nextcloud / server

lib/private/User/Manager.php

Indentation +482 added lines, -482 removed lines

@@ -54,486 +54,486 @@
  * @package OC\User
  */
 class Manager extends PublicEmitter implements IUserManager {
-	/**
-	 * @var \OCP\UserInterface[] $backends
-	 */
-	private $backends = array();
-
-	/**
-	 * @var \OC\User\User[] $cachedUsers
-	 */
-	private $cachedUsers = array();
-
-	/**
-	 * @var \OCP\IConfig $config
-	 */
-	private $config;
-
-	/**
-	 * @param \OCP\IConfig $config
-	 */
-	public function __construct(IConfig $config) {
-		$this->config = $config;
-		$cachedUsers = &$this->cachedUsers;
-		$this->listen('\OC\User', 'postDelete', function ($user) use (&$cachedUsers) {
-			/** @var \OC\User\User $user */
-			unset($cachedUsers[$user->getUID()]);
-		});
-	}
-
-	/**
-	 * Get the active backends
-	 * @return \OCP\UserInterface[]
-	 */
-	public function getBackends() {
-		return $this->backends;
-	}
-
-	/**
-	 * register a user backend
-	 *
-	 * @param \OCP\UserInterface $backend
-	 */
-	public function registerBackend($backend) {
-		$this->backends[] = $backend;
-	}
-
-	/**
-	 * remove a user backend
-	 *
-	 * @param \OCP\UserInterface $backend
-	 */
-	public function removeBackend($backend) {
-		$this->cachedUsers = array();
-		if (($i = array_search($backend, $this->backends)) !== false) {
-			unset($this->backends[$i]);
-		}
-	}
-
-	/**
-	 * remove all user backends
-	 */
-	public function clearBackends() {
-		$this->cachedUsers = array();
-		$this->backends = array();
-	}
-
-	/**
-	 * get a user by user id
-	 *
-	 * @param string $uid
-	 * @return \OC\User\User|null Either the user or null if the specified user does not exist
-	 */
-	public function get($uid) {
-		if (is_null($uid) || $uid === '' || $uid === false) {
-			return null;
-		}
-		if (isset($this->cachedUsers[$uid])) { //check the cache first to prevent having to loop over the backends
-			return $this->cachedUsers[$uid];
-		}
-		foreach ($this->backends as $backend) {
-			if ($backend->userExists($uid)) {
-				return $this->getUserObject($uid, $backend);
-			}
-		}
-		return null;
-	}
-
-	/**
-	 * get or construct the user object
-	 *
-	 * @param string $uid
-	 * @param \OCP\UserInterface $backend
-	 * @param bool $cacheUser If false the newly created user object will not be cached
-	 * @return \OC\User\User
-	 */
-	protected function getUserObject($uid, $backend, $cacheUser = true) {
-		if (isset($this->cachedUsers[$uid])) {
-			return $this->cachedUsers[$uid];
-		}
-
-		$user = new User($uid, $backend, $this, $this->config);
-		if ($cacheUser) {
-			$this->cachedUsers[$uid] = $user;
-		}
-		return $user;
-	}
-
-	/**
-	 * check if a user exists
-	 *
-	 * @param string $uid
-	 * @return bool
-	 */
-	public function userExists($uid) {
-		$user = $this->get($uid);
-		return ($user !== null);
-	}
-
-	/**
-	 * Check if the password is valid for the user
-	 *
-	 * @param string $loginName
-	 * @param string $password
-	 * @return mixed the User object on success, false otherwise
-	 */
-	public function checkPassword($loginName, $password) {
-		$result = $this->checkPasswordNoLogging($loginName, $password);
-
-		if ($result === false) {
-			\OC::$server->getLogger()->warning('Login failed: \''. $loginName .'\' (Remote IP: \''. \OC::$server->getRequest()->getRemoteAddress(). '\')', ['app' => 'core']);
-		}
-
-		return $result;
-	}
-
-	/**
-	 * Check if the password is valid for the user
-	 *
-	 * @internal
-	 * @param string $loginName
-	 * @param string $password
-	 * @return mixed the User object on success, false otherwise
-	 */
-	public function checkPasswordNoLogging($loginName, $password) {
-		$loginName = str_replace("\0", '', $loginName);
-		$password = str_replace("\0", '', $password);
-
-		foreach ($this->backends as $backend) {
-			if ($backend->implementsActions(Backend::CHECK_PASSWORD)) {
-				$uid = $backend->checkPassword($loginName, $password);
-				if ($uid !== false) {
-					return $this->getUserObject($uid, $backend);
-				}
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * search by user id
-	 *
-	 * @param string $pattern
-	 * @param int $limit
-	 * @param int $offset
-	 * @return \OC\User\User[]
-	 */
-	public function search($pattern, $limit = null, $offset = null) {
-		$users = array();
-		foreach ($this->backends as $backend) {
-			$backendUsers = $backend->getUsers($pattern, $limit, $offset);
-			if (is_array($backendUsers)) {
-				foreach ($backendUsers as $uid) {
-					$users[$uid] = $this->getUserObject($uid, $backend);
-				}
-			}
-		}
-
-		uasort($users, function ($a, $b) {
-			/**
-			 * @var \OC\User\User $a
-			 * @var \OC\User\User $b
-			 */
