nextcloud /
server
@@ -38,84 +38,84 @@ |
||
| 38 | 38 | use OCP\IUserSession; |
| 39 | 39 | |
| 40 | 40 | class AjaxController extends Controller { |
| 41 | - /** @var RSA */ |
|
| 42 | - private $rsaMechanism; |
|
| 43 | - /** @var GlobalAuth */ |
|
| 44 | - private $globalAuth; |
|
| 45 | - /** @var IUserSession */ |
|
| 46 | - private $userSession; |
|
| 47 | - /** @var IGroupManager */ |
|
| 48 | - private $groupManager; |
|
| 41 | + /** @var RSA */ |
|
| 42 | + private $rsaMechanism; |
|
| 43 | + /** @var GlobalAuth */ |
|
| 44 | + private $globalAuth; |
|
| 45 | + /** @var IUserSession */ |
|
| 46 | + private $userSession; |
|
| 47 | + /** @var IGroupManager */ |
|
| 48 | + private $groupManager; |
|
| 49 | 49 | |
| 50 | - /** |
|
| 51 | - * @param string $appName |
|
| 52 | - * @param IRequest $request |
|
| 53 | - * @param RSA $rsaMechanism |
|
| 54 | - * @param GlobalAuth $globalAuth |
|
| 55 | - * @param IUserSession $userSession |
|
| 56 | - * @param IGroupManager $groupManager |
|
| 57 | - */ |
|
| 58 | - public function __construct($appName, |
|
| 59 | - IRequest $request, |
|
| 60 | - RSA $rsaMechanism, |
|
| 61 | - GlobalAuth $globalAuth, |
|
| 62 | - IUserSession $userSession, |
|
| 63 | - IGroupManager $groupManager) { |
|
| 64 | - parent::__construct($appName, $request); |
|
| 65 | - $this->rsaMechanism = $rsaMechanism; |
|
| 66 | - $this->globalAuth = $globalAuth; |
|
| 67 | - $this->userSession = $userSession; |
|
| 68 | - $this->groupManager = $groupManager; |
|
| 69 | - } |
|
| 50 | + /** |
|
| 51 | + * @param string $appName |
|
| 52 | + * @param IRequest $request |
|
| 53 | + * @param RSA $rsaMechanism |
|
| 54 | + * @param GlobalAuth $globalAuth |
|
| 55 | + * @param IUserSession $userSession |
|
| 56 | + * @param IGroupManager $groupManager |
|
| 57 | + */ |
|
| 58 | + public function __construct($appName, |
|
| 59 | + IRequest $request, |
|
| 60 | + RSA $rsaMechanism, |
|
| 61 | + GlobalAuth $globalAuth, |
|
| 62 | + IUserSession $userSession, |
|
| 63 | + IGroupManager $groupManager) { |
|
| 64 | + parent::__construct($appName, $request); |
|
| 65 | + $this->rsaMechanism = $rsaMechanism; |
|
| 66 | + $this->globalAuth = $globalAuth; |
|
| 67 | + $this->userSession = $userSession; |
|
| 68 | + $this->groupManager = $groupManager; |
|
| 69 | + } |
|
| 70 | 70 | |
| 71 | - /** |
|
| 72 | - * @param int $keyLength |
|
| 73 | - * @return array |
|
| 74 | - */ |
|
| 75 | - private function generateSshKeys($keyLength) { |
|
| 76 | - $key = $this->rsaMechanism->createKey($keyLength); |
|
| 77 | - // Replace the placeholder label with a more meaningful one |
|
| 78 | - $key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']); |
|
| 71 | + /** |
|
| 72 | + * @param int $keyLength |
|
| 73 | + * @return array |
|
| 74 | + */ |
|
| 75 | + private function generateSshKeys($keyLength) { |
|
| 76 | + $key = $this->rsaMechanism->createKey($keyLength); |
|
| 77 | + // Replace the placeholder label with a more meaningful one |
|
| 78 | + $key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']); |
|
| 79 | 79 | |
| 80 | - return $key; |
|
| 81 | - } |
|
| 80 | + return $key; |
|
| 81 | + } |
|
| 82 | 82 | |
| 83 | - /** |
|
| 84 | - * Generates an SSH public/private key pair. |
|
| 85 | - * |
|
| 86 | - * @NoAdminRequired |
|
| 87 | - * @param int $keyLength |
|
| 88 | - */ |
|
| 89 | - public function getSshKeys($keyLength = 1024) { |
|
| 90 | - $key = $this->generateSshKeys($keyLength); |
|
| 91 | - return new JSONResponse( |
|
| 92 | - ['data' => [ |
|
| 93 | - 'private_key' => $key['privatekey'], |
|
| 94 | - 'public_key' => $key['publickey'] |
|
| 95 | - ], |
|
| 96 | - 'status' => 'success' |
|
| 97 | - ]); |
|
| 98 | - } |
|
| 83 | + /** |
|
| 84 | + * Generates an SSH public/private key pair. |
|
| 85 | + * |
|
| 86 | + * @NoAdminRequired |
|
| 87 | + * @param int $keyLength |
|
| 88 | + */ |
|
| 89 | + public function getSshKeys($keyLength = 1024) { |
|
| 90 | + $key = $this->generateSshKeys($keyLength); |
|
