->getSystemConfig()->getValue("theme", '');
+
+        if ($theme === '') {
+            if (is_dir(OC::$SERVERROOT . '/themes/default')) {
+                $theme = 'default';
+            }
+        }
+
+        return $theme;
+    }
+
+    /**
+     * Normalize a unicode string
+     *
+     * @param string $value a not normalized string
+     * @return bool|string
+     */
+    public static function normalizeUnicode($value) {
+        if (Normalizer::isNormalized($value)) {
+            return $value;
+        }
+
+        $normalizedValue = Normalizer::normalize($value);
+        if ($normalizedValue === null || $normalizedValue === false) {
+            \OC::$server->getLogger()->warning('normalizing failed for "' . $value . '"', ['app' => 'core']);
+            return $value;
+        }
+
+        return $normalizedValue;
+    }
+
+    /**
+     * A human readable string is generated based on version and build number
+     *
+     * @return string
+     */
+    public static function getHumanVersion() {
+        $version = OC_Util::getVersionString();
+        $build = OC_Util::getBuild();
+        if (!empty($build) and OC_Util::getChannel() === 'daily') {
+            $version .= ' Build:' . $build;
+        }
+        return $version;
+    }
+
+    /**
+     * Returns whether the given file name is valid
+     *
+     * @param string $file file name to check
+     * @return bool true if the file name is valid, false otherwise
+     * @deprecated use \OC\Files\View::verifyPath()
+     */
+    public static function isValidFileName($file) {
+        $trimmed = trim($file);
+        if ($trimmed === '') {
+            return false;
+        }
+        if (\OC\Files\Filesystem::isIgnoredDir($trimmed)) {
+            return false;
+        }
+
+        // detect part files
+        if (preg_match('/' . \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX . '/', $trimmed) !== 0) {
+            return false;
+        }
+
+        foreach (str_split($trimmed) as $char) {
+            if (str_contains(\OCP\Constants::FILENAME_INVALID_CHARS, $char)) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * Check whether the instance needs to perform an upgrade,
+     * either when the core version is higher or any app requires
+     * an upgrade.
+     *
+     * @param \OC\SystemConfig $config
+     * @return bool whether the core or any app needs an upgrade
+     * @throws \OCP\HintException When the upgrade from the given version is not allowed
+     */
+    public static function needUpgrade(\OC\SystemConfig $config) {
+        if ($config->getValue('installed', false)) {
+            $installedVersion = $config->getValue('version', '0.0.0');
+            $currentVersion = implode('.', \OCP\Util::getVersion());
+            $versionDiff = version_compare($currentVersion, $installedVersion);
+            if ($versionDiff > 0) {
+                return true;
+            } elseif ($config->getValue('debug', false) && $versionDiff < 0) {
+                // downgrade with debug
+                $installedMajor = explode('.', $installedVersion);
+                $installedMajor = $installedMajor[0] . '.' . $installedMajor[1];
+                $currentMajor = explode('.', $currentVersion);
+                $currentMajor = $currentMajor[0] . '.' . $currentMajor[1];
+                if ($installedMajor === $currentMajor) {
+                    // Same major, allow downgrade for developers
+                    return true;
+                } else {
+                    // downgrade attempt, throw exception
+                    throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
+                }
+            } elseif ($versionDiff < 0) {
+                // downgrade attempt, throw exception
+                throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
+            }
+
+            // also check for upgrades for apps (independently from the user)
+            $apps = \OC_App::getEnabledApps(false, true);
+            $shouldUpgrade = false;
+            foreach ($apps as $app) {
+                if (\OC_App::shouldUpgrade($app)) {
+                    $shouldUpgrade = true;
+                    break;
+                }
+            }
+            return $shouldUpgrade;
+        } else {
+            return false;
+        }
+    }
 }

Spacing +34 added lines, -34 removed lines

@@ -184,7 +184,7 @@ 
 		/** @var LoggerInterface $logger */
 		$logger = \OC::$server->get(LoggerInterface::class);
 
-		$plainSkeletonDirectory = \OC::$server->getConfig()->getSystemValueString('skeletondirectory', \OC::$SERVERROOT . '/core/skeleton');
+		$plainSkeletonDirectory = \OC::$server->getConfig()->getSystemValueString('skeletondirectory', \OC::$SERVERROOT.'/core/skeleton');
 		$userLang = \OC::$server->getL10NFactory()->findLanguage();
 		$skeletonDirectory = str_replace('{lang}', $userLang, $plainSkeletonDirectory);
 
@@ -206,9 +206,9 @@ 
 		if ($instanceId === null) {
 			throw new \RuntimeException('no instance id!');
 		}
-		$appdata = 'appdata_' . $instanceId;
+		$appdata = 'appdata_'.$instanceId;
 		if ($userId === $appdata) {
-			throw new \RuntimeException('username is reserved name: ' . $appdata);
+			throw new \RuntimeException('username is reserved name: '.$appdata);
 		}
 
 		if (!empty($skeletonDirectory)) {
@@ -243,14 +243,14 @@ 
 		// Copy the files
 		while (false !== ($file = readdir($dir))) {
 			if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
-				if (is_dir($source . '/' . $file)) {
+				if (is_dir($source.'/'.$file)) {
 					$child = $target->newFolder($file);
-					self::copyr($source . '/' . $file, $child);
+					self::copyr($source.'/'.$file, $child);
 				} else {
 					$child = $target->newFile($file);
-					$sourceStream = fopen($source . '/' . $file, 'r');
+					$sourceStream = fopen($source.'/'.$file, 'r');
 					if ($sourceStream === false) {
-						$logger->error(sprintf('Could not fopen "%s"', $source . '/' . $file), ['app' => 'core']);
+						$logger->error(sprintf('Could not fopen "%s"', $source.'/'.$file), ['app' => 'core']);
 						closedir($dir);
 						return;
 					}
@@ -326,7 +326,7 @@ 
 			return;
 		}
 
-		require OC::$SERVERROOT . '/version.php';
+		require OC::$SERVERROOT.'/version.php';
 		/** @var int $timestamp */
 		self::$versionCache['OC_Version_Timestamp'] = \OC::$VERSION_MTIME;
 		/** @var string $OC_Version */
@@ -500,7 +500,7 @@ 
 	public static function checkServer(\OC\SystemConfig $config) {
 		$l = \OC::$server->getL10N('lib');
 		$errors = [];
-		$CONFIG_DATADIRECTORY = $config->getValue('datadirectory', OC::$SERVERROOT . '/data');
+		$CONFIG_DATADIRECTORY = $config->getValue('datadirectory', OC::$SERVERROOT.'/data');
 
 		if (!self::needUpgrade($config) && $config->getValue('installed', false)) {
 			// this check needs to be done every time
@@ -540,9 +540,9 @@ 
 				$errors[] = [
 					'error' => $l->t('Cannot write into "config" directory.'),
 					'hint' => $l->t('This can usually be fixed by giving the web server write access to the config directory. See %s',
-						[ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. '
+						[$urlGenerator->linkToDocs('admin-dir_permissions')]).'. '
 						. $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s',
-							[ $urlGenerator->linkToDocs('admin-config') ])
+							[$urlGenerator->linkToDocs('admin-config')])
 				];
 			}
 		}
@@ -803,10 +803,10 @@ 
 				'hint' => $l->t('Check the value of "datadirectory" in your configuration.')
 			];
 		}
-		if (!file_exists($dataDirectory . '/.ocdata')) {
+		if (!file_exists($dataDirectory.'/.ocdata')) {
 			$errors[] = [
 				'error' => $l->t('Your data directory is invalid.'),
-				'hint' => $l->t('Ensure there is a file called ".ocdata"' .
+				'hint' => $l->t('Ensure there is a file called ".ocdata"'.
 					' in the root of the data directory.')
 			];
 		}
@@ -822,7 +822,7 @@ 
 	public static function checkLoggedIn() {
 		// Check if we are a user
 		if (!\OC::$server->getUserSession()->isLoggedIn()) {
-			header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute(
+			header('Location: '.\OC::$server->getURLGenerator()->linkToRoute(
 				'core.login.showLoginForm',
 				[
 					'redirect_url' => \OC::$server->getRequest()->getRequestUri(),
@@ -833,7 +833,7 @@ 
 		}
 		// Redirect to 2FA challenge selection if 2FA challenge was not solved yet
 		if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
-			header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
+			header('Location: '.\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
 			exit();
 		}
 	}
@@ -846,7 +846,7 @@ 
 	public static function checkAdminUser() {
 		OC_Util::checkLoggedIn();
 		if (!OC_User::isAdminUser(OC_User::getUser())) {
-			header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
+			header('Location: '.\OCP\Util::linkToAbsolute('', 'index.php'));
 			exit();
 		}
 	}
@@ -872,7 +872,7 @@ 
 	 */
 	public static function redirectToDefaultPage() {
 		$location = self::getDefaultPageUrl();
-		header('Location: ' . $location);
+		header('Location: '.$location);
 		exit();
 	}
 
@@ -885,7 +885,7 @@ 
 		$id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
 		if (is_null($id)) {
 			// We need to guarantee at least one letter in instanceid so it can be used as the session_name
-			$id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
+			$id = 'oc'.\OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
 			\OC::$server->getSystemConfig()->setValue('instanceid', $id);
 		}
 		return $id;
@@ -903,12 +903,12 @@ 
 	public static function sanitizeHTML($value) {
 		if (is_array($value)) {
 			/** @var string[] $value */
-			$value = array_map(function ($value) {
+			$value = array_map(function($value) {
 				return self::sanitizeHTML($value);
 			}, $value);
 		} else {
 			// Specify encoding for PHP<5.4
-			$value = htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
+			$value = htmlspecialchars((string) $value, ENT_QUOTES, 'UTF-8');
 		}
 		return $value;
 	}
@@ -941,7 +941,7 @@ 
 		$testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.';
 
 		// creating a test file
-		$testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
+		$testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT.'/data').'/'.$fileName;
 
 		if (file_exists($testFile)) {// already running this test, possible recursive call
 			return false;
@@ -950,7 +950,7 @@ 
 		$fp = @fopen($testFile, 'w');
 		if (!$fp) {
 			throw new \OCP\HintException('Can\'t create test file to check for working .htaccess file.',
-				'Make sure it is possible for the web server to write to ' . $testFile);
+				'Make sure it is possible for the web server to write to '.$testFile);
 		}
 		fwrite($fp, $testContent);
 		fclose($fp);
@@ -977,10 +977,10 @@ 
 		}
 
 		$fileName = '/htaccesstest.txt';
-		$testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
+		$testFile = $config->getSystemValueString('datadirectory', OC::$SERVERROOT.'/data').'/'.$fileName;
 
 		// accessing the file via http
-		$url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName);
+		$url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT.'/data'.$fileName);
 		try {
 			$content = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
 		} catch (\Exception $e) {
@@ -988,9 +988,9 @@ 
 		}
 
 		if (str_starts_with($url, 'https:')) {
-			$url = 'http:' . substr($url, 6);
+			$url = 'http:'.substr($url, 6);
 		} else {
-			$url = 'https:' . substr($url, 5);
+			$url = 'https:'.substr($url, 5);
 		}
 
 		try {
@@ -1096,7 +1096,7 @@ 
 		$theme = \OC::$server->getSystemConfig()->getValue("theme", '');
 
 		if ($theme === '') {
-			if (is_dir(OC::$SERVERROOT . '/themes/default')) {
+			if (is_dir(OC::$SERVERROOT.'/themes/default')) {
 				$theme = 'default';
 			}
 		}
@@ -1117,7 +1117,7 @@ 
 
 		$normalizedValue = Normalizer::normalize($value);
 		if ($normalizedValue === null || $normalizedValue === false) {
-			\OC::$server->getLogger()->warning('normalizing failed for "' . $value . '"', ['app' => 'core']);
+			\OC::$server->getLogger()->warning('normalizing failed for "'.$value.'"', ['app' => 'core']);
 			return $value;
 		}
 
@@ -1133,7 +1133,7 @@ 
 		$version = OC_Util::getVersionString();
 		$build = OC_Util::getBuild();
 		if (!empty($build) and OC_Util::getChannel() === 'daily') {
-			$version .= ' Build:' . $build;
+			$version .= ' Build:'.$build;
 		}
 		return $version;
 	}
@@ -1155,7 +1155,7 @@ 
 		}
 
 		// detect part files
-		if (preg_match('/' . \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX . '/', $trimmed) !== 0) {
+		if (preg_match('/'.\OCP\Files\FileInfo::BLACKLIST_FILES_REGEX.'/', $trimmed) !== 0) {
 			return false;
 		}
 
@@ -1186,19 +1186,19 @@ 
 			} elseif ($config->getValue('debug', false) && $versionDiff < 0) {
 				// downgrade with debug
 				$installedMajor = explode('.', $installedVersion);
-				$installedMajor = $installedMajor[0] . '.' . $installedMajor[1];
+				$installedMajor = $installedMajor[0].'.'.$installedMajor[1];
 				$currentMajor = explode('.', $currentVersion);
-				$currentMajor = $currentMajor[0] . '.' . $currentMajor[1];
+				$currentMajor = $currentMajor[0].'.'.$currentMajor[1];
 				if ($installedMajor === $currentMajor) {
 					// Same major, allow downgrade for developers
 					return true;
 				} else {
 					// downgrade attempt, throw exception
-					throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
+					throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from '.$installedVersion.' to '.$currentVersion.')');
 				}
 			} elseif ($versionDiff < 0) {
 				// downgrade attempt, throw exception
-				throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
+				throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from '.$installedVersion.' to '.$currentVersion.')');
 			}
 
 			// also check for upgrades for apps (independently from the user)

