nextcloud / server

apps/lookup_server_connector/lib/UpdateLookupServer.php

Indentation +90 added lines, -90 removed lines

@@ -35,102 +35,102 @@
  * @package OCA\LookupServerConnector
  */
 class UpdateLookupServer {
-	/** @var AccountManager */
-	private $accountManager;
-	/** @var IClientService */
-	private $clientService;
-	/** @var Signer */
-	private $signer;
-	/** @var IJobList */
-	private $jobList;
-	/** @var string URL point to lookup server */
-	private $lookupServer = 'https://lookup.nextcloud.com';
+    /** @var AccountManager */
+    private $accountManager;
+    /** @var IClientService */
+    private $clientService;
+    /** @var Signer */
+    private $signer;
+    /** @var IJobList */
+    private $jobList;
+    /** @var string URL point to lookup server */
+    private $lookupServer = 'https://lookup.nextcloud.com';
 
-	/**
-	 * @param AccountManager $accountManager
-	 * @param IClientService $clientService
-	 * @param Signer $signer
-	 * @param IJobList $jobList
-	 * @param string $lookupServer if nothing is given we use the default lookup server
-	 */
-	public function __construct(AccountManager $accountManager,
-								IClientService $clientService,
-								Signer $signer,
-								IJobList $jobList,
-								$lookupServer = '') {
-		$this->accountManager = $accountManager;
-		$this->clientService = $clientService;
-		$this->signer = $signer;
-		$this->jobList = $jobList;
-		if ($lookupServer !== '') {
-			$this->lookupServer = $lookupServer;
-		}
-		$this->lookupServer = rtrim($this->lookupServer, '/');
-		$this->lookupServer .= '/users';
-	}
+    /**
+     * @param AccountManager $accountManager
+     * @param IClientService $clientService
+     * @param Signer $signer
+     * @param IJobList $jobList
+     * @param string $lookupServer if nothing is given we use the default lookup server
+     */
+    public function __construct(AccountManager $accountManager,
+                                IClientService $clientService,
+                                Signer $signer,
+                                IJobList $jobList,
+                                $lookupServer = '') {
+        $this->accountManager = $accountManager;
+        $this->clientService = $clientService;
+        $this->signer = $signer;
+        $this->jobList = $jobList;
+        if ($lookupServer !== '') {
+            $this->lookupServer = $lookupServer;
+        }
+        $this->lookupServer = rtrim($this->lookupServer, '/');
+        $this->lookupServer .= '/users';
+    }
 
-	/**
-	 * @param IUser $user
-	 */
-	public function userUpdated(IUser $user) {
-		$userData = $this->accountManager->getUser($user);
-		$publicData = [];
+    /**
+     * @param IUser $user
+     */
+    public function userUpdated(IUser $user) {
+        $userData = $this->accountManager->getUser($user);
+        $publicData = [];
 
-		foreach ($userData as $key => $data) {
-			if ($data['scope'] === AccountManager::VISIBILITY_PUBLIC) {
-				$publicData[$key] = $data;
-			}
-		}
+        foreach ($userData as $key => $data) {
+            if ($data['scope'] === AccountManager::VISIBILITY_PUBLIC) {
+                $publicData[$key] = $data;
+            }
+        }
 
-		$this->sendToLookupServer($user, $publicData);
-	}
+        $this->sendToLookupServer($user, $publicData);
+    }
 
-	/**
-	 * send public user data to the lookup server
-	 *
-	 * @param IUser $user
-	 * @param array $publicData
-	 */
-	protected function sendToLookupServer(IUser $user, array $publicData) {
+    /**
+     * send public user data to the lookup server
+     *
+     * @param IUser $user
+     * @param array $publicData
+     */
+    protected function sendToLookupServer(IUser $user, array $publicData) {
 
-		$dataArray = ['federationId' => $user->getCloudId()];
+        $dataArray = ['federationId' => $user->getCloudId()];
 
