nextcloud /
server
@@ -41,99 +41,99 @@ |
||
| 41 | 41 | |
| 42 | 42 | class ResetPassword extends Command { |
| 43 | 43 | |
| 44 | - /** @var IUserManager */ |
|
| 45 | - protected $userManager; |
|
| 46 | - |
|
| 47 | - public function __construct(IUserManager $userManager) { |
|
| 48 | - $this->userManager = $userManager; |
|
| 49 | - parent::__construct(); |
|
| 50 | - } |
|
| 51 | - |
|
| 52 | - protected function configure() { |
|
| 53 | - $this |
|
| 54 | - ->setName('user:resetpassword') |
|
| 55 | - ->setDescription('Resets the password of the named user') |
|
| 56 | - ->addArgument( |
|
| 57 | - 'user', |
|
| 58 | - InputArgument::REQUIRED, |
|
| 59 | - 'Username to reset password' |
|
| 60 | - ) |
|
| 61 | - ->addOption( |
|
| 62 | - 'password-from-env', |
|
| 63 | - null, |
|
| 64 | - InputOption::VALUE_NONE, |
|
| 65 | - 'read password from environment variable OC_PASS' |
|
| 66 | - ) |
|
| 67 | - ; |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 71 | - $username = $input->getArgument('user'); |
|
| 72 | - |
|
| 73 | - /** @var $user \OCP\IUser */ |
|
| 74 | - $user = $this->userManager->get($username); |
|
| 75 | - if (is_null($user)) { |
|
| 76 | - $output->writeln('<error>User does not exist</error>'); |
|
| 77 | - return 1; |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - if ($input->getOption('password-from-env')) { |
|
| 81 | - $password = getenv('OC_PASS'); |
|
| 82 | - if (!$password) { |
|
| 83 | - $output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>'); |
|
| 84 | - return 1; |
|
| 85 | - } |
|
| 86 | - } elseif ($input->isInteractive()) { |
|
| 87 | - /** @var QuestionHelper $helper */ |
|
| 88 | - $helper = $this->getHelper('question'); |
|
| 89 | - |
|
| 90 | - if (\OCP\App::isEnabled('encryption')) { |
|
| 91 | - $output->writeln( |
|
| 92 | - '<error>Warning: Resetting the password when using encryption will result in data loss!</error>' |
|
| 93 | - ); |
|
| 94 | - |
|
| 95 | - $question = new ConfirmationQuestion('Do you want to continue?'); |
|
| 96 | - if (!$helper->ask($input, $output, $question)) { |
|
| 97 | - return 1; |
|
| 98 | - } |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - $question = new Question('Enter a new password: '); |
|
| 102 | - $question->setHidden(true); |
|
| 103 | - $password = $helper->ask($input, $output, $question); |
|
| 104 | - |
|
| 105 | - if ($password === null) { |
|
| 106 | - $output->writeln("<error>Password cannot be empty!</error>"); |
|
| 107 | - return 1; |
|
| 108 | - } |
|
| 109 | - |
|
| 110 | - $question = new Question('Confirm the new password: '); |
|
| 111 | - $question->setHidden(true); |
|
| 112 | - $confirm = $helper->ask($input, $output, $question); |
|
| 113 | - |
|
| 114 | - if ($password !== $confirm) { |
|
| 115 | - $output->writeln("<error>Passwords did not match!</error>"); |
|
| 116 | - return 1; |
|
| 117 | - } |
|
| 118 | - } else { |
|
| 119 | - $output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>"); |
|
| 120 | - return 1; |
|
| 121 | - } |
|
| 122 | - |
|
| 123 | - |
|
| 124 | - try { |
|
| 125 | - $success = $user->setPassword($password); |
|
| 126 | - } catch (\Exception $e) { |
|
| 127 | - $output->writeln('<error>' . $e->getMessage() . '</error>'); |
|
| 128 | - return 1; |
|
| 129 | - } |
|
| 130 | - |
|
| 131 | - if ($success) { |
|
| 132 | - $output->writeln("<info>Successfully reset password for " . $username . "</info>"); |
|
| 133 | - } else { |
|
| 134 | - $output->writeln("<error>Error while resetting password!</error>"); |
|
| 135 | - return 1; |
|
| 136 | - } |
|
| 137 | - return 0; |
|
| 138 | - } |
|
| 44 | + /** @var IUserManager */ |
|
| 45 | + protected $userManager; |
|
| 46 | + |
|
| 47 | + public function __construct(IUserManager $userManager) { |
|
| 48 | + $this->userManager = $userManager; |
|
| 49 | + parent::__construct(); |
|
| 50 | + } |
|
| 51 | + |
|
| 52 | + protected function configure() { |
|
| 53 | + $this |
|
| 54 | + ->setName('user:resetpassword') |
|
| 55 | + ->setDescription('Resets the password of the named user') |
|
| 56 | + ->addArgument( |
|
| 57 | + 'user', |
|
| 58 | + InputArgument::REQUIRED, |
|
| 59 | + 'Username to reset password' |
|
| 60 | + ) |
|
| 61 | + ->addOption( |
|
| 62 | + 'password-from-env', |
|
| 63 | + null, |
|