lib/private/legacy/OC_App.php

Indentation +899 added lines, -899 removed lines

@@ -73,903 +73,903 @@
  * upgrading and removing apps.
  */
 class OC_App {
-	private static $adminForms = [];
-	private static $personalForms = [];
-	private static $altLogin = [];
-	private static $alreadyRegistered = [];
-	public const supportedApp = 300;
-	public const officialApp = 200;
-
-	/**
-	 * clean the appId
-	 *
-	 * @psalm-taint-escape file
-	 * @psalm-taint-escape include
-	 * @psalm-taint-escape html
-	 * @psalm-taint-escape has_quotes
-	 *
-	 * @param string $app AppId that needs to be cleaned
-	 * @return string
-	 */
-	public static function cleanAppId(string $app): string {
-		return str_replace(['<', '>', '"', "'", '\0', '/', '\\', '..'], '', $app);
-	}
-
-	/**
-	 * Check if an app is loaded
-	 *
-	 * @param string $app
-	 * @return bool
-	 * @deprecated 27.0.0 use IAppManager::isAppLoaded
-	 */
-	public static function isAppLoaded(string $app): bool {
-		return \OC::$server->get(IAppManager::class)->isAppLoaded($app);
-	}
-
-	/**
-	 * loads all apps
-	 *
-	 * @param string[] $types
-	 * @return bool
-	 *
-	 * This function walks through the ownCloud directory and loads all apps
-	 * it can find. A directory contains an app if the file /appinfo/info.xml
-	 * exists.
-	 *
-	 * if $types is set to non-empty array, only apps of those types will be loaded
-	 */
-	public static function loadApps(array $types = []): bool {
-		if (!\OC::$server->getSystemConfig()->getValue('installed', false)) {
-			// This should be done before calling this method so that appmanager can be used
-			return false;
-		}
-		return \OC::$server->get(IAppManager::class)->loadApps($types);
-	}
-
-	/**
-	 * load a single app
-	 *
-	 * @param string $app
-	 * @throws Exception
-	 * @deprecated 27.0.0 use IAppManager::loadApp
-	 */
-	public static function loadApp(string $app): void {
-		\OC::$server->get(IAppManager::class)->loadApp($app);
-	}
-
-	/**
-	 * @internal
-	 * @param string $app
-	 * @param string $path
-	 * @param bool $force
-	 */
-	public static function registerAutoloading(string $app, string $path, bool $force = false) {
-		$key = $app . '-' . $path;
-		if (!$force && isset(self::$alreadyRegistered[$key])) {
-			return;
-		}
-
-		self::$alreadyRegistered[$key] = true;
-
-		// Register on PSR-4 composer autoloader
-		$appNamespace = \OC\AppFramework\App::buildAppNamespace($app);
-		\OC::$server->registerNamespace($app, $appNamespace);
-
-		if (file_exists($path . '/composer/autoload.php')) {
-			require_once $path . '/composer/autoload.php';
-		} else {
-			\OC::$composerAutoloader->addPsr4($appNamespace . '\\', $path . '/lib/', true);
-		}
-
-		// Register Test namespace only when testing
-		if (defined('PHPUNIT_RUN') || defined('CLI_TEST_RUN')) {
-			\OC::$composerAutoloader->addPsr4($appNamespace . '\\Tests\\', $path . '/tests/', true);
-		}
-	}
-
-	/**
-	 * check if an app is of a specific type
-	 *
-	 * @param string $app
-	 * @param array $types
-	 * @return bool
-	 * @deprecated 27.0.0 use IAppManager::isType
-	 */
-	public static function isType(string $app, array $types): bool {
-		return \OC::$server->get(IAppManager::class)->isType($app, $types);
-	}
-
-	/**
-	 * read app types from info.xml and cache them in the database
-	 */
-	public static function setAppTypes(string $app) {
-		$appManager = \OC::$server->getAppManager();
-		$appData = $appManager->getAppInfo($app);
-		if (!is_array($appData)) {
-			return;
-		}
-
-		if (isset($appData['types'])) {
-			$appTypes = implode(',', $appData['types']);
-		} else {
-			$appTypes = '';
-			$appData['types'] = [];
-		}
-
-		$config = \OC::$server->getConfig();
-		$config->setAppValue($app, 'types', $appTypes);
-
-		if ($appManager->hasProtectedAppType($appData['types'])) {
-			$enabled = $config->getAppValue($app, 'enabled', 'yes');
-			if ($enabled !== 'yes' && $enabled !== 'no') {
-				$config->setAppValue($app, 'enabled', 'yes');
-			}
-		}
-	}
-
-	/**
-	 * Returns apps enabled for the current user.
-	 *
-	 * @param bool $forceRefresh whether to refresh the cache
-	 * @param bool $all whether to return apps for all users, not only the
-	 * currently logged in one
-	 * @return string[]
-	 */
-	public static function getEnabledApps(bool $forceRefresh = false, bool $all = false): array {
-		if (!\OC::$server->getSystemConfig()->getValue('installed', false)) {
-			return [];
-		}
-		// in incognito mode or when logged out, $user will be false,
-		// which is also the case during an upgrade
-		$appManager = \OC::$server->getAppManager();
-		if ($all) {
-			$user = null;
-		} else {
-			$user = \OC::$server->getUserSession()->getUser();
-		}
-
-		if (is_null($user)) {
-			$apps = $appManager->getInstalledApps();
-		} else {
-			$apps = $appManager->getEnabledAppsForUser($user);
-		}
-		$apps = array_filter($apps, function ($app) {
-			return $app !== 'files';//we add this manually
-		});
-		sort($apps);
-		array_unshift($apps, 'files');
-		return $apps;
-	}
-
-	/**
-	 * enables an app
-	 *
-	 * @param string $appId
-	 * @param array $groups (optional) when set, only these groups will have access to the app
-	 * @throws \Exception
-	 * @return void
-	 *
-	 * This function set an app as enabled in appconfig.
-	 */
-	public function enable(string $appId,
-						   array $groups = []) {
-		// Check if app is already downloaded
-		/** @var Installer $installer */
-		$installer = \OC::$server->query(Installer::class);
-		$isDownloaded = $installer->isDownloaded($appId);
-
-		if (!$isDownloaded) {
-			$installer->downloadApp($appId);
-		}
-
-		$installer->installApp($appId);
-
-		$appManager = \OC::$server->getAppManager();
-		if ($groups !== []) {
-			$groupManager = \OC::$server->getGroupManager();
-			$groupsList = [];
-			foreach ($groups as $group) {
-				$groupItem = $groupManager->get($group);
-				if ($groupItem instanceof \OCP\IGroup) {
-					$groupsList[] = $groupManager->get($group);
-				}
-			}
-			$appManager->enableAppForGroups($appId, $groupsList);
-		} else {
-			$appManager->enableApp($appId);
-		}
-	}
-
-	/**
-	 * Get the path where to install apps
-	 *
-	 * @return string|false
-	 */
-	public static function getInstallPath() {
-		foreach (OC::$APPSROOTS as $dir) {
-			if (isset($dir['writable']) && $dir['writable'] === true) {
-				return $dir['path'];
-			}
-		}
-
-		\OCP\Util::writeLog('core', 'No application directories are marked as writable.', ILogger::ERROR);
-		return null;
-	}
-
-
-	/**
-	 * search for an app in all app-directories
-	 *
-	 * @param string $appId
-	 * @param bool $ignoreCache ignore cache and rebuild it
-	 * @return false|string
-	 */
-	public static function findAppInDirectories(string $appId, bool $ignoreCache = false) {
-		$sanitizedAppId = self::cleanAppId($appId);
-		if ($sanitizedAppId !== $appId) {
-			return false;
-		}
-		static $app_dir = [];
-
-		if (isset($app_dir[$appId]) && !$ignoreCache) {
-			return $app_dir[$appId];
-		}
-
-		$possibleApps = [];
-		foreach (OC::$APPSROOTS as $dir) {
-			if (file_exists($dir['path'] . '/' . $appId)) {
-				$possibleApps[] = $dir;
-			}
-		}
-
-		if (empty($possibleApps)) {
-			return false;
-		} elseif (count($possibleApps) === 1) {
-			$dir = array_shift($possibleApps);
-			$app_dir[$appId] = $dir;
-			return $dir;
-		} else {
-			$versionToLoad = [];
-			foreach ($possibleApps as $possibleApp) {
-				$version = self::getAppVersionByPath($possibleApp['path'] . '/' . $appId);
-				if (empty($versionToLoad) || version_compare($version, $versionToLoad['version'], '>')) {
-					$versionToLoad = [
-						'dir' => $possibleApp,
-						'version' => $version,
-					];
-				}
-			}
-			$app_dir[$appId] = $versionToLoad['dir'];
-			return $versionToLoad['dir'];
-			//TODO - write test
-		}
-	}
-
-	/**
-	 * Get the directory for the given app.
-	 * If the app is defined in multiple directories, the first one is taken. (false if not found)
-	 *
-	 * @psalm-taint-specialize
-	 *
-	 * @param string $appId
-	 * @param bool $refreshAppPath should be set to true only during install/upgrade
-	 * @return string|false
-	 * @deprecated 11.0.0 use \OC::$server->getAppManager()->getAppPath()
-	 */
-	public static function getAppPath(string $appId, bool $refreshAppPath = false) {
-		if ($appId === null || trim($appId) === '') {
-			return false;
-		}
-
-		if (($dir = self::findAppInDirectories($appId, $refreshAppPath)) != false) {
-			return $dir['path'] . '/' . $appId;
-		}
-		return false;
-	}
-
-	/**
-	 * Get the path for the given app on the access
-	 * If the app is defined in multiple directories, the first one is taken. (false if not found)
-	 *
-	 * @param string $appId
-	 * @return string|false
-	 * @deprecated 18.0.0 use \OC::$server->getAppManager()->getAppWebPath()
-	 */
-	public static function getAppWebPath(string $appId) {
-		if (($dir = self::findAppInDirectories($appId)) != false) {
-			return OC::$WEBROOT . $dir['url'] . '/' . $appId;
-		}
-		return false;
-	}
-
-	/**
-	 * get app's version based on it's path
-	 *
-	 * @param string $path
-	 * @return string
-	 */
-	public static function getAppVersionByPath(string $path): string {
-		$infoFile = $path . '/appinfo/info.xml';
-		$appData = \OC::$server->getAppManager()->getAppInfo($infoFile, true);
-		return isset($appData['version']) ? $appData['version'] : '';
-	}
-
-	/**
-	 * get the id of loaded app
-	 *
-	 * @return string
-	 */
-	public static function getCurrentApp(): string {
-		if (\OC::$CLI) {
-			return '';
-		}
-
-		$request = \OC::$server->getRequest();
-		$script = substr($request->getScriptName(), strlen(OC::$WEBROOT) + 1);
-		$topFolder = substr($script, 0, strpos($script, '/') ?: 0);
-		if (empty($topFolder)) {
-			try {
-				$path_info = $request->getPathInfo();
-			} catch (Exception $e) {
-				// Can happen from unit tests because the script name is `./vendor/bin/phpunit` or something a like then.
-				\OC::$server->get(LoggerInterface::class)->error('Failed to detect current app from script path', ['exception' => $e]);
-				return '';
-			}
-			if ($path_info) {
-				$topFolder = substr($path_info, 1, strpos($path_info, '/', 1) - 1);
-			}
-		}
-		if ($topFolder == 'apps') {
-			$length = strlen($topFolder);
-			return substr($script, $length + 1, strpos($script, '/', $length + 1) - $length - 1) ?: '';
-		} else {
-			return $topFolder;
-		}
-	}
-
-	/**
-	 * @param string $type
-	 * @return array
-	 */
-	public static function getForms(string $type): array {
-		$forms = [];
-		switch ($type) {
-			case 'admin':
-				$source = self::$adminForms;
-				break;
-			case 'personal':
-				$source = self::$personalForms;
-				break;
-			default:
-				return [];
-		}
-		foreach ($source as $form) {
-			$forms[] = include $form;
-		}
-		return $forms;
-	}
-
-	/**
-	 * @param array $entry
-	 * @deprecated 20.0.0 Please register your alternative login option using the registerAlternativeLogin() on the RegistrationContext in your Application class implementing the OCP\Authentication\IAlternativeLogin interface
-	 */
-	public static function registerLogIn(array $entry) {
-		\OC::$server->getLogger()->debug('OC_App::registerLogIn() is deprecated, please register your alternative login option using the registerAlternativeLogin() on the RegistrationContext in your Application class implementing the OCP\Authentication\IAlternativeLogin interface');
-		self::$altLogin[] = $entry;
-	}
-
-	/**
-	 * @return array
-	 */
-	public static function getAlternativeLogIns(): array {
-		/** @var Coordinator $bootstrapCoordinator */
-		$bootstrapCoordinator = \OC::$server->query(Coordinator::class);
-
-		foreach ($bootstrapCoordinator->getRegistrationContext()->getAlternativeLogins() as $registration) {
-			if (!in_array(IAlternativeLogin::class, class_implements($registration->getService()), true)) {
-				\OC::$server->getLogger()->error('Alternative login option {option} does not implement {interface} and is therefore ignored.', [
-					'option' => $registration->getService(),
-					'interface' => IAlternativeLogin::class,
-					'app' => $registration->getAppId(),
-				]);
-				continue;
-			}
-
-			try {
-				/** @var IAlternativeLogin $provider */
-				$provider = \OC::$server->query($registration->getService());
-			} catch (QueryException $e) {
-				\OC::$server->getLogger()->logException($e, [
-					'message' => 'Alternative login option {option} can not be initialised.',
-					'option' => $registration->getService(),
-					'app' => $registration->getAppId(),
-				]);
-			}
-
-			try {
-				$provider->load();
-
-				self::$altLogin[] = [
-					'name' => $provider->getLabel(),
-					'href' => $provider->getLink(),
-					'class' => $provider->getClass(),
-				];
-			} catch (Throwable $e) {
-				\OC::$server->getLogger()->logException($e, [
-					'message' => 'Alternative login option {option} had an error while loading.',
-					'option' => $registration->getService(),
-					'app' => $registration->getAppId(),
-				]);
-			}
-		}
-
-		return self::$altLogin;
-	}
-
-	/**
-	 * get a list of all apps in the apps folder
-	 *
-	 * @return string[] an array of app names (string IDs)
-	 * @todo: change the name of this method to getInstalledApps, which is more accurate
-	 */
-	public static function getAllApps(): array {
-		$apps = [];
-
-		foreach (OC::$APPSROOTS as $apps_dir) {
-			if (!is_readable($apps_dir['path'])) {
-				\OCP\Util::writeLog('core', 'unable to read app folder : ' . $apps_dir['path'], ILogger::WARN);
-				continue;
-			}
-			$dh = opendir($apps_dir['path']);
-
-			if (is_resource($dh)) {
-				while (($file = readdir($dh)) !== false) {
-					if ($file[0] != '.' and is_dir($apps_dir['path'] . '/' . $file) and is_file($apps_dir['path'] . '/' . $file . '/appinfo/info.xml')) {
-						$apps[] = $file;
-					}
-				}
-			}
-		}
-
-		$apps = array_unique($apps);
-
-		return $apps;
-	}
-
-	/**
-	 * List all supported apps
-	 *
-	 * @return array
-	 */
-	public function getSupportedApps(): array {
-		/** @var \OCP\Support\Subscription\IRegistry $subscriptionRegistry */
-		$subscriptionRegistry = \OC::$server->query(\OCP\Support\Subscription\IRegistry::class);
-		$supportedApps = $subscriptionRegistry->delegateGetSupportedApps();
-		return $supportedApps;
-	}
-
-	/**
-	 * List all apps, this is used in apps.php
-	 *
-	 * @return array
-	 */
-	public function listAllApps(): array {
-		$installedApps = OC_App::getAllApps();
-
-		$appManager = \OC::$server->getAppManager();
-		//we don't want to show configuration for these
-		$blacklist = $appManager->getAlwaysEnabledApps();
-		$appList = [];
-		$langCode = \OC::$server->getL10N('core')->getLanguageCode();
-		$urlGenerator = \OC::$server->getURLGenerator();
-		$supportedApps = $this->getSupportedApps();
-
-		foreach ($installedApps as $app) {
-			if (array_search($app, $blacklist) === false) {
-				$info = $appManager->getAppInfo($app, false, $langCode);
-				if (!is_array($info)) {
-					\OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', ILogger::ERROR);
-					continue;
-				}
-
-				if (!isset($info['name'])) {
-					\OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', ILogger::ERROR);
-					continue;
-				}
-
-				$enabled = \OC::$server->getConfig()->getAppValue($app, 'enabled', 'no');
-				$info['groups'] = null;
-				if ($enabled === 'yes') {
-					$active = true;
-				} elseif ($enabled === 'no') {
-					$active = false;
-				} else {
-					$active = true;
-					$info['groups'] = $enabled;
-				}
-
-				$info['active'] = $active;
-
-				if ($appManager->isShipped($app)) {
-					$info['internal'] = true;
-					$info['level'] = self::officialApp;
-					$info['removable'] = false;
-				} else {
-					$info['internal'] = false;
-					$info['removable'] = true;
-				}
-
-				if (in_array($app, $supportedApps)) {
-					$info['level'] = self::supportedApp;
-				}
-
-				$appPath = self::getAppPath($app);
-				if ($appPath !== false) {
-					$appIcon = $appPath . '/img/' . $app . '.svg';
-					if (file_exists($appIcon)) {
-						$info['preview'] = $urlGenerator->imagePath($app, $app . '.svg');
-						$info['previewAsIcon'] = true;
-					} else {
-						$appIcon = $appPath . '/img/app.svg';
-						if (file_exists($appIcon)) {
-							$info['preview'] = $urlGenerator->imagePath($app, 'app.svg');
-							$info['previewAsIcon'] = true;
-						}
-					}
-				}
-				// fix documentation
-				if (isset($info['documentation']) && is_array($info['documentation'])) {
-					foreach ($info['documentation'] as $key => $url) {
-						// If it is not an absolute URL we assume it is a key
-						// i.e. admin-ldap will get converted to go.php?to=admin-ldap
-						if (stripos($url, 'https://') !== 0 && stripos($url, 'http://') !== 0) {
-							$url = $urlGenerator->linkToDocs($url);
-						}
-
-						$info['documentation'][$key] = $url;
-					}
-				}
-
-				$info['version'] = $appManager->getAppVersion($app);
-				$appList[] = $info;
-			}
-		}
-
-		return $appList;
-	}
-
-	public static function shouldUpgrade(string $app): bool {
-		$versions = self::getAppVersions();
-		$currentVersion = \OCP\Server::get(\OCP\App\IAppManager::class)->getAppVersion($app);
-		if ($currentVersion && isset($versions[$app])) {
-			$installedVersion = $versions[$app];
-			if (!version_compare($currentVersion, $installedVersion, '=')) {
-				return true;
-			}
-		}
-		return false;
-	}
-
-	/**
-	 * Adjust the number of version parts of $version1 to match
-	 * the number of version parts of $version2.
-	 *
-	 * @param string $version1 version to adjust
-	 * @param string $version2 version to take the number of parts from
-	 * @return string shortened $version1
-	 */
-	private static function adjustVersionParts(string $version1, string $version2): string {
-		$version1 = explode('.', $version1);
-		$version2 = explode('.', $version2);
-		// reduce $version1 to match the number of parts in $version2
-		while (count($version1) > count($version2)) {
-			array_pop($version1);
-		}
-		// if $version1 does not have enough parts, add some
-		while (count($version1) < count($version2)) {
-			$version1[] = '0';
-		}
-		return implode('.', $version1);
-	}
-
-	/**
-	 * Check whether the current ownCloud version matches the given
-	 * application's version requirements.
-	 *
-	 * The comparison is made based on the number of parts that the
-	 * app info version has. For example for ownCloud 6.0.3 if the
-	 * app info version is expecting version 6.0, the comparison is
-	 * made on the first two parts of the ownCloud version.
-	 * This means that it's possible to specify "requiremin" => 6
-	 * and "requiremax" => 6 and it will still match ownCloud 6.0.3.
-	 *
-	 * @param string $ocVersion ownCloud version to check against
-	 * @param array $appInfo app info (from xml)
-	 *
-	 * @return boolean true if compatible, otherwise false
-	 */
-	public static function isAppCompatible(string $ocVersion, array $appInfo, bool $ignoreMax = false): bool {
-		$requireMin = '';
-		$requireMax = '';
-		if (isset($appInfo['dependencies']['nextcloud']['@attributes']['min-version'])) {
-			$requireMin = $appInfo['dependencies']['nextcloud']['@attributes']['min-version'];
-		} elseif (isset($appInfo['dependencies']['owncloud']['@attributes']['min-version'])) {
-			$requireMin = $appInfo['dependencies']['owncloud']['@attributes']['min-version'];
-		} elseif (isset($appInfo['requiremin'])) {
-			$requireMin = $appInfo['requiremin'];
-		} elseif (isset($appInfo['require'])) {
-			$requireMin = $appInfo['require'];
-		}
-
-		if (isset($appInfo['dependencies']['nextcloud']['@attributes']['max-version'])) {
-			$requireMax = $appInfo['dependencies']['nextcloud']['@attributes']['max-version'];
-		} elseif (isset($appInfo['dependencies']['owncloud']['@attributes']['max-version'])) {
-			$requireMax = $appInfo['dependencies']['owncloud']['@attributes']['max-version'];
-		} elseif (isset($appInfo['requiremax'])) {
-			$requireMax = $appInfo['requiremax'];
-		}
-
-		if (!empty($requireMin)
-			&& version_compare(self::adjustVersionParts($ocVersion, $requireMin), $requireMin, '<')
-		) {
-			return false;
-		}
-
-		if (!$ignoreMax && !empty($requireMax)
-			&& version_compare(self::adjustVersionParts($ocVersion, $requireMax), $requireMax, '>')
-		) {
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * get the installed version of all apps
-	 */
-	public static function getAppVersions() {
-		static $versions;
-
-		if (!$versions) {
-			$appConfig = \OC::$server->getAppConfig();
-			$versions = $appConfig->getValues(false, 'installed_version');
-		}
-		return $versions;
-	}
-
-	/**
-	 * update the database for the app and call the update script
-	 *
-	 * @param string $appId
-	 * @return bool
-	 */
-	public static function updateApp(string $appId): bool {
-		// for apps distributed with core, we refresh app path in case the downloaded version
-		// have been installed in custom apps and not in the default path
-		$appPath = self::getAppPath($appId, true);
-		if ($appPath === false) {
-			return false;
-		}
-
-		if (is_file($appPath . '/appinfo/database.xml')) {
-			\OC::$server->getLogger()->error('The appinfo/database.xml file is not longer supported. Used in ' . $appId);
-			return false;
-		}
-
-		\OC::$server->getAppManager()->clearAppsCache();
-		$l = \OC::$server->getL10N('core');
-		$appData = \OCP\Server::get(\OCP\App\IAppManager::class)->getAppInfo($appId, false, $l->getLanguageCode());
-
-		$ignoreMaxApps = \OC::$server->getConfig()->getSystemValue('app_install_overwrite', []);
-		$ignoreMax = in_array($appId, $ignoreMaxApps, true);
-		\OC_App::checkAppDependencies(
-			\OC::$server->getConfig(),
-			$l,
-			$appData,
-			$ignoreMax
-		);
-
-		self::registerAutoloading($appId, $appPath, true);
-		self::executeRepairSteps($appId, $appData['repair-steps']['pre-migration']);
-
-		$ms = new MigrationService($appId, \OC::$server->get(\OC\DB\Connection::class));
-		$ms->migrate();
-
-		self::executeRepairSteps($appId, $appData['repair-steps']['post-migration']);
-		self::setupLiveMigrations($appId, $appData['repair-steps']['live-migration']);
-		// update appversion in app manager
-		\OC::$server->getAppManager()->clearAppsCache();
-		\OC::$server->getAppManager()->getAppVersion($appId, false);
-
-		self::setupBackgroundJobs($appData['background-jobs']);
-
-		//set remote/public handlers
-		if (array_key_exists('ocsid', $appData)) {
-			\OC::$server->getConfig()->setAppValue($appId, 'ocsid', $appData['ocsid']);
-		} elseif (\OC::$server->getConfig()->getAppValue($appId, 'ocsid', null) !== null) {
-			\OC::$server->getConfig()->deleteAppValue($appId, 'ocsid');
-		}
-		foreach ($appData['remote'] as $name => $path) {
-			\OC::$server->getConfig()->setAppValue('core', 'remote_' . $name, $appId . '/' . $path);
-		}
-		foreach ($appData['public'] as $name => $path) {
-			\OC::$server->getConfig()->setAppValue('core', 'public_' . $name, $appId . '/' . $path);
-		}
-
-		self::setAppTypes($appId);
-
-		$version = \OCP\Server::get(\OCP\App\IAppManager::class)->getAppVersion($appId);
-		\OC::$server->getConfig()->setAppValue($appId, 'installed_version', $version);
-
-		\OC::$server->get(IEventDispatcher::class)->dispatchTyped(new AppUpdateEvent($appId));
-		\OC::$server->getEventDispatcher()->dispatch(ManagerEvent::EVENT_APP_UPDATE, new ManagerEvent(
-			ManagerEvent::EVENT_APP_UPDATE, $appId
-		));
-
-		return true;
-	}
-
-	/**
-	 * @param string $appId
-	 * @param string[] $steps
-	 * @throws \OC\NeedsUpdateException
-	 */
-	public static function executeRepairSteps(string $appId, array $steps) {
-		if (empty($steps)) {
-			return;
-		}
-		// load the app
-		self::loadApp($appId);
-
-		$dispatcher = \OC::$server->get(IEventDispatcher::class);
-
-		// load the steps
-		$r = new Repair([], $dispatcher, \OC::$server->get(LoggerInterface::class));
-		foreach ($steps as $step) {
-			try {
-				$r->addStep($step);
-			} catch (Exception $ex) {
-				$dispatcher->dispatchTyped(new RepairErrorEvent($ex->getMessage()));
-				\OC::$server->getLogger()->logException($ex);
-			}
-		}
-		// run the steps
-		$r->run();
-	}
-
-	public static function setupBackgroundJobs(array $jobs) {
-		$queue = \OC::$server->getJobList();
-		foreach ($jobs as $job) {
-			$queue->add($job);
-		}
-	}
-
-	/**
-	 * @param string $appId
-	 * @param string[] $steps
-	 */
-	private static function setupLiveMigrations(string $appId, array $steps) {
-		$queue = \OC::$server->getJobList();
-		foreach ($steps as $step) {
-			$queue->add('OC\Migration\BackgroundRepair', [
-				'app' => $appId,
-				'step' => $step]);
-		}
-	}
-
-	/**
-	 * @param string $appId
-	 * @return \OC\Files\View|false
-	 */
-	public static function getStorage(string $appId) {
-		if (\OC::$server->getAppManager()->isEnabledForUser($appId)) { //sanity check
-			if (\OC::$server->getUserSession()->isLoggedIn()) {
-				$view = new \OC\Files\View('/' . OC_User::getUser());
-				if (!$view->file_exists($appId)) {
-					$view->mkdir($appId);
-				}
-				return new \OC\Files\View('/' . OC_User::getUser() . '/' . $appId);
-			} else {
-				\OCP\Util::writeLog('core', 'Can\'t get app storage, app ' . $appId . ', user not logged in', ILogger::ERROR);
-				return false;
-			}
-		} else {
-			\OCP\Util::writeLog('core', 'Can\'t get app storage, app ' . $appId . ' not enabled', ILogger::ERROR);
-			return false;
-		}
-	}
-
-	protected static function findBestL10NOption(array $options, string $lang): string {
-		// only a single option
-		if (isset($options['@value'])) {
-			return $options['@value'];
-		}
-
-		$fallback = $similarLangFallback = $englishFallback = false;
-
-		$lang = strtolower($lang);
-		$similarLang = $lang;
-		if (strpos($similarLang, '_')) {
-			// For "de_DE" we want to find "de" and the other way around
-			$similarLang = substr($lang, 0, strpos($lang, '_'));
-		}
-
-		foreach ($options as $option) {
-			if (is_array($option)) {
-				if ($fallback === false) {
-					$fallback = $option['@value'];
-				}
-
-				if (!isset($option['@attributes']['lang'])) {
-					continue;
-				}
-
-				$attributeLang = strtolower($option['@attributes']['lang']);
-				if ($attributeLang === $lang) {
-					return $option['@value'];
-				}
-
-				if ($attributeLang === $similarLang) {
-					$similarLangFallback = $option['@value'];
-				} elseif (str_starts_with($attributeLang, $similarLang . '_')) {
-					if ($similarLangFallback === false) {
-						$similarLangFallback = $option['@value'];
-					}
-				}
-			} else {
-				$englishFallback = $option;
-			}
-		}
-
-		if ($similarLangFallback !== false) {
-			return $similarLangFallback;
-		} elseif ($englishFallback !== false) {
-			return $englishFallback;
-		}
-		return (string) $fallback;
-	}
-
-	/**
-	 * parses the app data array and enhanced the 'description' value
-	 *
-	 * @param array $data the app data
-	 * @param string $lang
-	 * @return array improved app data
-	 */
-	public static function parseAppInfo(array $data, $lang = null): array {
-		if ($lang && isset($data['name']) && is_array($data['name'])) {
-			$data['name'] = self::findBestL10NOption($data['name'], $lang);
-		}
-		if ($lang && isset($data['summary']) && is_array($data['summary'])) {
-			$data['summary'] = self::findBestL10NOption($data['summary'], $lang);
-		}
-		if ($lang && isset($data['description']) && is_array($data['description'])) {
-			$data['description'] = trim(self::findBestL10NOption($data['description'], $lang));
-		} elseif (isset($data['description']) && is_string($data['description'])) {
-			$data['description'] = trim($data['description']);
-		} else {
-			$data['description'] = '';
-		}
-
-		return $data;
-	}
-
-	/**
-	 * @param \OCP\IConfig $config
-	 * @param \OCP\IL10N $l
-	 * @param array $info
-	 * @throws \Exception
-	 */
-	public static function checkAppDependencies(\OCP\IConfig $config, \OCP\IL10N $l, array $info, bool $ignoreMax) {
-		$dependencyAnalyzer = new DependencyAnalyzer(new Platform($config), $l);
-		$missing = $dependencyAnalyzer->analyze($info, $ignoreMax);
-		if (!empty($missing)) {
-			$missingMsg = implode(PHP_EOL, $missing);
-			throw new \Exception(
-				$l->t('App "%1$s" cannot be installed because the following dependencies are not fulfilled: %2$s',
-					[$info['name'], $missingMsg]
-				)
-			);
-		}
-	}
+    private static $adminForms = [];
+    private static $personalForms = [];
+    private static $altLogin = [];
+    private static $alreadyRegistered = [];
+    public const supportedApp = 300;
+    public const officialApp = 200;
+
+    /**
+     * clean the appId
+     *
+     * @psalm-taint-escape file
+     * @psalm-taint-escape include
+     * @psalm-taint-escape html
+     * @psalm-taint-escape has_quotes
+     *
+     * @param string $app AppId that needs to be cleaned
+     * @return string
+     */
+    public static function cleanAppId(string $app): string {
+        return str_replace(['<', '>', '"', "'", '\0', '/', '\\', '..'], '', $app);
+    }
+
+    /**
+     * Check if an app is loaded
+     *
+     * @param string $app
+     * @return bool
+     * @deprecated 27.0.0 use IAppManager::isAppLoaded
+     */
+    public static function isAppLoaded(string $app): bool {
+        return \OC::$server->get(IAppManager::class)->isAppLoaded($app);
+    }
+
+    /**
+     * loads all apps
+     *
+     * @param string[] $types
+     * @return bool
+     *
+     * This function walks through the ownCloud directory and loads all apps
+     * it can find. A directory contains an app if the file /appinfo/info.xml
+     * exists.
+     *
+     * if $types is set to non-empty array, only apps of those types will be loaded
+     */
+    public static function loadApps(array $types = []): bool {
+        if (!\OC::$server->getSystemConfig()->getValue('installed', false)) {
+            // This should be done before calling this method so that appmanager can be used
+            return false;
+        }
+        return \OC::$server->get(IAppManager::class)->loadApps($types);
+    }
+
+    /**
+     * load a single app
+     *
+     * @param string $app
+     * @throws Exception
+     * @deprecated 27.0.0 use IAppManager::loadApp
+     */
+    public static function loadApp(string $app): void {
+        \OC::$server->get(IAppManager::class)->loadApp($app);
+    }
+
+    /**
+     * @internal
+     * @param string $app
+     * @param string $path
+     * @param bool $force
+     */
+    public static function registerAutoloading(string $app, string $path, bool $force = false) {
+        $key = $app . '-' . $path;
+        if (!$force && isset(self::$alreadyRegistered[$key])) {
+            return;
+        }
+
+        self::$alreadyRegistered[$key] = true;
+
+        // Register on PSR-4 composer autoloader
+        $appNamespace = \OC\AppFramework\App::buildAppNamespace($app);
+        \OC::$server->registerNamespace($app, $appNamespace);
+
+        if (file_exists($path . '/composer/autoload.php')) {