-			return strcmp($a->getUID(), $b->getUID());
-		});
-		return $users;
-	}
-
-	/**
-	 * search by displayName
-	 *
-	 * @param string $pattern
-	 * @param int $limit
-	 * @param int $offset
-	 * @return \OC\User\User[]
-	 */
-	public function searchDisplayName($pattern, $limit = null, $offset = null) {
-		$users = array();
-		foreach ($this->backends as $backend) {
-			$backendUsers = $backend->getDisplayNames($pattern, $limit, $offset);
-			if (is_array($backendUsers)) {
-				foreach ($backendUsers as $uid => $displayName) {
-					$users[] = $this->getUserObject($uid, $backend);
-				}
-			}
-		}
-
-		usort($users, function ($a, $b) {
-			/**
-			 * @var \OC\User\User $a
-			 * @var \OC\User\User $b
-			 */
-			return strcmp(strtolower($a->getDisplayName()), strtolower($b->getDisplayName()));
-		});
-		return $users;
-	}
-
-	/**
-	 * @param string $uid
-	 * @param string $password
-	 * @throws \InvalidArgumentException
-	 * @return bool|IUser the created user or false
-	 */
-	public function createUser($uid, $password) {
-		$localBackends = [];
-		foreach ($this->backends as $backend) {
-			if ($backend instanceof Database) {
-				// First check if there is another user backend
-				$localBackends[] = $backend;
-				continue;
-			}
-
-			if ($backend->implementsActions(Backend::CREATE_USER)) {
-				return $this->createUserFromBackend($uid, $password, $backend);
-			}
-		}
-
-		foreach ($localBackends as $backend) {
-			if ($backend->implementsActions(Backend::CREATE_USER)) {
-				return $this->createUserFromBackend($uid, $password, $backend);
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * @param string $uid
-	 * @param string $password
-	 * @param UserInterface $backend
-	 * @return IUser|null
-	 * @throws \InvalidArgumentException
-	 */
-	public function createUserFromBackend($uid, $password, UserInterface $backend) {
-		$l = \OC::$server->getL10N('lib');
-
-		// Check the name for bad characters
-		// Allowed are: "a-z", "A-Z", "0-9" and "_.@-'"
-		if (preg_match('/[^a-zA-Z0-9 _\.@\-\']/', $uid)) {
-			throw new \InvalidArgumentException($l->t('Only the following characters are allowed in a username:'
-				. ' "a-z", "A-Z", "0-9", and "_.@-\'"'));
-		}
-		// No empty username
-		if (trim($uid) === '') {
-			throw new \InvalidArgumentException($l->t('A valid username must be provided'));
-		}
-		// No whitespace at the beginning or at the end
-		if (trim($uid) !== $uid) {
-			throw new \InvalidArgumentException($l->t('Username contains whitespace at the beginning or at the end'));
-		}
-		// Username only consists of 1 or 2 dots (directory traversal)
-		if ($uid === '.' || $uid === '..') {
-			throw new \InvalidArgumentException($l->t('Username must not consist of dots only'));
-		}
-		// No empty password
-		if (trim($password) === '') {
-			throw new \InvalidArgumentException($l->t('A valid password must be provided'));
-		}
-
-		// Check if user already exists
-		if ($this->userExists($uid)) {
-			throw new \InvalidArgumentException($l->t('The username is already being used'));
-		}
-
-		$this->emit('\OC\User', 'preCreateUser', [$uid, $password]);
-		$state = $backend->createUser($uid, $password);
-		if($state === false) {
-			throw new \InvalidArgumentException($l->t('Could not create user'));
-		}
-		$user = $this->getUserObject($uid, $backend);
-		if ($user instanceof IUser) {
-			$this->emit('\OC\User', 'postCreateUser', [$user, $password]);
-		}
-		return $user;
-	}
-
-	/**
-	 * returns how many users per backend exist (if supported by backend)
-	 *
-	 * @param boolean $hasLoggedIn when true only users that have a lastLogin
-	 *                entry in the preferences table will be affected
-	 * @return array|int an array of backend class as key and count number as value
-	 *                if $hasLoggedIn is true only an int is returned
-	 */
-	public function countUsers($hasLoggedIn = false) {
-		if ($hasLoggedIn) {
-			return $this->countSeenUsers();
-		}
-		$userCountStatistics = [];
-		foreach ($this->backends as $backend) {
-			if ($backend->implementsActions(Backend::COUNT_USERS)) {
-				$backendUsers = $backend->countUsers();
-				if($backendUsers !== false) {
-					if($backend instanceof IUserBackend) {
-						$name = $backend->getBackendName();
-					} else {
-						$name = get_class($backend);
-					}
-					if(isset($userCountStatistics[$name])) {
-						$userCountStatistics[$name] += $backendUsers;
-					} else {
-						$userCountStatistics[$name] = $backendUsers;
-					}
-				}
-			}
-		}
-		return $userCountStatistics;
-	}
-
-	/**
-	 * The callback is executed for each user on each backend.
-	 * If the callback returns false no further users will be retrieved.