| 64 | + InputOption::VALUE_NONE, |
|
| 65 | + 'read password from environment variable OC_PASS' |
|
| 66 | + ) |
|
| 67 | + ; |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 71 | + $username = $input->getArgument('user'); |
|
| 72 | + |
|
| 73 | + /** @var $user \OCP\IUser */ |
|
| 74 | + $user = $this->userManager->get($username); |
|
| 75 | + if (is_null($user)) { |
|
| 76 | + $output->writeln('<error>User does not exist</error>'); |
|
| 77 | + return 1; |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + if ($input->getOption('password-from-env')) { |
|
| 81 | + $password = getenv('OC_PASS'); |
|
| 82 | + if (!$password) { |
|
| 83 | + $output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>'); |
|
| 84 | + return 1; |
|
| 85 | + } |
|
| 86 | + } elseif ($input->isInteractive()) { |
|
| 87 | + /** @var QuestionHelper $helper */ |
|
| 88 | + $helper = $this->getHelper('question'); |
|
| 89 | + |
|
| 90 | + if (\OCP\App::isEnabled('encryption')) { |
|
| 91 | + $output->writeln( |
|
| 92 | + '<error>Warning: Resetting the password when using encryption will result in data loss!</error>' |
|
| 93 | + ); |
|
| 94 | + |
|
| 95 | + $question = new ConfirmationQuestion('Do you want to continue?'); |
|
| 96 | + if (!$helper->ask($input, $output, $question)) { |
|
| 97 | + return 1; |
|
| 98 | + } |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + $question = new Question('Enter a new password: '); |
|
| 102 | + $question->setHidden(true); |
|
| 103 | + $password = $helper->ask($input, $output, $question); |
|
| 104 | + |
|
| 105 | + if ($password === null) { |
|
| 106 | + $output->writeln("<error>Password cannot be empty!</error>"); |
|
| 107 | + return 1; |
|
| 108 | + } |
|
| 109 | + |
|
| 110 | + $question = new Question('Confirm the new password: '); |
|
| 111 | + $question->setHidden(true); |
|
| 112 | + $confirm = $helper->ask($input, $output, $question); |
|
| 113 | + |
|
| 114 | + if ($password !== $confirm) { |
|
| 115 | + $output->writeln("<error>Passwords did not match!</error>"); |
|
| 116 | + return 1; |
|
| 117 | + } |
|
| 118 | + } else { |
|
| 119 | + $output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>"); |
|
| 120 | + return 1; |
|
| 121 | + } |
|
| 122 | + |
|
| 123 | + |
|
| 124 | + try { |
|
| 125 | + $success = $user->setPassword($password); |
|
| 126 | + } catch (\Exception $e) { |
|
| 127 | + $output->writeln('<error>' . $e->getMessage() . '</error>'); |
|
| 128 | + return 1; |
|
| 129 | + } |
|
| 130 | + |
|
| 131 | + if ($success) { |
|
| 132 | + $output->writeln("<info>Successfully reset password for " . $username . "</info>"); |
|
| 133 | + } else { |
|
| 134 | + $output->writeln("<error>Error while resetting password!</error>"); |
|
| 135 | + return 1; |
|
| 136 | + } |
|
| 137 | + return 0; |
|
| 138 | + } |
|
| 139 | 139 | } |
@@ -34,57 +34,57 @@ |
||
| 34 | 34 | use Symfony\Component\Console\Output\OutputInterface; |
| 35 | 35 | |
| 36 | 36 | class Report extends Command { |
| 37 | - /** @var IUserManager */ |
|
| 38 | - protected $userManager; |
|
| 37 | + /** @var IUserManager */ |
|
| 38 | + protected $userManager; |
|
| 39 | 39 | |
| 40 | - /** |
|
| 41 | - * @param IUserManager $userManager |
|
| 42 | - */ |
|
| 43 | - public function __construct(IUserManager $userManager) { |
|
| 44 | - $this->userManager = $userManager; |
|
| 45 | - parent::__construct(); |
|
| 46 | - } |
|
| 40 | + /** |
|
| 41 | + * @param IUserManager $userManager |
|
| 42 | + */ |
|
| 43 | + public function __construct(IUserManager $userManager) { |
|
| 44 | + $this->userManager = $userManager; |
|
| 45 | + parent::__construct(); |
|
| 46 | + } |
|
| 47 | 47 | |
| 48 | - protected function configure() { |
|
| 49 | - $this |
|
| 50 | - ->setName('user:report') |
|
| 51 | - ->setDescription('shows how many users have access'); |
|
| 52 | - } |
|
| 48 | + protected function configure() { |
|
| 49 | + $this |
|
| 50 | + ->setName('user:report') |
|
| 51 | + ->setDescription('shows how many users have access'); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 55 | - $table = new Table($output); |
|
| 56 | - $table->setHeaders(['User Report', '']); |
|
| 57 | - $userCountArray = $this->countUsers(); |
|
| 58 | - if (!empty($userCountArray)) { |
|
| 59 | - $total = 0; |
|
| 60 | - $rows = []; |
|