+            require_once $path . '/composer/autoload.php';
+        } else {
+            \OC::$composerAutoloader->addPsr4($appNamespace . '\\', $path . '/lib/', true);
+        }
+
+        // Register Test namespace only when testing
+        if (defined('PHPUNIT_RUN') || defined('CLI_TEST_RUN')) {
+            \OC::$composerAutoloader->addPsr4($appNamespace . '\\Tests\\', $path . '/tests/', true);
+        }
+    }
+
+    /**
+     * check if an app is of a specific type
+     *
+     * @param string $app
+     * @param array $types
+     * @return bool
+     * @deprecated 27.0.0 use IAppManager::isType
+     */
+    public static function isType(string $app, array $types): bool {
+        return \OC::$server->get(IAppManager::class)->isType($app, $types);
+    }
+
+    /**
+     * read app types from info.xml and cache them in the database
+     */
+    public static function setAppTypes(string $app) {
+        $appManager = \OC::$server->getAppManager();
+        $appData = $appManager->getAppInfo($app);
+        if (!is_array($appData)) {
+            return;
+        }
+
+        if (isset($appData['types'])) {
+            $appTypes = implode(',', $appData['types']);
+        } else {
+            $appTypes = '';
+            $appData['types'] = [];
+        }
+
+        $config = \OC::$server->getConfig();
+        $config->setAppValue($app, 'types', $appTypes);
+
+        if ($appManager->hasProtectedAppType($appData['types'])) {
+            $enabled = $config->getAppValue($app, 'enabled', 'yes');
+            if ($enabled !== 'yes' && $enabled !== 'no') {
+                $config->setAppValue($app, 'enabled', 'yes');
+            }
+        }
+    }
+
+    /**
+     * Returns apps enabled for the current user.
+     *
+     * @param bool $forceRefresh whether to refresh the cache
+     * @param bool $all whether to return apps for all users, not only the
+     * currently logged in one
+     * @return string[]
+     */
+    public static function getEnabledApps(bool $forceRefresh = false, bool $all = false): array {
+        if (!\OC::$server->getSystemConfig()->getValue('installed', false)) {
+            return [];
+        }
+        // in incognito mode or when logged out, $user will be false,
+        // which is also the case during an upgrade
+        $appManager = \OC::$server->getAppManager();
+        if ($all) {
+            $user = null;
+        } else {
+            $user = \OC::$server->getUserSession()->getUser();
+        }
+
+        if (is_null($user)) {
+            $apps = $appManager->getInstalledApps();
+        } else {
+            $apps = $appManager->getEnabledAppsForUser($user);
+        }
+        $apps = array_filter($apps, function ($app) {
+            return $app !== 'files';//we add this manually
+        });
+        sort($apps);
+        array_unshift($apps, 'files');
+        return $apps;
+    }
+
+    /**
+     * enables an app
+     *
+     * @param string $appId
+     * @param array $groups (optional) when set, only these groups will have access to the app
+     * @throws \Exception
+     * @return void
+     *
+     * This function set an app as enabled in appconfig.
+     */
+    public function enable(string $appId,
+                            array $groups = []) {
+        // Check if app is already downloaded
+        /** @var Installer $installer */
+        $installer = \OC::$server->query(Installer::class);
+        $isDownloaded = $installer->isDownloaded($appId);
+
+        if (!$isDownloaded) {
+            $installer->downloadApp($appId);
+        }
+
+        $installer->installApp($appId);
+
+        $appManager = \OC::$server->getAppManager();
+        if ($groups !== []) {
+            $groupManager = \OC::$server->getGroupManager();
+            $groupsList = [];
+            foreach ($groups as $group) {
+                $groupItem = $groupManager->get($group);
+                if ($groupItem instanceof \OCP\IGroup) {
+                    $groupsList[] = $groupManager->get($group);
+                }
+            }
+            $appManager->enableAppForGroups($appId, $groupsList);
+        } else {
+            $appManager->enableApp($appId);
+        }
+    }
+
+    /**
+     * Get the path where to install apps
+     *
+     * @return string|false
+     */
+    public static function getInstallPath() {
+        foreach (OC::$APPSROOTS as $dir) {
+            if (isset($dir['writable']) && $dir['writable'] === true) {
+                return $dir['path'];
+            }
+        }
+
+        \OCP\Util::writeLog('core', 'No application directories are marked as writable.', ILogger::ERROR);
+        return null;
+    }
+
+
+    /**
+     * search for an app in all app-directories
+     *
+     * @param string $appId
+     * @param bool $ignoreCache ignore cache and rebuild it
+     * @return false|string
+     */
+    public static function findAppInDirectories(string $appId, bool $ignoreCache = false) {
+        $sanitizedAppId = self::cleanAppId($appId);
+        if ($sanitizedAppId !== $appId) {
+            return false;
+        }
+        static $app_dir = [];
+
+        if (isset($app_dir[$appId]) && !$ignoreCache) {
+            return $app_dir[$appId];
+        }
+
+        $possibleApps = [];
+        foreach (OC::$APPSROOTS as $dir) {
+            if (file_exists($dir['path'] . '/' . $appId)) {
+                $possibleApps[] = $dir;
+            }
+        }
+
+        if (empty($possibleApps)) {
+            return false;
+        } elseif (count($possibleApps) === 1) {
+            $dir = array_shift($possibleApps);
+            $app_dir[$appId] = $dir;
+            return $dir;
+        } else {
+            $versionToLoad = [];
+            foreach ($possibleApps as $possibleApp) {
+                $version = self::getAppVersionByPath($possibleApp['path'] . '/' . $appId);
+                if (empty($versionToLoad) || version_compare($version, $versionToLoad['version'], '>')) {
+                    $versionToLoad = [
+                        'dir' => $possibleApp,
+                        'version' => $version,
+                    ];
+                }
+            }
+            $app_dir[$appId] = $versionToLoad['dir'];
+            return $versionToLoad['dir'];
+            //TODO - write test
+        }
+    }
+
+    /**
+     * Get the directory for the given app.
+     * If the app is defined in multiple directories, the first one is taken. (false if not found)
+     *
+     * @psalm-taint-specialize
+     *
+     * @param string $appId
+     * @param bool $refreshAppPath should be set to true only during install/upgrade
+     * @return string|false
+     * @deprecated 11.0.0 use \OC::$server->getAppManager()->getAppPath()
+     */
+    public static function getAppPath(string $appId, bool $refreshAppPath = false) {
+        if ($appId === null || trim($appId) === '') {
+            return false;
+        }
+
+        if (($dir = self::findAppInDirectories($appId, $refreshAppPath)) != false) {
+            return $dir['path'] . '/' . $appId;
+        }
+        return false;
+    }
+
+    /**
+     * Get the path for the given app on the access
+     * If the app is defined in multiple directories, the first one is taken. (false if not found)
+     *
+     * @param string $appId
+     * @return string|false
+     * @deprecated 18.0.0 use \OC::$server->getAppManager()->getAppWebPath()
+     */
+    public static function getAppWebPath(string $appId) {
+        if (($dir = self::findAppInDirectories($appId)) != false) {
+            return OC::$WEBROOT . $dir['url'] . '/' . $appId;
+        }
+        return false;
+    }
+
+    /**
+     * get app's version based on it's path
+     *
+     * @param string $path
+     * @return string
+     */
+    public static function getAppVersionByPath(string $path): string {
+        $infoFile = $path . '/appinfo/info.xml';
+        $appData = \OC::$server->getAppManager()->getAppInfo($infoFile, true);
+        return isset($appData['version']) ? $appData['version'] : '';
+    }
+
+    /**
+     * get the id of loaded app
+     *
+     * @return string
+     */
+    public static function getCurrentApp(): string {
+        if (\OC::$CLI) {
+            return '';
+        }
+
+        $request = \OC::$server->getRequest();
+        $script = substr($request->getScriptName(), strlen(OC::$WEBROOT) + 1);
+        $topFolder = substr($script, 0, strpos($script, '/') ?: 0);
+        if (empty($topFolder)) {
+            try {
+                $path_info = $request->getPathInfo();
+            } catch (Exception $e) {
+                // Can happen from unit tests because the script name is `./vendor/bin/phpunit` or something a like then.
+                \OC::$server->get(LoggerInterface::class)->error('Failed to detect current app from script path', ['exception' => $e]);
+                return '';
+            }
+            if ($path_info) {
+                $topFolder = substr($path_info, 1, strpos($path_info, '/', 1) - 1);
+            }
+        }
+        if ($topFolder == 'apps') {
+            $length = strlen($topFolder);
+            return substr($script, $length + 1, strpos($script, '/', $length + 1) - $length - 1) ?: '';
+        } else {
+            return $topFolder;
+        }
+    }
+
+    /**
+     * @param string $type
+     * @return array
+     */
+    public static function getForms(string $type): array {
+        $forms = [];
+        switch ($type) {
+            case 'admin':
+                $source = self::$adminForms;
+                break;
+            case 'personal':
+                $source = self::$personalForms;
+                break;
+            default:
+                return [];
+        }
+        foreach ($source as $form) {
+            $forms[] = include $form;
+        }
+        return $forms;
+    }
+
+    /**
+     * @param array $entry
+     * @deprecated 20.0.0 Please register your alternative login option using the registerAlternativeLogin() on the RegistrationContext in your Application class implementing the OCP\Authentication\IAlternativeLogin interface
+     */
+    public static function registerLogIn(array $entry) {
+        \OC::$server->getLogger()->debug('OC_App::registerLogIn() is deprecated, please register your alternative login option using the registerAlternativeLogin() on the RegistrationContext in your Application class implementing the OCP\Authentication\IAlternativeLogin interface');
+        self::$altLogin[] = $entry;
+    }
+
+    /**
+     * @return array
+     */
+    public static function getAlternativeLogIns(): array {
+        /** @var Coordinator $bootstrapCoordinator */
+        $bootstrapCoordinator = \OC::$server->query(Coordinator::class);
+
+        foreach ($bootstrapCoordinator->getRegistrationContext()->getAlternativeLogins() as $registration) {
+            if (!in_array(IAlternativeLogin::class, class_implements($registration->getService()), true)) {
+                \OC::$server->getLogger()->error('Alternative login option {option} does not implement {interface} and is therefore ignored.', [
+                    'option' => $registration->getService(),
+                    'interface' => IAlternativeLogin::class,
+                    'app' => $registration->getAppId(),
+                ]);
+                continue;
+            }
+
+            try {
+                /** @var IAlternativeLogin $provider */
+                $provider = \OC::$server->query($registration->getService());
+            } catch (QueryException $e) {
+                \OC::$server->getLogger()->logException($e, [
+                    'message' => 'Alternative login option {option} can not be initialised.',
+                    'option' => $registration->getService(),
+                    'app' => $registration->getAppId(),
+                ]);
+            }
+
+            try {
+                $provider->load();
+
+                self::$altLogin[] = [
+                    'name' => $provider->getLabel(),
+                    'href' => $provider->getLink(),
+                    'class' => $provider->getClass(),
+                ];
+            } catch (Throwable $e) {
+                \OC::$server->getLogger()->logException($e, [
+                    'message' => 'Alternative login option {option} had an error while loading.',
+                    'option' => $registration->getService(),
+                    'app' => $registration->getAppId(),
+                ]);
+            }
+        }
+
+        return self::$altLogin;
+    }
+
+    /**
+     * get a list of all apps in the apps folder
+     *
+     * @return string[] an array of app names (string IDs)
+     * @todo: change the name of this method to getInstalledApps, which is more accurate
+     */
+    public static function getAllApps(): array {
+        $apps = [];
+
+        foreach (OC::$APPSROOTS as $apps_dir) {
+            if (!is_readable($apps_dir['path'])) {
+                \OCP\Util::writeLog('core', 'unable to read app folder : ' . $apps_dir['path'], ILogger::WARN);
+                continue;
+            }
+            $dh = opendir($apps_dir['path']);
+
+            if (is_resource($dh)) {
+                while (($file = readdir($dh)) !== false) {
+                    if ($file[0] != '.' and is_dir($apps_dir['path'] . '/' . $file) and is_file($apps_dir['path'] . '/' . $file . '/appinfo/info.xml')) {
+                        $apps[] = $file;
+                    }
+                }
+            }
+        }
+
+        $apps = array_unique($apps);
+
+        return $apps;
+    }
+
+    /**
+     * List all supported apps
+     *
+     * @return array
+     */
+    public function getSupportedApps(): array {
+        /** @var \OCP\Support\Subscription\IRegistry $subscriptionRegistry */
+        $subscriptionRegistry = \OC::$server->query(\OCP\Support\Subscription\IRegistry::class);
+        $supportedApps = $subscriptionRegistry->delegateGetSupportedApps();
+        return $supportedApps;
+    }
+
+    /**
+     * List all apps, this is used in apps.php
+     *
+     * @return array
+     */
+    public function listAllApps(): array {
+        $installedApps = OC_App::getAllApps();
+
+        $appManager = \OC::$server->getAppManager();
+        //we don't want to show configuration for these
+        $blacklist = $appManager->getAlwaysEnabledApps();
+        $appList = [];
+        $langCode = \OC::$server->getL10N('core')->getLanguageCode();
+        $urlGenerator = \OC::$server->getURLGenerator();
+        $supportedApps = $this->getSupportedApps();
+
+        foreach ($installedApps as $app) {
+            if (array_search($app, $blacklist) === false) {
+                $info = $appManager->getAppInfo($app, false, $langCode);
+                if (!is_array($info)) {
+                    \OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', ILogger::ERROR);
+                    continue;
+                }
+
+                if (!isset($info['name'])) {
+                    \OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', ILogger::ERROR);
+                    continue;
+                }
+
+                $enabled = \OC::$server->getConfig()->getAppValue($app, 'enabled', 'no');
+                $info['groups'] = null;
+                if ($enabled === 'yes') {
+                    $active = true;
+                } elseif ($enabled === 'no') {
+                    $active = false;
+                } else {
+                    $active = true;
+                    $info['groups'] = $enabled;
+                }
+
+                $info['active'] = $active;
+
+                if ($appManager->isShipped($app)) {
+                    $info['internal'] = true;
+                    $info['level'] = self::officialApp;
+                    $info['removable'] = false;
+                } else {
+                    $info['internal'] = false;
+                    $info['removable'] = true;
+                }
+
+                if (in_array($app, $supportedApps)) {
+                    $info['level'] = self::supportedApp;
+                }
+
+                $appPath = self::getAppPath($app);
+                if ($appPath !== false) {
+                    $appIcon = $appPath . '/img/' . $app . '.svg';
+                    if (file_exists($appIcon)) {
+                        $info['preview'] = $urlGenerator->imagePath($app, $app . '.svg');
+                        $info['previewAsIcon'] = true;
+                    } else {
+                        $appIcon = $appPath . '/img/app.svg';
+                        if (file_exists($appIcon)) {
+                            $info['preview'] = $urlGenerator->imagePath($app, 'app.svg');
+                            $info['previewAsIcon'] = true;
+                        }
+                    }
+                }
+                // fix documentation
+                if (isset($info['documentation']) && is_array($info['documentation'])) {
+                    foreach ($info['documentation'] as $key => $url) {
+                        // If it is not an absolute URL we assume it is a key
+                        // i.e. admin-ldap will get converted to go.php?to=admin-ldap
+                        if (stripos($url, 'https://') !== 0 && stripos($url, 'http://') !== 0) {
+                            $url = $urlGenerator->linkToDocs($url);
+                        }
+
+                        $info['documentation'][$key] = $url;
+                    }
+                }
+
+                $info['version'] = $appManager->getAppVersion($app);
+                $appList[] = $info;
+            }
+        }
+
+        return $appList;
+    }
+
+    public static function shouldUpgrade(string $app): bool {
+        $versions = self::getAppVersions();
+        $currentVersion = \OCP\Server::get(\OCP\App\IAppManager::class)->getAppVersion($app);
+        if ($currentVersion && isset($versions[$app])) {
+            $installedVersion = $versions[$app];
+            if (!version_compare($currentVersion, $installedVersion, '=')) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Adjust the number of version parts of $version1 to match
+     * the number of version parts of $version2.
+     *
+     * @param string $version1 version to adjust
+     * @param string $version2 version to take the number of parts from
+     * @return string shortened $version1
+     */
+    private static function adjustVersionParts(string $version1, string $version2): string {
+        $version1 = explode('.', $version1);
+        $version2 = explode('.', $version2);
+        // reduce $version1 to match the number of parts in $version2
+        while (count($version1) > count($version2)) {
+            array_pop($version1);
+        }
+        // if $version1 does not have enough parts, add some
+        while (count($version1) < count($version2)) {
+            $version1[] = '0';
+        }
+        return implode('.', $version1);
+    }
+
+    /**
+     * Check whether the current ownCloud version matches the given
+     * application's version requirements.
+     *
+     * The comparison is made based on the number of parts that the
+     * app info version has. For example for ownCloud 6.0.3 if the
+     * app info version is expecting version 6.0, the comparison is
+     * made on the first two parts of the ownCloud version.
+     * This means that it's possible to specify "requiremin" => 6
+     * and "requiremax" => 6 and it will still match ownCloud 6.0.3.
+     *
+     * @param string $ocVersion ownCloud version to check against
+     * @param array $appInfo app info (from xml)
+     *
+     * @return boolean true if compatible, otherwise false
+     */
+    public static function isAppCompatible(string $ocVersion, array $appInfo, bool $ignoreMax = false): bool {
+        $requireMin = '';
+        $requireMax = '';
+        if (isset($appInfo['dependencies']['nextcloud']['@attributes']['min-version'])) {
+            $requireMin = $appInfo['dependencies']['nextcloud']['@attributes']['min-version'];
+        } elseif (isset($appInfo['dependencies']['owncloud']['@attributes']['min-version'])) {
+            $requireMin = $appInfo['dependencies']['owncloud']['@attributes']['min-version'];
+        } elseif (isset($appInfo['requiremin'])) {
+            $requireMin = $appInfo['requiremin'];
+        } elseif (isset($appInfo['require'])) {
+            $requireMin = $appInfo['require'];
+        }
+
+        if (isset($appInfo['dependencies']['nextcloud']['@attributes']['max-version'])) {
+            $requireMax = $appInfo['dependencies']['nextcloud']['@attributes']['max-version'];
+        } elseif (isset($appInfo['dependencies']['owncloud']['@attributes']['max-version'])) {
+            $requireMax = $appInfo['dependencies']['owncloud']['@attributes']['max-version'];
+        } elseif (isset($appInfo['requiremax'])) {
+            $requireMax = $appInfo['requiremax'];
+        }
+
+        if (!empty($requireMin)
+            && version_compare(self::adjustVersionParts($ocVersion, $requireMin), $requireMin, '<')
+        ) {
+            return false;
+        }
+
+        if (!$ignoreMax && !empty($requireMax)
+            && version_compare(self::adjustVersionParts($ocVersion, $requireMax), $requireMax, '>')
+        ) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * get the installed version of all apps
+     */
+    public static function getAppVersions() {
+        static $versions;
+
+        if (!$versions) {
+            $appConfig = \OC::$server->getAppConfig();
+            $versions = $appConfig->getValues(false, 'installed_version');
+        }
+        return $versions;
+    }
+
+    /**
+     * update the database for the app and call the update script
+     *
+     * @param string $appId
+     * @return bool
+     */
+    public static function updateApp(string $appId): bool {
+        // for apps distributed with core, we refresh app path in case the downloaded version
+        // have been installed in custom apps and not in the default path
+        $appPath = self::getAppPath($appId, true);
+        if ($appPath === false) {
+            return false;
+        }
+
+        if (is_file($appPath . '/appinfo/database.xml')) {
+            \OC::$server->getLogger()->error('The appinfo/database.xml file is not longer supported. Used in ' . $appId);
+            return false;
+        }
+
+        \OC::$server->getAppManager()->clearAppsCache();
+        $l = \OC::$server->getL10N('core');
+        $appData = \OCP\Server::get(\OCP\App\IAppManager::class)->getAppInfo($appId, false, $l->getLanguageCode());
+
+        $ignoreMaxApps = \OC::$server->getConfig()->getSystemValue('app_install_overwrite', []);
+        $ignoreMax = in_array($appId, $ignoreMaxApps, true);
+        \OC_App::checkAppDependencies(
+            \OC::$server->getConfig(),
+            $l,
+            $appData,
+            $ignoreMax
+        );
+
+        self::registerAutoloading($appId, $appPath, true);
+        self::executeRepairSteps($appId, $appData['repair-steps']['pre-migration']);
+
+        $ms = new MigrationService($appId, \OC::$server->get(\OC\DB\Connection::class));
+        $ms->migrate();
+
+        self::executeRepairSteps($appId, $appData['repair-steps']['post-migration']);
+        self::setupLiveMigrations($appId, $appData['repair-steps']['live-migration']);
+        // update appversion in app manager
+        \OC::$server->getAppManager()->clearAppsCache();
+        \OC::$server->getAppManager()->getAppVersion($appId, false);
+
+        self::setupBackgroundJobs($appData['background-jobs']);
+
+        //set remote/public handlers
+        if (array_key_exists('ocsid', $appData)) {
+            \OC::$server->getConfig()->setAppValue($appId, 'ocsid', $appData['ocsid']);
+        } elseif (\OC::$server->getConfig()->getAppValue($appId, 'ocsid', null) !== null) {
+            \OC::$server->getConfig()->deleteAppValue($appId, 'ocsid');
+        }
+        foreach ($appData['remote'] as $name => $path) {
+            \OC::$server->getConfig()->setAppValue('core', 'remote_' . $name, $appId . '/' . $path);
+        }
+        foreach ($appData['public'] as $name => $path) {
+            \OC::$server->getConfig()->setAppValue('core', 'public_' . $name, $appId . '/' . $path);
+        }
+
+        self::setAppTypes($appId);
+
+        $version = \OCP\Server::get(\OCP\App\IAppManager::class)->getAppVersion($appId);
+        \OC::$server->getConfig()->setAppValue($appId, 'installed_version', $version);
+
+        \OC::$server->get(IEventDispatcher::class)->dispatchTyped(new AppUpdateEvent($appId));
+        \OC::$server->getEventDispatcher()->dispatch(ManagerEvent::EVENT_APP_UPDATE, new ManagerEvent(
+            ManagerEvent::EVENT_APP_UPDATE, $appId
+        ));
+
+        return true;
+    }
+
+    /**
+     * @param string $appId
+     * @param string[] $steps
+     * @throws \OC\NeedsUpdateException
+     */
+    public static function executeRepairSteps(string $appId, array $steps) {
+        if (empty($steps)) {
+            return;
+        }
+        // load the app
+        self::loadApp($appId);
+
+        $dispatcher = \OC::$server->get(IEventDispatcher::class);
+
+        // load the steps
+        $r = new Repair([], $dispatcher, \OC::$server->get(LoggerInterface::class));
+        foreach ($steps as $step) {
+            try {
+                $r->addStep($step);
+            } catch (Exception $ex) {
+                $dispatcher->dispatchTyped(new RepairErrorEvent($ex->getMessage()));
+                \OC::$server->getLogger()->logException($ex);
+            }
+        }
+        // run the steps
+        $r->run();
+    }
+
+    public static function setupBackgroundJobs(array $jobs) {
+        $queue = \OC::$server->getJobList();
+        foreach ($jobs as $job) {
+            $queue->add($job);
+        }
+    }
+
+    /**
+     * @param string $appId
+     * @param string[] $steps
+     */
+    private static function setupLiveMigrations(string $appId, array $steps) {
+        $queue = \OC::$server->getJobList();
+        foreach ($steps as $step) {
+            $queue->add('OC\Migration\BackgroundRepair', [
+                'app' => $appId,
+                'step' => $step]);
+        }
+    }
+
+    /**
+     * @param string $appId
+     * @return \OC\Files\View|false
+     */
+    public static function getStorage(string $appId) {
+        if (\OC::$server->getAppManager()->isEnabledForUser($appId)) { //sanity check
+            if (\OC::$server->getUserSession()->isLoggedIn()) {
+                $view = new \OC\Files\View('/' . OC_User::getUser());
+                if (!$view->file_exists($appId)) {
+                    $view->mkdir($appId);
+                }
+                return new \OC\Files\View('/' . OC_User::getUser() . '/' . $appId);
+            } else {
+                \OCP\Util::writeLog('core', 'Can\'t get app storage, app ' . $appId . ', user not logged in', ILogger::ERROR);
+                return false;
+            }
+        } else {
+            \OCP\Util::writeLog('core', 'Can\'t get app storage, app ' . $appId . ' not enabled', ILogger::ERROR);
+            return false;
+        }
+    }
+
+    protected static function findBestL10NOption(array $options, string $lang): string {
+        // only a single option
+        if (isset($options['@value'])) {
+            return $options['@value'];
+        }
+
+        $fallback = $similarLangFallback = $englishFallback = false;
+
+        $lang = strtolower($lang);
+        $similarLang = $lang;
+        if (strpos($similarLang, '_')) {
+            // For "de_DE" we want to find "de" and the other way around
+            $similarLang = substr($lang, 0, strpos($lang, '_'));
+        }
+
+        foreach ($options as $option) {
+            if (is_array($option)) {
+                if ($fallback === false) {
+                    $fallback = $option['@value'];
+                }
+
+                if (!isset($option['@attributes']['lang'])) {
+                    continue;
+                }
+
+                $attributeLang = strtolower($option['@attributes']['lang']);
+                if ($attributeLang === $lang) {
+                    return $option['@value'];
+                }
+
+                if ($attributeLang === $similarLang) {
+                    $similarLangFallback = $option['@value'];
+                } elseif (str_starts_with($attributeLang, $similarLang . '_')) {
+                    if ($similarLangFallback === false) {
+                        $similarLangFallback = $option['@value'];
+                    }
+                }
+            } else {
+                $englishFallback = $option;
+            }
+        }
+
+        if ($similarLangFallback !== false) {
+            return $similarLangFallback;
+        } elseif ($englishFallback !== false) {
+            return $englishFallback;
+        }
+        return (string) $fallback;
+    }
+
+    /**
+     * parses the app data array and enhanced the 'description' value
+     *
+     * @param array $data the app data
+     * @param string $lang
+     * @return array improved app data
+     */
+    public static function parseAppInfo(array $data, $lang = null): array {
+        if ($lang && isset($data['name']) && is_array($data['name'])) {
+            $data['name'] = self::findBestL10NOption($data['name'], $lang);
+        }
+        if ($lang && isset($data['summary']) && is_array($data['summary'])) {
+            $data['summary'] = self::findBestL10NOption($data['summary'], $lang);
+        }
+        if ($lang && isset($data['description']) && is_array($data['description'])) {
+            $data['description'] = trim(self::findBestL10NOption($data['description'], $lang));
+        } elseif (isset($data['description']) && is_string($data['description'])) {
+            $data['description'] = trim($data['description']);
+        } else {
+            $data['description'] = '';
+        }
+
+        return $data;
+    }
+
+    /**
+     * @param \OCP\IConfig $config
+     * @param \OCP\IL10N $l
+     * @param array $info
+     * @throws \Exception
+     */
+    public static function checkAppDependencies(\OCP\IConfig $config, \OCP\IL10N $l, array $info, bool $ignoreMax) {
+        $dependencyAnalyzer = new DependencyAnalyzer(new Platform($config), $l);
+        $missing = $dependencyAnalyzer->analyze($info, $ignoreMax);
+        if (!empty($missing)) {
+            $missingMsg = implode(PHP_EOL, $missing);
+            throw new \Exception(
+                $l->t('App "%1$s" cannot be installed because the following dependencies are not fulfilled: %2$s',
+                    [$info['name'], $missingMsg]
+                )
+            );
+        }
+    }
 }

