nextcloud / server

lib/private/Command/FileAccess.php

Indentation +7 added lines, -7 removed lines

@@ -25,12 +25,12 @@
 use OCP\IUser;
 
 trait FileAccess {
-	protected function setupFS(IUser $user) {
-		\OC_Util::setupFS($user->getUID());
-	}
+    protected function setupFS(IUser $user) {
+        \OC_Util::setupFS($user->getUID());
+    }
 
-	protected function getUserFolder(IUser $user) {
-		$this->setupFS($user);
-		return \OC::$server->getUserFolder($user->getUID());
-	}
+    protected function getUserFolder(IUser $user) {
+        $this->setupFS($user);
+        return \OC::$server->getUserFolder($user->getUID());
+    }
 }

lib/private/Contacts/ContactsMenu/Entry.php

Indentation +136 added lines, -136 removed lines

@@ -29,140 +29,140 @@
 
 class Entry implements IEntry {
 
-	/** @var string|int|null */
-	private $id = null;
-
-	/** @var string */
-	private $fullName = '';
-
-	/** @var string[] */
-	private $emailAddresses = [];
-
-	/** @var string|null */
-	private $avatar;
-
-	/** @var IAction[] */
-	private $actions = [];
-
-	/** @var array */
-	private $properties = [];
-
-	/**
-	 * @param string $id
-	 */
-	public function setId($id) {
-		$this->id = $id;
-	}
-
-	/**
-	 * @param string $displayName
-	 */
-	public function setFullName($displayName) {
-		$this->fullName = $displayName;
-	}
-
-	/**
-	 * @return string
-	 */
-	public function getFullName() {
-		return $this->fullName;
-	}
-
-	/**
-	 * @param string $address
-	 */
-	public function addEMailAddress($address) {
-		$this->emailAddresses[] = $address;
-	}
-
-	/**
-	 * @return string
-	 */
-	public function getEMailAddresses() {
-		return $this->emailAddresses;
-	}
-
-	/**
-	 * @param string $avatar
-	 */
-	public function setAvatar($avatar) {
-		$this->avatar = $avatar;
-	}
-
-	/**
-	 * @return string
-	 */
-	public function getAvatar() {
-		return $this->avatar;
-	}
-
-	/**
-	 * @param IAction $action
-	 */
-	public function addAction(IAction $action) {
-		$this->actions[] = $action;
-		$this->sortActions();
-	}
-
-	/**
-	 * @return IAction[]
-	 */
-	public function getActions() {
-		return $this->actions;
-	}
-
-	/**
-	 * sort the actions by priority and name
-	 */
-	private function sortActions() {
-		usort($this->actions, function (IAction $action1, IAction $action2) {
-			$prio1 = $action1->getPriority();
-			$prio2 = $action2->getPriority();
-
-			if ($prio1 === $prio2) {
-				// Ascending order for same priority
-				return strcasecmp($action1->getName(), $action2->getName());
-			}
-
-			// Descending order when priority differs
-			return $prio2 - $prio1;
-		});
-	}
-
-	/**
-	 * @param array $contact key-value array containing additional properties
-	 */
-	public function setProperties(array $contact) {
-		$this->properties = $contact;
-	}
-
-	/**
-	 * @param string $key
-	 * @return mixed
-	 */
-	public function getProperty($key) {
-		if (!isset($this->properties[$key])) {
-			return null;
-		}
-		return $this->properties[$key];
-	}
-
-	/**
-	 * @return array
-	 */
-	public function jsonSerialize() {
-		$topAction = !empty($this->actions) ? $this->actions[0]->jsonSerialize() : null;
-		$otherActions = array_map(function (IAction $action) {
-			return $action->jsonSerialize();
-		}, array_slice($this->actions, 1));
-
-		return [
-			'id' => $this->id,
-			'fullName' => $this->fullName,
-			'avatar' => $this->getAvatar(),
-			'topAction' => $topAction,
-			'actions' => $otherActions,
-			'lastMessage' => '',
-		];
-	}
+    /** @var string|int|null */
+    private $id = null;
+
+    /** @var string */
+    private $fullName = '';
+
+    /** @var string[] */
+    private $emailAddresses = [];
+
+    /** @var string|null */
+    private $avatar;
+
+    /** @var IAction[] */
+    private $actions = [];
+
+    /** @var array */
+    private $properties = [];
+
+    /**
+     * @param string $id
+     */
+    public function setId($id) {
+        $this->id = $id;
+    }
+
+    /**
+     * @param string $displayName
+     */
+    public function setFullName($displayName) {
+        $this->fullName = $displayName;
+    }
+
+    /**
+     * @return string
+     */
+    public function getFullName() {
+        return $this->fullName;
+    }
+
+    /**
+     * @param string $address
+     */
+    public function addEMailAddress($address) {
+        $this->emailAddresses[] = $address;
+    }
+
+    /**
+     * @return string
+     */
+    public function getEMailAddresses() {
+        return $this->emailAddresses;
+    }
+
+    /**
+     * @param string $avatar
+     */
+    public function setAvatar($avatar) {
+        $this->avatar = $avatar;
+    }
+
+    /**
+     * @return string
+     */
+    public function getAvatar() {
+        return $this->avatar;
+    }
+
+    /**
+     * @param IAction $action
+     */
+    public function addAction(IAction $action) {
+        $this->actions[] = $action;
+        $this->sortActions();
+    }
+
+    /**
+     * @return IAction[]
+     */
+    public function getActions() {
+        return $this->actions;
+    }
+
+    /**
+     * sort the actions by priority and name
+     */
+    private function sortActions() {
+        usort($this->actions, function (IAction $action1, IAction $action2) {
+            $prio1 = $action1->getPriority();
+            $prio2 = $action2->getPriority();
+
+            if ($prio1 === $prio2) {
+                // Ascending order for same priority
+                return strcasecmp($action1->getName(), $action2->getName());
+            }
+
+            // Descending order when priority differs
+            return $prio2 - $prio1;
+        });
+    }
+
+    /**
+     * @param array $contact key-value array containing additional properties
+     */
+    public function setProperties(array $contact) {
+        $this->properties = $contact;
+    }
+
+    /**
+     * @param string $key
+     * @return mixed
+     */
+    public function getProperty($key) {
+        if (!isset($this->properties[$key])) {
+            return null;
+        }
+        return $this->properties[$key];
+    }
+
+    /**
+     * @return array
+     */
+    public function jsonSerialize() {
+        $topAction = !empty($this->actions) ? $this->actions[0]->jsonSerialize() : null;
+        $otherActions = array_map(function (IAction $action) {
+            return $action->jsonSerialize();
+        }, array_slice($this->actions, 1));
+
+        return [
+            'id' => $this->id,
+            'fullName' => $this->fullName,
+            'avatar' => $this->getAvatar(),
+            'topAction' => $topAction,
+            'actions' => $otherActions,
+            'lastMessage' => '',
+        ];
+    }
 }