| 61 | - foreach ($userCountArray as $classname => $users) { |
|
| 62 | - $total += $users; |
|
| 63 | - $rows[] = [$classname, $users]; |
|
| 64 | - } |
|
| 54 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 55 | + $table = new Table($output); |
|
| 56 | + $table->setHeaders(['User Report', '']); |
|
| 57 | + $userCountArray = $this->countUsers(); |
|
| 58 | + if (!empty($userCountArray)) { |
|
| 59 | + $total = 0; |
|
| 60 | + $rows = []; |
|
| 61 | + foreach ($userCountArray as $classname => $users) { |
|
| 62 | + $total += $users; |
|
| 63 | + $rows[] = [$classname, $users]; |
|
| 64 | + } |
|
| 65 | 65 | |
| 66 | - $rows[] = [' ']; |
|
| 67 | - $rows[] = ['total users', $total]; |
|
| 68 | - } else { |
|
| 69 | - $rows[] = ['No backend enabled that supports user counting', '']; |
|
| 70 | - } |
|
| 66 | + $rows[] = [' ']; |
|
| 67 | + $rows[] = ['total users', $total]; |
|
| 68 | + } else { |
|
| 69 | + $rows[] = ['No backend enabled that supports user counting', '']; |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - $userDirectoryCount = $this->countUserDirectories(); |
|
| 73 | - $rows[] = [' ']; |
|
| 74 | - $rows[] = ['user directories', $userDirectoryCount]; |
|
| 72 | + $userDirectoryCount = $this->countUserDirectories(); |
|
| 73 | + $rows[] = [' ']; |
|
| 74 | + $rows[] = ['user directories', $userDirectoryCount]; |
|
| 75 | 75 | |
| 76 | - $table->setRows($rows); |
|
| 77 | - $table->render(); |
|
| 78 | - return 0; |
|
| 79 | - } |
|
| 76 | + $table->setRows($rows); |
|
| 77 | + $table->render(); |
|
| 78 | + return 0; |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | - private function countUsers() { |
|
| 82 | - return $this->userManager->countUsers(); |
|
| 83 | - } |
|
| 81 | + private function countUsers() { |
|
| 82 | + return $this->userManager->countUsers(); |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | - private function countUserDirectories() { |
|
| 86 | - $dataview = new \OC\Files\View('/'); |
|
| 87 | - $userDirectories = $dataview->getDirectoryContent('/', 'httpd/unix-directory'); |
|
| 88 | - return count($userDirectories); |
|
| 89 | - } |
|
| 85 | + private function countUserDirectories() { |
|
| 86 | + $dataview = new \OC\Files\View('/'); |
|
| 87 | + $userDirectories = $dataview->getDirectoryContent('/', 'httpd/unix-directory'); |
|
| 88 | + return count($userDirectories); |
|
| 89 | + } |
|
| 90 | 90 | } |
@@ -30,34 +30,34 @@ |
||
| 30 | 30 | |
| 31 | 31 | class ResetBruteforceAttempts extends Base { |
| 32 | 32 | |
| 33 | - /** @var Throttler */ |
|
| 34 | - protected $throttler; |
|
| 35 | - |
|
| 36 | - public function __construct(Throttler $throttler) { |
|
| 37 | - $this->throttler = $throttler; |
|
| 38 | - parent::__construct(); |
|
| 39 | - } |
|
| 40 | - |
|
| 41 | - protected function configure() { |
|
| 42 | - $this |
|
| 43 | - ->setName('security:bruteforce:reset') |
|
| 44 | - ->setDescription('resets bruteforce attemps for given IP address') |
|
| 45 | - ->addArgument( |
|
| 46 | - 'ipaddress', |
|
| 47 | - InputArgument::REQUIRED, |
|
| 48 | - 'IP address for which the attempts are to be reset' |
|
| 49 | - ); |
|
| 50 | - } |
|
| 51 | - |
|
| 52 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 53 | - $ip = $input->getArgument('ipaddress'); |
|
| 54 | - |
|
| 55 | - if (!filter_var($ip, FILTER_VALIDATE_IP)) { |
|
| 56 | - $output->writeln('<error>"' . $ip . '" is not a valid IP address</error>'); |
|
| 57 | - return 1; |
|
| 58 | - } |
|
| 59 | - |
|
| 60 | - $this->throttler->resetDelayForIP($ip); |
|
| 61 | - return 0; |
|
| 62 | - } |
|
| 33 | + /** @var Throttler */ |
|
| 34 | + protected $throttler; |
|
| 35 | + |
|
| 36 | + public function __construct(Throttler $throttler) { |
|
| 37 | + $this->throttler = $throttler; |
|
| 38 | + parent::__construct(); |
|
| 39 | + } |
|
| 40 | + |
|
| 41 | + protected function configure() { |
|
| 42 | + $this |
|
| 43 | + ->setName('security:bruteforce:reset') |
|
| 44 | + ->setDescription('resets bruteforce attemps for given IP address') |
|
| 45 | + ->addArgument( |
|
| 46 | + 'ipaddress', |
|
| 47 | + InputArgument::REQUIRED, |
|
| 48 | + 'IP address for which the attempts are to be reset' |
|
| 49 | + ); |
|
| 50 | + } |
|
| 51 | + |
|
| 52 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 53 | + $ip = $input->getArgument('ipaddress'); |