| 91 | + return new JSONResponse( |
|
| 92 | + ['data' => [ |
|
| 93 | + 'private_key' => $key['privatekey'], |
|
| 94 | + 'public_key' => $key['publickey'] |
|
| 95 | + ], |
|
| 96 | + 'status' => 'success' |
|
| 97 | + ]); |
|
| 98 | + } |
|
| 99 | 99 | |
| 100 | - /** |
|
| 101 | - * @NoAdminRequired |
|
| 102 | - * |
|
| 103 | - * @param string $uid |
|
| 104 | - * @param string $user |
|
| 105 | - * @param string $password |
|
| 106 | - * @return bool |
|
| 107 | - */ |
|
| 108 | - public function saveGlobalCredentials($uid, $user, $password) { |
|
| 109 | - $currentUser = $this->userSession->getUser(); |
|
| 100 | + /** |
|
| 101 | + * @NoAdminRequired |
|
| 102 | + * |
|
| 103 | + * @param string $uid |
|
| 104 | + * @param string $user |
|
| 105 | + * @param string $password |
|
| 106 | + * @return bool |
|
| 107 | + */ |
|
| 108 | + public function saveGlobalCredentials($uid, $user, $password) { |
|
| 109 | + $currentUser = $this->userSession->getUser(); |
|
| 110 | 110 | |
| 111 | - // Non-admins can only edit their own credentials |
|
| 112 | - $allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid); |
|
| 111 | + // Non-admins can only edit their own credentials |
|
| 112 | + $allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid); |
|
| 113 | 113 | |
| 114 | - if ($allowedToEdit) { |
|
| 115 | - $this->globalAuth->saveAuth($uid, $user, $password); |
|
| 116 | - return true; |
|
| 117 | - } else { |
|
| 118 | - return false; |
|
| 119 | - } |
|
| 120 | - } |
|
| 114 | + if ($allowedToEdit) { |
|
| 115 | + $this->globalAuth->saveAuth($uid, $user, $password); |
|
| 116 | + return true; |
|
| 117 | + } else { |
|
| 118 | + return false; |
|
| 119 | + } |
|
| 120 | + } |
|
| 121 | 121 | } |
@@ -30,7 +30,7 @@ |
||
| 30 | 30 | <h2><?php p($l->t('Connect to your account')) ?></h2> |
| 31 | 31 | <p class="info"> |
| 32 | 32 | <?php print_unescaped($l->t('Please log in before granting %1$s access to your %2$s account.', [ |
| 33 | - '<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>', |
|
| 33 | + '<strong>'.\OCP\Util::sanitizeHTML($_['client']).'</strong>', |
|
| 34 | 34 | \OCP\Util::sanitizeHTML($_['instanceName']) |
| 35 | 35 | ])) ?> |
| 36 | 36 | </p> |
@@ -31,9 +31,9 @@ |
||
| 31 | 31 | <h2><?php p($l->t('Connect to your account')) ?></h2> |
| 32 | 32 | <p class="info"> |
| 33 | 33 | <?php print_unescaped($l->t('Please log in before granting %1$s access to your %2$s account.', [ |
| 34 | - '<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>', |
|
| 35 | - \OCP\Util::sanitizeHTML($_['instanceName']) |
|
| 36 | - ])) ?> |
|
| 34 | + '<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>', |
|
| 35 | + \OCP\Util::sanitizeHTML($_['instanceName']) |
|
| 36 | + ])) ?> |
|
| 37 | 37 | </p> |
| 38 | 38 | |
| 39 | 39 | <div class="notecard warning"> |
@@ -24,14 +24,14 @@ |
||
| 24 | 24 | namespace OCA\User_LDAP; |
| 25 | 25 | |
| 26 | 26 | class ConnectionFactory { |
| 27 | - /** @var ILDAPWrapper */ |
|
| 28 | - private $ldap; |
|
| 27 | + /** @var ILDAPWrapper */ |
|
| 28 | + private $ldap; |
|
| 29 | 29 | |
| 30 | - public function __construct(ILDAPWrapper $ldap) { |
|
| 31 | - $this->ldap = $ldap; |
|
| 32 | - } |
|
| 30 | + public function __construct(ILDAPWrapper $ldap) { |
|
| 31 | + $this->ldap = $ldap; |
|
| 32 | + } |
|
| 33 | 33 | |
| 34 | - public function get($prefix) { |
|
| 35 | - return new Connection($this->ldap, $prefix, 'user_ldap'); |
|
| 36 | - } |
|
| 34 | + public function get($prefix) { |
|
| 35 | + return new Connection($this->ldap, $prefix, 'user_ldap'); |
|
| 36 | + } |
|
| 37 | 37 | } |
@@ -28,7 +28,7 @@ |
||
| 28 | 28 | namespace OCA\Files_Trashbin\Sabre; |
| 29 | 29 | |
| 30 | 30 | class TrashFolderFile extends AbstractTrashFile { |
| 31 | - public function get() { |
|
| 32 | - return $this->data->getStorage()->fopen($this->data->getInternalPath(), 'rb'); |
|
| 33 | - } |
|
| 31 | + public function get() { |
|
| 32 | + return $this->data->getStorage()->fopen($this->data->getInternalPath(), 'rb'); |