lib/private/Contacts/ContactsMenu/ActionProviderStore.php

Indentation +75 added lines, -75 removed lines

@@ -35,79 +35,79 @@
 
 class ActionProviderStore {
 
-	/** @var IServerContainer */
-	private $serverContainer;
-
-	/** @var AppManager */
-	private $appManager;
-
-	/** @var ILogger */
-	private $logger;
-
-	/**
-	 * @param IServerContainer $serverContainer
-	 * @param AppManager $appManager
-	 * @param ILogger $logger
-	 */
-	public function __construct(IServerContainer $serverContainer, AppManager $appManager, ILogger $logger) {
-		$this->serverContainer = $serverContainer;
-		$this->appManager = $appManager;
-		$this->logger = $logger;
-	}
-
-	/**
-	 * @param IUser $user
-	 * @return IProvider[]
-	 * @throws Exception
-	 */
-	public function getProviders(IUser $user) {
-		$appClasses = $this->getAppProviderClasses($user);
-		$providerClasses = $this->getServerProviderClasses();
-		$allClasses = array_merge($providerClasses, $appClasses);
-		$providers = [];
-
-		foreach ($allClasses as $class) {
-			try {
-				$providers[] = $this->serverContainer->query($class);
-			} catch (QueryException $ex) {
-				$this->logger->logException($ex, [
-					'message' => "Could not load contacts menu action provider $class",
-					'app' => 'core',
-				]);
-				throw new Exception("Could not load contacts menu action provider");
-			}
-		}
-
-		return $providers;
-	}
-
-	/**
-	 * @return string[]
-	 */
-	private function getServerProviderClasses() {
-		return [
-			EMailProvider::class,
-		];
-	}
-
-	/**
-	 * @param IUser $user
-	 * @return string[]
-	 */
-	private function getAppProviderClasses(IUser $user) {
-		return array_reduce($this->appManager->getEnabledAppsForUser($user), function ($all, $appId) {
-			$info = $this->appManager->getAppInfo($appId);
-
-			if (!isset($info['contactsmenu']) || !isset($info['contactsmenu'])) {
-				// Nothing to add
-				return $all;
-			}
-
-			$providers = array_reduce($info['contactsmenu'], function ($all, $provider) {
-				return array_merge($all, [$provider]);
-			}, []);
-
-			return array_merge($all, $providers);
-		}, []);
-	}
+    /** @var IServerContainer */
+    private $serverContainer;
+
+    /** @var AppManager */
+    private $appManager;
+
+    /** @var ILogger */
+    private $logger;
+
+    /**
+     * @param IServerContainer $serverContainer
+     * @param AppManager $appManager
+     * @param ILogger $logger
+     */
+    public function __construct(IServerContainer $serverContainer, AppManager $appManager, ILogger $logger) {
+        $this->serverContainer = $serverContainer;
+        $this->appManager = $appManager;
+        $this->logger = $logger;
+    }
+
+    /**
+     * @param IUser $user
+     * @return IProvider[]
+     * @throws Exception
+     */
+    public function getProviders(IUser $user) {
+        $appClasses = $this->getAppProviderClasses($user);
+        $providerClasses = $this->getServerProviderClasses();
+        $allClasses = array_merge($providerClasses, $appClasses);
+        $providers = [];
+
+        foreach ($allClasses as $class) {
+            try {
+                $providers[] = $this->serverContainer->query($class);
+            } catch (QueryException $ex) {
+                $this->logger->logException($ex, [
+                    'message' => "Could not load contacts menu action provider $class",
+                    'app' => 'core',
+                ]);
+                throw new Exception("Could not load contacts menu action provider");
+            }
+        }
+
+        return $providers;
+    }
+
+    /**
+     * @return string[]
+     */
+    private function getServerProviderClasses() {
+        return [
+            EMailProvider::class,
+        ];
+    }
+
+    /**
+     * @param IUser $user
+     * @return string[]
+     */
+    private function getAppProviderClasses(IUser $user) {
+        return array_reduce($this->appManager->getEnabledAppsForUser($user), function ($all, $appId) {
+            $info = $this->appManager->getAppInfo($appId);
+
+            if (!isset($info['contactsmenu']) || !isset($info['contactsmenu'])) {
+                // Nothing to add
+                return $all;
+            }
+
+            $providers = array_reduce($info['contactsmenu'], function ($all, $provider) {
+                return array_merge($all, [$provider]);
+            }, []);
+
+            return array_merge($all, $providers);
+        }, []);
+    }
 }

apps/files_sharing/lib/DeleteOrphanedSharesJob.php

Indentation +27 added lines, -27 removed lines

@@ -31,35 +31,35 @@
  */
 class DeleteOrphanedSharesJob extends TimedJob {
 
-	/**
-	 * Default interval in minutes
-	 *
-	 * @var int $defaultIntervalMin
-	 **/
-	protected $defaultIntervalMin = 15;
+    /**
+     * Default interval in minutes
+     *
+     * @var int $defaultIntervalMin
+     **/
+    protected $defaultIntervalMin = 15;
 
-	/**
-	 * sets the correct interval for this timed job
-	 */
-	public function __construct() {
-		$this->interval = $this->defaultIntervalMin * 60;
-	}
+    /**
+     * sets the correct interval for this timed job
+     */
+    public function __construct() {
+        $this->interval = $this->defaultIntervalMin * 60;
+    }
 
-	/**
-	 * Makes the background job do its work
-	 *
-	 * @param array $argument unused argument
-	 */
-	public function run($argument) {
-		$connection = \OC::$server->getDatabaseConnection();
-		$logger = \OC::$server->getLogger();
+    /**
+     * Makes the background job do its work
+     *
+     * @param array $argument unused argument
+     */
+    public function run($argument) {
+        $connection = \OC::$server->getDatabaseConnection();
+        $logger = \OC::$server->getLogger();
 
-		$sql =
-			'DELETE FROM `*PREFIX*share` ' .
-			'WHERE `item_type` in (\'file\', \'folder\') ' .
-			'AND NOT EXISTS (SELECT `fileid` FROM `*PREFIX*filecache` WHERE `file_source` = `fileid`)';
+        $sql =
+            'DELETE FROM `*PREFIX*share` ' .
+            'WHERE `item_type` in (\'file\', \'folder\') ' .
+            'AND NOT EXISTS (SELECT `fileid` FROM `*PREFIX*filecache` WHERE `file_source` = `fileid`)';
 
-		$deletedEntries = $connection->executeUpdate($sql);
-		$logger->debug("$deletedEntries orphaned share(s) deleted", ['app' => 'DeleteOrphanedSharesJob']);
-	}
+        $deletedEntries = $connection->executeUpdate($sql);
+        $logger->debug("$deletedEntries orphaned share(s) deleted", ['app' => 'DeleteOrphanedSharesJob']);
+    }
 }

apps/workflowengine/lib/Check/RequestURL.php

Indentation +55 added lines, -55 removed lines

@@ -26,66 +26,66 @@
 
 class RequestURL extends AbstractStringCheck {
 
-	/** @var string */
-	protected $url;
+    /** @var string */
+    protected $url;
 
-	/** @var IRequest */
-	protected $request;
+    /** @var IRequest */
+    protected $request;
 
-	/**
-	 * @param IL10N $l
-	 * @param IRequest $request
-	 */
-	public function __construct(IL10N $l, IRequest $request) {
-		parent::__construct($l);
-		$this->request = $request;
-	}
+    /**
+     * @param IL10N $l
+     * @param IRequest $request
+     */
+    public function __construct(IL10N $l, IRequest $request) {
+        parent::__construct($l);
+        $this->request = $request;
+    }
 
-	/**
-	 * @param string $operator
-	 * @param string $value
-	 * @return bool
-	 */
-	public function executeCheck($operator, $value) {
-		$actualValue = $this->getActualValue();
-		if (in_array($operator, ['is', '!is'])) {
-			switch ($value) {
-				case 'webdav':
-					if ($operator === 'is') {
-						return $this->isWebDAVRequest();
-					} else {
-						return !$this->isWebDAVRequest();
-					}
-			}
-		}
-		return $this->executeStringCheck($operator, $value, $actualValue);
-	}
+    /**
+     * @param string $operator
+     * @param string $value
+     * @return bool
+     */
+    public function executeCheck($operator, $value) {
+        $actualValue = $this->getActualValue();
+        if (in_array($operator, ['is', '!is'])) {
+            switch ($value) {
+                case 'webdav':
+                    if ($operator === 'is') {
+                        return $this->isWebDAVRequest();
+                    } else {
+                        return !$this->isWebDAVRequest();
+                    }
+            }
+        }
+        return $this->executeStringCheck($operator, $value, $actualValue);
+    }
 
-	/**
-	 * @return string
-	 */
-	protected function getActualValue() {
-		if ($this->url !== null) {
-			return $this->url;
-		}
+    /**
+     * @return string
+     */
+    protected function getActualValue() {
+        if ($this->url !== null) {
+            return $this->url;
+        }
 