Spacing +28 added lines, -28 removed lines

@@ -144,7 +144,7 @@ 
 	 * @param bool $force
 	 */
 	public static function registerAutoloading(string $app, string $path, bool $force = false) {
-		$key = $app . '-' . $path;
+		$key = $app.'-'.$path;
 		if (!$force && isset(self::$alreadyRegistered[$key])) {
 			return;
 		}
@@ -155,15 +155,15 @@ 
 		$appNamespace = \OC\AppFramework\App::buildAppNamespace($app);
 		\OC::$server->registerNamespace($app, $appNamespace);
 
-		if (file_exists($path . '/composer/autoload.php')) {
-			require_once $path . '/composer/autoload.php';
+		if (file_exists($path.'/composer/autoload.php')) {
+			require_once $path.'/composer/autoload.php';
 		} else {
-			\OC::$composerAutoloader->addPsr4($appNamespace . '\\', $path . '/lib/', true);
+			\OC::$composerAutoloader->addPsr4($appNamespace.'\\', $path.'/lib/', true);
 		}
 
 		// Register Test namespace only when testing
 		if (defined('PHPUNIT_RUN') || defined('CLI_TEST_RUN')) {
-			\OC::$composerAutoloader->addPsr4($appNamespace . '\\Tests\\', $path . '/tests/', true);
+			\OC::$composerAutoloader->addPsr4($appNamespace.'\\Tests\\', $path.'/tests/', true);
 		}
 	}
 
@@ -233,8 +233,8 @@ 
 		} else {
 			$apps = $appManager->getEnabledAppsForUser($user);
 		}
-		$apps = array_filter($apps, function ($app) {
-			return $app !== 'files';//we add this manually
+		$apps = array_filter($apps, function($app) {
+			return $app !== 'files'; //we add this manually
 		});
 		sort($apps);
 		array_unshift($apps, 'files');
@@ -317,7 +317,7 @@ 
 
 		$possibleApps = [];
 		foreach (OC::$APPSROOTS as $dir) {
-			if (file_exists($dir['path'] . '/' . $appId)) {
+			if (file_exists($dir['path'].'/'.$appId)) {
 				$possibleApps[] = $dir;
 			}
 		}
@@ -331,7 +331,7 @@ 
 		} else {
 			$versionToLoad = [];
 			foreach ($possibleApps as $possibleApp) {
-				$version = self::getAppVersionByPath($possibleApp['path'] . '/' . $appId);
+				$version = self::getAppVersionByPath($possibleApp['path'].'/'.$appId);
 				if (empty($versionToLoad) || version_compare($version, $versionToLoad['version'], '>')) {
 					$versionToLoad = [
 						'dir' => $possibleApp,
@@ -362,7 +362,7 @@ 
 		}
 
 		if (($dir = self::findAppInDirectories($appId, $refreshAppPath)) != false) {
-			return $dir['path'] . '/' . $appId;
+			return $dir['path'].'/'.$appId;
 		}
 		return false;
 	}
@@ -377,7 +377,7 @@ 
 	 */
 	public static function getAppWebPath(string $appId) {
 		if (($dir = self::findAppInDirectories($appId)) != false) {
-			return OC::$WEBROOT . $dir['url'] . '/' . $appId;
+			return OC::$WEBROOT.$dir['url'].'/'.$appId;
 		}
 		return false;
 	}
@@ -389,7 +389,7 @@ 
 	 * @return string
 	 */
 	public static function getAppVersionByPath(string $path): string {
-		$infoFile = $path . '/appinfo/info.xml';
+		$infoFile = $path.'/appinfo/info.xml';
 		$appData = \OC::$server->getAppManager()->getAppInfo($infoFile, true);
 		return isset($appData['version']) ? $appData['version'] : '';
 	}
@@ -517,14 +517,14 @@ 
 
 		foreach (OC::$APPSROOTS as $apps_dir) {
 			if (!is_readable($apps_dir['path'])) {
-				\OCP\Util::writeLog('core', 'unable to read app folder : ' . $apps_dir['path'], ILogger::WARN);
+				\OCP\Util::writeLog('core', 'unable to read app folder : '.$apps_dir['path'], ILogger::WARN);
 				continue;
 			}
 			$dh = opendir($apps_dir['path']);
 
 			if (is_resource($dh)) {
 				while (($file = readdir($dh)) !== false) {
-					if ($file[0] != '.' and is_dir($apps_dir['path'] . '/' . $file) and is_file($apps_dir['path'] . '/' . $file . '/appinfo/info.xml')) {
+					if ($file[0] != '.' and is_dir($apps_dir['path'].'/'.$file) and is_file($apps_dir['path'].'/'.$file.'/appinfo/info.xml')) {
 						$apps[] = $file;
 					}
 				}
@@ -568,12 +568,12 @@ 
 			if (array_search($app, $blacklist) === false) {
 				$info = $appManager->getAppInfo($app, false, $langCode);
 				if (!is_array($info)) {
-					\OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', ILogger::ERROR);
+					\OCP\Util::writeLog('core', 'Could not read app info file for app "'.$app.'"', ILogger::ERROR);
 					continue;
 				}
 
 				if (!isset($info['name'])) {
-					\OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', ILogger::ERROR);
+					\OCP\Util::writeLog('core', 'App id "'.$app.'" has no name in appinfo', ILogger::ERROR);
 					continue;
 				}
 
@@ -605,12 +605,12 @@ 
 
 				$appPath = self::getAppPath($app);
 				if ($appPath !== false) {
-					$appIcon = $appPath . '/img/' . $app . '.svg';
+					$appIcon = $appPath.'/img/'.$app.'.svg';
 					if (file_exists($appIcon)) {
-						$info['preview'] = $urlGenerator->imagePath($app, $app . '.svg');
+						$info['preview'] = $urlGenerator->imagePath($app, $app.'.svg');
 						$info['previewAsIcon'] = true;
 					} else {
-						$appIcon = $appPath . '/img/app.svg';
+						$appIcon = $appPath.'/img/app.svg';
 						if (file_exists($appIcon)) {
 							$info['preview'] = $urlGenerator->imagePath($app, 'app.svg');
 							$info['previewAsIcon'] = true;
@@ -751,8 +751,8 @@ 
 			return false;
 		}
 
-		if (is_file($appPath . '/appinfo/database.xml')) {
-			\OC::$server->getLogger()->error('The appinfo/database.xml file is not longer supported. Used in ' . $appId);
+		if (is_file($appPath.'/appinfo/database.xml')) {
+			\OC::$server->getLogger()->error('The appinfo/database.xml file is not longer supported. Used in '.$appId);
 			return false;
 		}
 
@@ -790,10 +790,10 @@ 
 			\OC::$server->getConfig()->deleteAppValue($appId, 'ocsid');
 		}
 		foreach ($appData['remote'] as $name => $path) {
-			\OC::$server->getConfig()->setAppValue('core', 'remote_' . $name, $appId . '/' . $path);
+			\OC::$server->getConfig()->setAppValue('core', 'remote_'.$name, $appId.'/'.$path);
 		}
 		foreach ($appData['public'] as $name => $path) {
-			\OC::$server->getConfig()->setAppValue('core', 'public_' . $name, $appId . '/' . $path);
+			\OC::$server->getConfig()->setAppValue('core', 'public_'.$name, $appId.'/'.$path);
 		}
 
 		self::setAppTypes($appId);
@@ -864,17 +864,17 @@ 
 	public static function getStorage(string $appId) {
 		if (\OC::$server->getAppManager()->isEnabledForUser($appId)) { //sanity check
 			if (\OC::$server->getUserSession()->isLoggedIn()) {
-				$view = new \OC\Files\View('/' . OC_User::getUser());
+				$view = new \OC\Files\View('/'.OC_User::getUser());
 				if (!$view->file_exists($appId)) {
 					$view->mkdir($appId);
 				}
-				return new \OC\Files\View('/' . OC_User::getUser() . '/' . $appId);
+				return new \OC\Files\View('/'.OC_User::getUser().'/'.$appId);
 			} else {
-				\OCP\Util::writeLog('core', 'Can\'t get app storage, app ' . $appId . ', user not logged in', ILogger::ERROR);
+				\OCP\Util::writeLog('core', 'Can\'t get app storage, app '.$appId.', user not logged in', ILogger::ERROR);
 				return false;
 			}
 		} else {
-			\OCP\Util::writeLog('core', 'Can\'t get app storage, app ' . $appId . ' not enabled', ILogger::ERROR);
+			\OCP\Util::writeLog('core', 'Can\'t get app storage, app '.$appId.' not enabled', ILogger::ERROR);
 			return false;
 		}
 	}
@@ -911,7 +911,7 @@ 
 
 				if ($attributeLang === $similarLang) {
 					$similarLangFallback = $option['@value'];
-				} elseif (str_starts_with($attributeLang, $similarLang . '_')) {
+				} elseif (str_starts_with($attributeLang, $similarLang.'_')) {
 					if ($similarLangFallback === false) {
 						$similarLangFallback = $option['@value'];
 					}

lib/private/Security/TrustedDomainHelper.php

Indentation +72 added lines, -72 removed lines

@@ -34,85 +34,85 @@
 use OCP\Security\ITrustedDomainHelper;
 
 class TrustedDomainHelper implements ITrustedDomainHelper {
-	/** @var IConfig */
-	private $config;
+    /** @var IConfig */
+    private $config;
 
-	/**
-	 * @param IConfig $config
-	 */
-	public function __construct(IConfig $config) {
-		$this->config = $config;
-	}
+    /**
+     * @param IConfig $config
+     */
+    public function __construct(IConfig $config) {
+        $this->config = $config;
+    }
 
-	/**
-	 * Strips a potential port from a domain (in format domain:port)
-	 * @param string $host
-	 * @return string $host without appended port
-	 */
-	private function getDomainWithoutPort(string $host): string {
-		$pos = strrpos($host, ':');
-		if ($pos !== false) {
-			$port = substr($host, $pos + 1);
-			if (is_numeric($port)) {
-				$host = substr($host, 0, $pos);
-			}
-		}
-		return $host;
-	}
+    /**
+     * Strips a potential port from a domain (in format domain:port)
+     * @param string $host
+     * @return string $host without appended port
+     */
+    private function getDomainWithoutPort(string $host): string {
+        $pos = strrpos($host, ':');
+        if ($pos !== false) {
+            $port = substr($host, $pos + 1);
+            if (is_numeric($port)) {
+                $host = substr($host, 0, $pos);
+            }
+        }
+        return $host;
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function isTrustedUrl(string $url): bool {
-		$parsedUrl = parse_url($url);
-		if (empty($parsedUrl['host'])) {
-			return false;
-		}
+    /**
+     * {@inheritDoc}
+     */
+    public function isTrustedUrl(string $url): bool {
+        $parsedUrl = parse_url($url);
+        if (empty($parsedUrl['host'])) {
+            return false;
+        }
 
-		if (isset($parsedUrl['port']) && $parsedUrl['port']) {
-			return $this->isTrustedDomain($parsedUrl['host'] . ':' . $parsedUrl['port']);
-		}
+        if (isset($parsedUrl['port']) && $parsedUrl['port']) {
+            return $this->isTrustedDomain($parsedUrl['host'] . ':' . $parsedUrl['port']);
+        }
 
-		return $this->isTrustedDomain($parsedUrl['host']);
-	}
+        return $this->isTrustedDomain($parsedUrl['host']);
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function isTrustedDomain(string $domainWithPort): bool {
-		// overwritehost is always trusted
-		if ($this->config->getSystemValue('overwritehost') !== '') {
-			return true;
-		}
+    /**
+     * {@inheritDoc}
+     */
+    public function isTrustedDomain(string $domainWithPort): bool {
+        // overwritehost is always trusted
+        if ($this->config->getSystemValue('overwritehost') !== '') {
+            return true;
+        }
 
-		$domain = $this->getDomainWithoutPort($domainWithPort);
+        $domain = $this->getDomainWithoutPort($domainWithPort);
 
-		// Read trusted domains from config
-		$trustedList = $this->config->getSystemValue('trusted_domains', []);
-		if (!is_array($trustedList)) {
-			return false;
-		}
+        // Read trusted domains from config
+        $trustedList = $this->config->getSystemValue('trusted_domains', []);
+        if (!is_array($trustedList)) {
+            return false;
+        }
 
-		// Always allow access from localhost
-		if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) {
-			return true;
-		}
-		// Reject malformed domains in any case
-		if (str_starts_with($domain, '-') || str_contains($domain, '..')) {
-			return false;
-		}
-		// Match, allowing for * wildcards
-		foreach ($trustedList as $trusted) {
-			if (gettype($trusted) !== 'string') {
-				break;
-			}
-			$regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function ($v) {
-				return preg_quote($v, '/');
-			}, explode('*', $trusted))) . '$/i';
-			if (preg_match($regex, $domain) || preg_match($regex, $domainWithPort)) {
-				return true;
-			}
-		}
-		return false;
-	}
+        // Always allow access from localhost
+        if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) {
+            return true;
+        }
+        // Reject malformed domains in any case
+        if (str_starts_with($domain, '-') || str_contains($domain, '..')) {
+            return false;
+        }
+        // Match, allowing for * wildcards
+        foreach ($trustedList as $trusted) {
+            if (gettype($trusted) !== 'string') {
+                break;
+            }
+            $regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function ($v) {
+                return preg_quote($v, '/');
+            }, explode('*', $trusted))) . '$/i';
+            if (preg_match($regex, $domain) || preg_match($regex, $domainWithPort)) {
+                return true;
+            }
+        }
+        return false;
+    }
 }

lib/private/Security/RemoteHostValidator.php

Indentation +29 added lines, -29 removed lines

@@ -38,38 +38,38 @@
  * @internal
  */
 final class RemoteHostValidator implements IRemoteHostValidator {
-	private IConfig $config;
-	private HostnameClassifier $hostnameClassifier;
-	private IpAddressClassifier $ipAddressClassifier;
-	private LoggerInterface $logger;
+    private IConfig $config;
+    private HostnameClassifier $hostnameClassifier;
+    private IpAddressClassifier $ipAddressClassifier;
+    private LoggerInterface $logger;
 
-	public function __construct(IConfig $config,
-								HostnameClassifier $hostnameClassifier,
-								IpAddressClassifier $ipAddressClassifier,
-								LoggerInterface $logger) {
-		$this->config = $config;
-		$this->hostnameClassifier = $hostnameClassifier;
-		$this->ipAddressClassifier = $ipAddressClassifier;
-		$this->logger = $logger;
-	}
+    public function __construct(IConfig $config,
+                                HostnameClassifier $hostnameClassifier,
+                                IpAddressClassifier $ipAddressClassifier,
+                                LoggerInterface $logger) {
+        $this->config = $config;
+        $this->hostnameClassifier = $hostnameClassifier;
+        $this->ipAddressClassifier = $ipAddressClassifier;
+        $this->logger = $logger;
+    }
 
-	public function isValid(string $host): bool {
-		if ($this->config->getSystemValueBool('allow_local_remote_servers', false)) {
-			return true;
-		}
+    public function isValid(string $host): bool {
+        if ($this->config->getSystemValueBool('allow_local_remote_servers', false)) {
+            return true;
+        }
 
-		$host = idn_to_utf8(strtolower(urldecode($host)));
-		// Remove brackets from IPv6 addresses
-		if (str_starts_with($host, '[') && str_ends_with($host, ']')) {
-			$host = substr($host, 1, -1);
-		}
+        $host = idn_to_utf8(strtolower(urldecode($host)));
+        // Remove brackets from IPv6 addresses
+        if (str_starts_with($host, '[') && str_ends_with($host, ']')) {
+            $host = substr($host, 1, -1);
+        }
 
-		if ($this->hostnameClassifier->isLocalHostname($host)
-			|| $this->ipAddressClassifier->isLocalAddress($host)) {
-			$this->logger->warning("Host $host was not connected to because it violates local access rules");
-			return false;
-		}
+        if ($this->hostnameClassifier->isLocalHostname($host)
+            || $this->ipAddressClassifier->isLocalAddress($host)) {
+            $this->logger->warning("Host $host was not connected to because it violates local access rules");
+            return false;
+        }
 