|
| 54 | + |
|
| 55 | + if (!filter_var($ip, FILTER_VALIDATE_IP)) { |
|
| 56 | + $output->writeln('<error>"' . $ip . '" is not a valid IP address</error>'); |
|
| 57 | + return 1; |
|
| 58 | + } |
|
| 59 | + |
|
| 60 | + $this->throttler->resetDelayForIP($ip); |
|
| 61 | + return 0; |
|
| 62 | + } |
|
| 63 | 63 | } |
@@ -31,29 +31,29 @@ |
||
| 31 | 31 | |
| 32 | 32 | class RemoveCertificate extends Base { |
| 33 | 33 | |
| 34 | - /** @var ICertificateManager */ |
|
| 35 | - protected $certificateManager; |
|
| 36 | - |
|
| 37 | - public function __construct(ICertificateManager $certificateManager) { |
|
| 38 | - $this->certificateManager = $certificateManager; |
|
| 39 | - parent::__construct(); |
|
| 40 | - } |
|
| 41 | - |
|
| 42 | - protected function configure() { |
|
| 43 | - $this |
|
| 44 | - ->setName('security:certificates:remove') |
|
| 45 | - ->setDescription('remove trusted certificate') |
|
| 46 | - ->addArgument( |
|
| 47 | - 'name', |
|
| 48 | - InputArgument::REQUIRED, |
|
| 49 | - 'the file name of the certificate to remove' |
|
| 50 | - ); |
|
| 51 | - } |
|
| 52 | - |
|
| 53 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 54 | - $name = $input->getArgument('name'); |
|
| 55 | - |
|
| 56 | - $this->certificateManager->removeCertificate($name); |
|
| 57 | - return 0; |
|
| 58 | - } |
|
| 34 | + /** @var ICertificateManager */ |
|
| 35 | + protected $certificateManager; |
|
| 36 | + |
|
| 37 | + public function __construct(ICertificateManager $certificateManager) { |
|
| 38 | + $this->certificateManager = $certificateManager; |
|
| 39 | + parent::__construct(); |
|
| 40 | + } |
|
| 41 | + |
|
| 42 | + protected function configure() { |
|
| 43 | + $this |
|
| 44 | + ->setName('security:certificates:remove') |
|
| 45 | + ->setDescription('remove trusted certificate') |
|
| 46 | + ->addArgument( |
|
| 47 | + 'name', |
|
| 48 | + InputArgument::REQUIRED, |
|
| 49 | + 'the file name of the certificate to remove' |
|
| 50 | + ); |
|
| 51 | + } |
|
| 52 | + |
|
| 53 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 54 | + $name = $input->getArgument('name'); |
|
| 55 | + |
|
| 56 | + $this->certificateManager->removeCertificate($name); |
|
| 57 | + return 0; |
|
| 58 | + } |
|
| 59 | 59 | } |
@@ -32,65 +32,65 @@ |
||
| 32 | 32 | |
| 33 | 33 | class ListCertificates extends Base { |
| 34 | 34 | |
| 35 | - /** @var ICertificateManager */ |
|
| 36 | - protected $certificateManager; |
|
| 37 | - /** @var IL10N */ |
|
| 38 | - protected $l; |
|
| 35 | + /** @var ICertificateManager */ |
|
| 36 | + protected $certificateManager; |
|
| 37 | + /** @var IL10N */ |
|
| 38 | + protected $l; |
|
| 39 | 39 | |
| 40 | - public function __construct(ICertificateManager $certificateManager, IL10N $l) { |
|
| 41 | - $this->certificateManager = $certificateManager; |
|
| 42 | - $this->l = $l; |
|
| 43 | - parent::__construct(); |
|
| 44 | - } |
|
| 40 | + public function __construct(ICertificateManager $certificateManager, IL10N $l) { |
|
| 41 | + $this->certificateManager = $certificateManager; |
|
| 42 | + $this->l = $l; |
|
| 43 | + parent::__construct(); |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | - protected function configure() { |
|
| 47 | - $this |
|
| 48 | - ->setName('security:certificates') |
|
| 49 | - ->setDescription('list trusted certificates'); |
|
| 50 | - parent::configure(); |
|
| 51 | - } |
|
| 46 | + protected function configure() { |
|
| 47 | + $this |
|
| 48 | + ->setName('security:certificates') |
|
| 49 | + ->setDescription('list trusted certificates'); |
|
| 50 | + parent::configure(); |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 54 | - $outputType = $input->getOption('output'); |
|
| 55 | - if ($outputType === self::OUTPUT_FORMAT_JSON || $outputType === self::OUTPUT_FORMAT_JSON_PRETTY) { |
|
| 56 | - $certificates = array_map(function (ICertificate $certificate) { |
|
| 57 | - return [ |
|
| 58 | - 'name' => $certificate->getName(), |
|
| 59 | - 'common_name' => $certificate->getCommonName(), |
|
| 60 | - 'organization' => $certificate->getOrganization(), |
|
| 61 | - 'expire' => $certificate->getExpireDate()->format(\DateTime::ATOM), |
|
| 62 | - 'issuer' => $certificate->getIssuerName(), |
|
| 63 | - 'issuer_organization' => $certificate->getIssuerOrganization(), |