-	 *
-	 * @param \Closure $callback
-	 * @param string $search
-	 * @param boolean $onlySeen when true only users that have a lastLogin entry
-	 *                in the preferences table will be affected
-	 * @since 9.0.0
-	 */
-	public function callForAllUsers(\Closure $callback, $search = '', $onlySeen = false) {
-		if ($onlySeen) {
-			$this->callForSeenUsers($callback);
-		} else {
-			foreach ($this->getBackends() as $backend) {
-				$limit = 500;
-				$offset = 0;
-				do {
-					$users = $backend->getUsers($search, $limit, $offset);
-					foreach ($users as $uid) {
-						if (!$backend->userExists($uid)) {
-							continue;
-						}
-						$user = $this->getUserObject($uid, $backend, false);
-						$return = $callback($user);
-						if ($return === false) {
-							break;
-						}
-					}
-					$offset += $limit;
-				} while (count($users) >= $limit);
-			}
-		}
-	}
-
-	/**
-	 * returns how many users have logged in once
-	 *
-	 * @return int
-	 * @since 12.0.0
-	 */
-	public function countDisabledUsers() {
-		$queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-		$queryBuilder->select($queryBuilder->createFunction('COUNT(*)'))
-			->from('preferences')
-			->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('core')))
-			->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('enabled')))
-			->andWhere($queryBuilder->expr()->eq('configvalue', $queryBuilder->createNamedParameter('false'), IQueryBuilder::PARAM_STR));
-
-		$query = $queryBuilder->execute();
-
-		$result = (int)$query->fetchColumn();
-		$query->closeCursor();
-
-		return $result;
-	}
-
-	/**
-	 * returns how many users have logged in once
-	 *
-	 * @return int
-	 * @since 11.0.0
-	 */
-	public function countSeenUsers() {
-		$queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-		$queryBuilder->select($queryBuilder->createFunction('COUNT(*)'))
-			->from('preferences')
-			->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('login')))
-			->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('lastLogin')))
-			->andWhere($queryBuilder->expr()->isNotNull('configvalue'));
-
-		$query = $queryBuilder->execute();
-
-		$result = (int)$query->fetchColumn();
-		$query->closeCursor();
-
-		return $result;
-	}
-
-	/**
-	 * @param \Closure $callback
-	 * @since 11.0.0
-	 */
-	public function callForSeenUsers(\Closure $callback) {
-		$limit = 1000;
-		$offset = 0;
-		do {
-			$userIds = $this->getSeenUserIds($limit, $offset);
-			$offset += $limit;
-			foreach ($userIds as $userId) {
-				foreach ($this->backends as $backend) {
-					if ($backend->userExists($userId)) {
-						$user = $this->getUserObject($userId, $backend, false);
-						$return = $callback($user);
-						if ($return === false) {
-							return;
-						}
-					}
-				}
-			}
-		} while (count($userIds) >= $limit);
-	}
-
-	/**
-	 * Getting all userIds that have a listLogin value requires checking the
-	 * value in php because on oracle you cannot use a clob in a where clause,
-	 * preventing us from doing a not null or length(value) > 0 check.
-	 * 
-	 * @param int $limit
-	 * @param int $offset
-	 * @return string[] with user ids
-	 */
-	private function getSeenUserIds($limit = null, $offset = null) {
-		$queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-		$queryBuilder->select(['userid'])
-			->from('preferences')
-			->where($queryBuilder->expr()->eq(
-				'appid', $queryBuilder->createNamedParameter('login'))
-			)
-			->andWhere($queryBuilder->expr()->eq(
-				'configkey', $queryBuilder->createNamedParameter('lastLogin'))
-			)
-			->andWhere($queryBuilder->expr()->isNotNull('configvalue')
-			);
-
-		if ($limit !== null) {
-			$queryBuilder->setMaxResults($limit);
-		}
-		if ($offset !== null) {
-			$queryBuilder->setFirstResult($offset);
-		}
-		$query = $queryBuilder->execute();
-		$result = [];
-
-		while ($row = $query->fetch()) {
-			$result[] = $row['userid'];
-		}
-
-		$query->closeCursor();
-
-		return $result;
-	}
-
-	/**
-	 * @param string $email
-	 * @return IUser[]
-	 * @since 9.1.0
-	 */
-	public function getByEmail($email) {
-		$userIds = $this->config->getUsersForUserValue('settings', 'email', $email);
-
-		return array_map(function($uid) {
-			return $this->get($uid);
-		}, $userIds);
-	}
+    /**
+     * @var \OCP\UserInterface[] $backends
+     */
+    private $backends = array();
+
+    /**
+     * @var \OC\User\User[] $cachedUsers
+     */
+    private $cachedUsers = array();
+
+    /**
+     * @var \OCP\IConfig $config
+     */
+    private $config;
+
+    /**
+     * @param \OCP\IConfig $config
+     */
+    public function __construct(IConfig $config) {
+        $this->config = $config;
+        $cachedUsers = &$this->cachedUsers;
+        $this->listen('\OC\User', 'postDelete', function ($user) use (&$cachedUsers) {
+            /** @var \OC\User\User $user */
+            unset($cachedUsers[$user->getUID()]);
+        });
+    }
+
+    /**
+     * Get the active backends
+     * @return \OCP\UserInterface[]
+     */
+    public function getBackends() {
+        return $this->backends;
+    }
+
+    /**
+     * register a user backend
+     *
+     * @param \OCP\UserInterface $backend
+     */
+    public function registerBackend($backend) {
+        $this->backends[] = $backend;
+    }
+
+    /**
+     * remove a user backend
+     *
+     * @param \OCP\UserInterface $backend
+     */
+    public function removeBackend($backend) {
+        $this->cachedUsers = array();
+        if (($i = array_search($backend, $this->backends)) !== false) {
+            unset($this->backends[$i]);
+        }
+    }
+
+    /**
+     * remove all user backends
+     */
+    public function clearBackends() {
+        $this->cachedUsers = array();
+        $this->backends = array();
+    }
+
+    /**
+     * get a user by user id
+     *
+     * @param string $uid
+     * @return \OC\User\User|null Either the user or null if the specified user does not exist
+     */
+    public function get($uid) {
+        if (is_null($uid) || $uid === '' || $uid === false) {
+            return null;
+        }
+        if (isset($this->cachedUsers[$uid])) { //check the cache first to prevent having to loop over the backends
+            return $this->cachedUsers[$uid];
+        }
+        foreach ($this->backends as $backend) {
+            if ($backend->userExists($uid)) {
+                return $this->getUserObject($uid, $backend);
+            }
+        }
+        return null;
+    }
+
+    /**
+     * get or construct the user object
+     *
+     * @param string $uid
+     * @param \OCP\UserInterface $backend
+     * @param bool $cacheUser If false the newly created user object will not be cached
+     * @return \OC\User\User
+     */
+    protected function getUserObject($uid, $backend, $cacheUser = true) {
+        if (isset($this->cachedUsers[$uid])) {
+            return $this->cachedUsers[$uid];
+        }
+
+        $user = new User($uid, $backend, $this, $this->config);
+        if ($cacheUser) {
+            $this->cachedUsers[$uid] = $user;
+        }
+        return $user;
+    }
+
+    /**
+     * check if a user exists
+     *
+     * @param string $uid
+     * @return bool
+     */
+    public function userExists($uid) {
+        $user = $this->get($uid);
+        return ($user !== null);
+    }
+
+    /**
+     * Check if the password is valid for the user
+     *
+     * @param string $loginName
+     * @param string $password
+     * @return mixed the User object on success, false otherwise