-		return true;
-	}
+        return true;
+    }
 }

lib/private/Security/Bruteforce/Throttler.php

Indentation +308 added lines, -308 removed lines

@@ -54,312 +54,312 @@
  * @package OC\Security\Bruteforce
  */
 class Throttler implements IThrottler {
-	public const LOGIN_ACTION = 'login';
-
-	/** @var IDBConnection */
-	private $db;
-	/** @var ITimeFactory */
-	private $timeFactory;
-	private LoggerInterface $logger;
-	/** @var IConfig */
-	private $config;
-	/** @var bool[] */
-	private $hasAttemptsDeleted = [];
-
-	public function __construct(IDBConnection $db,
-								ITimeFactory $timeFactory,
-								LoggerInterface $logger,
-								IConfig $config) {
-		$this->db = $db;
-		$this->timeFactory = $timeFactory;
-		$this->logger = $logger;
-		$this->config = $config;
-	}
-
-	/**
-	 * Convert a number of seconds into the appropriate DateInterval
-	 *
-	 * @param int $expire
-	 * @return \DateInterval
-	 */
-	private function getCutoff(int $expire): \DateInterval {
-		$d1 = new \DateTime();
-		$d2 = clone $d1;
-		$d2->sub(new \DateInterval('PT' . $expire . 'S'));
-		return $d2->diff($d1);
-	}
-
-	/**
-	 *  Calculate the cut off timestamp
-	 *
-	 * @param float $maxAgeHours
-	 * @return int
-	 */
-	private function getCutoffTimestamp(float $maxAgeHours = 12.0): int {
-		return (new \DateTime())
-			->sub($this->getCutoff((int) ($maxAgeHours * 3600)))
-			->getTimestamp();
-	}
-
-	/**
-	 * Register a failed attempt to bruteforce a security control
-	 *
-	 * @param string $action
-	 * @param string $ip
-	 * @param array $metadata Optional metadata logged to the database
-	 */
-	public function registerAttempt(string $action,
-									string $ip,
-									array $metadata = []): void {
-		// No need to log if the bruteforce protection is disabled
-		if (!$this->config->getSystemValueBool('auth.bruteforce.protection.enabled', true)) {
-			return;
-		}
-
-		$ipAddress = new IpAddress($ip);
-		$values = [
-			'action' => $action,
-			'occurred' => $this->timeFactory->getTime(),
-			'ip' => (string)$ipAddress,
-			'subnet' => $ipAddress->getSubnet(),
-			'metadata' => json_encode($metadata),
-		];
-
-		$this->logger->notice(
-			sprintf(
-				'Bruteforce attempt from "%s" detected for action "%s".',
-				$ip,
-				$action
-			),
-			[
-				'app' => 'core',
-			]
-		);
-
-		$qb = $this->db->getQueryBuilder();
-		$qb->insert('bruteforce_attempts');
-		foreach ($values as $column => $value) {
-			$qb->setValue($column, $qb->createNamedParameter($value));
-		}
-		$qb->execute();
-	}
-
-	/**
-	 * Check if the IP is whitelisted
-	 *
-	 * @param string $ip
-	 * @return bool
-	 */
-	private function isIPWhitelisted(string $ip): bool {
-		if (!$this->config->getSystemValueBool('auth.bruteforce.protection.enabled', true)) {
-			return true;
-		}
-
-		$keys = $this->config->getAppKeys('bruteForce');
-		$keys = array_filter($keys, function ($key) {
-			return str_starts_with($key, 'whitelist_');
-		});
-
-		if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
-			$type = 4;
-		} elseif (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-			$type = 6;
-		} else {
-			return false;
-		}
-
-		$ip = inet_pton($ip);
-
-		foreach ($keys as $key) {
-			$cidr = $this->config->getAppValue('bruteForce', $key, null);
-
-			$cx = explode('/', $cidr);
-			$addr = $cx[0];
-			$mask = (int)$cx[1];
-
-			// Do not compare ipv4 to ipv6
-			if (($type === 4 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) ||
-				($type === 6 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))) {
-				continue;
-			}
-
-			$addr = inet_pton($addr);
-
-			$valid = true;
-			for ($i = 0; $i < $mask; $i++) {
-				$part = ord($addr[(int)($i / 8)]);
-				$orig = ord($ip[(int)($i / 8)]);
-
-				$bitmask = 1 << (7 - ($i % 8));
-
-				$part = $part & $bitmask;
-				$orig = $orig & $bitmask;
-
-				if ($part !== $orig) {
-					$valid = false;
-					break;
-				}
-			}
-
-			if ($valid === true) {
-				return true;
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * Get the throttling delay (in milliseconds)
-	 *
-	 * @param string $ip
-	 * @param string $action optionally filter by action
-	 * @param float $maxAgeHours
-	 * @return int
-	 */
-	public function getAttempts(string $ip, string $action = '', float $maxAgeHours = 12): int {
-		if ($maxAgeHours > 48) {
-			$this->logger->error('Bruteforce has to use less than 48 hours');
-			$maxAgeHours = 48;
-		}
-
-		if ($ip === '' || isset($this->hasAttemptsDeleted[$action])) {
-			return 0;
-		}
-
-		$ipAddress = new IpAddress($ip);
-		if ($this->isIPWhitelisted((string)$ipAddress)) {
-			return 0;
-		}
-
-		$cutoffTime = $this->getCutoffTimestamp($maxAgeHours);
-
-		$qb = $this->db->getQueryBuilder();
-		$qb->select($qb->func()->count('*', 'attempts'))
-			->from('bruteforce_attempts')
-			->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
-			->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($ipAddress->getSubnet())));
-
-		if ($action !== '') {
-			$qb->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action)));
-		}
-
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-
-		return (int) $row['attempts'];
-	}
-
-	/**
-	 * Get the throttling delay (in milliseconds)
-	 *
-	 * @param string $ip
-	 * @param string $action optionally filter by action
-	 * @return int
-	 */
-	public function getDelay(string $ip, string $action = ''): int {
-		$attempts = $this->getAttempts($ip, $action);
-		if ($attempts === 0) {
-			return 0;
-		}
-
-		$firstDelay = 0.1;
-		if ($attempts > self::MAX_ATTEMPTS) {
-			// Don't ever overflow. Just assume the maxDelay time:s
-			return self::MAX_DELAY_MS;
-		}
-
-		$delay = $firstDelay * 2 ** $attempts;
-		if ($delay > self::MAX_DELAY) {
-			return self::MAX_DELAY_MS;
-		}
-		return (int) \ceil($delay * 1000);
-	}
-
-	/**
-	 * Reset the throttling delay for an IP address, action and metadata
-	 *
-	 * @param string $ip
-	 * @param string $action
-	 * @param array $metadata
-	 */
-	public function resetDelay(string $ip, string $action, array $metadata): void {
-		$ipAddress = new IpAddress($ip);
-		if ($this->isIPWhitelisted((string)$ipAddress)) {
-			return;
-		}
-
-		$cutoffTime = $this->getCutoffTimestamp();
-
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('bruteforce_attempts')
-			->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
-			->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($ipAddress->getSubnet())))
-			->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action)))
-			->andWhere($qb->expr()->eq('metadata', $qb->createNamedParameter(json_encode($metadata))));
-
-		$qb->executeStatement();
-
-		$this->hasAttemptsDeleted[$action] = true;
-	}
-
-	/**
-	 * Reset the throttling delay for an IP address
-	 *
-	 * @param string $ip
-	 */
-	public function resetDelayForIP(string $ip): void {
-		$cutoffTime = $this->getCutoffTimestamp();
-
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('bruteforce_attempts')
-			->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
-			->andWhere($qb->expr()->eq('ip', $qb->createNamedParameter($ip)));
-
-		$qb->execute();
-	}
-
-	/**
-	 * Will sleep for the defined amount of time
-	 *
-	 * @param string $ip
-	 * @param string $action optionally filter by action
-	 * @return int the time spent sleeping
-	 */
-	public function sleepDelay(string $ip, string $action = ''): int {
-		$delay = $this->getDelay($ip, $action);
-		usleep($delay * 1000);
-		return $delay;
-	}
-
-	/**
-	 * Will sleep for the defined amount of time unless maximum was reached in the last 30 minutes
-	 * In this case a "429 Too Many Request" exception is thrown
-	 *
-	 * @param string $ip
-	 * @param string $action optionally filter by action
-	 * @return int the time spent sleeping
-	 * @throws MaxDelayReached when reached the maximum
-	 */
-	public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int {
-		$delay = $this->getDelay($ip, $action);
-		if (($delay === self::MAX_DELAY_MS) && $this->getAttempts($ip, $action, 0.5) > self::MAX_ATTEMPTS) {
-			$this->logger->info('IP address blocked because it reached the maximum failed attempts in the last 30 minutes [action: {action}, ip: {ip}]', [
-				'action' => $action,
-				'ip' => $ip,
-			]);
-			// If the ip made too many attempts within the last 30 mins we don't execute anymore
-			throw new MaxDelayReached('Reached maximum delay');
-		}
-		if ($delay > 100) {
-			$this->logger->info('IP address throttled because it reached the attempts limit in the last 30 minutes [action: {action}, delay: {delay}, ip: {ip}]', [
-				'action' => $action,
-				'ip' => $ip,
-				'delay' => $delay,
-			]);
-		}
-		usleep($delay * 1000);
-		return $delay;
-	}
+    public const LOGIN_ACTION = 'login';
+
+    /** @var IDBConnection */
+    private $db;
+    /** @var ITimeFactory */
+    private $timeFactory;
+    private LoggerInterface $logger;
+    /** @var IConfig */
+    private $config;
+    /** @var bool[] */
+    private $hasAttemptsDeleted = [];
+
+    public function __construct(IDBConnection $db,
+                                ITimeFactory $timeFactory,
+                                LoggerInterface $logger,
+                                IConfig $config) {
+        $this->db = $db;
+        $this->timeFactory = $timeFactory;
+        $this->logger = $logger;
+        $this->config = $config;
+    }
+
+    /**
+     * Convert a number of seconds into the appropriate DateInterval
+     *
+     * @param int $expire
+     * @return \DateInterval
+     */
+    private function getCutoff(int $expire): \DateInterval {
+        $d1 = new \DateTime();
+        $d2 = clone $d1;
+        $d2->sub(new \DateInterval('PT' . $expire . 'S'));
+        return $d2->diff($d1);
+    }
+
+    /**
+     *  Calculate the cut off timestamp
+     *
+     * @param float $maxAgeHours
+     * @return int
+     */
+    private function getCutoffTimestamp(float $maxAgeHours = 12.0): int {
+        return (new \DateTime())
+            ->sub($this->getCutoff((int) ($maxAgeHours * 3600)))
+            ->getTimestamp();
+    }
+
+    /**
+     * Register a failed attempt to bruteforce a security control
+     *
+     * @param string $action
+     * @param string $ip
+     * @param array $metadata Optional metadata logged to the database
+     */
+    public function registerAttempt(string $action,
+                                    string $ip,
+                                    array $metadata = []): void {
+        // No need to log if the bruteforce protection is disabled
+        if (!$this->config->getSystemValueBool('auth.bruteforce.protection.enabled', true)) {
+            return;
+        }
+
+        $ipAddress = new IpAddress($ip);
+        $values = [
+            'action' => $action,
+            'occurred' => $this->timeFactory->getTime(),
+            'ip' => (string)$ipAddress,
+            'subnet' => $ipAddress->getSubnet(),
+            'metadata' => json_encode($metadata),
+        ];
+
+        $this->logger->notice(
+            sprintf(
+                'Bruteforce attempt from "%s" detected for action "%s".',
+                $ip,
+                $action
+            ),
+            [
+                'app' => 'core',
+            ]
+        );
+
+        $qb = $this->db->getQueryBuilder();
+        $qb->insert('bruteforce_attempts');
+        foreach ($values as $column => $value) {
+            $qb->setValue($column, $qb->createNamedParameter($value));
+        }
+        $qb->execute();
+    }
+
+    /**
+     * Check if the IP is whitelisted
+     *
+     * @param string $ip
+     * @return bool
+     */
+    private function isIPWhitelisted(string $ip): bool {
+        if (!$this->config->getSystemValueBool('auth.bruteforce.protection.enabled', true)) {
+            return true;
+        }
+
+        $keys = $this->config->getAppKeys('bruteForce');
+        $keys = array_filter($keys, function ($key) {
+            return str_starts_with($key, 'whitelist_');
+        });
+
+        if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+            $type = 4;
+        } elseif (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+            $type = 6;
+        } else {
+            return false;
+        }
+
+        $ip = inet_pton($ip);
+
+        foreach ($keys as $key) {
+            $cidr = $this->config->getAppValue('bruteForce', $key, null);
+
+            $cx = explode('/', $cidr);
+            $addr = $cx[0];
+            $mask = (int)$cx[1];
+
+            // Do not compare ipv4 to ipv6
+            if (($type === 4 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) ||
+                ($type === 6 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))) {
+                continue;
+            }
+
+            $addr = inet_pton($addr);
+
+            $valid = true;
+            for ($i = 0; $i < $mask; $i++) {
+                $part = ord($addr[(int)($i / 8)]);
+                $orig = ord($ip[(int)($i / 8)]);
+
+                $bitmask = 1 << (7 - ($i % 8));
+
+                $part = $part & $bitmask;
+                $orig = $orig & $bitmask;
+
+                if ($part !== $orig) {
+                    $valid = false;
+                    break;
+                }
+            }
+
+            if ($valid === true) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * Get the throttling delay (in milliseconds)
+     *
+     * @param string $ip
+     * @param string $action optionally filter by action
+     * @param float $maxAgeHours
+     * @return int
+     */
+    public function getAttempts(string $ip, string $action = '', float $maxAgeHours = 12): int {
+        if ($maxAgeHours > 48) {
+            $this->logger->error('Bruteforce has to use less than 48 hours');
+            $maxAgeHours = 48;
+        }
+
+        if ($ip === '' || isset($this->hasAttemptsDeleted[$action])) {
+            return 0;
+        }
+
+        $ipAddress = new IpAddress($ip);
+        if ($this->isIPWhitelisted((string)$ipAddress)) {
+            return 0;
+        }
+
+        $cutoffTime = $this->getCutoffTimestamp($maxAgeHours);
+
+        $qb = $this->db->getQueryBuilder();
+        $qb->select($qb->func()->count('*', 'attempts'))
+            ->from('bruteforce_attempts')
+            ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
+            ->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($ipAddress->getSubnet())));
+
+        if ($action !== '') {
+            $qb->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action)));
+        }
+
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+
+        return (int) $row['attempts'];
+    }
+
+    /**
+     * Get the throttling delay (in milliseconds)
+     *
+     * @param string $ip
+     * @param string $action optionally filter by action
+     * @return int
+     */
+    public function getDelay(string $ip, string $action = ''): int {
+        $attempts = $this->getAttempts($ip, $action);
+        if ($attempts === 0) {
+            return 0;
+        }
+
+        $firstDelay = 0.1;
+        if ($attempts > self::MAX_ATTEMPTS) {
+            // Don't ever overflow. Just assume the maxDelay time:s
+            return self::MAX_DELAY_MS;
+        }
+
+        $delay = $firstDelay * 2 ** $attempts;
+        if ($delay > self::MAX_DELAY) {
+            return self::MAX_DELAY_MS;
+        }
+        return (int) \ceil($delay * 1000);
+    }
+
+    /**
+     * Reset the throttling delay for an IP address, action and metadata
+     *
+     * @param string $ip
+     * @param string $action
+     * @param array $metadata
+     */
+    public function resetDelay(string $ip, string $action, array $metadata): void {
+        $ipAddress = new IpAddress($ip);
+        if ($this->isIPWhitelisted((string)$ipAddress)) {
+            return;
+        }
+
+        $cutoffTime = $this->getCutoffTimestamp();
+
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('bruteforce_attempts')
+            ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
+            ->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($ipAddress->getSubnet())))
+            ->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action)))
+            ->andWhere($qb->expr()->eq('metadata', $qb->createNamedParameter(json_encode($metadata))));
+
+        $qb->executeStatement();
+
+        $this->hasAttemptsDeleted[$action] = true;
+    }
+
+    /**
+     * Reset the throttling delay for an IP address
+     *
+     * @param string $ip
+     */
+    public function resetDelayForIP(string $ip): void {
+        $cutoffTime = $this->getCutoffTimestamp();
+
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('bruteforce_attempts')
+            ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
+            ->andWhere($qb->expr()->eq('ip', $qb->createNamedParameter($ip)));
+
+        $qb->execute();
+    }
+
+    /**
+     * Will sleep for the defined amount of time
+     *
+     * @param string $ip
+     * @param string $action optionally filter by action
+     * @return int the time spent sleeping
+     */
+    public function sleepDelay(string $ip, string $action = ''): int {
+        $delay = $this->getDelay($ip, $action);
+        usleep($delay * 1000);
+        return $delay;
+    }
+
+    /**
+     * Will sleep for the defined amount of time unless maximum was reached in the last 30 minutes
+     * In this case a "429 Too Many Request" exception is thrown
+     *
+     * @param string $ip
+     * @param string $action optionally filter by action
+     * @return int the time spent sleeping
+     * @throws MaxDelayReached when reached the maximum
+     */
+    public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int {
+        $delay = $this->getDelay($ip, $action);
+        if (($delay === self::MAX_DELAY_MS) && $this->getAttempts($ip, $action, 0.5) > self::MAX_ATTEMPTS) {
+            $this->logger->info('IP address blocked because it reached the maximum failed attempts in the last 30 minutes [action: {action}, ip: {ip}]', [
+                'action' => $action,
+                'ip' => $ip,
+            ]);
+            // If the ip made too many attempts within the last 30 mins we don't execute anymore
+            throw new MaxDelayReached('Reached maximum delay');
+        }
+        if ($delay > 100) {
+            $this->logger->info('IP address throttled because it reached the attempts limit in the last 30 minutes [action: {action}, delay: {delay}, ip: {ip}]', [
+                'action' => $action,
+                'ip' => $ip,
+                'delay' => $delay,
+            ]);
+        }
+        usleep($delay * 1000);
+        return $delay;
+    }
 }

Spacing +8 added lines, -8 removed lines

@@ -85,7 +85,7 @@ 
 	private function getCutoff(int $expire): \DateInterval {
 		$d1 = new \DateTime();
 		$d2 = clone $d1;
-		$d2->sub(new \DateInterval('PT' . $expire . 'S'));
+		$d2->sub(new \DateInterval('PT'.$expire.'S'));
 		return $d2->diff($d1);
 	}
 
@@ -120,7 +120,7 @@ 
 		$values = [
 			'action' => $action,
 			'occurred' => $this->timeFactory->getTime(),
-			'ip' => (string)$ipAddress,
+			'ip' => (string) $ipAddress,
 			'subnet' => $ipAddress->getSubnet(),
 			'metadata' => json_encode($metadata),
 		];
@@ -156,7 +156,7 @@ 
 		}
 
 		$keys = $this->config->getAppKeys('bruteForce');
-		$keys = array_filter($keys, function ($key) {
+		$keys = array_filter($keys, function($key) {
 			return str_starts_with($key, 'whitelist_');
 		});
 
@@ -175,7 +175,7 @@ 
 
 			$cx = explode('/', $cidr);
 			$addr = $cx[0];
-			$mask = (int)$cx[1];
+			$mask = (int) $cx[1];
 
 			// Do not compare ipv4 to ipv6
 			if (($type === 4 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) ||
@@ -187,8 +187,8 @@ 
 
 			$valid = true;
 			for ($i = 0; $i < $mask; $i++) {
-				$part = ord($addr[(int)($i / 8)]);
-				$orig = ord($ip[(int)($i / 8)]);
+				$part = ord($addr[(int) ($i / 8)]);
+				$orig = ord($ip[(int) ($i / 8)]);
 
 				$bitmask = 1 << (7 - ($i % 8));
 
@@ -228,7 +228,7 @@ 
 		}
 
 		$ipAddress = new IpAddress($ip);
-		if ($this->isIPWhitelisted((string)$ipAddress)) {
+		if ($this->isIPWhitelisted((string) $ipAddress)) {
 			return 0;
 		}
 
@@ -286,7 +286,7 @@ 
 	 */
 	public function resetDelay(string $ip, string $action, array $metadata): void {
 		$ipAddress = new IpAddress($ip);
-		if ($this->isIPWhitelisted((string)$ipAddress)) {
+		if ($this->isIPWhitelisted((string) $ipAddress)) {
 			return;
 		}
 