|
| 64 | - 'issue_date' => $certificate->getIssueDate()->format(\DateTime::ATOM) |
|
| 65 | - ]; |
|
| 66 | - }, $this->certificateManager->listCertificates()); |
|
| 67 | - if ($outputType === self::OUTPUT_FORMAT_JSON) { |
|
| 68 | - $output->writeln(json_encode(array_values($certificates))); |
|
| 69 | - } else { |
|
| 70 | - $output->writeln(json_encode(array_values($certificates), JSON_PRETTY_PRINT)); |
|
| 71 | - } |
|
| 72 | - } else { |
|
| 73 | - $table = new Table($output); |
|
| 74 | - $table->setHeaders([ |
|
| 75 | - 'File Name', |
|
| 76 | - 'Common Name', |
|
| 77 | - 'Organization', |
|
| 78 | - 'Valid Until', |
|
| 79 | - 'Issued By' |
|
| 80 | - ]); |
|
| 53 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 54 | + $outputType = $input->getOption('output'); |
|
| 55 | + if ($outputType === self::OUTPUT_FORMAT_JSON || $outputType === self::OUTPUT_FORMAT_JSON_PRETTY) { |
|
| 56 | + $certificates = array_map(function (ICertificate $certificate) { |
|
| 57 | + return [ |
|
| 58 | + 'name' => $certificate->getName(), |
|
| 59 | + 'common_name' => $certificate->getCommonName(), |
|
| 60 | + 'organization' => $certificate->getOrganization(), |
|
| 61 | + 'expire' => $certificate->getExpireDate()->format(\DateTime::ATOM), |
|
| 62 | + 'issuer' => $certificate->getIssuerName(), |
|
| 63 | + 'issuer_organization' => $certificate->getIssuerOrganization(), |
|
| 64 | + 'issue_date' => $certificate->getIssueDate()->format(\DateTime::ATOM) |
|
| 65 | + ]; |
|
| 66 | + }, $this->certificateManager->listCertificates()); |
|
| 67 | + if ($outputType === self::OUTPUT_FORMAT_JSON) { |
|
| 68 | + $output->writeln(json_encode(array_values($certificates))); |
|
| 69 | + } else { |
|
| 70 | + $output->writeln(json_encode(array_values($certificates), JSON_PRETTY_PRINT)); |
|
| 71 | + } |
|
| 72 | + } else { |
|
| 73 | + $table = new Table($output); |
|
| 74 | + $table->setHeaders([ |
|
| 75 | + 'File Name', |
|
| 76 | + 'Common Name', |
|
| 77 | + 'Organization', |
|
| 78 | + 'Valid Until', |
|
| 79 | + 'Issued By' |
|
| 80 | + ]); |
|
| 81 | 81 | |
| 82 | - $rows = array_map(function (ICertificate $certificate) { |
|
| 83 | - return [ |
|
| 84 | - $certificate->getName(), |
|
| 85 | - $certificate->getCommonName(), |
|
| 86 | - $certificate->getOrganization(), |
|
| 87 | - $this->l->l('date', $certificate->getExpireDate()), |
|
| 88 | - $certificate->getIssuerName() |
|
| 89 | - ]; |
|
| 90 | - }, $this->certificateManager->listCertificates()); |
|
| 91 | - $table->setRows($rows); |
|
| 92 | - $table->render(); |
|
| 93 | - } |
|
| 94 | - return 0; |
|
| 95 | - } |
|
| 82 | + $rows = array_map(function (ICertificate $certificate) { |
|
| 83 | + return [ |
|
| 84 | + $certificate->getName(), |
|
| 85 | + $certificate->getCommonName(), |
|
| 86 | + $certificate->getOrganization(), |
|
| 87 | + $this->l->l('date', $certificate->getExpireDate()), |
|
| 88 | + $certificate->getIssuerName() |
|
| 89 | + ]; |
|
| 90 | + }, $this->certificateManager->listCertificates()); |
|
| 91 | + $table->setRows($rows); |
|
| 92 | + $table->render(); |
|
| 93 | + } |
|
| 94 | + return 0; |
|
| 95 | + } |
|
| 96 | 96 | } |
@@ -53,7 +53,7 @@ discard block |
||
| 53 | 53 | protected function execute(InputInterface $input, OutputInterface $output): int { |
| 54 | 54 | $outputType = $input->getOption('output'); |
| 55 | 55 | if ($outputType === self::OUTPUT_FORMAT_JSON || $outputType === self::OUTPUT_FORMAT_JSON_PRETTY) { |
| 56 | - $certificates = array_map(function (ICertificate $certificate) { |
|
| 56 | + $certificates = array_map(function(ICertificate $certificate) { |
|
| 57 | 57 | return [ |
| 58 | 58 | 'name' => $certificate->getName(), |
| 59 | 59 | 'common_name' => $certificate->getCommonName(), |
@@ -79,7 +79,7 @@ discard block |
||
| 79 | 79 | 'Issued By' |
| 80 | 80 | ]); |
| 81 | 81 | |
| 82 | - $rows = array_map(function (ICertificate $certificate) { |
|
| 82 | + $rows = array_map(function(ICertificate $certificate) { |
|
| 83 | 83 | return [ |
| 84 | 84 | $certificate->getName(), |
| 85 | 85 | $certificate->getCommonName(), |
@@ -30,37 +30,37 @@ |
||
| 30 | 30 | |
| 31 | 31 | class ImportCertificate extends Base { |
| 32 | 32 | |
| 33 | - /** @var ICertificateManager */ |
|
| 34 | - protected $certificateManager; |