-		$this->url = $this->request->getServerProtocol() . '://';// E.g. http(s) + ://
-		$this->url .= $this->request->getServerHost();// E.g. localhost
-		$this->url .= $this->request->getScriptName();// E.g. /nextcloud/index.php
-		$this->url .= $this->request->getPathInfo();// E.g. /apps/files_texteditor/ajax/loadfile
+        $this->url = $this->request->getServerProtocol() . '://';// E.g. http(s) + ://
+        $this->url .= $this->request->getServerHost();// E.g. localhost
+        $this->url .= $this->request->getScriptName();// E.g. /nextcloud/index.php
+        $this->url .= $this->request->getPathInfo();// E.g. /apps/files_texteditor/ajax/loadfile
 
-		return $this->url; // E.g. https://localhost/nextcloud/index.php/apps/files_texteditor/ajax/loadfile
-	}
+        return $this->url; // E.g. https://localhost/nextcloud/index.php/apps/files_texteditor/ajax/loadfile
+    }
 
-	/**
-	 * @return bool
-	 */
-	protected function isWebDAVRequest() {
-		return substr($this->request->getScriptName(), 0 - strlen('/remote.php')) === '/remote.php' && (
-			$this->request->getPathInfo() === '/webdav' ||
-			strpos($this->request->getPathInfo(), '/webdav/') === 0 ||
-			$this->request->getPathInfo() === '/dav/files' ||
-			strpos($this->request->getPathInfo(), '/dav/files/') === 0
-		);
-	}
+    /**
+     * @return bool
+     */
+    protected function isWebDAVRequest() {
+        return substr($this->request->getScriptName(), 0 - strlen('/remote.php')) === '/remote.php' && (
+            $this->request->getPathInfo() === '/webdav' ||
+            strpos($this->request->getPathInfo(), '/webdav/') === 0 ||
+            $this->request->getPathInfo() === '/dav/files' ||
+            strpos($this->request->getPathInfo(), '/dav/files/') === 0
+        );
+    }
 }

core/Command/Check.php

Indentation +26 added lines, -26 removed lines

@@ -28,35 +28,35 @@
 use Symfony\Component\Console\Output\OutputInterface;
 
 class Check extends Base {
-	/**
-	 * @var SystemConfig
-	 */
-	private $config;
+    /**
+     * @var SystemConfig
+     */
+    private $config;
 
-	public function __construct(SystemConfig $config) {
-		parent::__construct();
-		$this->config = $config;
-	}
+    public function __construct(SystemConfig $config) {
+        parent::__construct();
+        $this->config = $config;
+    }
 
-	protected function configure() {
-		parent::configure();
+    protected function configure() {
+        parent::configure();
 
-		$this
-			->setName('check')
-			->setDescription('check dependencies of the server environment')
-		;
-	}
+        $this
+            ->setName('check')
+            ->setDescription('check dependencies of the server environment')
+        ;
+    }
 
-	protected function execute(InputInterface $input, OutputInterface $output) {
-		$errors = \OC_Util::checkServer($this->config);
-		if (!empty($errors)) {
-			$errors = array_map(function ($item) {
-				return (string) $item['error'];
-			}, $errors);
+    protected function execute(InputInterface $input, OutputInterface $output) {
+        $errors = \OC_Util::checkServer($this->config);
+        if (!empty($errors)) {
+            $errors = array_map(function ($item) {
+                return (string) $item['error'];
+            }, $errors);
 
-			$this->writeArrayInOutputFormat($input, $output, $errors);
-			return 1;
-		}
-		return 0;
-	}
+            $this->writeArrayInOutputFormat($input, $output, $errors);
+            return 1;
+        }
+        return 0;
+    }
 }

core/ajax/update.php

Indentation +180 added lines, -180 removed lines

@@ -35,7 +35,7 @@ 
 use Symfony\Component\EventDispatcher\GenericEvent;
 
 if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-	@set_time_limit(0);
+    @set_time_limit(0);
 }
 
 require_once '../../lib/base.php';
@@ -49,190 +49,190 @@ 
 $eventSource->send('success', (string)$l->t('Preparing update'));
 
 class FeedBackHandler {
-	/** @var integer */
-	private $progressStateMax = 100;
-	/** @var integer */
-	private $progressStateStep = 0;
-	/** @var string */
-	private $currentStep;
-	/** @var \OCP\IEventSource */
-	private $eventSource;
-	/** @var \OCP\IL10N */
-	private $l10n;
-
-	public function __construct(\OCP\IEventSource $eventSource, \OCP\IL10N $l10n) {
-		$this->eventSource = $eventSource;
-		$this->l10n = $l10n;
-	}
-
-	public function handleRepairFeedback($event) {
-		if (!$event instanceof GenericEvent) {
-			return;
-		}
-
-		switch ($event->getSubject()) {
-			case '\OC\Repair::startProgress':
-				$this->progressStateMax = $event->getArgument(0);
-				$this->progressStateStep = 0;
-				$this->currentStep = $event->getArgument(1);
-				break;
-			case '\OC\Repair::advance':
-				$this->progressStateStep += $event->getArgument(0);
-				$desc = $event->getArgument(1);
-				if (empty($desc)) {
-					$desc = $this->currentStep;
-				}
-				$this->eventSource->send('success', (string)$this->l10n->t('[%d / %d]: %s', [$this->progressStateStep, $this->progressStateMax, $desc]));
-				break;
-			case '\OC\Repair::finishProgress':
-				$this->progressStateMax = $this->progressStateStep;
-				$this->eventSource->send('success', (string)$this->l10n->t('[%d / %d]: %s', [$this->progressStateStep, $this->progressStateMax, $this->currentStep]));
-				break;
-			case '\OC\Repair::step':
-				$this->eventSource->send('success', (string)$this->l10n->t('Repair step:') . ' ' . $event->getArgument(0));
-				break;
-			case '\OC\Repair::info':
-				$this->eventSource->send('success', (string)$this->l10n->t('Repair info:') . ' ' . $event->getArgument(0));
-				break;
-			case '\OC\Repair::warning':
-				$this->eventSource->send('notice', (string)$this->l10n->t('Repair warning:') . ' ' . $event->getArgument(0));
-				break;
-			case '\OC\Repair::error':
-				$this->eventSource->send('notice', (string)$this->l10n->t('Repair error:') . ' ' . $event->getArgument(0));
-				break;
-		}
-	}
+    /** @var integer */
+    private $progressStateMax = 100;
+    /** @var integer */
+    private $progressStateStep = 0;
+    /** @var string */
+    private $currentStep;
+    /** @var \OCP\IEventSource */
+    private $eventSource;
+    /** @var \OCP\IL10N */
+    private $l10n;
+
+    public function __construct(\OCP\IEventSource $eventSource, \OCP\IL10N $l10n) {
+        $this->eventSource = $eventSource;
+        $this->l10n = $l10n;
+    }
+
+    public function handleRepairFeedback($event) {
+        if (!$event instanceof GenericEvent) {
+            return;
+        }
+
+        switch ($event->getSubject()) {
+            case '\OC\Repair::startProgress':
+                $this->progressStateMax = $event->getArgument(0);
+                $this->progressStateStep = 0;
+                $this->currentStep = $event->getArgument(1);
+                break;
+            case '\OC\Repair::advance':
+                $this->progressStateStep += $event->getArgument(0);
+                $desc = $event->getArgument(1);
+                if (empty($desc)) {
+                    $desc = $this->currentStep;
+                }
+                $this->eventSource->send('success', (string)$this->l10n->t('[%d / %d]: %s', [$this->progressStateStep, $this->progressStateMax, $desc]));
+                break;
+            case '\OC\Repair::finishProgress':
+                $this->progressStateMax = $this->progressStateStep;
+                $this->eventSource->send('success', (string)$this->l10n->t('[%d / %d]: %s', [$this->progressStateStep, $this->progressStateMax, $this->currentStep]));
+                break;
+            case '\OC\Repair::step':
+                $this->eventSource->send('success', (string)$this->l10n->t('Repair step:') . ' ' . $event->getArgument(0));
+                break;
+            case '\OC\Repair::info':
+                $this->eventSource->send('success', (string)$this->l10n->t('Repair info:') . ' ' . $event->getArgument(0));
+                break;
+            case '\OC\Repair::warning':
+                $this->eventSource->send('notice', (string)$this->l10n->t('Repair warning:') . ' ' . $event->getArgument(0));
+                break;
+            case '\OC\Repair::error':
+                $this->eventSource->send('notice', (string)$this->l10n->t('Repair error:') . ' ' . $event->getArgument(0));
+                break;
+        }
+    }
 }
 