|
| 33 | + } |
|
| 34 | 34 | } |
@@ -28,11 +28,11 @@ |
||
| 28 | 28 | namespace OC\Authentication\Token; |
| 29 | 29 | |
| 30 | 30 | interface INamedToken extends IToken { |
| 31 | - /** |
|
| 32 | - * Set token name |
|
| 33 | - * |
|
| 34 | - * @param string $name |
|
| 35 | - * @return void |
|
| 36 | - */ |
|
| 37 | - public function setName(string $name): void; |
|
| 31 | + /** |
|
| 32 | + * Set token name |
|
| 33 | + * |
|
| 34 | + * @param string $name |
|
| 35 | + * @return void |
|
| 36 | + */ |
|
| 37 | + public function setName(string $name): void; |
|
| 38 | 38 | } |
@@ -57,7 +57,7 @@ |
||
| 57 | 57 | } |
| 58 | 58 | |
| 59 | 59 | protected function run($argument) { |
| 60 | - $this->userManager->callForSeenUsers(function (IUser $user) { |
|
| 60 | + $this->userManager->callForSeenUsers(function(IUser $user) { |
|
| 61 | 61 | $providers = $this->registry->getProviderStates($user); |
| 62 | 62 | $isTwoFactorAuthenticated = $this->twofactorManager->isTwoFactorAuthenticated($user); |
| 63 | 63 | |
@@ -37,34 +37,34 @@ |
||
| 37 | 37 | |
| 38 | 38 | class CheckBackupCodes extends QueuedJob { |
| 39 | 39 | |
| 40 | - /** @var IUserManager */ |
|
| 41 | - private $userManager; |
|
| 40 | + /** @var IUserManager */ |
|
| 41 | + private $userManager; |
|
| 42 | 42 | |
| 43 | - /** @var IJobList */ |
|
| 44 | - private $jobList; |
|
| 43 | + /** @var IJobList */ |
|
| 44 | + private $jobList; |
|
| 45 | 45 | |
| 46 | - /** @var IRegistry */ |
|
| 47 | - private $registry; |
|
| 46 | + /** @var IRegistry */ |
|
| 47 | + private $registry; |
|
| 48 | 48 | |
| 49 | - /** @var Manager */ |
|
| 50 | - private $twofactorManager; |
|
| 49 | + /** @var Manager */ |
|
| 50 | + private $twofactorManager; |
|
| 51 | 51 | |
| 52 | - public function __construct(ITimeFactory $timeFactory, IUserManager $userManager, IJobList $jobList, Manager $twofactorManager, IRegistry $registry) { |
|
| 53 | - parent::__construct($timeFactory); |
|
| 54 | - $this->userManager = $userManager; |
|
| 55 | - $this->jobList = $jobList; |
|
| 56 | - $this->twofactorManager = $twofactorManager; |
|
| 57 | - $this->registry = $registry; |
|
| 58 | - } |
|
| 52 | + public function __construct(ITimeFactory $timeFactory, IUserManager $userManager, IJobList $jobList, Manager $twofactorManager, IRegistry $registry) { |
|
| 53 | + parent::__construct($timeFactory); |
|
| 54 | + $this->userManager = $userManager; |
|
| 55 | + $this->jobList = $jobList; |
|
| 56 | + $this->twofactorManager = $twofactorManager; |
|
| 57 | + $this->registry = $registry; |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - protected function run($argument) { |
|
| 61 | - $this->userManager->callForSeenUsers(function (IUser $user) { |
|
| 62 | - $providers = $this->registry->getProviderStates($user); |
|
| 63 | - $isTwoFactorAuthenticated = $this->twofactorManager->isTwoFactorAuthenticated($user); |
|
| 60 | + protected function run($argument) { |
|
| 61 | + $this->userManager->callForSeenUsers(function (IUser $user) { |
|
| 62 | + $providers = $this->registry->getProviderStates($user); |
|
| 63 | + $isTwoFactorAuthenticated = $this->twofactorManager->isTwoFactorAuthenticated($user); |
|
| 64 | 64 | |
| 65 | - if ($isTwoFactorAuthenticated && isset($providers['backup_codes']) && $providers['backup_codes'] === false) { |
|
| 66 | - $this->jobList->add(RememberBackupCodesJob::class, ['uid' => $user->getUID()]); |
|
| 67 | - } |
|
| 68 | - }); |
|
| 69 | - } |
|
| 65 | + if ($isTwoFactorAuthenticated && isset($providers['backup_codes']) && $providers['backup_codes'] === false) { |
|
| 66 | + $this->jobList->add(RememberBackupCodesJob::class, ['uid' => $user->getUID()]); |
|
| 67 | + } |
|
| 68 | + }); |
|
| 69 | + } |
|
| 70 | 70 | } |
@@ -143,7 +143,7 @@ |
||
| 143 | 143 | * @return boolean |
| 144 | 144 | */ |
| 145 | 145 | public function isActive(IUser $user): bool { |
| 146 | - $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function ($appId) { |
|