|
| 33 | + /** @var ICertificateManager */ |
|
| 34 | + protected $certificateManager; |
|
| 35 | 35 | |
| 36 | - public function __construct(ICertificateManager $certificateManager) { |
|
| 37 | - $this->certificateManager = $certificateManager; |
|
| 38 | - parent::__construct(); |
|
| 39 | - } |
|
| 36 | + public function __construct(ICertificateManager $certificateManager) { |
|
| 37 | + $this->certificateManager = $certificateManager; |
|
| 38 | + parent::__construct(); |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - protected function configure() { |
|
| 42 | - $this |
|
| 43 | - ->setName('security:certificates:import') |
|
| 44 | - ->setDescription('import trusted certificate') |
|
| 45 | - ->addArgument( |
|
| 46 | - 'path', |
|
| 47 | - InputArgument::REQUIRED, |
|
| 48 | - 'path to the certificate to import' |
|
| 49 | - ); |
|
| 50 | - } |
|
| 41 | + protected function configure() { |
|
| 42 | + $this |
|
| 43 | + ->setName('security:certificates:import') |
|
| 44 | + ->setDescription('import trusted certificate') |
|
| 45 | + ->addArgument( |
|
| 46 | + 'path', |
|
| 47 | + InputArgument::REQUIRED, |
|
| 48 | + 'path to the certificate to import' |
|
| 49 | + ); |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 53 | - $path = $input->getArgument('path'); |
|
| 52 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 53 | + $path = $input->getArgument('path'); |
|
| 54 | 54 | |
| 55 | - if (!file_exists($path)) { |
|
| 56 | - $output->writeln('<error>certificate not found</error>'); |
|
| 57 | - return 1; |
|
| 58 | - } |
|
| 55 | + if (!file_exists($path)) { |
|
| 56 | + $output->writeln('<error>certificate not found</error>'); |
|
| 57 | + return 1; |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - $certData = file_get_contents($path); |
|
| 61 | - $name = basename($path); |
|
| 60 | + $certData = file_get_contents($path); |
|
| 61 | + $name = basename($path); |
|
| 62 | 62 | |
| 63 | - $this->certificateManager->addCertificate($certData, $name); |
|
| 64 | - return 0; |
|
| 65 | - } |
|
| 63 | + $this->certificateManager->addCertificate($certData, $name); |
|
| 64 | + return 0; |
|
| 65 | + } |
|
| 66 | 66 | } |
@@ -31,41 +31,41 @@ |
||
| 31 | 31 | |
| 32 | 32 | class Disable extends Base { |
| 33 | 33 | |
| 34 | - /** @var ProviderManager */ |
|
| 35 | - private $manager; |
|
| 34 | + /** @var ProviderManager */ |
|
| 35 | + private $manager; |
|
| 36 | 36 | |
| 37 | - /** @var IUserManager */ |
|
| 38 | - protected $userManager; |
|
| 37 | + /** @var IUserManager */ |
|
| 38 | + protected $userManager; |
|
| 39 | 39 | |
| 40 | - public function __construct(ProviderManager $manager, IUserManager $userManager) { |
|
| 41 | - parent::__construct('twofactorauth:disable'); |
|
| 42 | - $this->manager = $manager; |
|
| 43 | - $this->userManager = $userManager; |
|
| 44 | - } |
|
| 40 | + public function __construct(ProviderManager $manager, IUserManager $userManager) { |
|
| 41 | + parent::__construct('twofactorauth:disable'); |
|
| 42 | + $this->manager = $manager; |
|
| 43 | + $this->userManager = $userManager; |
|
| 44 | + } |
|
| 45 | 45 | |
| 46 | - protected function configure() { |
|
| 47 | - parent::configure(); |
|
| 46 | + protected function configure() { |
|
| 47 | + parent::configure(); |
|
| 48 | 48 | |
| 49 | - $this->setName('twofactorauth:disable'); |
|
| 50 | - $this->setDescription('Disable two-factor authentication for a user'); |
|
| 51 | - $this->addArgument('uid', InputArgument::REQUIRED); |
|
| 52 | - $this->addArgument('provider_id', InputArgument::REQUIRED); |
|
| 53 | - } |
|
| 49 | + $this->setName('twofactorauth:disable'); |
|
| 50 | + $this->setDescription('Disable two-factor authentication for a user'); |
|
| 51 | + $this->addArgument('uid', InputArgument::REQUIRED); |
|
| 52 | + $this->addArgument('provider_id', InputArgument::REQUIRED); |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 56 | - $uid = $input->getArgument('uid'); |
|
| 57 | - $providerId = $input->getArgument('provider_id'); |
|
| 58 | - $user = $this->userManager->get($uid); |
|
| 59 | - if (is_null($user)) { |
|
| 60 | - $output->writeln("<error>Invalid UID</error>"); |
|
| 61 | - return 1; |
|
| 62 | - } |
|
| 63 | - if ($this->manager->tryDisableProviderFor($providerId, $user)) { |
|