lib/private/Accounts/AccountManager.php

Indentation +764 added lines, -764 removed lines

@@ -79,768 +79,768 @@
  * @package OC\Accounts
  */
 class AccountManager implements IAccountManager {
-	use TAccountsHelper;
-
-	use TProfileHelper;
-
-	/** @var  IDBConnection database connection */
-	private $connection;
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var string table name */
-	private $table = 'accounts';
-
-	/** @var string table name */
-	private $dataTable = 'accounts_data';
-
-	/** @var EventDispatcherInterface */
-	private $eventDispatcher;
-
-	/** @var IJobList */
-	private $jobList;
-
-	/** @var LoggerInterface */
-	private $logger;
-	/** @var IVerificationToken */
-	private $verificationToken;
-	/** @var IMailer */
-	private $mailer;
-	/** @var Defaults */
-	private $defaults;
-	/** @var IL10N */
-	private $l10n;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ICrypto */
-	private $crypto;
-	/** @var IFactory */
-	private $l10nfactory;
-	private CappedMemoryCache $internalCache;
-
-	/**
-	 * The list of default scopes for each property.
-	 */
-	public const DEFAULT_SCOPES = [
-		self::PROPERTY_DISPLAYNAME => self::SCOPE_FEDERATED,
-		self::PROPERTY_ADDRESS => self::SCOPE_LOCAL,
-		self::PROPERTY_WEBSITE => self::SCOPE_LOCAL,
-		self::PROPERTY_EMAIL => self::SCOPE_FEDERATED,
-		self::PROPERTY_AVATAR => self::SCOPE_FEDERATED,
-		self::PROPERTY_PHONE => self::SCOPE_LOCAL,
-		self::PROPERTY_TWITTER => self::SCOPE_LOCAL,
-		self::PROPERTY_FEDIVERSE => self::SCOPE_LOCAL,
-		self::PROPERTY_ORGANISATION => self::SCOPE_LOCAL,
-		self::PROPERTY_ROLE => self::SCOPE_LOCAL,
-		self::PROPERTY_HEADLINE => self::SCOPE_LOCAL,
-		self::PROPERTY_BIOGRAPHY => self::SCOPE_LOCAL,
-	];
-
-	public function __construct(
-		IDBConnection            $connection,
-		IConfig                  $config,
-		EventDispatcherInterface $eventDispatcher,
-		IJobList                 $jobList,
-		LoggerInterface          $logger,
-		IVerificationToken       $verificationToken,
-		IMailer                  $mailer,
-		Defaults                 $defaults,
-		IFactory                 $factory,
-		IURLGenerator            $urlGenerator,
-		ICrypto                  $crypto
-	) {
-		$this->connection = $connection;
-		$this->config = $config;
-		$this->eventDispatcher = $eventDispatcher;
-		$this->jobList = $jobList;
-		$this->logger = $logger;
-		$this->verificationToken = $verificationToken;
-		$this->mailer = $mailer;
-		$this->defaults = $defaults;
-		$this->urlGenerator = $urlGenerator;
-		$this->crypto = $crypto;
-		// DIing IL10N results in a dependency loop
-		$this->l10nfactory = $factory;
-		$this->internalCache = new CappedMemoryCache();
-	}
-
-	/**
-	 * @param string $input
-	 * @return string Provided phone number in E.164 format when it was a valid number
-	 * @throws InvalidArgumentException When the phone number was invalid or no default region is set and the number doesn't start with a country code
-	 */
-	protected function parsePhoneNumber(string $input): string {
-		$defaultRegion = $this->config->getSystemValueString('default_phone_region', '');
-
-		if ($defaultRegion === '') {
-			// When no default region is set, only +49… numbers are valid
-			if (!str_starts_with($input, '+')) {
-				throw new InvalidArgumentException(self::PROPERTY_PHONE);
-			}
-
-			$defaultRegion = 'EN';
-		}
-
-		$phoneUtil = PhoneNumberUtil::getInstance();
-		try {
-			$phoneNumber = $phoneUtil->parse($input, $defaultRegion);
-			if ($phoneUtil->isValidNumber($phoneNumber)) {
-				return $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
-			}
-		} catch (NumberParseException $e) {
-		}
-
-		throw new InvalidArgumentException(self::PROPERTY_PHONE);
-	}
-
-	/**
-	 *
-	 * @param string $input
-	 * @return string
-	 * @throws InvalidArgumentException When the website did not have http(s) as protocol or the host name was empty
-	 */
-	protected function parseWebsite(string $input): string {
-		$parts = parse_url($input);
-		if (!isset($parts['scheme']) || ($parts['scheme'] !== 'https' && $parts['scheme'] !== 'http')) {
-			throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
-		}
-
-		if (!isset($parts['host']) || $parts['host'] === '') {
-			throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
-		}
-
-		return $input;
-	}
-
-	/**
-	 * @param IAccountProperty[] $properties
-	 */
-	protected function testValueLengths(array $properties, bool $throwOnData = false): void {
-		foreach ($properties as $property) {
-			if (strlen($property->getValue()) > 2048) {
-				if ($throwOnData) {
-					throw new InvalidArgumentException($property->getName());
-				} else {
-					$property->setValue('');
-				}
-			}
-		}
-	}
-
-	protected function testPropertyScope(IAccountProperty $property, array $allowedScopes, bool $throwOnData): void {
-		if ($throwOnData && !in_array($property->getScope(), $allowedScopes, true)) {
-			throw new InvalidArgumentException('scope');
-		}
-
-		if (
-			$property->getScope() === self::SCOPE_PRIVATE
-			&& in_array($property->getName(), [self::PROPERTY_DISPLAYNAME, self::PROPERTY_EMAIL])
-		) {
-			if ($throwOnData) {
-				// v2-private is not available for these fields
-				throw new InvalidArgumentException('scope');
-			} else {
-				// default to local
-				$property->setScope(self::SCOPE_LOCAL);
-			}
-		} else {
-			// migrate scope values to the new format
-			// invalid scopes are mapped to a default value
-			$property->setScope(AccountProperty::mapScopeToV2($property->getScope()));
-		}
-	}
-
-	protected function sanitizePhoneNumberValue(IAccountProperty $property, bool $throwOnData = false) {
-		if ($property->getName() !== self::PROPERTY_PHONE) {
-			if ($throwOnData) {
-				throw new InvalidArgumentException(sprintf('sanitizePhoneNumberValue can only sanitize phone numbers, %s given', $property->getName()));
-			}
-			return;
-		}
-		if ($property->getValue() === '') {
-			return;
-		}
-		try {
-			$property->setValue($this->parsePhoneNumber($property->getValue()));
-		} catch (InvalidArgumentException $e) {
-			if ($throwOnData) {
-				throw $e;
-			}
-			$property->setValue('');
-		}
-	}
-
-	protected function sanitizeWebsite(IAccountProperty $property, bool $throwOnData = false) {
-		if ($property->getName() !== self::PROPERTY_WEBSITE) {
-			if ($throwOnData) {
-				throw new InvalidArgumentException(sprintf('sanitizeWebsite can only sanitize web domains, %s given', $property->getName()));
-			}
-		}
-		try {
-			$property->setValue($this->parseWebsite($property->getValue()));
-		} catch (InvalidArgumentException $e) {
-			if ($throwOnData) {
-				throw $e;
-			}
-			$property->setValue('');
-		}
-	}
-
-	protected function updateUser(IUser $user, array $data, ?array $oldUserData, bool $throwOnData = false): array {
-		if ($oldUserData === null) {
-			$oldUserData = $this->getUser($user, false);
-		}
-
-		$updated = true;
-
-		if ($oldUserData !== $data) {
-			$this->updateExistingUser($user, $data, $oldUserData);
-		} else {
-			// nothing needs to be done if new and old data set are the same
-			$updated = false;
-		}
-
-		if ($updated) {
-			$this->eventDispatcher->dispatch(
-				'OC\AccountManager::userUpdated',
-				new GenericEvent($user, $data)
-			);
-		}
-
-		return $data;
-	}
-
-	/**
-	 * delete user from accounts table
-	 *
-	 * @param IUser $user
-	 */
-	public function deleteUser(IUser $user) {
-		$uid = $user->getUID();
-		$query = $this->connection->getQueryBuilder();
-		$query->delete($this->table)
-			->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
-			->execute();
-
-		$this->deleteUserData($user);
-	}
-
-	/**
-	 * delete user from accounts table
-	 *
-	 * @param IUser $user
-	 */
-	public function deleteUserData(IUser $user): void {
-		$uid = $user->getUID();
-		$query = $this->connection->getQueryBuilder();
-		$query->delete($this->dataTable)
-			->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
-			->execute();
-	}
-
-	/**
-	 * get stored data from a given user
-	 */
-	protected function getUser(IUser $user, bool $insertIfNotExists = true): array {
-		$uid = $user->getUID();
-		$query = $this->connection->getQueryBuilder();
-		$query->select('data')
-			->from($this->table)
-			->where($query->expr()->eq('uid', $query->createParameter('uid')))
-			->setParameter('uid', $uid);
-		$result = $query->executeQuery();
-		$accountData = $result->fetchAll();
-		$result->closeCursor();
-
-		if (empty($accountData)) {
-			$userData = $this->buildDefaultUserRecord($user);
-			if ($insertIfNotExists) {
-				$this->insertNewUser($user, $userData);
-			}
-			return $userData;
-		}
-
-		$userDataArray = $this->importFromJson($accountData[0]['data'], $uid);
-		if ($userDataArray === null || $userDataArray === []) {
-			return $this->buildDefaultUserRecord($user);
-		}
-
-		return $this->addMissingDefaultValues($userDataArray, $this->buildDefaultUserRecord($user));
-	}
-
-	public function searchUsers(string $property, array $values): array {
-		// the value col is limited to 255 bytes. It is used for searches only.
-		$values = array_map(function (string $value) {
-			return Util::shortenMultibyteString($value, 255);
-		}, $values);
-		$chunks = array_chunk($values, 500);
-		$query = $this->connection->getQueryBuilder();
-		$query->select('*')
-			->from($this->dataTable)
-			->where($query->expr()->eq('name', $query->createNamedParameter($property)))
-			->andWhere($query->expr()->in('value', $query->createParameter('values')));
-
-		$matches = [];
-		foreach ($chunks as $chunk) {
-			$query->setParameter('values', $chunk, IQueryBuilder::PARAM_STR_ARRAY);
-			$result = $query->executeQuery();
-
-			while ($row = $result->fetch()) {
-				$matches[$row['uid']] = $row['value'];
-			}
-			$result->closeCursor();
-		}
-
-		$result = array_merge($matches, $this->searchUsersForRelatedCollection($property, $values));
-
-		return array_flip($result);
-	}
-
-	protected function searchUsersForRelatedCollection(string $property, array $values): array {
-		switch ($property) {
-			case IAccountManager::PROPERTY_EMAIL:
-				return array_flip($this->searchUsers(IAccountManager::COLLECTION_EMAIL, $values));
-			default:
-				return [];
-		}
-	}
-
-	/**
-	 * check if we need to ask the server for email verification, if yes we create a cronjob
-	 */
-	protected function checkEmailVerification(IAccount $updatedAccount, array $oldData): void {
-		try {
-			$property = $updatedAccount->getProperty(self::PROPERTY_EMAIL);
-		} catch (PropertyDoesNotExistException $e) {
-			return;
-		}
-
-		$oldMailIndex = array_search(self::PROPERTY_EMAIL, array_column($oldData, 'name'), true);
-		$oldMail = $oldMailIndex !== false ? $oldData[$oldMailIndex]['value'] : '';
-
-		if ($oldMail !== $property->getValue()) {
-			$this->jobList->add(
-				VerifyUserData::class,
-				[
-					'verificationCode' => '',
-					'data' => $property->getValue(),
-					'type' => self::PROPERTY_EMAIL,
-					'uid' => $updatedAccount->getUser()->getUID(),
-					'try' => 0,
-					'lastRun' => time()
-				]
-			);
-
-			$property->setVerified(self::VERIFICATION_IN_PROGRESS);
-		}
-	}
-
-	protected function checkLocalEmailVerification(IAccount $updatedAccount, array $oldData): void {
-		$mailCollection = $updatedAccount->getPropertyCollection(self::COLLECTION_EMAIL);
-		foreach ($mailCollection->getProperties() as $property) {
-			if ($property->getLocallyVerified() !== self::NOT_VERIFIED) {
-				continue;
-			}
-			if ($this->sendEmailVerificationEmail($updatedAccount->getUser(), $property->getValue())) {
-				$property->setLocallyVerified(self::VERIFICATION_IN_PROGRESS);
-			}
-		}
-	}
-
-	protected function sendEmailVerificationEmail(IUser $user, string $email): bool {
-		$ref = \substr(hash('sha256', $email), 0, 8);
-		$key = $this->crypto->encrypt($email);
-		$token = $this->verificationToken->create($user, 'verifyMail' . $ref, $email);
-
-		$link = $this->urlGenerator->linkToRouteAbsolute(
-			'provisioning_api.Verification.verifyMail',
-			[
-				'userId' => $user->getUID(),
-				'token' => $token,
-				'key' => $key
-			]
-		);
-
-		$emailTemplate = $this->mailer->createEMailTemplate('core.EmailVerification', [
-			'link' => $link,
-		]);
-
-		if (!$this->l10n) {
-			$this->l10n = $this->l10nfactory->get('core');
-		}
-
-		$emailTemplate->setSubject($this->l10n->t('%s email verification', [$this->defaults->getName()]));
-		$emailTemplate->addHeader();
-		$emailTemplate->addHeading($this->l10n->t('Email verification'));
-
-		$emailTemplate->addBodyText(
-			htmlspecialchars($this->l10n->t('Click the following button to confirm your email.')),
-			$this->l10n->t('Click the following link to confirm your email.')
-		);
-
-		$emailTemplate->addBodyButton(
-			htmlspecialchars($this->l10n->t('Confirm your email')),
-			$link,
-			false
-		);
-		$emailTemplate->addFooter();
-
-		try {
-			$message = $this->mailer->createMessage();
-			$message->setTo([$email => $user->getDisplayName()]);
-			$message->setFrom([Util::getDefaultEmailAddress('verification-noreply') => $this->defaults->getName()]);
-			$message->useTemplate($emailTemplate);
-			$this->mailer->send($message);
-		} catch (Exception $e) {
-			// Log the exception and continue
-			$this->logger->info('Failed to send verification mail', [
-				'app' => 'core',
-				'exception' => $e
-			]);
-			return false;
-		}
-		return true;
-	}
-
-	/**
-	 * Make sure that all expected data are set
-	 */
-	protected function addMissingDefaultValues(array $userData, array $defaultUserData): array {
-		foreach ($defaultUserData as $defaultDataItem) {
-			// If property does not exist, initialize it
-			$userDataIndex = array_search($defaultDataItem['name'], array_column($userData, 'name'));
-			if ($userDataIndex === false) {
-				$userData[] = $defaultDataItem;
-				continue;
-			}
-
-			// Merge and extend default missing values
-			$userData[$userDataIndex] = array_merge($defaultDataItem, $userData[$userDataIndex]);
-		}
-
-		return $userData;
-	}
-
-	protected function updateVerificationStatus(IAccount $updatedAccount, array $oldData): void {
-		static $propertiesVerifiableByLookupServer = [
-			self::PROPERTY_TWITTER,
-			self::PROPERTY_FEDIVERSE,
-			self::PROPERTY_WEBSITE,
-			self::PROPERTY_EMAIL,
-		];
-
-		foreach ($propertiesVerifiableByLookupServer as $propertyName) {
-			try {
-				$property = $updatedAccount->getProperty($propertyName);
-			} catch (PropertyDoesNotExistException $e) {
-				continue;
-			}
-			$wasVerified = isset($oldData[$propertyName])
-				&& isset($oldData[$propertyName]['verified'])
-				&& $oldData[$propertyName]['verified'] === self::VERIFIED;
-			if ((!isset($oldData[$propertyName])
-					|| !isset($oldData[$propertyName]['value'])
-					|| $property->getValue() !== $oldData[$propertyName]['value'])
-				&& ($property->getVerified() !== self::NOT_VERIFIED
-					|| $wasVerified)
-			) {
-				$property->setVerified(self::NOT_VERIFIED);
-			}
-		}
-	}
-
-	/**
-	 * add new user to accounts table
-	 *
-	 * @param IUser $user
-	 * @param array $data
-	 */
-	protected function insertNewUser(IUser $user, array $data): void {
-		$uid = $user->getUID();
-		$jsonEncodedData = $this->prepareJson($data);
-		$query = $this->connection->getQueryBuilder();
-		$query->insert($this->table)
-			->values(
-				[
-					'uid' => $query->createNamedParameter($uid),
-					'data' => $query->createNamedParameter($jsonEncodedData),
-				]
-			)
-			->executeStatement();
-
-		$this->deleteUserData($user);
-		$this->writeUserData($user, $data);
-	}
-
-	protected function prepareJson(array $data): string {
-		$preparedData = [];
-		foreach ($data as $dataRow) {
-			$propertyName = $dataRow['name'];
-			unset($dataRow['name']);
-
-			if (isset($dataRow['locallyVerified']) && $dataRow['locallyVerified'] === self::NOT_VERIFIED) {
-				// do not write default value, save DB space
-				unset($dataRow['locallyVerified']);
-			}
-
-			if (!$this->isCollection($propertyName)) {
-				$preparedData[$propertyName] = $dataRow;
-				continue;
-			}
-			if (!isset($preparedData[$propertyName])) {
-				$preparedData[$propertyName] = [];
-			}
-			$preparedData[$propertyName][] = $dataRow;
-		}
-		return json_encode($preparedData);
-	}
-
-	protected function importFromJson(string $json, string $userId): ?array {
-		$result = [];
-		$jsonArray = json_decode($json, true);
-		$jsonError = json_last_error();
-		if ($jsonError !== JSON_ERROR_NONE) {
-			$this->logger->critical(
-				'User data of {uid} contained invalid JSON (error {json_error}), hence falling back to a default user record',
-				[
-					'uid' => $userId,
-					'json_error' => $jsonError
-				]
-			);
-			return null;
-		}
-		foreach ($jsonArray as $propertyName => $row) {
-			if (!$this->isCollection($propertyName)) {
-				$result[] = array_merge($row, ['name' => $propertyName]);
-				continue;
-			}
-			foreach ($row as $singleRow) {
-				$result[] = array_merge($singleRow, ['name' => $propertyName]);
-			}
-		}
-		return $result;
-	}
-
-	/**
-	 * Update existing user in accounts table
-	 */
-	protected function updateExistingUser(IUser $user, array $data, array $oldData): void {
-		$uid = $user->getUID();
-		$jsonEncodedData = $this->prepareJson($data);
-		$query = $this->connection->getQueryBuilder();
-		$query->update($this->table)
-			->set('data', $query->createNamedParameter($jsonEncodedData))
-			->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
-			->executeStatement();
-
-		$this->deleteUserData($user);
-		$this->writeUserData($user, $data);
-	}
-
-	protected function writeUserData(IUser $user, array $data): void {
-		$query = $this->connection->getQueryBuilder();
-		$query->insert($this->dataTable)
-			->values(
-				[
-					'uid' => $query->createNamedParameter($user->getUID()),
-					'name' => $query->createParameter('name'),
-					'value' => $query->createParameter('value'),
-				]
-			);
-		$this->writeUserDataProperties($query, $data);
-	}
-
-	protected function writeUserDataProperties(IQueryBuilder $query, array $data): void {
-		foreach ($data as $property) {
-			if ($property['name'] === self::PROPERTY_AVATAR) {
-				continue;
-			}
-
-			// the value col is limited to 255 bytes. It is used for searches only.
-			$value = $property['value'] ? Util::shortenMultibyteString($property['value'], 255) : '';
-
-			$query->setParameter('name', $property['name'])
-				->setParameter('value', $value);
-			$query->executeStatement();
-		}
-	}
-
-	/**
-	 * build default user record in case not data set exists yet
-	 */
-	protected function buildDefaultUserRecord(IUser $user): array {
-		$scopes = array_merge(self::DEFAULT_SCOPES, array_filter($this->config->getSystemValue('account_manager.default_property_scope', []), static function (string $scope, string $property) {
-			return in_array($property, self::ALLOWED_PROPERTIES, true) && in_array($scope, self::ALLOWED_SCOPES, true);
-		}, ARRAY_FILTER_USE_BOTH));
-
-		return [
-			[
-				'name' => self::PROPERTY_DISPLAYNAME,
-				'value' => $user->getDisplayName(),
-				// Display name must be at least SCOPE_LOCAL
-				'scope' => $scopes[self::PROPERTY_DISPLAYNAME] === self::SCOPE_PRIVATE ? self::SCOPE_LOCAL : $scopes[self::PROPERTY_DISPLAYNAME],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_ADDRESS,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_ADDRESS],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_WEBSITE,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_WEBSITE],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_EMAIL,
-				'value' => $user->getEMailAddress(),
-				// Email must be at least SCOPE_LOCAL
-				'scope' => $scopes[self::PROPERTY_EMAIL] === self::SCOPE_PRIVATE ? self::SCOPE_LOCAL : $scopes[self::PROPERTY_EMAIL],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_AVATAR,
-				'scope' => $scopes[self::PROPERTY_AVATAR],
-			],
-
-			[
-				'name' => self::PROPERTY_PHONE,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_PHONE],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_TWITTER,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_TWITTER],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_FEDIVERSE,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_FEDIVERSE],
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_ORGANISATION,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_ORGANISATION],
-			],
-
-			[
-				'name' => self::PROPERTY_ROLE,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_ROLE],
-			],
-
-			[
-				'name' => self::PROPERTY_HEADLINE,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_HEADLINE],
-			],
-
-			[
-				'name' => self::PROPERTY_BIOGRAPHY,
-				'value' => '',
-				'scope' => $scopes[self::PROPERTY_BIOGRAPHY],
-			],
-
-			[
-				'name' => self::PROPERTY_PROFILE_ENABLED,
-				'value' => $this->isProfileEnabledByDefault($this->config) ? '1' : '0',
-			],
-		];
-	}
-
-	private function arrayDataToCollection(IAccount $account, array $data): IAccountPropertyCollection {
-		$collection = $account->getPropertyCollection($data['name']);
-
-		$p = new AccountProperty(
-			$data['name'],
-			$data['value'] ?? '',
-			$data['scope'] ?? self::SCOPE_LOCAL,
-			$data['verified'] ?? self::NOT_VERIFIED,
-			''
-		);
-		$p->setLocallyVerified($data['locallyVerified'] ?? self::NOT_VERIFIED);
-		$collection->addProperty($p);
-
-		return $collection;
-	}
-
-	private function parseAccountData(IUser $user, $data): Account {
-		$account = new Account($user);
-		foreach ($data as $accountData) {
-			if ($this->isCollection($accountData['name'])) {
-				$account->setPropertyCollection($this->arrayDataToCollection($account, $accountData));
-			} else {
-				$account->setProperty($accountData['name'], $accountData['value'] ?? '', $accountData['scope'] ?? self::SCOPE_LOCAL, $accountData['verified'] ?? self::NOT_VERIFIED);
-				if (isset($accountData['locallyVerified'])) {
-					$property = $account->getProperty($accountData['name']);
-					$property->setLocallyVerified($accountData['locallyVerified']);
-				}
-			}
-		}
-		return $account;
-	}
-
-	public function getAccount(IUser $user): IAccount {
-		if ($this->internalCache->hasKey($user->getUID())) {
-			return $this->internalCache->get($user->getUID());
-		}
-		$account = $this->parseAccountData($user, $this->getUser($user));
-		$this->internalCache->set($user->getUID(), $account);
-		return $account;
-	}
-
-	public function updateAccount(IAccount $account): void {
-		$this->testValueLengths(iterator_to_array($account->getAllProperties()), true);
-		try {
-			$property = $account->getProperty(self::PROPERTY_PHONE);
-			$this->sanitizePhoneNumberValue($property);
-		} catch (PropertyDoesNotExistException $e) {
-			//  valid case, nothing to do
-		}
-
-		try {
-			$property = $account->getProperty(self::PROPERTY_WEBSITE);
-			$this->sanitizeWebsite($property);
-		} catch (PropertyDoesNotExistException $e) {
-			//  valid case, nothing to do
-		}
-
-		foreach ($account->getAllProperties() as $property) {
-			$this->testPropertyScope($property, self::ALLOWED_SCOPES, true);
-		}
-
-		$oldData = $this->getUser($account->getUser(), false);
-		$this->updateVerificationStatus($account, $oldData);
-		$this->checkEmailVerification($account, $oldData);
-		$this->checkLocalEmailVerification($account, $oldData);
-
-		$data = [];
-		foreach ($account->getAllProperties() as $property) {
-			/** @var IAccountProperty $property */
-			$data[] = [
-				'name' => $property->getName(),
-				'value' => $property->getValue(),
-				'scope' => $property->getScope(),
-				'verified' => $property->getVerified(),
-				'locallyVerified' => $property->getLocallyVerified(),
-			];
-		}
-
-		$this->updateUser($account->getUser(), $data, $oldData, true);
-		$this->internalCache->set($account->getUser()->getUID(), $account);
-	}
+    use TAccountsHelper;
+
+    use TProfileHelper;
+
+    /** @var  IDBConnection database connection */
+    private $connection;
+
+    /** @var IConfig */
+    private $config;
+
+    /** @var string table name */
+    private $table = 'accounts';
+
+    /** @var string table name */
+    private $dataTable = 'accounts_data';
+
+    /** @var EventDispatcherInterface */
+    private $eventDispatcher;
+
+    /** @var IJobList */
+    private $jobList;
+
+    /** @var LoggerInterface */
+    private $logger;
+    /** @var IVerificationToken */
+    private $verificationToken;
+    /** @var IMailer */
+    private $mailer;
+    /** @var Defaults */
+    private $defaults;
+    /** @var IL10N */
+    private $l10n;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ICrypto */
+    private $crypto;
+    /** @var IFactory */
+    private $l10nfactory;
+    private CappedMemoryCache $internalCache;
+
+    /**
+     * The list of default scopes for each property.
+     */
+    public const DEFAULT_SCOPES = [
+        self::PROPERTY_DISPLAYNAME => self::SCOPE_FEDERATED,
+        self::PROPERTY_ADDRESS => self::SCOPE_LOCAL,
+        self::PROPERTY_WEBSITE => self::SCOPE_LOCAL,
+        self::PROPERTY_EMAIL => self::SCOPE_FEDERATED,
+        self::PROPERTY_AVATAR => self::SCOPE_FEDERATED,
+        self::PROPERTY_PHONE => self::SCOPE_LOCAL,
+        self::PROPERTY_TWITTER => self::SCOPE_LOCAL,
+        self::PROPERTY_FEDIVERSE => self::SCOPE_LOCAL,
+        self::PROPERTY_ORGANISATION => self::SCOPE_LOCAL,
+        self::PROPERTY_ROLE => self::SCOPE_LOCAL,
+        self::PROPERTY_HEADLINE => self::SCOPE_LOCAL,
+        self::PROPERTY_BIOGRAPHY => self::SCOPE_LOCAL,
+    ];
+
+    public function __construct(
+        IDBConnection            $connection,
+        IConfig                  $config,
+        EventDispatcherInterface $eventDispatcher,
+        IJobList                 $jobList,
+        LoggerInterface          $logger,
+        IVerificationToken       $verificationToken,
+        IMailer                  $mailer,
+        Defaults                 $defaults,
+        IFactory                 $factory,
+        IURLGenerator            $urlGenerator,
+        ICrypto                  $crypto
+    ) {
+        $this->connection = $connection;
+        $this->config = $config;
+        $this->eventDispatcher = $eventDispatcher;
+        $this->jobList = $jobList;
+        $this->logger = $logger;
+        $this->verificationToken = $verificationToken;
+        $this->mailer = $mailer;
+        $this->defaults = $defaults;
+        $this->urlGenerator = $urlGenerator;
+        $this->crypto = $crypto;
+        // DIing IL10N results in a dependency loop
+        $this->l10nfactory = $factory;
+        $this->internalCache = new CappedMemoryCache();
+    }
+
+    /**
+     * @param string $input
+     * @return string Provided phone number in E.164 format when it was a valid number
+     * @throws InvalidArgumentException When the phone number was invalid or no default region is set and the number doesn't start with a country code
+     */
+    protected function parsePhoneNumber(string $input): string {
+        $defaultRegion = $this->config->getSystemValueString('default_phone_region', '');
+
+        if ($defaultRegion === '') {
+            // When no default region is set, only +49… numbers are valid
+            if (!str_starts_with($input, '+')) {
+                throw new InvalidArgumentException(self::PROPERTY_PHONE);
+            }
+
+            $defaultRegion = 'EN';
+        }
+
+        $phoneUtil = PhoneNumberUtil::getInstance();
+        try {
+            $phoneNumber = $phoneUtil->parse($input, $defaultRegion);
+            if ($phoneUtil->isValidNumber($phoneNumber)) {
+                return $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
+            }
+        } catch (NumberParseException $e) {
+        }
+
+        throw new InvalidArgumentException(self::PROPERTY_PHONE);
+    }
+
+    /**
+     *
+     * @param string $input
+     * @return string
+     * @throws InvalidArgumentException When the website did not have http(s) as protocol or the host name was empty
+     */
+    protected function parseWebsite(string $input): string {
+        $parts = parse_url($input);
+        if (!isset($parts['scheme']) || ($parts['scheme'] !== 'https' && $parts['scheme'] !== 'http')) {
+            throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
+        }
+
+        if (!isset($parts['host']) || $parts['host'] === '') {
+            throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
+        }
+
+        return $input;
+    }
+
+    /**
+     * @param IAccountProperty[] $properties
+     */
+    protected function testValueLengths(array $properties, bool $throwOnData = false): void {
+        foreach ($properties as $property) {
+            if (strlen($property->getValue()) > 2048) {
+                if ($throwOnData) {
+                    throw new InvalidArgumentException($property->getName());
+                } else {
+                    $property->setValue('');
+                }
+            }
+        }
+    }
+
+    protected function testPropertyScope(IAccountProperty $property, array $allowedScopes, bool $throwOnData): void {
+        if ($throwOnData && !in_array($property->getScope(), $allowedScopes, true)) {
+            throw new InvalidArgumentException('scope');
+        }
+
+        if (
+            $property->getScope() === self::SCOPE_PRIVATE
+            && in_array($property->getName(), [self::PROPERTY_DISPLAYNAME, self::PROPERTY_EMAIL])
+        ) {
+            if ($throwOnData) {
+                // v2-private is not available for these fields
+                throw new InvalidArgumentException('scope');
+            } else {
+                // default to local
+                $property->setScope(self::SCOPE_LOCAL);
+            }
+        } else {
+            // migrate scope values to the new format
+            // invalid scopes are mapped to a default value
+            $property->setScope(AccountProperty::mapScopeToV2($property->getScope()));
+        }
+    }
+
+    protected function sanitizePhoneNumberValue(IAccountProperty $property, bool $throwOnData = false) {
+        if ($property->getName() !== self::PROPERTY_PHONE) {
+            if ($throwOnData) {
+                throw new InvalidArgumentException(sprintf('sanitizePhoneNumberValue can only sanitize phone numbers, %s given', $property->getName()));
+            }
+            return;
+        }
+        if ($property->getValue() === '') {
+            return;
+        }
+        try {
+            $property->setValue($this->parsePhoneNumber($property->getValue()));
+        } catch (InvalidArgumentException $e) {
+            if ($throwOnData) {
+                throw $e;
+            }
+            $property->setValue('');
+        }
+    }
+
+    protected function sanitizeWebsite(IAccountProperty $property, bool $throwOnData = false) {
+        if ($property->getName() !== self::PROPERTY_WEBSITE) {
+            if ($throwOnData) {
+                throw new InvalidArgumentException(sprintf('sanitizeWebsite can only sanitize web domains, %s given', $property->getName()));
+            }
+        }
+        try {
+            $property->setValue($this->parseWebsite($property->getValue()));
+        } catch (InvalidArgumentException $e) {
+            if ($throwOnData) {
+                throw $e;
+            }
+            $property->setValue('');
+        }
+    }
+
+    protected function updateUser(IUser $user, array $data, ?array $oldUserData, bool $throwOnData = false): array {
+        if ($oldUserData === null) {
+            $oldUserData = $this->getUser($user, false);
+        }
+
+        $updated = true;
+
+        if ($oldUserData !== $data) {
+            $this->updateExistingUser($user, $data, $oldUserData);
+        } else {
+            // nothing needs to be done if new and old data set are the same
+            $updated = false;
+        }
+
+        if ($updated) {
+            $this->eventDispatcher->dispatch(
+                'OC\AccountManager::userUpdated',
+                new GenericEvent($user, $data)
+            );
+        }
+
+        return $data;
+    }
+
+    /**
+     * delete user from accounts table
+     *
+     * @param IUser $user
+     */
+    public function deleteUser(IUser $user) {
+        $uid = $user->getUID();
+        $query = $this->connection->getQueryBuilder();
+        $query->delete($this->table)
+            ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
+            ->execute();
+
+        $this->deleteUserData($user);
+    }
+
+    /**
+     * delete user from accounts table
+     *
+     * @param IUser $user
+     */
+    public function deleteUserData(IUser $user): void {
+        $uid = $user->getUID();
+        $query = $this->connection->getQueryBuilder();
+        $query->delete($this->dataTable)
+            ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
+            ->execute();
+    }
+
+    /**
+     * get stored data from a given user
+     */
+    protected function getUser(IUser $user, bool $insertIfNotExists = true): array {
+        $uid = $user->getUID();
+        $query = $this->connection->getQueryBuilder();
+        $query->select('data')
+            ->from($this->table)
+            ->where($query->expr()->eq('uid', $query->createParameter('uid')))
+            ->setParameter('uid', $uid);
+        $result = $query->executeQuery();
+        $accountData = $result->fetchAll();
+        $result->closeCursor();
+
+        if (empty($accountData)) {
+            $userData = $this->buildDefaultUserRecord($user);
+            if ($insertIfNotExists) {
+                $this->insertNewUser($user, $userData);
+            }
+            return $userData;
+        }
+
+        $userDataArray = $this->importFromJson($accountData[0]['data'], $uid);
+        if ($userDataArray === null || $userDataArray === []) {
+            return $this->buildDefaultUserRecord($user);
+        }
+
+        return $this->addMissingDefaultValues($userDataArray, $this->buildDefaultUserRecord($user));
+    }
+
+    public function searchUsers(string $property, array $values): array {
+        // the value col is limited to 255 bytes. It is used for searches only.
+        $values = array_map(function (string $value) {
+            return Util::shortenMultibyteString($value, 255);
+        }, $values);
+        $chunks = array_chunk($values, 500);
+        $query = $this->connection->getQueryBuilder();
+        $query->select('*')
+            ->from($this->dataTable)
+            ->where($query->expr()->eq('name', $query->createNamedParameter($property)))
+            ->andWhere($query->expr()->in('value', $query->createParameter('values')));
+
+        $matches = [];
+        foreach ($chunks as $chunk) {
+            $query->setParameter('values', $chunk, IQueryBuilder::PARAM_STR_ARRAY);
+            $result = $query->executeQuery();
+
+            while ($row = $result->fetch()) {
+                $matches[$row['uid']] = $row['value'];
+            }
+            $result->closeCursor();
+        }
+
+        $result = array_merge($matches, $this->searchUsersForRelatedCollection($property, $values));
+
+        return array_flip($result);
+    }
+
+    protected function searchUsersForRelatedCollection(string $property, array $values): array {
+        switch ($property) {
+            case IAccountManager::PROPERTY_EMAIL:
+                return array_flip($this->searchUsers(IAccountManager::COLLECTION_EMAIL, $values));
+            default:
+                return [];
+        }
+    }
+
+    /**
+     * check if we need to ask the server for email verification, if yes we create a cronjob
+     */
+    protected function checkEmailVerification(IAccount $updatedAccount, array $oldData): void {
+        try {
+            $property = $updatedAccount->getProperty(self::PROPERTY_EMAIL);
+        } catch (PropertyDoesNotExistException $e) {
+            return;
+        }
+
+        $oldMailIndex = array_search(self::PROPERTY_EMAIL, array_column($oldData, 'name'), true);
+        $oldMail = $oldMailIndex !== false ? $oldData[$oldMailIndex]['value'] : '';
+
+        if ($oldMail !== $property->getValue()) {
+            $this->jobList->add(
+                VerifyUserData::class,
+                [
+                    'verificationCode' => '',
+                    'data' => $property->getValue(),
+                    'type' => self::PROPERTY_EMAIL,
+                    'uid' => $updatedAccount->getUser()->getUID(),
+                    'try' => 0,
+                    'lastRun' => time()
+                ]
+            );
+
+            $property->setVerified(self::VERIFICATION_IN_PROGRESS);
+        }
+    }
+
+    protected function checkLocalEmailVerification(IAccount $updatedAccount, array $oldData): void {
+        $mailCollection = $updatedAccount->getPropertyCollection(self::COLLECTION_EMAIL);
+        foreach ($mailCollection->getProperties() as $property) {
+            if ($property->getLocallyVerified() !== self::NOT_VERIFIED) {
+                continue;
+            }
+            if ($this->sendEmailVerificationEmail($updatedAccount->getUser(), $property->getValue())) {
+                $property->setLocallyVerified(self::VERIFICATION_IN_PROGRESS);
+            }
+        }
+    }
+
+    protected function sendEmailVerificationEmail(IUser $user, string $email): bool {
+        $ref = \substr(hash('sha256', $email), 0, 8);
+        $key = $this->crypto->encrypt($email);
+        $token = $this->verificationToken->create($user, 'verifyMail' . $ref, $email);
+
+        $link = $this->urlGenerator->linkToRouteAbsolute(
+            'provisioning_api.Verification.verifyMail',
+            [
+                'userId' => $user->getUID(),
+                'token' => $token,
+                'key' => $key
+            ]
+        );
+
+        $emailTemplate = $this->mailer->createEMailTemplate('core.EmailVerification', [
+            'link' => $link,
+        ]);
+
+        if (!$this->l10n) {
+            $this->l10n = $this->l10nfactory->get('core');
+        }
+
+        $emailTemplate->setSubject($this->l10n->t('%s email verification', [$this->defaults->getName()]));
+        $emailTemplate->addHeader();
+        $emailTemplate->addHeading($this->l10n->t('Email verification'));
+
+        $emailTemplate->addBodyText(
+            htmlspecialchars($this->l10n->t('Click the following button to confirm your email.')),
+            $this->l10n->t('Click the following link to confirm your email.')
+        );
+
+        $emailTemplate->addBodyButton(
+            htmlspecialchars($this->l10n->t('Confirm your email')),
+            $link,
+            false
+        );
+        $emailTemplate->addFooter();
+
+        try {
+            $message = $this->mailer->createMessage();
+            $message->setTo([$email => $user->getDisplayName()]);
+            $message->setFrom([Util::getDefaultEmailAddress('verification-noreply') => $this->defaults->getName()]);
+            $message->useTemplate($emailTemplate);
+            $this->mailer->send($message);
+        } catch (Exception $e) {
+            // Log the exception and continue
+            $this->logger->info('Failed to send verification mail', [
+                'app' => 'core',
+                'exception' => $e
+            ]);
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * Make sure that all expected data are set
+     */
+    protected function addMissingDefaultValues(array $userData, array $defaultUserData): array {
+        foreach ($defaultUserData as $defaultDataItem) {
+            // If property does not exist, initialize it
+            $userDataIndex = array_search($defaultDataItem['name'], array_column($userData, 'name'));
+            if ($userDataIndex === false) {
+                $userData[] = $defaultDataItem;
+                continue;
+            }
+
+            // Merge and extend default missing values
+            $userData[$userDataIndex] = array_merge($defaultDataItem, $userData[$userDataIndex]);
+        }
+
+        return $userData;
+    }
+
+    protected function updateVerificationStatus(IAccount $updatedAccount, array $oldData): void {
+        static $propertiesVerifiableByLookupServer = [
+            self::PROPERTY_TWITTER,
+            self::PROPERTY_FEDIVERSE,
+            self::PROPERTY_WEBSITE,
+            self::PROPERTY_EMAIL,
+        ];
+
+        foreach ($propertiesVerifiableByLookupServer as $propertyName) {
+            try {
+                $property = $updatedAccount->getProperty($propertyName);
+            } catch (PropertyDoesNotExistException $e) {
+                continue;
+            }
+            $wasVerified = isset($oldData[$propertyName])
+                && isset($oldData[$propertyName]['verified'])
+                && $oldData[$propertyName]['verified'] === self::VERIFIED;
+            if ((!isset($oldData[$propertyName])
+                    || !isset($oldData[$propertyName]['value'])
+                    || $property->getValue() !== $oldData[$propertyName]['value'])
+                && ($property->getVerified() !== self::NOT_VERIFIED
+                    || $wasVerified)
+            ) {
+                $property->setVerified(self::NOT_VERIFIED);
+            }
+        }
+    }
+
+    /**
+     * add new user to accounts table
+     *
+     * @param IUser $user
+     * @param array $data
+     */
+    protected function insertNewUser(IUser $user, array $data): void {
+        $uid = $user->getUID();
+        $jsonEncodedData = $this->prepareJson($data);
+        $query = $this->connection->getQueryBuilder();
+        $query->insert($this->table)
+            ->values(
+                [
+                    'uid' => $query->createNamedParameter($uid),
+                    'data' => $query->createNamedParameter($jsonEncodedData),
+                ]
+            )
+            ->executeStatement();
+
+        $this->deleteUserData($user);
+        $this->writeUserData($user, $data);
+    }
+
+    protected function prepareJson(array $data): string {
+        $preparedData = [];
+        foreach ($data as $dataRow) {
+            $propertyName = $dataRow['name'];
+            unset($dataRow['name']);
+
+            if (isset($dataRow['locallyVerified']) && $dataRow['locallyVerified'] === self::NOT_VERIFIED) {
+                // do not write default value, save DB space
+                unset($dataRow['locallyVerified']);
+            }
+
+            if (!$this->isCollection($propertyName)) {
+                $preparedData[$propertyName] = $dataRow;
+                continue;
+            }
+            if (!isset($preparedData[$propertyName])) {
+                $preparedData[$propertyName] = [];
+            }
+            $preparedData[$propertyName][] = $dataRow;
+        }
+        return json_encode($preparedData);
+    }
+
+    protected function importFromJson(string $json, string $userId): ?array {
+        $result = [];
+        $jsonArray = json_decode($json, true);
+        $jsonError = json_last_error();
+        if ($jsonError !== JSON_ERROR_NONE) {
+            $this->logger->critical(
+                'User data of {uid} contained invalid JSON (error {json_error}), hence falling back to a default user record',
+                [
+                    'uid' => $userId,
+                    'json_error' => $jsonError
+                ]
+            );
+            return null;
+        }
+        foreach ($jsonArray as $propertyName => $row) {
+            if (!$this->isCollection($propertyName)) {
+                $result[] = array_merge($row, ['name' => $propertyName]);
+                continue;
+            }
+            foreach ($row as $singleRow) {
+                $result[] = array_merge($singleRow, ['name' => $propertyName]);
+            }
+        }
+        return $result;
+    }
+
+    /**
+     * Update existing user in accounts table
+     */
+    protected function updateExistingUser(IUser $user, array $data, array $oldData): void {
+        $uid = $user->getUID();
+        $jsonEncodedData = $this->prepareJson($data);
+        $query = $this->connection->getQueryBuilder();
+        $query->update($this->table)
+            ->set('data', $query->createNamedParameter($jsonEncodedData))
+            ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
+            ->executeStatement();
+
+        $this->deleteUserData($user);
+        $this->writeUserData($user, $data);
+    }
+
+    protected function writeUserData(IUser $user, array $data): void {
+        $query = $this->connection->getQueryBuilder();
+        $query->insert($this->dataTable)
+            ->values(
+                [
+                    'uid' => $query->createNamedParameter($user->getUID()),
+                    'name' => $query->createParameter('name'),
+                    'value' => $query->createParameter('value'),
+                ]
+            );
+        $this->writeUserDataProperties($query, $data);
+    }
+
+    protected function writeUserDataProperties(IQueryBuilder $query, array $data): void {
+        foreach ($data as $property) {
+            if ($property['name'] === self::PROPERTY_AVATAR) {
+                continue;
+            }
+
+            // the value col is limited to 255 bytes. It is used for searches only.
+            $value = $property['value'] ? Util::shortenMultibyteString($property['value'], 255) : '';
+
+            $query->setParameter('name', $property['name'])
+                ->setParameter('value', $value);
+            $query->executeStatement();
+        }
+    }
+
+    /**
+     * build default user record in case not data set exists yet
+     */
+    protected function buildDefaultUserRecord(IUser $user): array {
+        $scopes = array_merge(self::DEFAULT_SCOPES, array_filter($this->config->getSystemValue('account_manager.default_property_scope', []), static function (string $scope, string $property) {
+            return in_array($property, self::ALLOWED_PROPERTIES, true) && in_array($scope, self::ALLOWED_SCOPES, true);
+        }, ARRAY_FILTER_USE_BOTH));
+
+        return [
+            [
+                'name' => self::PROPERTY_DISPLAYNAME,
+                'value' => $user->getDisplayName(),
+                // Display name must be at least SCOPE_LOCAL
+                'scope' => $scopes[self::PROPERTY_DISPLAYNAME] === self::SCOPE_PRIVATE ? self::SCOPE_LOCAL : $scopes[self::PROPERTY_DISPLAYNAME],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_ADDRESS,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_ADDRESS],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_WEBSITE,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_WEBSITE],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_EMAIL,
+                'value' => $user->getEMailAddress(),
+                // Email must be at least SCOPE_LOCAL
+                'scope' => $scopes[self::PROPERTY_EMAIL] === self::SCOPE_PRIVATE ? self::SCOPE_LOCAL : $scopes[self::PROPERTY_EMAIL],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_AVATAR,
+                'scope' => $scopes[self::PROPERTY_AVATAR],
+            ],
+
+            [
+                'name' => self::PROPERTY_PHONE,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_PHONE],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_TWITTER,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_TWITTER],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_FEDIVERSE,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_FEDIVERSE],
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_ORGANISATION,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_ORGANISATION],
+            ],
+
+            [
+                'name' => self::PROPERTY_ROLE,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_ROLE],
+            ],
+
+            [
+                'name' => self::PROPERTY_HEADLINE,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_HEADLINE],
+            ],
+
+            [
+                'name' => self::PROPERTY_BIOGRAPHY,
+                'value' => '',
+                'scope' => $scopes[self::PROPERTY_BIOGRAPHY],
+            ],
+
+            [
+                'name' => self::PROPERTY_PROFILE_ENABLED,
+                'value' => $this->isProfileEnabledByDefault($this->config) ? '1' : '0',
+            ],
+        ];
+    }
+
+    private function arrayDataToCollection(IAccount $account, array $data): IAccountPropertyCollection {
+        $collection = $account->getPropertyCollection($data['name']);
+
+        $p = new AccountProperty(
+            $data['name'],
+            $data['value'] ?? '',
+            $data['scope'] ?? self::SCOPE_LOCAL,
+            $data['verified'] ?? self::NOT_VERIFIED,
+            ''
+        );
+        $p->setLocallyVerified($data['locallyVerified'] ?? self::NOT_VERIFIED);
+        $collection->addProperty($p);
+
+        return $collection;
+    }
+
+    private function parseAccountData(IUser $user, $data): Account {
+        $account = new Account($user);
+        foreach ($data as $accountData) {
+            if ($this->isCollection($accountData['name'])) {
+                $account->setPropertyCollection($this->arrayDataToCollection($account, $accountData));
+            } else {
+                $account->setProperty($accountData['name'], $accountData['value'] ?? '', $accountData['scope'] ?? self::SCOPE_LOCAL, $accountData['verified'] ?? self::NOT_VERIFIED);
+                if (isset($accountData['locallyVerified'])) {
+                    $property = $account->getProperty($accountData['name']);
+                    $property->setLocallyVerified($accountData['locallyVerified']);
+                }
+            }
+        }
+        return $account;
+    }
+
+    public function getAccount(IUser $user): IAccount {
+        if ($this->internalCache->hasKey($user->getUID())) {
+            return $this->internalCache->get($user->getUID());
+        }
+        $account = $this->parseAccountData($user, $this->getUser($user));
+        $this->internalCache->set($user->getUID(), $account);
+        return $account;
+    }
+
+    public function updateAccount(IAccount $account): void {
+        $this->testValueLengths(iterator_to_array($account->getAllProperties()), true);
+        try {
+            $property = $account->getProperty(self::PROPERTY_PHONE);
+            $this->sanitizePhoneNumberValue($property);
+        } catch (PropertyDoesNotExistException $e) {
+            //  valid case, nothing to do
+        }
+
+        try {
+            $property = $account->getProperty(self::PROPERTY_WEBSITE);
+            $this->sanitizeWebsite($property);
+        } catch (PropertyDoesNotExistException $e) {
+            //  valid case, nothing to do
+        }
+
+        foreach ($account->getAllProperties() as $property) {
+            $this->testPropertyScope($property, self::ALLOWED_SCOPES, true);
+        }
+
+        $oldData = $this->getUser($account->getUser(), false);
+        $this->updateVerificationStatus($account, $oldData);
+        $this->checkEmailVerification($account, $oldData);
+        $this->checkLocalEmailVerification($account, $oldData);
+
+        $data = [];
+        foreach ($account->getAllProperties() as $property) {
+            /** @var IAccountProperty $property */
+            $data[] = [
+                'name' => $property->getName(),
+                'value' => $property->getValue(),
+                'scope' => $property->getScope(),
+                'verified' => $property->getVerified(),
+                'locallyVerified' => $property->getLocallyVerified(),
+            ];
+        }
+
+        $this->updateUser($account->getUser(), $data, $oldData, true);
+        $this->internalCache->set($account->getUser()->getUID(), $account);
+    }
 }