| 146 | + $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function($appId) { |
|
| 147 | 147 | return $appId !== $this->appName; |
| 148 | 148 | }); |
| 149 | 149 | foreach ($appIds as $appId) { |
@@ -40,132 +40,132 @@ |
||
| 40 | 40 | |
| 41 | 41 | class BackupCodesProvider implements IDeactivatableByAdmin, IProvidesPersonalSettings { |
| 42 | 42 | |
| 43 | - /** @var string */ |
|
| 44 | - private $appName; |
|
| 45 | - |
|
| 46 | - /** @var BackupCodeStorage */ |
|
| 47 | - private $storage; |
|
| 48 | - |
|
| 49 | - /** @var IL10N */ |
|
| 50 | - private $l10n; |
|
| 51 | - |
|
| 52 | - /** @var AppManager */ |
|
| 53 | - private $appManager; |
|
| 54 | - /** @var IInitialStateService */ |
|
| 55 | - private $initialStateService; |
|
| 56 | - |
|
| 57 | - /** |
|
| 58 | - * @param string $appName |
|
| 59 | - * @param BackupCodeStorage $storage |
|
| 60 | - * @param IL10N $l10n |
|
| 61 | - * @param AppManager $appManager |
|
| 62 | - */ |
|
| 63 | - public function __construct(string $appName, |
|
| 64 | - BackupCodeStorage $storage, |
|
| 65 | - IL10N $l10n, |
|
| 66 | - AppManager $appManager, |
|
| 67 | - IInitialStateService $initialStateService) { |
|
| 68 | - $this->appName = $appName; |
|
| 69 | - $this->l10n = $l10n; |
|
| 70 | - $this->storage = $storage; |
|
| 71 | - $this->appManager = $appManager; |
|
| 72 | - $this->initialStateService = $initialStateService; |
|
| 73 | - } |
|
| 74 | - |
|
| 75 | - /** |
|
| 76 | - * Get unique identifier of this 2FA provider |
|
| 77 | - * |
|
| 78 | - * @return string |
|
| 79 | - */ |
|
| 80 | - public function getId(): string { |
|
| 81 | - return 'backup_codes'; |
|
| 82 | - } |
|
| 83 | - |
|
| 84 | - /** |
|
| 85 | - * Get the display name for selecting the 2FA provider |
|
| 86 | - * |
|
| 87 | - * @return string |
|
| 88 | - */ |
|
| 89 | - public function getDisplayName(): string { |
|
| 90 | - return $this->l10n->t('Backup code'); |
|
| 91 | - } |
|
| 92 | - |
|
| 93 | - /** |
|
| 94 | - * Get the description for selecting the 2FA provider |
|
| 95 | - * |
|
| 96 | - * @return string |
|
| 97 | - */ |
|
| 98 | - public function getDescription(): string { |
|
| 99 | - return $this->l10n->t('Use backup code'); |
|
| 100 | - } |
|
| 101 | - |
|
| 102 | - /** |
|
| 103 | - * Get the template for rending the 2FA provider view |
|
| 104 | - * |
|
| 105 | - * @param IUser $user |
|
| 106 | - * @return Template |
|
| 107 | - */ |
|
| 108 | - public function getTemplate(IUser $user): Template { |
|
| 109 | - return new Template('twofactor_backupcodes', 'challenge'); |
|
| 110 | - } |
|
| 111 | - |
|
| 112 | - /** |
|
| 113 | - * Verify the given challenge |
|
| 114 | - * |
|
| 115 | - * @param IUser $user |
|
| 116 | - * @param string $challenge |
|
| 117 | - * @return bool |
|
| 118 | - */ |
|
| 119 | - public function verifyChallenge(IUser $user, string $challenge): bool { |
|
| 120 | - return $this->storage->validateCode($user, $challenge); |
|
| 121 | - } |
|
| 122 | - |
|
| 123 | - /** |
|
| 124 | - * Decides whether 2FA is enabled for the given user |
|
| 125 | - * |
|
| 126 | - * @param IUser $user |
|
| 127 | - * @return boolean |
|
| 128 | - */ |
|
| 129 | - public function isTwoFactorAuthEnabledForUser(IUser $user): bool { |
|
| 130 | - return $this->storage->hasBackupCodes($user); |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - /** |
|
| 134 | - * Determine whether backup codes should be active or not |
|
| 135 | - * |
|
| 136 | - * Backup codes only make sense if at least one 2FA provider is active, |
|
| 137 | - * hence this method checks all enabled apps on whether they provide 2FA |
|
| 138 | - * functionality or not. If there's at least one app, backup codes are |
|
| 139 | - * enabled on the personal settings page. |
|
| 140 | - * |
|
| 141 | - * @param IUser $user |
|
| 142 | - * @return boolean |
|
| 143 | - */ |
|
| 144 | - public function isActive(IUser $user): bool { |
|
| 145 | - $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function ($appId) { |
|
| 146 | - return $appId !== $this->appName; |