| 64 | - $output->writeln("Two-factor provider <options=bold>$providerId</> disabled for user <options=bold>$uid</>."); |
|
| 65 | - return 0; |
|
| 66 | - } else { |
|
| 67 | - $output->writeln("<error>The provider does not support this operation.</error>"); |
|
| 68 | - return 2; |
|
| 69 | - } |
|
| 70 | - } |
|
| 55 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 56 | + $uid = $input->getArgument('uid'); |
|
| 57 | + $providerId = $input->getArgument('provider_id'); |
|
| 58 | + $user = $this->userManager->get($uid); |
|
| 59 | + if (is_null($user)) { |
|
| 60 | + $output->writeln("<error>Invalid UID</error>"); |
|
| 61 | + return 1; |
|
| 62 | + } |
|
| 63 | + if ($this->manager->tryDisableProviderFor($providerId, $user)) { |
|
| 64 | + $output->writeln("Two-factor provider <options=bold>$providerId</> disabled for user <options=bold>$uid</>."); |
|
| 65 | + return 0; |
|
| 66 | + } else { |
|
| 67 | + $output->writeln("<error>The provider does not support this operation.</error>"); |
|
| 68 | + return 2; |
|
| 69 | + } |
|
| 70 | + } |
|
| 71 | 71 | } |
@@ -34,74 +34,74 @@ |
||
| 34 | 34 | |
| 35 | 35 | class State extends Base { |
| 36 | 36 | |
| 37 | - /** @var IRegistry */ |
|
| 38 | - private $registry; |
|
| 39 | - |
|
| 40 | - public function __construct(IRegistry $registry, IUserManager $userManager) { |
|
| 41 | - parent::__construct('twofactorauth:state'); |
|
| 42 | - |
|
| 43 | - $this->registry = $registry; |
|
| 44 | - $this->userManager = $userManager; |
|
| 45 | - } |
|
| 46 | - |
|
| 47 | - protected function configure() { |
|
| 48 | - parent::configure(); |
|
| 49 | - |
|
| 50 | - $this->setName('twofactorauth:state'); |
|
| 51 | - $this->setDescription('Get the two-factor authentication (2FA) state of a user'); |
|
| 52 | - $this->addArgument('uid', InputArgument::REQUIRED); |
|
| 53 | - } |
|
| 54 | - |
|
| 55 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 56 | - $uid = $input->getArgument('uid'); |
|
| 57 | - $user = $this->userManager->get($uid); |
|
| 58 | - if (is_null($user)) { |
|
| 59 | - $output->writeln("<error>Invalid UID</error>"); |
|
| 60 | - return 1; |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - $providerStates = $this->registry->getProviderStates($user); |
|
| 64 | - $filtered = $this->filterEnabledDisabledUnknownProviders($providerStates); |
|
| 65 | - list($enabled, $disabled) = $filtered; |
|
| 66 | - |
|
| 67 | - if (!empty($enabled)) { |
|
| 68 | - $output->writeln("Two-factor authentication is enabled for user $uid"); |
|
| 69 | - } else { |
|
| 70 | - $output->writeln("Two-factor authentication is not enabled for user $uid"); |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - $output->writeln(""); |
|
| 74 | - $this->printProviders("Enabled providers", $enabled, $output); |
|
| 75 | - $this->printProviders("Disabled providers", $disabled, $output); |
|
| 76 | - |
|
| 77 | - return 0; |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - private function filterEnabledDisabledUnknownProviders(array $providerStates): array { |
|
| 81 | - $enabled = []; |
|
| 82 | - $disabled = []; |
|
| 83 | - |
|
| 84 | - foreach ($providerStates as $providerId => $isEnabled) { |
|
| 85 | - if ($isEnabled) { |
|
| 86 | - $enabled[] = $providerId; |
|
| 87 | - } else { |
|
| 88 | - $disabled[] = $providerId; |
|
| 89 | - } |
|
| 90 | - } |
|
| 91 | - |
|
| 92 | - return [$enabled, $disabled]; |
|
| 93 | - } |
|
| 94 | - |
|
| 95 | - private function printProviders(string $title, array $providers, |
|
| 96 | - OutputInterface $output) { |
|
| 97 | - if (empty($providers)) { |
|
| 98 | - // Ignore and don't print anything |
|
| 99 | - return; |
|
| 100 | - } |
|
| 101 | - |
|
| 102 | - $output->writeln($title . ":"); |
|
| 103 | - foreach ($providers as $provider) { |
|
| 104 | - $output->writeln("- " . $provider); |
|
| 105 | - } |
|
| 106 | - } |
|
| 37 | + /** @var IRegistry */ |
|
| 38 | + private $registry; |
|
| 39 | + |
|
| 40 | + public function __construct(IRegistry $registry, IUserManager $userManager) { |
|
| 41 | + parent::__construct('twofactorauth:state'); |
|
| 42 | + |
|
| 43 | + $this->registry = $registry; |
|
| 44 | + $this->userManager = $userManager; |
|
| 45 | + } |
|
| 46 | + |
|
| 47 | + protected function configure() { |
|
| 48 | + parent::configure(); |