+     */
+    public function checkPassword($loginName, $password) {
+        $result = $this->checkPasswordNoLogging($loginName, $password);
+
+        if ($result === false) {
+            \OC::$server->getLogger()->warning('Login failed: \''. $loginName .'\' (Remote IP: \''. \OC::$server->getRequest()->getRemoteAddress(). '\')', ['app' => 'core']);
+        }
+
+        return $result;
+    }
+
+    /**
+     * Check if the password is valid for the user
+     *
+     * @internal
+     * @param string $loginName
+     * @param string $password
+     * @return mixed the User object on success, false otherwise
+     */
+    public function checkPasswordNoLogging($loginName, $password) {
+        $loginName = str_replace("\0", '', $loginName);
+        $password = str_replace("\0", '', $password);
+
+        foreach ($this->backends as $backend) {
+            if ($backend->implementsActions(Backend::CHECK_PASSWORD)) {
+                $uid = $backend->checkPassword($loginName, $password);
+                if ($uid !== false) {
+                    return $this->getUserObject($uid, $backend);
+                }
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * search by user id
+     *
+     * @param string $pattern
+     * @param int $limit
+     * @param int $offset
+     * @return \OC\User\User[]
+     */
+    public function search($pattern, $limit = null, $offset = null) {
+        $users = array();
+        foreach ($this->backends as $backend) {
+            $backendUsers = $backend->getUsers($pattern, $limit, $offset);
+            if (is_array($backendUsers)) {
+                foreach ($backendUsers as $uid) {
+                    $users[$uid] = $this->getUserObject($uid, $backend);
+                }
+            }
+        }
+
+        uasort($users, function ($a, $b) {
+            /**
+             * @var \OC\User\User $a
+             * @var \OC\User\User $b
+             */
+            return strcmp($a->getUID(), $b->getUID());
+        });
+        return $users;
+    }
+
+    /**
+     * search by displayName
+     *
+     * @param string $pattern
+     * @param int $limit
+     * @param int $offset
+     * @return \OC\User\User[]
+     */
+    public function searchDisplayName($pattern, $limit = null, $offset = null) {
+        $users = array();
+        foreach ($this->backends as $backend) {
+            $backendUsers = $backend->getDisplayNames($pattern, $limit, $offset);
+            if (is_array($backendUsers)) {
+                foreach ($backendUsers as $uid => $displayName) {
+                    $users[] = $this->getUserObject($uid, $backend);
+                }
+            }
+        }
+
+        usort($users, function ($a, $b) {
+            /**
+             * @var \OC\User\User $a
+             * @var \OC\User\User $b
+             */
+            return strcmp(strtolower($a->getDisplayName()), strtolower($b->getDisplayName()));
+        });
+        return $users;
+    }
+
+    /**
+     * @param string $uid
+     * @param string $password
+     * @throws \InvalidArgumentException
+     * @return bool|IUser the created user or false
+     */
+    public function createUser($uid, $password) {
+        $localBackends = [];
+        foreach ($this->backends as $backend) {
+            if ($backend instanceof Database) {
+                // First check if there is another user backend
+                $localBackends[] = $backend;
+                continue;
+            }
+
+            if ($backend->implementsActions(Backend::CREATE_USER)) {
+                return $this->createUserFromBackend($uid, $password, $backend);
+            }
+        }
+
+        foreach ($localBackends as $backend) {
+            if ($backend->implementsActions(Backend::CREATE_USER)) {
+                return $this->createUserFromBackend($uid, $password, $backend);
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * @param string $uid
+     * @param string $password
+     * @param UserInterface $backend
+     * @return IUser|null
+     * @throws \InvalidArgumentException
+     */
+    public function createUserFromBackend($uid, $password, UserInterface $backend) {
+        $l = \OC::$server->getL10N('lib');
+
+        // Check the name for bad characters
+        // Allowed are: "a-z", "A-Z", "0-9" and "_.@-'"
+        if (preg_match('/[^a-zA-Z0-9 _\.@\-\']/', $uid)) {
+            throw new \InvalidArgumentException($l->t('Only the following characters are allowed in a username:'
+                . ' "a-z", "A-Z", "0-9", and "_.@-\'"'));
+        }
+        // No empty username
+        if (trim($uid) === '') {
+            throw new \InvalidArgumentException($l->t('A valid username must be provided'));
+        }
+        // No whitespace at the beginning or at the end
+        if (trim($uid) !== $uid) {
+            throw new \InvalidArgumentException($l->t('Username contains whitespace at the beginning or at the end'));
+        }
+        // Username only consists of 1 or 2 dots (directory traversal)
+        if ($uid === '.' || $uid === '..') {
+            throw new \InvalidArgumentException($l->t('Username must not consist of dots only'));
+        }
+        // No empty password
+        if (trim($password) === '') {
+            throw new \InvalidArgumentException($l->t('A valid password must be provided'));
+        }
+
+        // Check if user already exists
+        if ($this->userExists($uid)) {
+            throw new \InvalidArgumentException($l->t('The username is already being used'));
+        }
+
+        $this->emit('\OC\User', 'preCreateUser', [$uid, $password]);
+        $state = $backend->createUser($uid, $password);
+        if($state === false) {
+            throw new \InvalidArgumentException($l->t('Could not create user'));
+        }
+        $user = $this->getUserObject($uid, $backend);
+        if ($user instanceof IUser) {
+            $this->emit('\OC\User', 'postCreateUser', [$user, $password]);
+        }
+        return $user;
+    }
+
+    /**
+     * returns how many users per backend exist (if supported by backend)
+     *
+     * @param boolean $hasLoggedIn when true only users that have a lastLogin
+     *                entry in the preferences table will be affected
+     * @return array|int an array of backend class as key and count number as value
+     *                if $hasLoggedIn is true only an int is returned
+     */
+    public function countUsers($hasLoggedIn = false) {
+        if ($hasLoggedIn) {
+            return $this->countSeenUsers();
+        }
+        $userCountStatistics = [];
+        foreach ($this->backends as $backend) {
+            if ($backend->implementsActions(Backend::COUNT_USERS)) {
+                $backendUsers = $backend->countUsers();
+                if($backendUsers !== false) {
+                    if($backend instanceof IUserBackend) {
+                        $name = $backend->getBackendName();
+                    } else {
+                        $name = get_class($backend);
+                    }
+                    if(isset($userCountStatistics[$name])) {
+                        $userCountStatistics[$name] += $backendUsers;
+                    } else {
+                        $userCountStatistics[$name] = $backendUsers;
+                    }
+                }
+            }
+        }
+        return $userCountStatistics;
+    }
+
+    /**
+     * The callback is executed for each user on each backend.