 if (\OCP\Util::needUpgrade()) {
 
-	$config = \OC::$server->getSystemConfig();
-	if ($config->getValue('upgrade.disable-web', false)) {
-		$eventSource->send('failure', (string)$l->t('Please use the command line updater because automatic updating is disabled in the config.php.'));
-		$eventSource->close();
-		exit();
-	}
-
-	// if a user is currently logged in, their session must be ignored to
-	// avoid side effects
-	\OC_User::setIncognitoMode(true);
-
-	$logger = \OC::$server->getLogger();
-	$config = \OC::$server->getConfig();
-	$updater = new \OC\Updater(
-			$config,
-			\OC::$server->getIntegrityCodeChecker(),
-			$logger,
-			\OC::$server->query(\OC\Installer::class)
-	);
-	$incompatibleApps = [];
-
-	$dispatcher = \OC::$server->getEventDispatcher();
-	$dispatcher->addListener('\OC\DB\Migrator::executeSql', function ($event) use ($eventSource, $l) {
-		if ($event instanceof GenericEvent) {
-			$eventSource->send('success', (string)$l->t('[%d / %d]: %s', [$event[0], $event[1], $event->getSubject()]));
-		}
-	});
-	$dispatcher->addListener('\OC\DB\Migrator::checkTable', function ($event) use ($eventSource, $l) {
-		if ($event instanceof GenericEvent) {
-			$eventSource->send('success', (string)$l->t('[%d / %d]: Checking table %s', [$event[0], $event[1], $event->getSubject()]));
-		}
-	});
-	$feedBack = new FeedBackHandler($eventSource, $l);
-	$dispatcher->addListener('\OC\Repair::startProgress', [$feedBack, 'handleRepairFeedback']);
-	$dispatcher->addListener('\OC\Repair::advance', [$feedBack, 'handleRepairFeedback']);
-	$dispatcher->addListener('\OC\Repair::finishProgress', [$feedBack, 'handleRepairFeedback']);
-	$dispatcher->addListener('\OC\Repair::step', [$feedBack, 'handleRepairFeedback']);
-	$dispatcher->addListener('\OC\Repair::info', [$feedBack, 'handleRepairFeedback']);
-	$dispatcher->addListener('\OC\Repair::warning', [$feedBack, 'handleRepairFeedback']);
-	$dispatcher->addListener('\OC\Repair::error', [$feedBack, 'handleRepairFeedback']);
-
-	$updater->listen('\OC\Updater', 'maintenanceEnabled', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Turned on maintenance mode'));
-	});
-	$updater->listen('\OC\Updater', 'maintenanceDisabled', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Turned off maintenance mode'));
-	});
-	$updater->listen('\OC\Updater', 'maintenanceActive', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Maintenance mode is kept active'));
-	});
-	$updater->listen('\OC\Updater', 'dbUpgradeBefore', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Updating database schema'));
-	});
-	$updater->listen('\OC\Updater', 'dbUpgrade', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Updated database'));
-	});
-	$updater->listen('\OC\Updater', 'dbSimulateUpgradeBefore', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checking whether the database schema can be updated (this can take a long time depending on the database size)'));
-	});
-	$updater->listen('\OC\Updater', 'dbSimulateUpgrade', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checked database schema update'));
-	});
-	$updater->listen('\OC\Updater', 'appUpgradeCheckBefore', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checking updates of apps'));
-	});
-	$updater->listen('\OC\Updater', 'checkAppStoreAppBefore', function ($app) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checking for update of app "%s" in appstore', [$app]));
-	});
-	$updater->listen('\OC\Updater', 'upgradeAppStoreApp', function ($app) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Update app "%s" from appstore', [$app]));
-	});
-	$updater->listen('\OC\Updater', 'checkAppStoreApp', function ($app) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checked for update of app "%s" in appstore', [$app]));
-	});
-	$updater->listen('\OC\Updater', 'appSimulateUpdate', function ($app) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checking whether the database schema for %s can be updated (this can take a long time depending on the database size)', [$app]));
-	});
-	$updater->listen('\OC\Updater', 'appUpgradeCheck', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Checked database schema update for apps'));
-	});
-	$updater->listen('\OC\Updater', 'appUpgrade', function ($app, $version) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Updated "%1$s" to %2$s', [$app, $version]));
-	});
-	$updater->listen('\OC\Updater', 'incompatibleAppDisabled', function ($app) use (&$incompatibleApps) {
-		$incompatibleApps[]= $app;
-	});
-	$updater->listen('\OC\Updater', 'failure', function ($message) use ($eventSource, $config) {
-		$eventSource->send('failure', $message);
-		$eventSource->close();
-		$config->setSystemValue('maintenance', false);
-	});
-	$updater->listen('\OC\Updater', 'setDebugLogLevel', function ($logLevel, $logLevelName) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Set log level to debug'));
-	});
-	$updater->listen('\OC\Updater', 'resetLogLevel', function ($logLevel, $logLevelName) use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Reset log level'));
-	});
-	$updater->listen('\OC\Updater', 'startCheckCodeIntegrity', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Starting code integrity check'));
-	});
-	$updater->listen('\OC\Updater', 'finishedCheckCodeIntegrity', function () use ($eventSource, $l) {
-		$eventSource->send('success', (string)$l->t('Finished code integrity check'));
-	});
-
-	try {
-		$updater->upgrade();
-	} catch (\Exception $e) {
-		\OC::$server->getLogger()->logException($e, [
-			'level' => ILogger::ERROR,
-			'app' => 'update',
-		]);
-		$eventSource->send('failure', get_class($e) . ': ' . $e->getMessage());
-		$eventSource->close();
-		exit();
-	}
-
-	$disabledApps = [];
-	foreach ($incompatibleApps as $app) {
-		$disabledApps[$app] = (string) $l->t('%s (incompatible)', [$app]);
-	}
-
-	if (!empty($disabledApps)) {
-		$eventSource->send('notice',
-			(string)$l->t('Following apps have been disabled: %s', [implode(', ', $disabledApps)]));
-	}
+    $config = \OC::$server->getSystemConfig();
+    if ($config->getValue('upgrade.disable-web', false)) {
+        $eventSource->send('failure', (string)$l->t('Please use the command line updater because automatic updating is disabled in the config.php.'));