|
| 49 | + |
|
| 50 | + $this->setName('twofactorauth:state'); |
|
| 51 | + $this->setDescription('Get the two-factor authentication (2FA) state of a user'); |
|
| 52 | + $this->addArgument('uid', InputArgument::REQUIRED); |
|
| 53 | + } |
|
| 54 | + |
|
| 55 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 56 | + $uid = $input->getArgument('uid'); |
|
| 57 | + $user = $this->userManager->get($uid); |
|
| 58 | + if (is_null($user)) { |
|
| 59 | + $output->writeln("<error>Invalid UID</error>"); |
|
| 60 | + return 1; |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + $providerStates = $this->registry->getProviderStates($user); |
|
| 64 | + $filtered = $this->filterEnabledDisabledUnknownProviders($providerStates); |
|
| 65 | + list($enabled, $disabled) = $filtered; |
|
| 66 | + |
|
| 67 | + if (!empty($enabled)) { |
|
| 68 | + $output->writeln("Two-factor authentication is enabled for user $uid"); |
|
| 69 | + } else { |
|
| 70 | + $output->writeln("Two-factor authentication is not enabled for user $uid"); |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + $output->writeln(""); |
|
| 74 | + $this->printProviders("Enabled providers", $enabled, $output); |
|
| 75 | + $this->printProviders("Disabled providers", $disabled, $output); |
|
| 76 | + |
|
| 77 | + return 0; |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + private function filterEnabledDisabledUnknownProviders(array $providerStates): array { |
|
| 81 | + $enabled = []; |
|
| 82 | + $disabled = []; |
|
| 83 | + |
|
| 84 | + foreach ($providerStates as $providerId => $isEnabled) { |
|
| 85 | + if ($isEnabled) { |
|
| 86 | + $enabled[] = $providerId; |
|
| 87 | + } else { |
|
| 88 | + $disabled[] = $providerId; |
|
| 89 | + } |
|
| 90 | + } |
|
| 91 | + |
|
| 92 | + return [$enabled, $disabled]; |
|
| 93 | + } |
|
| 94 | + |
|
| 95 | + private function printProviders(string $title, array $providers, |
|
| 96 | + OutputInterface $output) { |
|
| 97 | + if (empty($providers)) { |
|
| 98 | + // Ignore and don't print anything |
|
| 99 | + return; |
|
| 100 | + } |
|
| 101 | + |
|
| 102 | + $output->writeln($title . ":"); |
|
| 103 | + foreach ($providers as $provider) { |
|
| 104 | + $output->writeln("- " . $provider); |
|
| 105 | + } |
|
| 106 | + } |
|
| 107 | 107 | } |
@@ -33,29 +33,29 @@ |
||
| 33 | 33 | |
| 34 | 34 | class Cleanup extends Base { |
| 35 | 35 | |
| 36 | - /** @var IRegistry */ |
|
| 37 | - private $registry; |
|
| 36 | + /** @var IRegistry */ |
|
| 37 | + private $registry; |
|
| 38 | 38 | |
| 39 | - public function __construct(IRegistry $registry) { |
|
| 40 | - parent::__construct(); |
|
| 39 | + public function __construct(IRegistry $registry) { |
|
| 40 | + parent::__construct(); |
|
| 41 | 41 | |
| 42 | - $this->registry = $registry; |
|
| 43 | - } |
|
| 42 | + $this->registry = $registry; |
|
| 43 | + } |
|
| 44 | 44 | |
| 45 | - protected function configure() { |
|
| 46 | - parent::configure(); |
|
| 45 | + protected function configure() { |
|
| 46 | + parent::configure(); |
|
| 47 | 47 | |
| 48 | - $this->setName('twofactorauth:cleanup'); |
|
| 49 | - $this->setDescription('Clean up the two-factor user-provider association of an uninstalled/removed provider'); |
|
| 50 | - $this->addArgument('provider-id', InputArgument::REQUIRED); |
|
| 51 | - } |
|
| 48 | + $this->setName('twofactorauth:cleanup'); |
|
| 49 | + $this->setDescription('Clean up the two-factor user-provider association of an uninstalled/removed provider'); |
|
| 50 | + $this->addArgument('provider-id', InputArgument::REQUIRED); |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 54 | - $providerId = $input->getArgument('provider-id'); |
|
| 53 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 54 | + $providerId = $input->getArgument('provider-id'); |
|
| 55 | 55 | |
| 56 | - $this->registry->cleanUp($providerId); |
|
| 56 | + $this->registry->cleanUp($providerId); |
|
| 57 | 57 | |
| 58 | - $output->writeln("<info>All user-provider associations for provider <options=bold>$providerId</> have been removed.</info>"); |
|
| 59 | - return 0; |
|
| 60 | - } |
|
| 58 | + $output->writeln("<info>All user-provider associations for provider <options=bold>$providerId</> have been removed.</info>"); |
|
| 59 | + return 0; |
|
| 60 | + } |
|
| 61 | 61 | } |