-		if (!empty($publicData)) {
-			$dataArray['name'] = isset($publicData[AccountManager::PROPERTY_DISPLAYNAME]) ? $publicData[AccountManager::PROPERTY_DISPLAYNAME]['value'] : '';
-			$dataArray['email'] = isset($publicData[AccountManager::PROPERTY_EMAIL]) ? $publicData[AccountManager::PROPERTY_EMAIL]['value'] : '';
-			$dataArray['address'] = isset($publicData[AccountManager::PROPERTY_ADDRESS]) ? $publicData[AccountManager::PROPERTY_ADDRESS]['value'] : '';
-			$dataArray['website'] = isset($publicData[AccountManager::PROPERTY_WEBSITE]) ? $publicData[AccountManager::PROPERTY_WEBSITE]['value'] : '';
-			$dataArray['twitter'] = isset($publicData[AccountManager::PROPERTY_TWITTER]) ? $publicData[AccountManager::PROPERTY_TWITTER]['value'] : '';
-			$dataArray['phone'] = isset($publicData[AccountManager::PROPERTY_PHONE]) ? $publicData[AccountManager::PROPERTY_PHONE]['value'] : '';
-		}
+        if (!empty($publicData)) {
+            $dataArray['name'] = isset($publicData[AccountManager::PROPERTY_DISPLAYNAME]) ? $publicData[AccountManager::PROPERTY_DISPLAYNAME]['value'] : '';
+            $dataArray['email'] = isset($publicData[AccountManager::PROPERTY_EMAIL]) ? $publicData[AccountManager::PROPERTY_EMAIL]['value'] : '';
+            $dataArray['address'] = isset($publicData[AccountManager::PROPERTY_ADDRESS]) ? $publicData[AccountManager::PROPERTY_ADDRESS]['value'] : '';
+            $dataArray['website'] = isset($publicData[AccountManager::PROPERTY_WEBSITE]) ? $publicData[AccountManager::PROPERTY_WEBSITE]['value'] : '';
+            $dataArray['twitter'] = isset($publicData[AccountManager::PROPERTY_TWITTER]) ? $publicData[AccountManager::PROPERTY_TWITTER]['value'] : '';
+            $dataArray['phone'] = isset($publicData[AccountManager::PROPERTY_PHONE]) ? $publicData[AccountManager::PROPERTY_PHONE]['value'] : '';
+        }
 
-		$dataArray = $this->signer->sign('lookupserver', $dataArray, $user);
-		$httpClient = $this->clientService->newClient();
-		try {
-			if (empty($publicData)) {
-				$httpClient->delete($this->lookupServer,
-					[
-						'body' => json_encode($dataArray),
-						'timeout' => 10,
-						'connect_timeout' => 3,
-					]
-				);
-			} else {
-				$httpClient->post($this->lookupServer,
-					[
-						'body' => json_encode($dataArray),
-						'timeout' => 10,
-						'connect_timeout' => 3,
-					]
-				);
-			}
-		} catch (\Exception $e) {
-			$this->jobList->add(RetryJob::class,
-				[
-					'dataArray' => $dataArray,
-					'retryNo' => 0,
-				]
-			);
-		}
-	}
+        $dataArray = $this->signer->sign('lookupserver', $dataArray, $user);
+        $httpClient = $this->clientService->newClient();
+        try {
+            if (empty($publicData)) {
+                $httpClient->delete($this->lookupServer,
+                    [
+                        'body' => json_encode($dataArray),
+                        'timeout' => 10,
+                        'connect_timeout' => 3,
+                    ]
+                );
+            } else {
+                $httpClient->post($this->lookupServer,
+                    [
+                        'body' => json_encode($dataArray),
+                        'timeout' => 10,
+                        'connect_timeout' => 3,
+                    ]
+                );
+            }
+        } catch (\Exception $e) {
+            $this->jobList->add(RetryJob::class,
+                [
+                    'dataArray' => $dataArray,
+                    'retryNo' => 0,
+                ]
+            );
+        }
+    }
 }

apps/lookup_server_connector/appinfo/app.php

Indentation +19 added lines, -19 removed lines

@@ -22,26 +22,26 @@
 $dispatcher = \OC::$server->getEventDispatcher();
 
 $dispatcher->addListener('OC\AccountManager::userUpdated', function(\Symfony\Component\EventDispatcher\GenericEvent $event) {
-	$user = $event->getSubject();
+    $user = $event->getSubject();
 
-	$keyManager = new \OC\Security\IdentityProof\Manager(
-		\OC::$server->getAppDataDir('identityproof'),
-		\OC::$server->getCrypto()
-	);
+    $keyManager = new \OC\Security\IdentityProof\Manager(
+        \OC::$server->getAppDataDir('identityproof'),
+        \OC::$server->getCrypto()
+    );
 
-	$config = \OC::$server->getConfig();
-	$lookupServer = $config->getSystemValue('lookup_server', '');
+    $config = \OC::$server->getConfig();
+    $lookupServer = $config->getSystemValue('lookup_server', '');
 