+     * If the callback returns false no further users will be retrieved.
+     *
+     * @param \Closure $callback
+     * @param string $search
+     * @param boolean $onlySeen when true only users that have a lastLogin entry
+     *                in the preferences table will be affected
+     * @since 9.0.0
+     */
+    public function callForAllUsers(\Closure $callback, $search = '', $onlySeen = false) {
+        if ($onlySeen) {
+            $this->callForSeenUsers($callback);
+        } else {
+            foreach ($this->getBackends() as $backend) {
+                $limit = 500;
+                $offset = 0;
+                do {
+                    $users = $backend->getUsers($search, $limit, $offset);
+                    foreach ($users as $uid) {
+                        if (!$backend->userExists($uid)) {
+                            continue;
+                        }
+                        $user = $this->getUserObject($uid, $backend, false);
+                        $return = $callback($user);
+                        if ($return === false) {
+                            break;
+                        }
+                    }
+                    $offset += $limit;
+                } while (count($users) >= $limit);
+            }
+        }
+    }
+
+    /**
+     * returns how many users have logged in once
+     *
+     * @return int
+     * @since 12.0.0
+     */
+    public function countDisabledUsers() {
+        $queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+        $queryBuilder->select($queryBuilder->createFunction('COUNT(*)'))
+            ->from('preferences')
+            ->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('core')))
+            ->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('enabled')))
+            ->andWhere($queryBuilder->expr()->eq('configvalue', $queryBuilder->createNamedParameter('false'), IQueryBuilder::PARAM_STR));
+
+        $query = $queryBuilder->execute();
+
+        $result = (int)$query->fetchColumn();
+        $query->closeCursor();
+
+        return $result;
+    }
+
+    /**
+     * returns how many users have logged in once
+     *
+     * @return int
+     * @since 11.0.0
+     */
+    public function countSeenUsers() {
+        $queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+        $queryBuilder->select($queryBuilder->createFunction('COUNT(*)'))
+            ->from('preferences')
+            ->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('login')))
+            ->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('lastLogin')))
+            ->andWhere($queryBuilder->expr()->isNotNull('configvalue'));
+
+        $query = $queryBuilder->execute();
+
+        $result = (int)$query->fetchColumn();
+        $query->closeCursor();
+
+        return $result;
+    }
+
+    /**
+     * @param \Closure $callback
+     * @since 11.0.0
+     */
+    public function callForSeenUsers(\Closure $callback) {
+        $limit = 1000;
+        $offset = 0;
+        do {
+            $userIds = $this->getSeenUserIds($limit, $offset);
+            $offset += $limit;
+            foreach ($userIds as $userId) {
+                foreach ($this->backends as $backend) {
+                    if ($backend->userExists($userId)) {
+                        $user = $this->getUserObject($userId, $backend, false);
+                        $return = $callback($user);
+                        if ($return === false) {
+                            return;
+                        }
+                    }
+                }
+            }
+        } while (count($userIds) >= $limit);
+    }
+
+    /**
+     * Getting all userIds that have a listLogin value requires checking the
+     * value in php because on oracle you cannot use a clob in a where clause,
+     * preventing us from doing a not null or length(value) > 0 check.