+        $eventSource->close();
+        exit();
+    }
+
+    // if a user is currently logged in, their session must be ignored to
+    // avoid side effects
+    \OC_User::setIncognitoMode(true);
+
+    $logger = \OC::$server->getLogger();
+    $config = \OC::$server->getConfig();
+    $updater = new \OC\Updater(
+            $config,
+            \OC::$server->getIntegrityCodeChecker(),
+            $logger,
+            \OC::$server->query(\OC\Installer::class)
+    );
+    $incompatibleApps = [];
+
+    $dispatcher = \OC::$server->getEventDispatcher();
+    $dispatcher->addListener('\OC\DB\Migrator::executeSql', function ($event) use ($eventSource, $l) {
+        if ($event instanceof GenericEvent) {
+            $eventSource->send('success', (string)$l->t('[%d / %d]: %s', [$event[0], $event[1], $event->getSubject()]));
+        }
+    });
+    $dispatcher->addListener('\OC\DB\Migrator::checkTable', function ($event) use ($eventSource, $l) {
+        if ($event instanceof GenericEvent) {
+            $eventSource->send('success', (string)$l->t('[%d / %d]: Checking table %s', [$event[0], $event[1], $event->getSubject()]));
+        }
+    });
+    $feedBack = new FeedBackHandler($eventSource, $l);
+    $dispatcher->addListener('\OC\Repair::startProgress', [$feedBack, 'handleRepairFeedback']);
+    $dispatcher->addListener('\OC\Repair::advance', [$feedBack, 'handleRepairFeedback']);
+    $dispatcher->addListener('\OC\Repair::finishProgress', [$feedBack, 'handleRepairFeedback']);
+    $dispatcher->addListener('\OC\Repair::step', [$feedBack, 'handleRepairFeedback']);
+    $dispatcher->addListener('\OC\Repair::info', [$feedBack, 'handleRepairFeedback']);
+    $dispatcher->addListener('\OC\Repair::warning', [$feedBack, 'handleRepairFeedback']);
+    $dispatcher->addListener('\OC\Repair::error', [$feedBack, 'handleRepairFeedback']);
+
+    $updater->listen('\OC\Updater', 'maintenanceEnabled', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Turned on maintenance mode'));
+    });
+    $updater->listen('\OC\Updater', 'maintenanceDisabled', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Turned off maintenance mode'));
+    });
+    $updater->listen('\OC\Updater', 'maintenanceActive', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Maintenance mode is kept active'));
+    });
+    $updater->listen('\OC\Updater', 'dbUpgradeBefore', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Updating database schema'));
+    });
+    $updater->listen('\OC\Updater', 'dbUpgrade', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Updated database'));
+    });
+    $updater->listen('\OC\Updater', 'dbSimulateUpgradeBefore', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checking whether the database schema can be updated (this can take a long time depending on the database size)'));
+    });
+    $updater->listen('\OC\Updater', 'dbSimulateUpgrade', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checked database schema update'));
+    });
+    $updater->listen('\OC\Updater', 'appUpgradeCheckBefore', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checking updates of apps'));
+    });
+    $updater->listen('\OC\Updater', 'checkAppStoreAppBefore', function ($app) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checking for update of app "%s" in appstore', [$app]));
+    });
+    $updater->listen('\OC\Updater', 'upgradeAppStoreApp', function ($app) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Update app "%s" from appstore', [$app]));
+    });
+    $updater->listen('\OC\Updater', 'checkAppStoreApp', function ($app) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checked for update of app "%s" in appstore', [$app]));
+    });
+    $updater->listen('\OC\Updater', 'appSimulateUpdate', function ($app) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checking whether the database schema for %s can be updated (this can take a long time depending on the database size)', [$app]));
+    });
+    $updater->listen('\OC\Updater', 'appUpgradeCheck', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Checked database schema update for apps'));
+    });
+    $updater->listen('\OC\Updater', 'appUpgrade', function ($app, $version) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Updated "%1$s" to %2$s', [$app, $version]));
+    });
+    $updater->listen('\OC\Updater', 'incompatibleAppDisabled', function ($app) use (&$incompatibleApps) {
+        $incompatibleApps[]= $app;
+    });
+    $updater->listen('\OC\Updater', 'failure', function ($message) use ($eventSource, $config) {
+        $eventSource->send('failure', $message);
+        $eventSource->close();
+        $config->setSystemValue('maintenance', false);
+    });
+    $updater->listen('\OC\Updater', 'setDebugLogLevel', function ($logLevel, $logLevelName) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Set log level to debug'));
+    });
+    $updater->listen('\OC\Updater', 'resetLogLevel', function ($logLevel, $logLevelName) use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Reset log level'));
+    });
+    $updater->listen('\OC\Updater', 'startCheckCodeIntegrity', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Starting code integrity check'));
+    });
+    $updater->listen('\OC\Updater', 'finishedCheckCodeIntegrity', function () use ($eventSource, $l) {
+        $eventSource->send('success', (string)$l->t('Finished code integrity check'));
+    });
+
+    try {
+        $updater->upgrade();
+    } catch (\Exception $e) {
+        \OC::$server->getLogger()->logException($e, [
+            'level' => ILogger::ERROR,
+            'app' => 'update',
+        ]);
+        $eventSource->send('failure', get_class($e) . ': ' . $e->getMessage());
+        $eventSource->close();
+        exit();
+    }
+
+    $disabledApps = [];
+    foreach ($incompatibleApps as $app) {
+        $disabledApps[$app] = (string) $l->t('%s (incompatible)', [$app]);
+    }
+
+    if (!empty($disabledApps)) {
+        $eventSource->send('notice',
+            (string)$l->t('Following apps have been disabled: %s', [implode(', ', $disabledApps)]));
+    }
 } else {
-	$eventSource->send('notice', (string)$l->t('Already up to date'));
+    $eventSource->send('notice', (string)$l->t('Already up to date'));
 }
 