|
| 147 | - }); |
|
| 148 | - foreach ($appIds as $appId) { |
|
| 149 | - $info = $this->appManager->getAppInfo($appId); |
|
| 150 | - if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) { |
|
| 151 | - return true; |
|
| 152 | - } |
|
| 153 | - } |
|
| 154 | - return false; |
|
| 155 | - } |
|
| 156 | - |
|
| 157 | - /** |
|
| 158 | - * @param IUser $user |
|
| 159 | - * |
|
| 160 | - * @return IPersonalProviderSettings |
|
| 161 | - */ |
|
| 162 | - public function getPersonalSettings(IUser $user): IPersonalProviderSettings { |
|
| 163 | - $state = $this->storage->getBackupCodesState($user); |
|
| 164 | - $this->initialStateService->provideInitialState($this->appName, 'state', $state); |
|
| 165 | - return new Personal(); |
|
| 166 | - } |
|
| 167 | - |
|
| 168 | - public function disableFor(IUser $user) { |
|
| 169 | - $this->storage->deleteCodes($user); |
|
| 170 | - } |
|
| 43 | + /** @var string */ |
|
| 44 | + private $appName; |
|
| 45 | + |
|
| 46 | + /** @var BackupCodeStorage */ |
|
| 47 | + private $storage; |
|
| 48 | + |
|
| 49 | + /** @var IL10N */ |
|
| 50 | + private $l10n; |
|
| 51 | + |
|
| 52 | + /** @var AppManager */ |
|
| 53 | + private $appManager; |
|
| 54 | + /** @var IInitialStateService */ |
|
| 55 | + private $initialStateService; |
|
| 56 | + |
|
| 57 | + /** |
|
| 58 | + * @param string $appName |
|
| 59 | + * @param BackupCodeStorage $storage |
|
| 60 | + * @param IL10N $l10n |
|
| 61 | + * @param AppManager $appManager |
|
| 62 | + */ |
|
| 63 | + public function __construct(string $appName, |
|
| 64 | + BackupCodeStorage $storage, |
|
| 65 | + IL10N $l10n, |
|
| 66 | + AppManager $appManager, |
|
| 67 | + IInitialStateService $initialStateService) { |
|
| 68 | + $this->appName = $appName; |
|
| 69 | + $this->l10n = $l10n; |
|
| 70 | + $this->storage = $storage; |
|
| 71 | + $this->appManager = $appManager; |
|
| 72 | + $this->initialStateService = $initialStateService; |
|
| 73 | + } |
|
| 74 | + |
|
| 75 | + /** |
|
| 76 | + * Get unique identifier of this 2FA provider |
|
| 77 | + * |
|
| 78 | + * @return string |
|
| 79 | + */ |
|
| 80 | + public function getId(): string { |
|
| 81 | + return 'backup_codes'; |
|
| 82 | + } |
|
| 83 | + |
|
| 84 | + /** |
|
| 85 | + * Get the display name for selecting the 2FA provider |
|
| 86 | + * |
|
| 87 | + * @return string |
|
| 88 | + */ |
|
| 89 | + public function getDisplayName(): string { |
|
| 90 | + return $this->l10n->t('Backup code'); |
|
| 91 | + } |
|
| 92 | + |
|
| 93 | + /** |
|
| 94 | + * Get the description for selecting the 2FA provider |
|
| 95 | + * |
|
| 96 | + * @return string |
|
| 97 | + */ |
|
| 98 | + public function getDescription(): string { |
|
| 99 | + return $this->l10n->t('Use backup code'); |
|
| 100 | + } |
|
| 101 | + |
|
| 102 | + /** |
|
| 103 | + * Get the template for rending the 2FA provider view |
|
| 104 | + * |
|
| 105 | + * @param IUser $user |
|
| 106 | + * @return Template |
|
| 107 | + */ |
|
| 108 | + public function getTemplate(IUser $user): Template { |
|
| 109 | + return new Template('twofactor_backupcodes', 'challenge'); |
|
| 110 | + } |
|
| 111 | + |
|
| 112 | + /** |
|
| 113 | + * Verify the given challenge |
|
| 114 | + * |
|
| 115 | + * @param IUser $user |
|
| 116 | + * @param string $challenge |
|
| 117 | + * @return bool |
|
| 118 | + */ |
|
| 119 | + public function verifyChallenge(IUser $user, string $challenge): bool { |
|
| 120 | + return $this->storage->validateCode($user, $challenge); |
|
| 121 | + } |
|
| 122 | + |
|
| 123 | + /** |
|
| 124 | + * Decides whether 2FA is enabled for the given user |
|
| 125 | + * |
|
| 126 | + * @param IUser $user |
|
| 127 | + * @return boolean |
|
| 128 | + */ |
|
| 129 | + public function isTwoFactorAuthEnabledForUser(IUser $user): bool { |
|
| 130 | + return $this->storage->hasBackupCodes($user); |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + /** |
|
| 134 | + * Determine whether backup codes should be active or not |
|
| 135 | + * |