+     * 
+     * @param int $limit
+     * @param int $offset
+     * @return string[] with user ids
+     */
+    private function getSeenUserIds($limit = null, $offset = null) {
+        $queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+        $queryBuilder->select(['userid'])
+            ->from('preferences')
+            ->where($queryBuilder->expr()->eq(
+                'appid', $queryBuilder->createNamedParameter('login'))
+            )
+            ->andWhere($queryBuilder->expr()->eq(
+                'configkey', $queryBuilder->createNamedParameter('lastLogin'))
+            )
+            ->andWhere($queryBuilder->expr()->isNotNull('configvalue')
+            );
+
+        if ($limit !== null) {
+            $queryBuilder->setMaxResults($limit);
+        }
+        if ($offset !== null) {
+            $queryBuilder->setFirstResult($offset);
+        }
+        $query = $queryBuilder->execute();
+        $result = [];
+
+        while ($row = $query->fetch()) {
+            $result[] = $row['userid'];
+        }
+
+        $query->closeCursor();
+
+        return $result;
+    }
+
+    /**
+     * @param string $email
+     * @return IUser[]
+     * @since 9.1.0
+     */
+    public function getByEmail($email) {
+        $userIds = $this->config->getUsersForUserValue('settings', 'email', $email);
+
+        return array_map(function($uid) {
+            return $this->get($uid);
+        }, $userIds);
+    }
 }

core/Controller/LostController.php

Indentation +315 added lines, -315 removed lines

@@ -56,319 +56,319 @@
  */
 class LostController extends Controller {
 
-	/** @var IURLGenerator */
-	protected $urlGenerator;
-	/** @var IUserManager */
-	protected $userManager;
-	/** @var Defaults */
-	protected $defaults;
-	/** @var IL10N */
-	protected $l10n;
-	/** @var string */
-	protected $from;
-	/** @var IManager */
-	protected $encryptionManager;
-	/** @var IConfig */
-	protected $config;
-	/** @var ISecureRandom */
-	protected $secureRandom;
-	/** @var IMailer */
-	protected $mailer;
-	/** @var ITimeFactory */
-	protected $timeFactory;
-	/** @var ICrypto */
-	protected $crypto;
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IURLGenerator $urlGenerator
-	 * @param IUserManager $userManager
-	 * @param Defaults $defaults
-	 * @param IL10N $l10n
-	 * @param IConfig $config
-	 * @param ISecureRandom $secureRandom
-	 * @param string $defaultMailAddress
-	 * @param IManager $encryptionManager
-	 * @param IMailer $mailer
-	 * @param ITimeFactory $timeFactory
-	 * @param ICrypto $crypto
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IURLGenerator $urlGenerator,
-								IUserManager $userManager,
-								Defaults $defaults,
-								IL10N $l10n,
-								IConfig $config,
-								ISecureRandom $secureRandom,
-								$defaultMailAddress,
-								IManager $encryptionManager,
-								IMailer $mailer,
-								ITimeFactory $timeFactory,
-								ICrypto $crypto) {
-		parent::__construct($appName, $request);
-		$this->urlGenerator = $urlGenerator;
-		$this->userManager = $userManager;
-		$this->defaults = $defaults;
-		$this->l10n = $l10n;
-		$this->secureRandom = $secureRandom;
-		$this->from = $defaultMailAddress;
-		$this->encryptionManager = $encryptionManager;
-		$this->config = $config;
-		$this->mailer = $mailer;
-		$this->timeFactory = $timeFactory;
-		$this->crypto = $crypto;
-	}
-
-	/**
-	 * Someone wants to reset their password:
-	 *
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $token
-	 * @param string $userId
-	 * @return TemplateResponse
-	 */
-	public function resetform($token, $userId) {
-		if ($this->config->getSystemValue('lost_password_link', '') !== '') {
-			return new TemplateResponse('core', 'error', [
-					'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
-				],
-				'guest'
-			);
-		}
-
-		try {
-			$this->checkPasswordResetToken($token, $userId);
-		} catch (\Exception $e) {
-			return new TemplateResponse(
-				'core', 'error', [
-					"errors" => array(array("error" => $e->getMessage()))
-				],
-				'guest'
-			);
-		}
-
-		return new TemplateResponse(
-			'core',
-			'lostpassword/resetpassword',
-			array(
-				'link' => $this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', array('userId' => $userId, 'token' => $token)),
-			),
-			'guest'
-		);
-	}
-
-	/**
-	 * @param string $token
-	 * @param string $userId
-	 * @throws \Exception
-	 */
-	protected function checkPasswordResetToken($token, $userId) {
-		$user = $this->userManager->get($userId);
-		if($user === null || !$user->isEnabled()) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		try {
-			$encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
-			$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
-			$decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
-		} catch (\Exception $e) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		$splittedToken = explode(':', $decryptedToken);
-		if(count($splittedToken) !== 2) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) ||
-			$user->getLastLogin() > $splittedToken[0]) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
-		}
-
-		if (!hash_equals($splittedToken[1], $token)) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-	}
-
-	/**
-	 * @param $message
-	 * @param array $additional
-	 * @return array
-	 */
-	private function error($message, array $additional=array()) {
-		return array_merge(array('status' => 'error', 'msg' => $message), $additional);
-	}
-
-	/**
-	 * @return array
-	 */
-	private function success() {
-		return array('status'=>'success');
-	}
-
-	/**
-	 * @PublicPage
-	 * @BruteForceProtection(action=passwordResetEmail)
-	 * @AnonRateThrottle(limit=10, period=300)
-	 *
-	 * @param string $user
-	 * @return JSONResponse
-	 */
-	public function email($user){
-		if ($this->config->getSystemValue('lost_password_link', '') !== '') {
-			return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));
-		}
-
-		\OCP\Util::emitHook(
-			'\OCA\Files_Sharing\API\Server2Server',
-			'preLoginNameUsedAsUserName',
-			['uid' => &$user]
-		);
-
-		// FIXME: use HTTP error codes
-		try {
-			$this->sendEmail($user);
-		} catch (\Exception $e){
-			$response = new JSONResponse($this->error($e->getMessage()));
-			$response->throttle();
-			return $response;
-		}
-
-		$response = new JSONResponse($this->success());
-		$response->throttle();
-		return $response;
-	}
-
-	/**
-	 * @PublicPage
-	 * @param string $token
-	 * @param string $userId
-	 * @param string $password
-	 * @param boolean $proceed
-	 * @return array
-	 */
-	public function setPassword($token, $userId, $password, $proceed) {
-		if ($this->config->getSystemValue('lost_password_link', '') !== '') {
-			return $this->error($this->l10n->t('Password reset is disabled'));
-		}
-
-		if ($this->encryptionManager->isEnabled() && !$proceed) {
-			return $this->error('', array('encryption' => true));
-		}
-
-		try {
-			$this->checkPasswordResetToken($token, $userId);
-			$user = $this->userManager->get($userId);
-
-			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', array('uid' => $userId, 'password' => $password));
-
-			if (!$user->setPassword($password)) {
-				throw new \Exception();
-			}
-
-			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', array('uid' => $userId, 'password' => $password));
-
-			$this->config->deleteUserValue($userId, 'core', 'lostpassword');
-			@\OC::$server->getUserSession()->unsetMagicInCookie();
-		} catch (\Exception $e){
-			return $this->error($e->getMessage());
-		}
-
-		return $this->success();
-	}
-
-	/**
-	 * @param string $input
-	 * @throws \Exception
-	 */
-	protected function sendEmail($input) {
-		$user = $this->findUserByIdOrMail($input);
-		$email = $user->getEMailAddress();
-
-		if (empty($email)) {
-			throw new \Exception(
-				$this->l10n->t('Could not send reset email because there is no email address for this username. Please contact your administrator.')