 $eventSource->send('done', '');

core/Controller/LostController.php

Indentation +344 added lines, -344 removed lines

@@ -69,348 +69,348 @@
  * @package OC\Core\Controller
  */
 class LostController extends Controller {
-	/** @var IURLGenerator */
-	protected $urlGenerator;
-	/** @var IUserManager */
-	protected $userManager;
-	/** @var Defaults */
-	protected $defaults;
-	/** @var IL10N */
-	protected $l10n;
-	/** @var string */
-	protected $from;
-	/** @var IManager */
-	protected $encryptionManager;
-	/** @var IConfig */
-	protected $config;
-	/** @var ISecureRandom */
-	protected $secureRandom;
-	/** @var IMailer */
-	protected $mailer;
-	/** @var ITimeFactory */
-	protected $timeFactory;
-	/** @var ICrypto */
-	protected $crypto;
-	/** @var ILogger */
-	private $logger;
-	/** @var Manager */
-	private $twoFactorManager;
-	/** @var IInitialStateService */
-	private $initialStateService;
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IURLGenerator $urlGenerator
-	 * @param IUserManager $userManager
-	 * @param Defaults $defaults
-	 * @param IL10N $l10n
-	 * @param IConfig $config
-	 * @param ISecureRandom $secureRandom
-	 * @param string $defaultMailAddress
-	 * @param IManager $encryptionManager
-	 * @param IMailer $mailer
-	 * @param ITimeFactory $timeFactory
-	 * @param ICrypto $crypto
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IURLGenerator $urlGenerator,
-								IUserManager $userManager,
-								Defaults $defaults,
-								IL10N $l10n,
-								IConfig $config,
-								ISecureRandom $secureRandom,
-								$defaultMailAddress,
-								IManager $encryptionManager,
-								IMailer $mailer,
-								ITimeFactory $timeFactory,
-								ICrypto $crypto,
-								ILogger $logger,
-								Manager $twoFactorManager,
-								IInitialStateService $initialStateService) {
-		parent::__construct($appName, $request);
-		$this->urlGenerator = $urlGenerator;
-		$this->userManager = $userManager;
-		$this->defaults = $defaults;
-		$this->l10n = $l10n;
-		$this->secureRandom = $secureRandom;
-		$this->from = $defaultMailAddress;
-		$this->encryptionManager = $encryptionManager;
-		$this->config = $config;
-		$this->mailer = $mailer;
-		$this->timeFactory = $timeFactory;
-		$this->crypto = $crypto;
-		$this->logger = $logger;
-		$this->twoFactorManager = $twoFactorManager;
-		$this->initialStateService = $initialStateService;
-	}
-
-	/**
-	 * Someone wants to reset their password:
-	 *
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $token
-	 * @param string $userId
-	 * @return TemplateResponse
-	 */
-	public function resetform($token, $userId) {
-		if ($this->config->getSystemValue('lost_password_link', '') !== '') {
-			return new TemplateResponse('core', 'error', [
-				'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
-			],
-				'guest'
-			);
-		}
-
-		try {
-			$this->checkPasswordResetToken($token, $userId);
-		} catch (\Exception $e) {
-			return new TemplateResponse(
-				'core', 'error', [
-					"errors" => [["error" => $e->getMessage()]]
-				],
-				'guest'
-			);
-		}
-		$this->initialStateService->provideInitialState('core', 'resetPasswordUser', $userId);
-		$this->initialStateService->provideInitialState('core', 'resetPasswordTarget',
-			$this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', ['userId' => $userId, 'token' => $token])
-		);
-
-		return new TemplateResponse(
-			'core',
-			'login',
-			[],
-			'guest'
-		);
-	}
-
-	/**
-	 * @param string $token
-	 * @param string $userId
-	 * @throws \Exception
-	 */
-	protected function checkPasswordResetToken($token, $userId) {
-		$user = $this->userManager->get($userId);
-		if($user === null || !$user->isEnabled()) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		$encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
-		if ($encryptedToken === null) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		try {
-			$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
-			$decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
-		} catch (\Exception $e) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		$splittedToken = explode(':', $decryptedToken);
-		if(count($splittedToken) !== 2) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*24*7) ||
-			$user->getLastLogin() > $splittedToken[0]) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
-		}
-
-		if (!hash_equals($splittedToken[1], $token)) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-	}
-
-	/**
-	 * @param $message
-	 * @param array $additional
-	 * @return array
-	 */
-	private function error($message, array $additional=[]) {
-		return array_merge(['status' => 'error', 'msg' => $message], $additional);
-	}
-
-	/**
-	 * @param array $data
-	 * @return array
-	 */
-	private function success($data = []) {
-		return array_merge($data, ['status'=>'success']);
-	}
-
-	/**
-	 * @PublicPage
-	 * @BruteForceProtection(action=passwordResetEmail)
-	 * @AnonRateThrottle(limit=10, period=300)
-	 *
-	 * @param string $user
-	 * @return JSONResponse
-	 */
-	public function email($user) {
-		if ($this->config->getSystemValue('lost_password_link', '') !== '') {
-			return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));
-		}
-
-		\OCP\Util::emitHook(
-			'\OCA\Files_Sharing\API\Server2Server',
-			'preLoginNameUsedAsUserName',
-			['uid' => &$user]
-		);
-
-		// FIXME: use HTTP error codes
-		try {
-			$this->sendEmail($user);
-		} catch (ResetPasswordException $e) {
-			// Ignore the error since we do not want to leak this info
-			$this->logger->warning('Could not send password reset email: ' . $e->getMessage());
-		} catch (\Exception $e) {
-			$this->logger->logException($e);
-		}
-
-		$response = new JSONResponse($this->success());
-		$response->throttle();
-		return $response;
-	}
-
-	/**
-	 * @PublicPage
-	 * @param string $token
-	 * @param string $userId
-	 * @param string $password
-	 * @param boolean $proceed
-	 * @return array
-	 */
-	public function setPassword($token, $userId, $password, $proceed) {
-		if ($this->config->getSystemValue('lost_password_link', '') !== '') {
-			return $this->error($this->l10n->t('Password reset is disabled'));
-		}
-
-		if ($this->encryptionManager->isEnabled() && !$proceed) {
-			$encryptionModules = $this->encryptionManager->getEncryptionModules();
-			foreach ($encryptionModules as $module) {
-				/** @var IEncryptionModule $instance */
-				$instance = call_user_func($module['callback']);
-				// this way we can find out whether per-user keys are used or a system wide encryption key
-				if ($instance->needDetailedAccessList()) {
-					return $this->error('', ['encryption' => true]);
-				}
-			}
-		}
-
-		try {
-			$this->checkPasswordResetToken($token, $userId);
-			$user = $this->userManager->get($userId);
-
-			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]);
-
-			if (!$user->setPassword($password)) {
-				throw new \Exception();
-			}
-
-			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', ['uid' => $userId, 'password' => $password]);
-
-			$this->twoFactorManager->clearTwoFactorPending($userId);
-
-			$this->config->deleteUserValue($userId, 'core', 'lostpassword');
-			@\OC::$server->getUserSession()->unsetMagicInCookie();
-		} catch (HintException $e){
-			return $this->error($e->getHint());
-		} catch (\Exception $e){
-			return $this->error($e->getMessage());
-		}
-
-		return $this->success(['user' => $userId]);
-	}
-
-	/**
-	 * @param string $input
-	 * @throws ResetPasswordException
-	 * @throws \OCP\PreConditionNotMetException
-	 */
-	protected function sendEmail($input) {
-		$user = $this->findUserByIdOrMail($input);
-		$email = $user->getEMailAddress();
-
-		if (empty($email)) {
-			throw new ResetPasswordException('Could not send reset e-mail since there is no email for username ' . $input);
-		}
-
-		// Generate the token. It is stored encrypted in the database with the
-		// secret being the users' email address appended with the system secret.
-		// This makes the token automatically invalidate once the user changes
-		// their email address.
-		$token = $this->secureRandom->generate(
-			21,
-			ISecureRandom::CHAR_DIGITS.
-			ISecureRandom::CHAR_LOWER.
-			ISecureRandom::CHAR_UPPER
-		);
-		$tokenValue = $this->timeFactory->getTime() .':'. $token;
-		$encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
-		$this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
-
-		$link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', ['userId' => $user->getUID(), 'token' => $token]);
-
-		$emailTemplate = $this->mailer->createEMailTemplate('core.ResetPassword', [
-			'link' => $link,
-		]);
-
-		$emailTemplate->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()]));
-		$emailTemplate->addHeader();
-		$emailTemplate->addHeading($this->l10n->t('Password reset'));
-
-		$emailTemplate->addBodyText(
-			htmlspecialchars($this->l10n->t('Click the following button to reset your password. If you have not requested the password reset, then ignore this email.')),
-			$this->l10n->t('Click the following link to reset your password. If you have not requested the password reset, then ignore this email.')
-		);
-
-		$emailTemplate->addBodyButton(
-			htmlspecialchars($this->l10n->t('Reset your password')),
-			$link,
-			false
-		);
-		$emailTemplate->addFooter();
-
-		try {
-			$message = $this->mailer->createMessage();
-			$message->setTo([$email => $user->getUID()]);
-			$message->setFrom([$this->from => $this->defaults->getName()]);
-			$message->useTemplate($emailTemplate);
-			$this->mailer->send($message);
-		} catch (\Exception $e) {
-			// Log the exception and continue
-			$this->logger->logException($e);
-		}
-	}
-
-	/**
-	 * @param string $input
-	 * @return IUser
-	 * @throws ResetPasswordException
-	 */
-	protected function findUserByIdOrMail($input) {
-		$user = $this->userManager->get($input);
-		if ($user instanceof IUser) {
-			if (!$user->isEnabled()) {
-				throw new ResetPasswordException('User is disabled');
-			}
-
-			return $user;
-		}
-
-		$users = array_filter($this->userManager->getByEmail($input), function (IUser $user) {
-			return $user->isEnabled();
-		});
-
-		if (count($users) === 1) {
-			return reset($users);
-		}
-
-		throw new ResetPasswordException('Could not find user');
-	}
+    /** @var IURLGenerator */
+    protected $urlGenerator;
+    /** @var IUserManager */
+    protected $userManager;
+    /** @var Defaults */
+    protected $defaults;
+    /** @var IL10N */
+    protected $l10n;
+    /** @var string */
+    protected $from;
+    /** @var IManager */
+    protected $encryptionManager;
+    /** @var IConfig */
+    protected $config;
+    /** @var ISecureRandom */
+    protected $secureRandom;
+    /** @var IMailer */
+    protected $mailer;
+    /** @var ITimeFactory */
+    protected $timeFactory;
+    /** @var ICrypto */
+    protected $crypto;
+    /** @var ILogger */
+    private $logger;
+    /** @var Manager */
+    private $twoFactorManager;
+    /** @var IInitialStateService */
+    private $initialStateService;
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IURLGenerator $urlGenerator