-	$updateLookupServer = new \OCA\LookupServerConnector\UpdateLookupServer(
-		new \OC\Accounts\AccountManager(\OC::$server->getDatabaseConnection(), \OC::$server->getEventDispatcher()),
-		\OC::$server->getHTTPClientService(),
-		new \OC\Security\IdentityProof\Signer(
-			$keyManager,
-			new \OC\AppFramework\Utility\TimeFactory(),
-			\OC::$server->getUserManager()
-		),
-		\OC::$server->getJobList(),
-		$lookupServer
-	);
-	$updateLookupServer->userUpdated($user);
+    $updateLookupServer = new \OCA\LookupServerConnector\UpdateLookupServer(
+        new \OC\Accounts\AccountManager(\OC::$server->getDatabaseConnection(), \OC::$server->getEventDispatcher()),
+        \OC::$server->getHTTPClientService(),
+        new \OC\Security\IdentityProof\Signer(
+            $keyManager,
+            new \OC\AppFramework\Utility\TimeFactory(),
+            \OC::$server->getUserManager()
+        ),
+        \OC::$server->getJobList(),
+        $lookupServer
+    );
+    $updateLookupServer->userUpdated($user);
 });

settings/routes.php

Indentation +48 added lines, -48 removed lines

@@ -36,73 +36,73 @@
 
 $application = new Application();
 $application->registerRoutes($this, [
-	'resources' => [
-		'groups' => ['url' => '/settings/users/groups'],
-		'users' => ['url' => '/settings/users/users'],
-		'AuthSettings' => ['url' => '/settings/personal/authtokens'],
-	],
-	'routes' => [
-		['name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'],
-		['name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'],
-		['name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'],
-		['name' => 'Encryption#startMigration', 'url' => '/settings/admin/startmigration', 'verb' => 'POST'],
-		['name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'],
-		['name' => 'AppSettings#viewApps', 'url' => '/settings/apps', 'verb' => 'GET'],
-		['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'],
-		['name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'],
-		['name' => 'Users#setDisplayName', 'url' => '/settings/users/{username}/displayName', 'verb' => 'POST'],
-		['name' => 'Users#setEMailAddress', 'url' => '/settings/users/{id}/mailAddress', 'verb' => 'PUT'],
-		['name' => 'Users#setUserSettings', 'url' => '/settings/users/{username}/settings', 'verb' => 'PUT'],
-		['name' => 'Users#getVerificationCode', 'url' => '/settings/users/{account}/verify', 'verb' => 'GET'],
-		['name' => 'Users#stats', 'url' => '/settings/users/stats', 'verb' => 'GET'],
-		['name' => 'LogSettings#setLogLevel', 'url' => '/settings/admin/log/level', 'verb' => 'POST'],
-		['name' => 'LogSettings#getEntries', 'url' => '/settings/admin/log/entries', 'verb' => 'GET'],
-		['name' => 'LogSettings#download', 'url' => '/settings/admin/log/download', 'verb' => 'GET'],
-		['name' => 'CheckSetup#check', 'url' => '/settings/ajax/checksetup', 'verb' => 'GET'],
-		['name' => 'CheckSetup#getFailedIntegrityCheckFiles', 'url' => '/settings/integrity/failed', 'verb' => 'GET'],
-		['name' => 'CheckSetup#rescanFailedIntegrityCheck', 'url' => '/settings/integrity/rescan', 'verb' => 'GET'],
-		['name' => 'Certificate#addPersonalRootCertificate', 'url' => '/settings/personal/certificate', 'verb' => 'POST'],
-		['name' => 'Certificate#removePersonalRootCertificate', 'url' => '/settings/personal/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
-		['name' => 'Certificate#addSystemRootCertificate', 'url' => '/settings/admin/certificate', 'verb' => 'POST'],
-		['name' => 'Certificate#removeSystemRootCertificate', 'url' => '/settings/admin/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
-		['name' => 'AdminSettings#index', 'url' => '/settings/admin/{section}', 'verb' => 'GET', 'defaults' => ['section' => 'server']],
-		['name' => 'AdminSettings#form', 'url' => '/settings/admin/{section}', 'verb' => 'GET'],
-		['name' => 'ChangePassword#changePersonalPassword', 'url' => '/settings/personal/changepassword', 'verb' => 'POST'],
-		['name' => 'ChangePassword#changeUserPassword', 'url' => '/settings/users/changepassword', 'verb' => 'POST'],
-		['name' => 'Personal#setLanguage', 'url' => '/settings/ajax/setlanguage.php', 'verb' => 'POST'],
-	]
+    'resources' => [
+        'groups' => ['url' => '/settings/users/groups'],
+        'users' => ['url' => '/settings/users/users'],
+        'AuthSettings' => ['url' => '/settings/personal/authtokens'],
+    ],
+    'routes' => [
+        ['name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'],
+        ['name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'],
+        ['name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'],
+        ['name' => 'Encryption#startMigration', 'url' => '/settings/admin/startmigration', 'verb' => 'POST'],
+        ['name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'],
+        ['name' => 'AppSettings#viewApps', 'url' => '/settings/apps', 'verb' => 'GET'],
+        ['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'],
+        ['name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'],
+        ['name' => 'Users#setDisplayName', 'url' => '/settings/users/{username}/displayName', 'verb' => 'POST'],
+        ['name' => 'Users#setEMailAddress', 'url' => '/settings/users/{id}/mailAddress', 'verb' => 'PUT'],
+        ['name' => 'Users#setUserSettings', 'url' => '/settings/users/{username}/settings', 'verb' => 'PUT'],
+        ['name' => 'Users#getVerificationCode', 'url' => '/settings/users/{account}/verify', 'verb' => 'GET'],
+        ['name' => 'Users#stats', 'url' => '/settings/users/stats', 'verb' => 'GET'],
+        ['name' => 'LogSettings#setLogLevel', 'url' => '/settings/admin/log/level', 'verb' => 'POST'],
+        ['name' => 'LogSettings#getEntries', 'url' => '/settings/admin/log/entries', 'verb' => 'GET'],
+        ['name' => 'LogSettings#download', 'url' => '/settings/admin/log/download', 'verb' => 'GET'],
+        ['name' => 'CheckSetup#check', 'url' => '/settings/ajax/checksetup', 'verb' => 'GET'],
+        ['name' => 'CheckSetup#getFailedIntegrityCheckFiles', 'url' => '/settings/integrity/failed', 'verb' => 'GET'],
+        ['name' => 'CheckSetup#rescanFailedIntegrityCheck', 'url' => '/settings/integrity/rescan', 'verb' => 'GET'],
+        ['name' => 'Certificate#addPersonalRootCertificate', 'url' => '/settings/personal/certificate', 'verb' => 'POST'],
+        ['name' => 'Certificate#removePersonalRootCertificate', 'url' => '/settings/personal/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
+        ['name' => 'Certificate#addSystemRootCertificate', 'url' => '/settings/admin/certificate', 'verb' => 'POST'],
+        ['name' => 'Certificate#removeSystemRootCertificate', 'url' => '/settings/admin/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
+        ['name' => 'AdminSettings#index', 'url' => '/settings/admin/{section}', 'verb' => 'GET', 'defaults' => ['section' => 'server']],
+        ['name' => 'AdminSettings#form', 'url' => '/settings/admin/{section}', 'verb' => 'GET'],
+        ['name' => 'ChangePassword#changePersonalPassword', 'url' => '/settings/personal/changepassword', 'verb' => 'POST'],
+        ['name' => 'ChangePassword#changeUserPassword', 'url' => '/settings/users/changepassword', 'verb' => 'POST'],
+        ['name' => 'Personal#setLanguage', 'url' => '/settings/ajax/setlanguage.php', 'verb' => 'POST'],
+    ]
 ]);
 