-			);
-		}
-
-		// Generate the token. It is stored encrypted in the database with the
-		// secret being the users' email address appended with the system secret.
-		// This makes the token automatically invalidate once the user changes
-		// their email address.
-		$token = $this->secureRandom->generate(
-			21,
-			ISecureRandom::CHAR_DIGITS.
-			ISecureRandom::CHAR_LOWER.
-			ISecureRandom::CHAR_UPPER
-		);
-		$tokenValue = $this->timeFactory->getTime() .':'. $token;
-		$encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
-		$this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
-
-		$link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token));
-
-		$emailTemplate = $this->mailer->createEMailTemplate('core.ResetPassword', [
-			'link' => $link,
-		]);
-
-		$emailTemplate->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()]));
-		$emailTemplate->addHeader();
-		$emailTemplate->addHeading($this->l10n->t('Password reset'));
-
-		$emailTemplate->addBodyText(
-			$this->l10n->t('Click the following button to reset your password. If you have not requested the password reset, then ignore this email.'),
-			$this->l10n->t('Click the following link to reset your password. If you have not requested the password reset, then ignore this email.')
-		);
-
-		$emailTemplate->addBodyButton(
-			$this->l10n->t('Reset your password'),
-			$link,
-			false
-		);
-		$emailTemplate->addFooter();
-
-		try {
-			$message = $this->mailer->createMessage();
-			$message->setTo([$email => $user->getUID()]);
-			$message->setFrom([$this->from => $this->defaults->getName()]);
-			$message->useTemplate($emailTemplate);
-			$this->mailer->send($message);
-		} catch (\Exception $e) {
-			throw new \Exception($this->l10n->t(
-				'Couldn\'t send reset email. Please contact your administrator.'
-			));
-		}
-	}
-
-	/**
-	 * @param string $input
-	 * @return IUser
-	 * @throws \InvalidArgumentException
-	 */
-	protected function findUserByIdOrMail($input) {
-		$user = $this->userManager->get($input);
-		if ($user instanceof IUser) {
-			if (!$user->isEnabled()) {
-				throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
-			}
-
-			return $user;
-		}
-		$users = $this->userManager->getByEmail($input);
-		if (count($users) === 1) {
-			$user = $users[0];
-			if (!$user->isEnabled()) {
-				throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
-			}
-
-			return $user;
-		}
-
-		throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
-	}
+    /** @var IURLGenerator */
+    protected $urlGenerator;
+    /** @var IUserManager */
+    protected $userManager;
+    /** @var Defaults */
+    protected $defaults;
+    /** @var IL10N */
+    protected $l10n;
+    /** @var string */
+    protected $from;
+    /** @var IManager */
+    protected $encryptionManager;
+    /** @var IConfig */
+    protected $config;
+    /** @var ISecureRandom */
+    protected $secureRandom;
+    /** @var IMailer */
+    protected $mailer;
+    /** @var ITimeFactory */
+    protected $timeFactory;
+    /** @var ICrypto */
+    protected $crypto;
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IURLGenerator $urlGenerator
+     * @param IUserManager $userManager
+     * @param Defaults $defaults
+     * @param IL10N $l10n
+     * @param IConfig $config
+     * @param ISecureRandom $secureRandom
+     * @param string $defaultMailAddress
+     * @param IManager $encryptionManager
+     * @param IMailer $mailer
+     * @param ITimeFactory $timeFactory
+     * @param ICrypto $crypto
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IURLGenerator $urlGenerator,
+                                IUserManager $userManager,
+                                Defaults $defaults,
+                                IL10N $l10n,
+                                IConfig $config,
+                                ISecureRandom $secureRandom,
+                                $defaultMailAddress,
+                                IManager $encryptionManager,
+                                IMailer $mailer,
+                                ITimeFactory $timeFactory,
+                                ICrypto $crypto) {
+        parent::__construct($appName, $request);
+        $this->urlGenerator = $urlGenerator;
+        $this->userManager = $userManager;
+        $this->defaults = $defaults;
+        $this->l10n = $l10n;
+        $this->secureRandom = $secureRandom;
+        $this->from = $defaultMailAddress;
+        $this->encryptionManager = $encryptionManager;
+        $this->config = $config;
+        $this->mailer = $mailer;
+        $this->timeFactory = $timeFactory;
+        $this->crypto = $crypto;
+    }
+
+    /**
+     * Someone wants to reset their password:
+     *
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $token
+     * @param string $userId
+     * @return TemplateResponse
+     */
+    public function resetform($token, $userId) {
+        if ($this->config->getSystemValue('lost_password_link', '') !== '') {
+            return new TemplateResponse('core', 'error', [
+                    'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
+                ],
+                'guest'
+            );
+        }
+
+        try {
+            $this->checkPasswordResetToken($token, $userId);
+        } catch (\Exception $e) {
+            return new TemplateResponse(
+                'core', 'error', [
+                    "errors" => array(array("error" => $e->getMessage()))
+                ],
+                'guest'
+            );
+        }
+
+        return new TemplateResponse(
+            'core',
+            'lostpassword/resetpassword',
+            array(
+                'link' => $this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', array('userId' => $userId, 'token' => $token)),
+            ),
+            'guest'
+        );
+    }
+
+    /**
+     * @param string $token
+     * @param string $userId
+     * @throws \Exception
+     */
+    protected function checkPasswordResetToken($token, $userId) {
+        $user = $this->userManager->get($userId);
+        if($user === null || !$user->isEnabled()) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        try {
+            $encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
+            $mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
+            $decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
+        } catch (\Exception $e) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        $splittedToken = explode(':', $decryptedToken);