|
| 136 | + * Backup codes only make sense if at least one 2FA provider is active, |
|
| 137 | + * hence this method checks all enabled apps on whether they provide 2FA |
|
| 138 | + * functionality or not. If there's at least one app, backup codes are |
|
| 139 | + * enabled on the personal settings page. |
|
| 140 | + * |
|
| 141 | + * @param IUser $user |
|
| 142 | + * @return boolean |
|
| 143 | + */ |
|
| 144 | + public function isActive(IUser $user): bool { |
|
| 145 | + $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function ($appId) { |
|
| 146 | + return $appId !== $this->appName; |
|
| 147 | + }); |
|
| 148 | + foreach ($appIds as $appId) { |
|
| 149 | + $info = $this->appManager->getAppInfo($appId); |
|
| 150 | + if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) { |
|
| 151 | + return true; |
|
| 152 | + } |
|
| 153 | + } |
|
| 154 | + return false; |
|
| 155 | + } |
|
| 156 | + |
|
| 157 | + /** |
|
| 158 | + * @param IUser $user |
|
| 159 | + * |
|
| 160 | + * @return IPersonalProviderSettings |
|
| 161 | + */ |
|
| 162 | + public function getPersonalSettings(IUser $user): IPersonalProviderSettings { |
|
| 163 | + $state = $this->storage->getBackupCodesState($user); |
|
| 164 | + $this->initialStateService->provideInitialState($this->appName, 'state', $state); |
|
| 165 | + return new Personal(); |
|
| 166 | + } |
|
| 167 | + |
|
| 168 | + public function disableFor(IUser $user) { |
|
| 169 | + $this->storage->deleteCodes($user); |
|
| 170 | + } |
|
| 171 | 171 | } |
@@ -32,37 +32,37 @@ |
||
| 32 | 32 | |
| 33 | 33 | class RegisterRegenerateBirthdayCalendars extends QueuedJob { |
| 34 | 34 | |
| 35 | - /** @var IUserManager */ |
|
| 36 | - private $userManager; |
|
| 35 | + /** @var IUserManager */ |
|
| 36 | + private $userManager; |
|
| 37 | 37 | |
| 38 | - /** @var IJobList */ |
|
| 39 | - private $jobList; |
|
| 38 | + /** @var IJobList */ |
|
| 39 | + private $jobList; |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * RegisterRegenerateBirthdayCalendars constructor. |
|
| 43 | - * |
|
| 44 | - * @param ITimeFactory $time |
|
| 45 | - * @param IUserManager $userManager |
|
| 46 | - * @param IJobList $jobList |
|
| 47 | - */ |
|
| 48 | - public function __construct(ITimeFactory $time, |
|
| 49 | - IUserManager $userManager, |
|
| 50 | - IJobList $jobList) { |
|
| 51 | - parent::__construct($time); |
|
| 52 | - $this->userManager = $userManager; |
|
| 53 | - $this->jobList = $jobList; |
|
| 54 | - } |
|
| 41 | + /** |
|
| 42 | + * RegisterRegenerateBirthdayCalendars constructor. |
|
| 43 | + * |
|
| 44 | + * @param ITimeFactory $time |
|
| 45 | + * @param IUserManager $userManager |
|
| 46 | + * @param IJobList $jobList |
|
| 47 | + */ |
|
| 48 | + public function __construct(ITimeFactory $time, |
|
| 49 | + IUserManager $userManager, |
|
| 50 | + IJobList $jobList) { |
|
| 51 | + parent::__construct($time); |
|
| 52 | + $this->userManager = $userManager; |
|
| 53 | + $this->jobList = $jobList; |
|
| 54 | + } |
|
| 55 | 55 | |
| 56 | - /** |
|
| 57 | - * @inheritDoc |
|
| 58 | - */ |
|
| 59 | - public function run($argument) { |
|
| 60 | - $this->userManager->callForSeenUsers(function (IUser $user) { |
|
| 61 | - $this->jobList->add(GenerateBirthdayCalendarBackgroundJob::class, [ |
|
| 62 | - 'userId' => $user->getUID(), |
|
| 63 | - 'purgeBeforeGenerating' => true |
|
| 64 | - ]); |
|
| 65 | - }); |
|
| 66 | - } |
|
| 56 | + /** |
|
| 57 | + * @inheritDoc |
|
| 58 | + */ |
|
| 59 | + public function run($argument) { |
|
| 60 | + $this->userManager->callForSeenUsers(function (IUser $user) { |
|
| 61 | + $this->jobList->add(GenerateBirthdayCalendarBackgroundJob::class, [ |
|
| 62 | + 'userId' => $user->getUID(), |
|
| 63 | + 'purgeBeforeGenerating' => true |
|
| 64 | + ]); |
|
| 65 | + }); |
|
| 66 | + } |
|
| 67 | 67 | |
| 68 | 68 | } |
@@ -57,7 +57,7 @@ |
||
| 57 | 57 | * @inheritDoc |
| 58 | 58 | */ |
| 59 | 59 | public function run($argument) { |
| 60 | - $this->userManager->callForSeenUsers(function (IUser $user) { |