lib/private/Accounts/AccountProperty.php

Indentation +165 added lines, -165 removed lines

@@ -32,169 +32,169 @@
 use OCP\Accounts\IAccountProperty;
 
 class AccountProperty implements IAccountProperty {
-	/** @var string */
-	private $name;
-	/** @var string */
-	private $value;
-	/** @var string */
-	private $scope;
-	/** @var string */
-	private $verified;
-	/** @var string */
-	private $verificationData;
-	/** @var string */
-	private $locallyVerified = IAccountManager::NOT_VERIFIED;
-
-	public function __construct(string $name, string $value, string $scope, string $verified, string $verificationData) {
-		$this->name = $name;
-		$this->value = $value;
-		$this->setScope($scope);
-		$this->verified = $verified;
-		$this->verificationData = $verificationData;
-	}
-
-	public function jsonSerialize(): array {
-		return [
-			'name' => $this->getName(),
-			'value' => $this->getValue(),
-			'scope' => $this->getScope(),
-			'verified' => $this->getVerified(),
-			'verificationData' => $this->getVerificationData(),
-		];
-	}
-
-	/**
-	 * Set the value of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @param string $value
-	 * @return IAccountProperty
-	 */
-	public function setValue(string $value): IAccountProperty {
-		$this->value = $value;
-		return $this;
-	}
-
-	/**
-	 * Set the scope of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @param string $scope
-	 * @return IAccountProperty
-	 */
-	public function setScope(string $scope): IAccountProperty {
-		$newScope = $this->mapScopeToV2($scope);
-		if (!in_array($newScope, [
-			IAccountManager::SCOPE_LOCAL,
-			IAccountManager::SCOPE_FEDERATED,
-			IAccountManager::SCOPE_PRIVATE,
-			IAccountManager::SCOPE_PUBLISHED
-		])) {
-			throw new InvalidArgumentException('Invalid scope');
-		}
-		$this->scope = $newScope;
-		return $this;
-	}
-
-	/**
-	 * Set the verification status of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @param string $verified
-	 * @return IAccountProperty
-	 */
-	public function setVerified(string $verified): IAccountProperty {
-		$this->verified = $verified;
-		return $this;
-	}
-
-	/**
-	 * Get the name of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @return string
-	 */
-	public function getName(): string {
-		return $this->name;
-	}
-
-	/**
-	 * Get the value of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @return string
-	 */
-	public function getValue(): string {
-		return $this->value;
-	}
-
-	/**
-	 * Get the scope of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @return string
-	 */
-	public function getScope(): string {
-		return $this->scope;
-	}
-
-	public static function mapScopeToV2(string $scope): string {
-		if (str_starts_with($scope, 'v2-')) {
-			return $scope;
-		}
-
-		switch ($scope) {
-			case IAccountManager::VISIBILITY_PRIVATE:
-			case '':
-				return IAccountManager::SCOPE_LOCAL;
-			case IAccountManager::VISIBILITY_CONTACTS_ONLY:
-				return IAccountManager::SCOPE_FEDERATED;
-			case IAccountManager::VISIBILITY_PUBLIC:
-				return IAccountManager::SCOPE_PUBLISHED;
-			default:
-				return $scope;
-		}
-	}
-
-	/**
-	 * Get the verification status of a property
-	 *
-	 * @since 15.0.0
-	 *
-	 * @return string
-	 */
-	public function getVerified(): string {
-		return $this->verified;
-	}
-
-	public function setVerificationData(string $verificationData): IAccountProperty {
-		$this->verificationData = $verificationData;
-		return $this;
-	}
-
-	public function getVerificationData(): string {
-		return $this->verificationData;
-	}
-
-	public function setLocallyVerified(string $verified): IAccountProperty {
-		if (!in_array($verified, [
-			IAccountManager::NOT_VERIFIED,
-			IAccountManager::VERIFICATION_IN_PROGRESS,
-			IAccountManager::VERIFIED,
-		])) {
-			throw new InvalidArgumentException('Provided verification value is invalid');
-		}
-		$this->locallyVerified = $verified;
-		return $this;
-	}
-
-	public function getLocallyVerified(): string {
-		return $this->locallyVerified;
-	}
+    /** @var string */
+    private $name;
+    /** @var string */
+    private $value;
+    /** @var string */
+    private $scope;
+    /** @var string */
+    private $verified;
+    /** @var string */
+    private $verificationData;
+    /** @var string */
+    private $locallyVerified = IAccountManager::NOT_VERIFIED;
+
+    public function __construct(string $name, string $value, string $scope, string $verified, string $verificationData) {
+        $this->name = $name;
+        $this->value = $value;
+        $this->setScope($scope);
+        $this->verified = $verified;
+        $this->verificationData = $verificationData;
+    }
+
+    public function jsonSerialize(): array {
+        return [
+            'name' => $this->getName(),
+            'value' => $this->getValue(),
+            'scope' => $this->getScope(),
+            'verified' => $this->getVerified(),
+            'verificationData' => $this->getVerificationData(),
+        ];
+    }
+
+    /**
+     * Set the value of a property
+     *
+     * @since 15.0.0
+     *
+     * @param string $value
+     * @return IAccountProperty
+     */
+    public function setValue(string $value): IAccountProperty {
+        $this->value = $value;
+        return $this;
+    }
+
+    /**
+     * Set the scope of a property
+     *
+     * @since 15.0.0
+     *
+     * @param string $scope
+     * @return IAccountProperty
+     */
+    public function setScope(string $scope): IAccountProperty {
+        $newScope = $this->mapScopeToV2($scope);
+        if (!in_array($newScope, [
+            IAccountManager::SCOPE_LOCAL,
+            IAccountManager::SCOPE_FEDERATED,
+            IAccountManager::SCOPE_PRIVATE,
+            IAccountManager::SCOPE_PUBLISHED
+        ])) {
+            throw new InvalidArgumentException('Invalid scope');
+        }
+        $this->scope = $newScope;
+        return $this;
+    }
+
+    /**
+     * Set the verification status of a property
+     *
+     * @since 15.0.0
+     *
+     * @param string $verified
+     * @return IAccountProperty
+     */
+    public function setVerified(string $verified): IAccountProperty {
+        $this->verified = $verified;
+        return $this;
+    }
+
+    /**
+     * Get the name of a property
+     *
+     * @since 15.0.0
+     *
+     * @return string
+     */
+    public function getName(): string {
+        return $this->name;
+    }
+
+    /**
+     * Get the value of a property
+     *
+     * @since 15.0.0
+     *
+     * @return string
+     */
+    public function getValue(): string {
+        return $this->value;
+    }
+
+    /**
+     * Get the scope of a property
+     *
+     * @since 15.0.0
+     *
+     * @return string
+     */
+    public function getScope(): string {
+        return $this->scope;
+    }
+
+    public static function mapScopeToV2(string $scope): string {
+        if (str_starts_with($scope, 'v2-')) {
+            return $scope;
+        }
+
+        switch ($scope) {
+            case IAccountManager::VISIBILITY_PRIVATE:
+            case '':
+                return IAccountManager::SCOPE_LOCAL;
+            case IAccountManager::VISIBILITY_CONTACTS_ONLY:
+                return IAccountManager::SCOPE_FEDERATED;
+            case IAccountManager::VISIBILITY_PUBLIC:
+                return IAccountManager::SCOPE_PUBLISHED;
+            default:
+                return $scope;
+        }
+    }
+
+    /**
+     * Get the verification status of a property
+     *
+     * @since 15.0.0
+     *
+     * @return string
+     */
+    public function getVerified(): string {
+        return $this->verified;
+    }
+
+    public function setVerificationData(string $verificationData): IAccountProperty {
+        $this->verificationData = $verificationData;
+        return $this;
+    }
+
+    public function getVerificationData(): string {
+        return $this->verificationData;
+    }
+
+    public function setLocallyVerified(string $verified): IAccountProperty {
+        if (!in_array($verified, [
+            IAccountManager::NOT_VERIFIED,
+            IAccountManager::VERIFICATION_IN_PROGRESS,
+            IAccountManager::VERIFIED,
+        ])) {
+            throw new InvalidArgumentException('Provided verification value is invalid');
+        }
+        $this->locallyVerified = $verified;
+        return $this;
+    }
+
+    public function getLocallyVerified(): string {
+        return $this->locallyVerified;
+    }
 }