+     * @param IUserManager $userManager
+     * @param Defaults $defaults
+     * @param IL10N $l10n
+     * @param IConfig $config
+     * @param ISecureRandom $secureRandom
+     * @param string $defaultMailAddress
+     * @param IManager $encryptionManager
+     * @param IMailer $mailer
+     * @param ITimeFactory $timeFactory
+     * @param ICrypto $crypto
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IURLGenerator $urlGenerator,
+                                IUserManager $userManager,
+                                Defaults $defaults,
+                                IL10N $l10n,
+                                IConfig $config,
+                                ISecureRandom $secureRandom,
+                                $defaultMailAddress,
+                                IManager $encryptionManager,
+                                IMailer $mailer,
+                                ITimeFactory $timeFactory,
+                                ICrypto $crypto,
+                                ILogger $logger,
+                                Manager $twoFactorManager,
+                                IInitialStateService $initialStateService) {
+        parent::__construct($appName, $request);
+        $this->urlGenerator = $urlGenerator;
+        $this->userManager = $userManager;
+        $this->defaults = $defaults;
+        $this->l10n = $l10n;
+        $this->secureRandom = $secureRandom;
+        $this->from = $defaultMailAddress;
+        $this->encryptionManager = $encryptionManager;
+        $this->config = $config;
+        $this->mailer = $mailer;
+        $this->timeFactory = $timeFactory;
+        $this->crypto = $crypto;
+        $this->logger = $logger;
+        $this->twoFactorManager = $twoFactorManager;
+        $this->initialStateService = $initialStateService;
+    }
+
+    /**
+     * Someone wants to reset their password:
+     *
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $token
+     * @param string $userId
+     * @return TemplateResponse
+     */
+    public function resetform($token, $userId) {
+        if ($this->config->getSystemValue('lost_password_link', '') !== '') {
+            return new TemplateResponse('core', 'error', [
+                'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
+            ],
+                'guest'
+            );
+        }
+
+        try {
+            $this->checkPasswordResetToken($token, $userId);
+        } catch (\Exception $e) {
+            return new TemplateResponse(
+                'core', 'error', [
+                    "errors" => [["error" => $e->getMessage()]]
+                ],
+                'guest'
+            );
+        }
+        $this->initialStateService->provideInitialState('core', 'resetPasswordUser', $userId);
+        $this->initialStateService->provideInitialState('core', 'resetPasswordTarget',
+            $this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', ['userId' => $userId, 'token' => $token])
+        );
+
+        return new TemplateResponse(
+            'core',
+            'login',
+            [],
+            'guest'
+        );
+    }
+
+    /**
+     * @param string $token
+     * @param string $userId
+     * @throws \Exception
+     */
+    protected function checkPasswordResetToken($token, $userId) {
+        $user = $this->userManager->get($userId);
+        if($user === null || !$user->isEnabled()) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        $encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
+        if ($encryptedToken === null) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        try {
+            $mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
+            $decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
+        } catch (\Exception $e) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        $splittedToken = explode(':', $decryptedToken);
+        if(count($splittedToken) !== 2) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*24*7) ||
+            $user->getLastLogin() > $splittedToken[0]) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
+        }
+
+        if (!hash_equals($splittedToken[1], $token)) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+    }
+
+    /**
+     * @param $message
+     * @param array $additional
+     * @return array
+     */
+    private function error($message, array $additional=[]) {
+        return array_merge(['status' => 'error', 'msg' => $message], $additional);
+    }
+
+    /**
+     * @param array $data
+     * @return array
+     */
+    private function success($data = []) {
+        return array_merge($data, ['status'=>'success']);
+    }
+
+    /**
+     * @PublicPage
+     * @BruteForceProtection(action=passwordResetEmail)
+     * @AnonRateThrottle(limit=10, period=300)
+     *
+     * @param string $user
+     * @return JSONResponse
+     */
+    public function email($user) {
+        if ($this->config->getSystemValue('lost_password_link', '') !== '') {
+            return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));
+        }
+
+        \OCP\Util::emitHook(
+            '\OCA\Files_Sharing\API\Server2Server',
+            'preLoginNameUsedAsUserName',
+            ['uid' => &$user]
+        );
+
+        // FIXME: use HTTP error codes
+        try {
+            $this->sendEmail($user);
+        } catch (ResetPasswordException $e) {
+            // Ignore the error since we do not want to leak this info
+            $this->logger->warning('Could not send password reset email: ' . $e->getMessage());
+        } catch (\Exception $e) {
+            $this->logger->logException($e);
+        }
+
+        $response = new JSONResponse($this->success());
+        $response->throttle();
+        return $response;
+    }
+
+    /**
+     * @PublicPage
+     * @param string $token
+     * @param string $userId
+     * @param string $password
+     * @param boolean $proceed
+     * @return array
+     */
+    public function setPassword($token, $userId, $password, $proceed) {
+        if ($this->config->getSystemValue('lost_password_link', '') !== '') {
+            return $this->error($this->l10n->t('Password reset is disabled'));
+        }
+
+        if ($this->encryptionManager->isEnabled() && !$proceed) {
+            $encryptionModules = $this->encryptionManager->getEncryptionModules();
+            foreach ($encryptionModules as $module) {
+                /** @var IEncryptionModule $instance */
+                $instance = call_user_func($module['callback']);
+                // this way we can find out whether per-user keys are used or a system wide encryption key
+                if ($instance->needDetailedAccessList()) {
+                    return $this->error('', ['encryption' => true]);
+                }
+            }
+        }
+
+        try {
+            $this->checkPasswordResetToken($token, $userId);
+            $user = $this->userManager->get($userId);
+
+            \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]);
+
+            if (!$user->setPassword($password)) {
+                throw new \Exception();
+            }
+
+            \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', ['uid' => $userId, 'password' => $password]);
+
+            $this->twoFactorManager->clearTwoFactorPending($userId);
+
+            $this->config->deleteUserValue($userId, 'core', 'lostpassword');
+            @\OC::$server->getUserSession()->unsetMagicInCookie();
+        } catch (HintException $e){
+            return $this->error($e->getHint());
+        } catch (\Exception $e){
+            return $this->error($e->getMessage());
+        }
+
+        return $this->success(['user' => $userId]);
+    }
+
+    /**
+     * @param string $input
+     * @throws ResetPasswordException
+     * @throws \OCP\PreConditionNotMetException
+     */
+    protected function sendEmail($input) {
+        $user = $this->findUserByIdOrMail($input);
+        $email = $user->getEMailAddress();
+
+        if (empty($email)) {
+            throw new ResetPasswordException('Could not send reset e-mail since there is no email for username ' . $input);
+        }
+
+        // Generate the token. It is stored encrypted in the database with the
+        // secret being the users' email address appended with the system secret.
+        // This makes the token automatically invalidate once the user changes
+        // their email address.
+        $token = $this->secureRandom->generate(
+            21,
+            ISecureRandom::CHAR_DIGITS.
+            ISecureRandom::CHAR_LOWER.
+            ISecureRandom::CHAR_UPPER
+        );
+        $tokenValue = $this->timeFactory->getTime() .':'. $token;
+        $encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
+        $this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
+
+        $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', ['userId' => $user->getUID(), 'token' => $token]);
+
+        $emailTemplate = $this->mailer->createEMailTemplate('core.ResetPassword', [
+            'link' => $link,
+        ]);
+
+        $emailTemplate->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()]));
+        $emailTemplate->addHeader();
+        $emailTemplate->addHeading($this->l10n->t('Password reset'));
+
+        $emailTemplate->addBodyText(
+            htmlspecialchars($this->l10n->t('Click the following button to reset your password. If you have not requested the password reset, then ignore this email.')),
+            $this->l10n->t('Click the following link to reset your password. If you have not requested the password reset, then ignore this email.')
+        );
+
+        $emailTemplate->addBodyButton(
+            htmlspecialchars($this->l10n->t('Reset your password')),
+            $link,
+            false
+        );
+        $emailTemplate->addFooter();
+
+        try {
+            $message = $this->mailer->createMessage();
+            $message->setTo([$email => $user->getUID()]);
+            $message->setFrom([$this->from => $this->defaults->getName()]);
+            $message->useTemplate($emailTemplate);
+            $this->mailer->send($message);
+        } catch (\Exception $e) {
+            // Log the exception and continue
+            $this->logger->logException($e);
+        }
+    }
+
+    /**
+     * @param string $input
+     * @return IUser
+     * @throws ResetPasswordException
+     */
+    protected function findUserByIdOrMail($input) {
+        $user = $this->userManager->get($input);
+        if ($user instanceof IUser) {
+            if (!$user->isEnabled()) {
+                throw new ResetPasswordException('User is disabled');
+            }
+
+            return $user;
+        }
+
+        $users = array_filter($this->userManager->getByEmail($input), function (IUser $user) {
+            return $user->isEnabled();
+        });
+
+        if (count($users) === 1) {
+            return reset($users);
+        }
+
+        throw new ResetPasswordException('Could not find user');
+    }
 }