|
| 60 | + $this->userManager->callForSeenUsers(function(IUser $user) { |
|
| 61 | 61 | $this->jobList->add(GenerateBirthdayCalendarBackgroundJob::class, [ |
| 62 | 62 | 'userId' => $user->getUID(), |
| 63 | 63 | 'purgeBeforeGenerating' => true |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | |
| 73 | 73 | $addressBooks = $this->carddavBackend->getAddressBooksForUser($this->principalUri); |
| 74 | 74 | /** @var IAddressBook[] $objects */ |
| 75 | - $objects = array_map(function (array $addressBook) { |
|
| 75 | + $objects = array_map(function(array $addressBook) { |
|
| 76 | 76 | if ($addressBook['principaluri'] === 'principals/system/system') { |
| 77 | 77 | return new SystemAddressbook($this->carddavBackend, $addressBook, $this->l10n, $this->config); |
| 78 | 78 | } |
@@ -80,7 +80,7 @@ discard block |
||
| 80 | 80 | return new AddressBook($this->carddavBackend, $addressBook, $this->l10n); |
| 81 | 81 | }, $addressBooks); |
| 82 | 82 | /** @var IAddressBook[][] $objectsFromPlugins */ |
| 83 | - $objectsFromPlugins = array_map(function (IAddressBookProvider $plugin): array { |
|
| 83 | + $objectsFromPlugins = array_map(function(IAddressBookProvider $plugin): array { |
|
| 84 | 84 | return $plugin->fetchAllForAddressBookHome($this->principalUri); |
| 85 | 85 | }, $this->pluginManager->getAddressBookPlugins()); |
| 86 | 86 | |
@@ -41,82 +41,82 @@ |
||
| 41 | 41 | |
| 42 | 42 | class UserAddressBooks extends \Sabre\CardDAV\AddressBookHome { |
| 43 | 43 | |
| 44 | - /** @var IL10N */ |
|
| 45 | - protected $l10n; |
|
| 46 | - |
|
| 47 | - /** @var IConfig */ |
|
| 48 | - protected $config; |
|
| 49 | - |
|
| 50 | - /** @var PluginManager */ |
|
| 51 | - private $pluginManager; |
|
| 52 | - |
|
| 53 | - public function __construct(Backend\BackendInterface $carddavBackend, |
|
| 54 | - string $principalUri, |
|
| 55 | - PluginManager $pluginManager) { |
|
| 56 | - parent::__construct($carddavBackend, $principalUri); |
|
| 57 | - $this->pluginManager = $pluginManager; |
|
| 58 | - } |
|
| 59 | - |
|
| 60 | - /** |
|
| 61 | - * Returns a list of address books |
|
| 62 | - * |
|
| 63 | - * @return IAddressBook[] |
|
| 64 | - */ |
|
| 65 | - public function getChildren() { |
|
| 66 | - if ($this->l10n === null) { |
|
| 67 | - $this->l10n = \OC::$server->getL10N('dav'); |
|
| 68 | - } |
|
| 69 | - if ($this->config === null) { |
|
| 70 | - $this->config = \OC::$server->getConfig(); |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - $addressBooks = $this->carddavBackend->getAddressBooksForUser($this->principalUri); |
|
| 74 | - /** @var IAddressBook[] $objects */ |
|
| 75 | - $objects = array_map(function (array $addressBook) { |
|
| 76 | - if ($addressBook['principaluri'] === 'principals/system/system') { |
|
| 77 | - return new SystemAddressbook($this->carddavBackend, $addressBook, $this->l10n, $this->config); |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - return new AddressBook($this->carddavBackend, $addressBook, $this->l10n); |
|
| 81 | - }, $addressBooks); |
|
| 82 | - /** @var IAddressBook[][] $objectsFromPlugins */ |
|
| 83 | - $objectsFromPlugins = array_map(function (IAddressBookProvider $plugin): array { |
|
| 84 | - return $plugin->fetchAllForAddressBookHome($this->principalUri); |
|
| 85 | - }, $this->pluginManager->getAddressBookPlugins()); |
|
| 86 | - |
|
| 87 | - return array_merge($objects, ...$objectsFromPlugins); |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - public function createExtendedCollection($name, MkCol $mkCol) { |
|
| 91 | - if (ExternalAddressBook::doesViolateReservedName($name)) { |
|
| 92 | - throw new MethodNotAllowed('The resource you tried to create has a reserved name'); |
|
| 93 | - } |
|
| 94 | - |
|
| 95 | - parent::createExtendedCollection($name, $mkCol); |
|
| 96 | - } |
|
| 97 | - |
|
| 98 | - /** |
|
| 99 | - * Returns a list of ACE's for this node. |
|
| 100 | - * |
|
| 101 | - * Each ACE has the following properties: |
|
| 102 | - * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are |