lib/private/Memcache/ArrayCache.php

Indentation +117 added lines, -117 removed lines

@@ -27,133 +27,133 @@
 use OCP\IMemcache;
 
 class ArrayCache extends Cache implements IMemcache {
-	/** @var array Array with the cached data */
-	protected $cachedData = [];
+    /** @var array Array with the cached data */
+    protected $cachedData = [];
 
-	use CADTrait;
+    use CADTrait;
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function get($key) {
-		if ($this->hasKey($key)) {
-			return $this->cachedData[$key];
-		}
-		return null;
-	}
+    /**
+     * {@inheritDoc}
+     */
+    public function get($key) {
+        if ($this->hasKey($key)) {
+            return $this->cachedData[$key];
+        }
+        return null;
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function set($key, $value, $ttl = 0) {
-		$this->cachedData[$key] = $value;
-		return true;
-	}
+    /**
+     * {@inheritDoc}
+     */
+    public function set($key, $value, $ttl = 0) {
+        $this->cachedData[$key] = $value;
+        return true;
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function hasKey($key) {
-		return isset($this->cachedData[$key]);
-	}
+    /**
+     * {@inheritDoc}
+     */
+    public function hasKey($key) {
+        return isset($this->cachedData[$key]);
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function remove($key) {
-		unset($this->cachedData[$key]);
-		return true;
-	}
+    /**
+     * {@inheritDoc}
+     */
+    public function remove($key) {
+        unset($this->cachedData[$key]);
+        return true;
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public function clear($prefix = '') {
-		if ($prefix === '') {
-			$this->cachedData = [];
-			return true;
-		}
+    /**
+     * {@inheritDoc}
+     */
+    public function clear($prefix = '') {
+        if ($prefix === '') {
+            $this->cachedData = [];
+            return true;
+        }
 
-		foreach ($this->cachedData as $key => $value) {
-			if (str_starts_with($key, $prefix)) {
-				$this->remove($key);
-			}
-		}
-		return true;
-	}
+        foreach ($this->cachedData as $key => $value) {
+            if (str_starts_with($key, $prefix)) {
+                $this->remove($key);
+            }
+        }
+        return true;
+    }
 
-	/**
-	 * Set a value in the cache if it's not already stored
-	 *
-	 * @param string $key
-	 * @param mixed $value
-	 * @param int $ttl Time To Live in seconds. Defaults to 60*60*24
-	 * @return bool
-	 */
-	public function add($key, $value, $ttl = 0) {
-		// since this cache is not shared race conditions aren't an issue
-		if ($this->hasKey($key)) {
-			return false;
-		} else {
-			return $this->set($key, $value, $ttl);
-		}
-	}
+    /**
+     * Set a value in the cache if it's not already stored
+     *
+     * @param string $key
+     * @param mixed $value
+     * @param int $ttl Time To Live in seconds. Defaults to 60*60*24
+     * @return bool
+     */
+    public function add($key, $value, $ttl = 0) {
+        // since this cache is not shared race conditions aren't an issue
+        if ($this->hasKey($key)) {
+            return false;
+        } else {
+            return $this->set($key, $value, $ttl);
+        }
+    }
 
-	/**
-	 * Increase a stored number
-	 *
-	 * @param string $key
-	 * @param int $step
-	 * @return int | bool
-	 */
-	public function inc($key, $step = 1) {
-		$oldValue = $this->get($key);
-		if (is_int($oldValue)) {
-			$this->set($key, $oldValue + $step);
-			return $oldValue + $step;
-		} else {
-			$success = $this->add($key, $step);
-			return $success ? $step : false;
-		}
-	}
+    /**
+     * Increase a stored number
+     *
+     * @param string $key
+     * @param int $step
+     * @return int | bool
+     */
+    public function inc($key, $step = 1) {
+        $oldValue = $this->get($key);
+        if (is_int($oldValue)) {
+            $this->set($key, $oldValue + $step);
+            return $oldValue + $step;
+        } else {
+            $success = $this->add($key, $step);
+            return $success ? $step : false;
+        }
+    }
 
-	/**
-	 * Decrease a stored number
-	 *
-	 * @param string $key
-	 * @param int $step
-	 * @return int | bool
-	 */
-	public function dec($key, $step = 1) {
-		$oldValue = $this->get($key);
-		if (is_int($oldValue)) {
-			$this->set($key, $oldValue - $step);
-			return $oldValue - $step;
-		} else {
-			return false;
-		}
-	}
+    /**
+     * Decrease a stored number
+     *
+     * @param string $key
+     * @param int $step
+     * @return int | bool
+     */
+    public function dec($key, $step = 1) {
+        $oldValue = $this->get($key);
+        if (is_int($oldValue)) {
+            $this->set($key, $oldValue - $step);
+            return $oldValue - $step;
+        } else {
+            return false;
+        }
+    }
 
-	/**
-	 * Compare and set
-	 *
-	 * @param string $key
-	 * @param mixed $old
-	 * @param mixed $new
-	 * @return bool
-	 */
-	public function cas($key, $old, $new) {
-		if ($this->get($key) === $old) {
-			return $this->set($key, $new);
-		} else {
-			return false;
-		}
-	}
+    /**
+     * Compare and set
+     *
+     * @param string $key
+     * @param mixed $old
+     * @param mixed $new
+     * @return bool
+     */
+    public function cas($key, $old, $new) {
+        if ($this->get($key) === $old) {
+            return $this->set($key, $new);
+        } else {
+            return false;
+        }
+    }
 
-	/**
-	 * {@inheritDoc}
-	 */
-	public static function isAvailable(): bool {
-		return true;
-	}
+    /**
+     * {@inheritDoc}
+     */
+    public static function isAvailable(): bool {
+        return true;
+    }
 }

lib/private/LargeFileHelper.php

Indentation +161 added lines, -161 removed lines

@@ -35,174 +35,174 @@
  * Helper class for large files on 32-bit platforms.
  */
 class LargeFileHelper {
-	/**
-	 * pow(2, 53) as a base-10 string.
-	 * @var string
-	 */
-	public const POW_2_53 = '9007199254740992';
+    /**
+     * pow(2, 53) as a base-10 string.
+     * @var string
+     */
+    public const POW_2_53 = '9007199254740992';
 
-	/**
-	 * pow(2, 53) - 1 as a base-10 string.
-	 * @var string
-	 */
-	public const POW_2_53_MINUS_1 = '9007199254740991';
+    /**
+     * pow(2, 53) - 1 as a base-10 string.
+     * @var string
+     */
+    public const POW_2_53_MINUS_1 = '9007199254740991';
 
-	/**
-	 * @brief Checks whether our assumptions hold on the PHP platform we are on.
-	 *
-	 * @throws \RuntimeException if our assumptions do not hold on the current
-	 *                           PHP platform.
-	 */
-	public function __construct() {
-		$pow_2_53 = (float)self::POW_2_53_MINUS_1 + 1.0;
-		if ($this->formatUnsignedInteger($pow_2_53) !== self::POW_2_53) {
-			throw new \RuntimeException(
-				'This class assumes floats to be double precision or "better".'
-			);
-		}
-	}
+    /**
+     * @brief Checks whether our assumptions hold on the PHP platform we are on.
+     *
+     * @throws \RuntimeException if our assumptions do not hold on the current
+     *                           PHP platform.
+     */
+    public function __construct() {
+        $pow_2_53 = (float)self::POW_2_53_MINUS_1 + 1.0;
+        if ($this->formatUnsignedInteger($pow_2_53) !== self::POW_2_53) {
+            throw new \RuntimeException(
+                'This class assumes floats to be double precision or "better".'
+            );
+        }
+    }
 
-	/**
-	 * @brief Formats a signed integer or float as an unsigned integer base-10
-	 *        string. Passed strings will be checked for being base-10.
-	 *
-	 * @param int|float|string $number Number containing unsigned integer data
-	 *
-	 * @throws \UnexpectedValueException if $number is not a float, not an int
-	 *                                   and not a base-10 string.
-	 *
-	 * @return string Unsigned integer base-10 string
-	 */
-	public function formatUnsignedInteger(int|float|string $number): string {
-		if (is_float($number)) {
-			// Undo the effect of the php.ini setting 'precision'.
-			return number_format($number, 0, '', '');
-		} elseif (is_string($number) && ctype_digit($number)) {
-			return $number;
-		} elseif (is_int($number)) {
-			// Interpret signed integer as unsigned integer.
-			return sprintf('%u', $number);
-		} else {
-			throw new \UnexpectedValueException(
-				'Expected int, float or base-10 string'
-			);
-		}
-	}
+    /**
+     * @brief Formats a signed integer or float as an unsigned integer base-10
+     *        string. Passed strings will be checked for being base-10.
+     *
+     * @param int|float|string $number Number containing unsigned integer data
+     *
+     * @throws \UnexpectedValueException if $number is not a float, not an int
+     *                                   and not a base-10 string.
+     *
+     * @return string Unsigned integer base-10 string
+     */
+    public function formatUnsignedInteger(int|float|string $number): string {
+        if (is_float($number)) {
+            // Undo the effect of the php.ini setting 'precision'.
+            return number_format($number, 0, '', '');
+        } elseif (is_string($number) && ctype_digit($number)) {
+            return $number;
+        } elseif (is_int($number)) {
+            // Interpret signed integer as unsigned integer.
+            return sprintf('%u', $number);
+        } else {
+            throw new \UnexpectedValueException(
+                'Expected int, float or base-10 string'
+            );
+        }
+    }
 
-	/**
-	 * @brief Tries to get the size of a file via various workarounds that
-	 *        even work for large files on 32-bit platforms.
-	 *
-	 * @param string $filename Path to the file.
-	 *
-	 * @return int|float Number of bytes as number (float or int)
-	 */
-	public function getFileSize(string $filename): int|float {
-		$fileSize = $this->getFileSizeViaCurl($filename);
-		if (!is_null($fileSize)) {
-			return $fileSize;
-		}
-		$fileSize = $this->getFileSizeViaExec($filename);
-		if (!is_null($fileSize)) {
-			return $fileSize;
-		}
-		return $this->getFileSizeNative($filename);
-	}
+    /**
+     * @brief Tries to get the size of a file via various workarounds that
+     *        even work for large files on 32-bit platforms.
+     *
+     * @param string $filename Path to the file.
+     *
+     * @return int|float Number of bytes as number (float or int)
+     */
+    public function getFileSize(string $filename): int|float {
+        $fileSize = $this->getFileSizeViaCurl($filename);
+        if (!is_null($fileSize)) {
+            return $fileSize;
+        }
+        $fileSize = $this->getFileSizeViaExec($filename);
+        if (!is_null($fileSize)) {
+            return $fileSize;
+        }
+        return $this->getFileSizeNative($filename);
+    }
 
-	/**
-	 * @brief Tries to get the size of a file via a CURL HEAD request.
-	 *
-	 * @param string $fileName Path to the file.
-	 *
-	 * @return null|int|float Number of bytes as number (float or int) or
-	 *                        null on failure.
-	 */
-	public function getFileSizeViaCurl(string $fileName): null|int|float {
-		if (\OC::$server->get(IniGetWrapper::class)->getString('open_basedir') === '') {
-			$encodedFileName = rawurlencode($fileName);
-			$ch = curl_init("file:///$encodedFileName");
-			curl_setopt($ch, CURLOPT_NOBODY, true);
-			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-			curl_setopt($ch, CURLOPT_HEADER, true);
-			$data = curl_exec($ch);
-			curl_close($ch);
-			if ($data !== false) {
-				$matches = [];
-				preg_match('/Content-Length: (\d+)/', $data, $matches);
-				if (isset($matches[1])) {
-					return 0 + $matches[1];
-				}
-			}
-		}
-		return null;
-	}
+    /**
+     * @brief Tries to get the size of a file via a CURL HEAD request.
+     *
+     * @param string $fileName Path to the file.
+     *
+     * @return null|int|float Number of bytes as number (float or int) or
+     *                        null on failure.
+     */
+    public function getFileSizeViaCurl(string $fileName): null|int|float {
+        if (\OC::$server->get(IniGetWrapper::class)->getString('open_basedir') === '') {
+            $encodedFileName = rawurlencode($fileName);
+            $ch = curl_init("file:///$encodedFileName");
+            curl_setopt($ch, CURLOPT_NOBODY, true);
+            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+            curl_setopt($ch, CURLOPT_HEADER, true);
+            $data = curl_exec($ch);
+            curl_close($ch);
+            if ($data !== false) {
+                $matches = [];
+                preg_match('/Content-Length: (\d+)/', $data, $matches);
+                if (isset($matches[1])) {
+                    return 0 + $matches[1];
+                }
+            }
+        }
+        return null;
+    }
 
-	/**
-	 * @brief Tries to get the size of a file via an exec() call.
-	 *
-	 * @param string $filename Path to the file.
-	 *
-	 * @return null|int|float Number of bytes as number (float or int) or
-	 *                        null on failure.
-	 */
-	public function getFileSizeViaExec(string $filename): null|int|float {
-		if (\OCP\Util::isFunctionEnabled('exec')) {
-			$os = strtolower(php_uname('s'));
-			$arg = escapeshellarg($filename);
-			$result = null;
-			if (str_contains($os, 'linux')) {
-				$result = $this->exec("stat -c %s $arg");
-			} elseif (str_contains($os, 'bsd') || str_contains($os, 'darwin')) {
-				$result = $this->exec("stat -f %z $arg");
-			}
-			return $result;
-		}
-		return null;
-	}
+    /**
+     * @brief Tries to get the size of a file via an exec() call.
+     *
+     * @param string $filename Path to the file.
+     *
+     * @return null|int|float Number of bytes as number (float or int) or
+     *                        null on failure.
+     */
+    public function getFileSizeViaExec(string $filename): null|int|float {
+        if (\OCP\Util::isFunctionEnabled('exec')) {
+            $os = strtolower(php_uname('s'));
+            $arg = escapeshellarg($filename);
+            $result = null;
+            if (str_contains($os, 'linux')) {
+                $result = $this->exec("stat -c %s $arg");
+            } elseif (str_contains($os, 'bsd') || str_contains($os, 'darwin')) {
+                $result = $this->exec("stat -f %z $arg");
+            }
+            return $result;
+        }
+        return null;
+    }
 
-	/**
-	 * @brief Gets the size of a file via a filesize() call and converts
-	 *        negative signed int to positive float. As the result of filesize()
-	 *        will wrap around after a file size of 2^32 bytes = 4 GiB, this
-	 *        should only be used as a last resort.
-	 *
-	 * @param string $filename Path to the file.
-	 *
-	 * @return int|float Number of bytes as number (float or int).
-	 */
-	public function getFileSizeNative(string $filename): int|float {
-		$result = filesize($filename);
-		if ($result < 0) {
-			// For file sizes between 2 GiB and 4 GiB, filesize() will return a
-			// negative int, as the PHP data type int is signed. Interpret the
-			// returned int as an unsigned integer and put it into a float.
-			return (float) sprintf('%u', $result);
-		}
-		return $result;
-	}
+    /**
+     * @brief Gets the size of a file via a filesize() call and converts
+     *        negative signed int to positive float. As the result of filesize()
+     *        will wrap around after a file size of 2^32 bytes = 4 GiB, this
+     *        should only be used as a last resort.
+     *
+     * @param string $filename Path to the file.
+     *
+     * @return int|float Number of bytes as number (float or int).
+     */
+    public function getFileSizeNative(string $filename): int|float {
+        $result = filesize($filename);
+        if ($result < 0) {
+            // For file sizes between 2 GiB and 4 GiB, filesize() will return a
+            // negative int, as the PHP data type int is signed. Interpret the
+            // returned int as an unsigned integer and put it into a float.
+            return (float) sprintf('%u', $result);
+        }
+        return $result;
+    }
 
-	/**
-	 * Returns the current mtime for $fullPath
-	 */
-	public function getFileMtime(string $fullPath): int {
-		try {
-			$result = filemtime($fullPath) ?: -1;
-		} catch (\Exception $e) {
-			$result = - 1;
-		}
-		if ($result < 0) {
-			if (\OCP\Util::isFunctionEnabled('exec')) {
-				$os = strtolower(php_uname('s'));
-				if (str_contains($os, 'linux')) {
-					return (int)($this->exec('stat -c %Y ' . escapeshellarg($fullPath)) ?? -1);
-				}
-			}
-		}
-		return $result;
-	}
+    /**
+     * Returns the current mtime for $fullPath
+     */
+    public function getFileMtime(string $fullPath): int {
+        try {
+            $result = filemtime($fullPath) ?: -1;
+        } catch (\Exception $e) {
+            $result = - 1;
+        }
+        if ($result < 0) {
+            if (\OCP\Util::isFunctionEnabled('exec')) {
+                $os = strtolower(php_uname('s'));
+                if (str_contains($os, 'linux')) {
+                    return (int)($this->exec('stat -c %Y ' . escapeshellarg($fullPath)) ?? -1);
+                }
+            }
+        }
+        return $result;
+    }
 
-	protected function exec(string $cmd): null|int|float {
-		$result = trim(exec($cmd));
-		return ctype_digit($result) ? 0 + $result : null;
-	}
+    protected function exec(string $cmd): null|int|float {
+        $result = trim(exec($cmd));
+        return ctype_digit($result) ? 0 + $result : null;
+    }
 }

Spacing +8 added lines, -8 removed lines

@@ -54,7 +54,7 @@ 
 	 *                           PHP platform.
 	 */
 	public function __construct() {
-		$pow_2_53 = (float)self::POW_2_53_MINUS_1 + 1.0;
+		$pow_2_53 = (float) self::POW_2_53_MINUS_1 + 1.0;
 		if ($this->formatUnsignedInteger($pow_2_53) !== self::POW_2_53) {
 			throw new \RuntimeException(
 				'This class assumes floats to be double precision or "better".'
@@ -73,7 +73,7 @@ 
 	 *
 	 * @return string Unsigned integer base-10 string
 	 */
-	public function formatUnsignedInteger(int|float|string $number): string {
+	public function formatUnsignedInteger(int | float | string $number): string {
 		if (is_float($number)) {
 			// Undo the effect of the php.ini setting 'precision'.
 			return number_format($number, 0, '', '');
@@ -97,7 +97,7 @@ 
 	 *
 	 * @return int|float Number of bytes as number (float or int)
 	 */
-	public function getFileSize(string $filename): int|float {
+	public function getFileSize(string $filename): int | float {
 		$fileSize = $this->getFileSizeViaCurl($filename);
 		if (!is_null($fileSize)) {
 			return $fileSize;
@@ -117,7 +117,7 @@ 
 	 * @return null|int|float Number of bytes as number (float or int) or
 	 *                        null on failure.
 	 */
-	public function getFileSizeViaCurl(string $fileName): null|int|float {
+	public function getFileSizeViaCurl(string $fileName): null | int | float {
 		if (\OC::$server->get(IniGetWrapper::class)->getString('open_basedir') === '') {
 			$encodedFileName = rawurlencode($fileName);
 			$ch = curl_init("file:///$encodedFileName");
@@ -145,7 +145,7 @@ 
 	 * @return null|int|float Number of bytes as number (float or int) or
 	 *                        null on failure.
 	 */
-	public function getFileSizeViaExec(string $filename): null|int|float {
+	public function getFileSizeViaExec(string $filename): null | int | float {
 		if (\OCP\Util::isFunctionEnabled('exec')) {
 			$os = strtolower(php_uname('s'));
 			$arg = escapeshellarg($filename);
@@ -170,7 +170,7 @@ 
 	 *
 	 * @return int|float Number of bytes as number (float or int).
 	 */
-	public function getFileSizeNative(string $filename): int|float {
+	public function getFileSizeNative(string $filename): int | float {
 		$result = filesize($filename);
 		if ($result < 0) {
 			// For file sizes between 2 GiB and 4 GiB, filesize() will return a
@@ -194,14 +194,14 @@ 
 			if (\OCP\Util::isFunctionEnabled('exec')) {
 				$os = strtolower(php_uname('s'));
 				if (str_contains($os, 'linux')) {
-					return (int)($this->exec('stat -c %Y ' . escapeshellarg($fullPath)) ?? -1);
+					return (int) ($this->exec('stat -c %Y '.escapeshellarg($fullPath)) ?? -1);
 				}
 			}
 		}
 		return $result;
 	}
 
-	protected function exec(string $cmd): null|int|float {
+	protected function exec(string $cmd): null | int | float {
 		$result = trim(exec($cmd));
 		return ctype_digit($result) ? 0 + $result : null;
 	}