core/Controller/PreviewController.php

Indentation +139 added lines, -139 removed lines

@@ -41,143 +41,143 @@
 
 class PreviewController extends Controller {
 
-	/** @var string */
-	private $userId;
-
-	/** @var IRootFolder */
-	private $root;
-
-	/** @var IPreview */
-	private $preview;
-
-	/**
-	 * PreviewController constructor.
-	 *
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IPreview $preview
-	 * @param IRootFolder $root
-	 * @param string $userId
-	 * @param ITimeFactory $timeFactory
-	 */
-	public function __construct(string $appName,
-								IRequest $request,
-								IPreview $preview,
-								IRootFolder $root,
-								?string $userId
-	) {
-		parent::__construct($appName, $request);
-
-		$this->preview = $preview;
-		$this->root = $root;
-		$this->userId = $userId;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 *
-	 * @param string $file
-	 * @param int $x
-	 * @param int $y
-	 * @param bool $a
-	 * @param bool $forceIcon
-	 * @param string $mode
-	 * @return DataResponse|FileDisplayResponse
-	 */
-	public function getPreview(
-		string $file = '',
-		int $x = 32,
-		int $y = 32,
-		bool $a = false,
-		bool $forceIcon = true,
-		string $mode = 'fill'): Http\Response {
-
-		if ($file === '' || $x === 0 || $y === 0) {
-			return new DataResponse([], Http::STATUS_BAD_REQUEST);
-		}
-
-		try {
-			$userFolder = $this->root->getUserFolder($this->userId);
-			$node = $userFolder->get($file);
-		} catch (NotFoundException $e) {
-			return new DataResponse([], Http::STATUS_NOT_FOUND);
-		}
-
-		return $this->fetchPreview($node, $x, $y, $a, $forceIcon, $mode);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 *
-	 * @param int $fileId
-	 * @param int $x
-	 * @param int $y
-	 * @param bool $a
-	 * @param bool $forceIcon
-	 * @param string $mode
-	 *
-	 * @return DataResponse|FileDisplayResponse
-	 */
-	public function getPreviewByFileId(
-		int $fileId = -1,
-		int $x = 32,
-		int $y = 32,
-		bool $a = false,
-		bool $forceIcon = true,
-		string $mode = 'fill') {
-
-		if ($fileId === -1 || $x === 0 || $y === 0) {
-			return new DataResponse([], Http::STATUS_BAD_REQUEST);
-		}
-
-		$userFolder = $this->root->getUserFolder($this->userId);
-		$nodes = $userFolder->getById($fileId);
-
-		if (\count($nodes) === 0) {
-			return new DataResponse([], Http::STATUS_NOT_FOUND);
-		}
-
-		$node = array_pop($nodes);
-
-		return $this->fetchPreview($node, $x, $y, $a, $forceIcon, $mode);
-	}
-
-	/**
-	 * @param Node $node
-	 * @param int $x
-	 * @param int $y
-	 * @param bool $a
-	 * @param bool $forceIcon
-	 * @param string $mode
-	 * @return DataResponse|FileDisplayResponse
-	 */
-	private function fetchPreview(
-		Node $node,
-		int $x,
-		int $y,
-		bool $a = false,
-		bool $forceIcon = true,
-		string $mode) : Http\Response {
-
-		if (!($node instanceof File) || (!$forceIcon && !$this->preview->isAvailable($node))) {
-			return new DataResponse([], Http::STATUS_NOT_FOUND);
-		}
-		if (!$node->isReadable()) {
-			return new DataResponse([], Http::STATUS_FORBIDDEN);
-		}
-
-		try {
-			$f = $this->preview->getPreview($node, $x, $y, !$a, $mode);
-			$response = new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]);
-			$response->cacheFor(3600 * 24);
-			return $response;
-		} catch (NotFoundException $e) {
-			return new DataResponse([], Http::STATUS_NOT_FOUND);
-		} catch (\InvalidArgumentException $e) {
-			return new DataResponse([], Http::STATUS_BAD_REQUEST);
-		}
-
-	}
+    /** @var string */
+    private $userId;
+
+    /** @var IRootFolder */
+    private $root;
+
+    /** @var IPreview */
+    private $preview;
+
+    /**
+     * PreviewController constructor.
+     *
+     * @param string $appName
+     * @param IRequest $request
+     * @param IPreview $preview
+     * @param IRootFolder $root
+     * @param string $userId
+     * @param ITimeFactory $timeFactory
+     */
+    public function __construct(string $appName,
+                                IRequest $request,
+                                IPreview $preview,
+                                IRootFolder $root,
+                                ?string $userId
+    ) {
+        parent::__construct($appName, $request);
+
+        $this->preview = $preview;
+        $this->root = $root;
+        $this->userId = $userId;
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     *
+     * @param string $file
+     * @param int $x
+     * @param int $y
+     * @param bool $a
+     * @param bool $forceIcon
+     * @param string $mode
+     * @return DataResponse|FileDisplayResponse
+     */
+    public function getPreview(
+        string $file = '',
+        int $x = 32,
+        int $y = 32,
+        bool $a = false,
+        bool $forceIcon = true,
+        string $mode = 'fill'): Http\Response {
+
+        if ($file === '' || $x === 0 || $y === 0) {
+            return new DataResponse([], Http::STATUS_BAD_REQUEST);
+        }
+
+        try {
+            $userFolder = $this->root->getUserFolder($this->userId);
+            $node = $userFolder->get($file);
+        } catch (NotFoundException $e) {
+            return new DataResponse([], Http::STATUS_NOT_FOUND);
+        }
+
+        return $this->fetchPreview($node, $x, $y, $a, $forceIcon, $mode);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     *
+     * @param int $fileId
+     * @param int $x
+     * @param int $y
+     * @param bool $a
+     * @param bool $forceIcon
+     * @param string $mode
+     *
+     * @return DataResponse|FileDisplayResponse
+     */
+    public function getPreviewByFileId(
+        int $fileId = -1,
+        int $x = 32,
+        int $y = 32,
+        bool $a = false,
+        bool $forceIcon = true,
+        string $mode = 'fill') {
+
+        if ($fileId === -1 || $x === 0 || $y === 0) {
+            return new DataResponse([], Http::STATUS_BAD_REQUEST);
+        }
+
+        $userFolder = $this->root->getUserFolder($this->userId);
+        $nodes = $userFolder->getById($fileId);
+
+        if (\count($nodes) === 0) {
+            return new DataResponse([], Http::STATUS_NOT_FOUND);
+        }
+
+        $node = array_pop($nodes);
+
+        return $this->fetchPreview($node, $x, $y, $a, $forceIcon, $mode);
+    }
+
+    /**
+     * @param Node $node
+     * @param int $x
+     * @param int $y
+     * @param bool $a
+     * @param bool $forceIcon
+     * @param string $mode
+     * @return DataResponse|FileDisplayResponse
+     */
+    private function fetchPreview(
+        Node $node,
+        int $x,
+        int $y,
+        bool $a = false,
+        bool $forceIcon = true,
+        string $mode) : Http\Response {
+
+        if (!($node instanceof File) || (!$forceIcon && !$this->preview->isAvailable($node))) {
+            return new DataResponse([], Http::STATUS_NOT_FOUND);
+        }
+        if (!$node->isReadable()) {
+            return new DataResponse([], Http::STATUS_FORBIDDEN);
+        }
+
+        try {
+            $f = $this->preview->getPreview($node, $x, $y, !$a, $mode);
+            $response = new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]);
+            $response->cacheFor(3600 * 24);
+            return $response;
+        } catch (NotFoundException $e) {
+            return new DataResponse([], Http::STATUS_NOT_FOUND);
+        } catch (\InvalidArgumentException $e) {
+            return new DataResponse([], Http::STATUS_BAD_REQUEST);
+        }
+
+    }
 }