|
| 103 | - * currently the only supported privileges |
|
| 104 | - * * 'principal', a url to the principal who owns the node |
|
| 105 | - * * 'protected' (optional), indicating that this ACE is not allowed to |
|
| 106 | - * be updated. |
|
| 107 | - * |
|
| 108 | - * @return array |
|
| 109 | - */ |
|
| 110 | - public function getACL() { |
|
| 111 | - $acl = parent::getACL(); |
|
| 112 | - if ($this->principalUri === 'principals/system/system') { |
|
| 113 | - $acl[] = [ |
|
| 114 | - 'privilege' => '{DAV:}read', |
|
| 115 | - 'principal' => '{DAV:}authenticated', |
|
| 116 | - 'protected' => true, |
|
| 117 | - ]; |
|
| 118 | - } |
|
| 119 | - |
|
| 120 | - return $acl; |
|
| 121 | - } |
|
| 44 | + /** @var IL10N */ |
|
| 45 | + protected $l10n; |
|
| 46 | + |
|
| 47 | + /** @var IConfig */ |
|
| 48 | + protected $config; |
|
| 49 | + |
|
| 50 | + /** @var PluginManager */ |
|
| 51 | + private $pluginManager; |
|
| 52 | + |
|
| 53 | + public function __construct(Backend\BackendInterface $carddavBackend, |
|
| 54 | + string $principalUri, |
|
| 55 | + PluginManager $pluginManager) { |
|
| 56 | + parent::__construct($carddavBackend, $principalUri); |
|
| 57 | + $this->pluginManager = $pluginManager; |
|
| 58 | + } |
|
| 59 | + |
|
| 60 | + /** |
|
| 61 | + * Returns a list of address books |
|
| 62 | + * |
|
| 63 | + * @return IAddressBook[] |
|
| 64 | + */ |
|
| 65 | + public function getChildren() { |
|
| 66 | + if ($this->l10n === null) { |
|
| 67 | + $this->l10n = \OC::$server->getL10N('dav'); |
|
| 68 | + } |
|
| 69 | + if ($this->config === null) { |
|
| 70 | + $this->config = \OC::$server->getConfig(); |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + $addressBooks = $this->carddavBackend->getAddressBooksForUser($this->principalUri); |
|
| 74 | + /** @var IAddressBook[] $objects */ |
|
| 75 | + $objects = array_map(function (array $addressBook) { |
|
| 76 | + if ($addressBook['principaluri'] === 'principals/system/system') { |
|
| 77 | + return new SystemAddressbook($this->carddavBackend, $addressBook, $this->l10n, $this->config); |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + return new AddressBook($this->carddavBackend, $addressBook, $this->l10n); |
|
| 81 | + }, $addressBooks); |
|
| 82 | + /** @var IAddressBook[][] $objectsFromPlugins */ |
|
| 83 | + $objectsFromPlugins = array_map(function (IAddressBookProvider $plugin): array { |
|
| 84 | + return $plugin->fetchAllForAddressBookHome($this->principalUri); |
|
| 85 | + }, $this->pluginManager->getAddressBookPlugins()); |
|
| 86 | + |
|
| 87 | + return array_merge($objects, ...$objectsFromPlugins); |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + public function createExtendedCollection($name, MkCol $mkCol) { |
|
| 91 | + if (ExternalAddressBook::doesViolateReservedName($name)) { |
|
| 92 | + throw new MethodNotAllowed('The resource you tried to create has a reserved name'); |
|
| 93 | + } |
|
| 94 | + |
|
| 95 | + parent::createExtendedCollection($name, $mkCol); |
|
| 96 | + } |
|
| 97 | + |
|
| 98 | + /** |
|
| 99 | + * Returns a list of ACE's for this node. |
|
| 100 | + * |
|
| 101 | + * Each ACE has the following properties: |
|
| 102 | + * * 'privilege', a string such as {DAV:}read or {DAV:}write. These are |
|
| 103 | + * currently the only supported privileges |
|
| 104 | + * * 'principal', a url to the principal who owns the node |
|
| 105 | + * * 'protected' (optional), indicating that this ACE is not allowed to |
|
| 106 | + * be updated. |
|
| 107 | + * |
|
| 108 | + * @return array |
|
| 109 | + */ |
|
| 110 | + public function getACL() { |
|
| 111 | + $acl = parent::getACL(); |
|
| 112 | + if ($this->principalUri === 'principals/system/system') { |
|
| 113 | + $acl[] = [ |
|
| 114 | + 'privilege' => '{DAV:}read', |
|
| 115 | + 'principal' => '{DAV:}authenticated', |
|
| 116 | + 'protected' => true, |
|
| 117 | + ]; |
|
| 118 | + } |
|
| 119 | + |
|
| 120 | + return $acl; |
|
| 121 | + } |
|
| 122 | 122 | } |