+        if(count($splittedToken) !== 2) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) ||
+            $user->getLastLogin() > $splittedToken[0]) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
+        }
+
+        if (!hash_equals($splittedToken[1], $token)) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+    }
+
+    /**
+     * @param $message
+     * @param array $additional
+     * @return array
+     */
+    private function error($message, array $additional=array()) {
+        return array_merge(array('status' => 'error', 'msg' => $message), $additional);
+    }
+
+    /**
+     * @return array
+     */
+    private function success() {
+        return array('status'=>'success');
+    }
+
+    /**
+     * @PublicPage
+     * @BruteForceProtection(action=passwordResetEmail)
+     * @AnonRateThrottle(limit=10, period=300)
+     *
+     * @param string $user
+     * @return JSONResponse
+     */
+    public function email($user){
+        if ($this->config->getSystemValue('lost_password_link', '') !== '') {
+            return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));
+        }
+
+        \OCP\Util::emitHook(
+            '\OCA\Files_Sharing\API\Server2Server',
+            'preLoginNameUsedAsUserName',
+            ['uid' => &$user]
+        );
+
+        // FIXME: use HTTP error codes
+        try {
+            $this->sendEmail($user);
+        } catch (\Exception $e){
+            $response = new JSONResponse($this->error($e->getMessage()));
+            $response->throttle();
+            return $response;
+        }
+
+        $response = new JSONResponse($this->success());
+        $response->throttle();
+        return $response;
+    }
+
+    /**
+     * @PublicPage
+     * @param string $token
+     * @param string $userId
+     * @param string $password
+     * @param boolean $proceed
+     * @return array
+     */
+    public function setPassword($token, $userId, $password, $proceed) {
+        if ($this->config->getSystemValue('lost_password_link', '') !== '') {
+            return $this->error($this->l10n->t('Password reset is disabled'));
+        }
+
+        if ($this->encryptionManager->isEnabled() && !$proceed) {
+            return $this->error('', array('encryption' => true));
+        }
+
+        try {
+            $this->checkPasswordResetToken($token, $userId);
+            $user = $this->userManager->get($userId);
+
+            \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', array('uid' => $userId, 'password' => $password));
+
+            if (!$user->setPassword($password)) {
+                throw new \Exception();
+            }
+
+            \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', array('uid' => $userId, 'password' => $password));
+
+            $this->config->deleteUserValue($userId, 'core', 'lostpassword');
+            @\OC::$server->getUserSession()->unsetMagicInCookie();
+        } catch (\Exception $e){
+            return $this->error($e->getMessage());
+        }
+
+        return $this->success();
+    }
+
+    /**
+     * @param string $input
+     * @throws \Exception
+     */
+    protected function sendEmail($input) {
+        $user = $this->findUserByIdOrMail($input);
+        $email = $user->getEMailAddress();
+
+        if (empty($email)) {
+            throw new \Exception(
+                $this->l10n->t('Could not send reset email because there is no email address for this username. Please contact your administrator.')
+            );
+        }
+
+        // Generate the token. It is stored encrypted in the database with the
+        // secret being the users' email address appended with the system secret.
+        // This makes the token automatically invalidate once the user changes
+        // their email address.
+        $token = $this->secureRandom->generate(
+            21,
+            ISecureRandom::CHAR_DIGITS.
+            ISecureRandom::CHAR_LOWER.
+            ISecureRandom::CHAR_UPPER
+        );
+        $tokenValue = $this->timeFactory->getTime() .':'. $token;
+        $encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
+        $this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
+
+        $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token));
+
+        $emailTemplate = $this->mailer->createEMailTemplate('core.ResetPassword', [
+            'link' => $link,
+        ]);
+
+        $emailTemplate->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()]));
+        $emailTemplate->addHeader();
+        $emailTemplate->addHeading($this->l10n->t('Password reset'));
+
+        $emailTemplate->addBodyText(
+            $this->l10n->t('Click the following button to reset your password. If you have not requested the password reset, then ignore this email.'),
+            $this->l10n->t('Click the following link to reset your password. If you have not requested the password reset, then ignore this email.')
+        );
+
+        $emailTemplate->addBodyButton(
+            $this->l10n->t('Reset your password'),
+            $link,
+            false
+        );
+        $emailTemplate->addFooter();
+
+        try {
+            $message = $this->mailer->createMessage();
+            $message->setTo([$email => $user->getUID()]);
+            $message->setFrom([$this->from => $this->defaults->getName()]);
+            $message->useTemplate($emailTemplate);
+            $this->mailer->send($message);
+        } catch (\Exception $e) {
+            throw new \Exception($this->l10n->t(
+                'Couldn\'t send reset email. Please contact your administrator.'
+            ));
+        }
+    }
+
+    /**
+     * @param string $input
+     * @return IUser
+     * @throws \InvalidArgumentException
+     */
+    protected function findUserByIdOrMail($input) {
+        $user = $this->userManager->get($input);
+        if ($user instanceof IUser) {
+            if (!$user->isEnabled()) {
+                throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
+            }
+
+            return $user;
+        }
+        $users = $this->userManager->getByEmail($input);
+        if (count($users) === 1) {
+            $user = $users[0];
+            if (!$user->isEnabled()) {
+                throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
+            }
+
+            return $user;
+        }
+
+        throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
+    }
 }