 /** @var $this \OCP\Route\IRouter */
 
 // Settings pages
 $this->create('settings_help', '/settings/help')
-	->actionInclude('settings/help.php');
+    ->actionInclude('settings/help.php');
 $this->create('settings_personal', '/settings/personal')
-	->actionInclude('settings/personal.php');
+    ->actionInclude('settings/personal.php');
 $this->create('settings_users', '/settings/users')
-	->actionInclude('settings/users.php');
+    ->actionInclude('settings/users.php');
 // Settings ajax actions
 // users
 $this->create('settings_ajax_setquota', '/settings/ajax/setquota.php')
-	->actionInclude('settings/ajax/setquota.php');
+    ->actionInclude('settings/ajax/setquota.php');
 $this->create('settings_ajax_togglegroups', '/settings/ajax/togglegroups.php')
-	->actionInclude('settings/ajax/togglegroups.php');
+    ->actionInclude('settings/ajax/togglegroups.php');
 $this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.php')
-	->actionInclude('settings/ajax/togglesubadmins.php');
+    ->actionInclude('settings/ajax/togglesubadmins.php');
 $this->create('settings_ajax_changegorupname', '/settings/ajax/changegroupname.php')
-	->actionInclude('settings/ajax/changegroupname.php');
+    ->actionInclude('settings/ajax/changegroupname.php');
 // apps
 $this->create('settings_ajax_enableapp', '/settings/ajax/enableapp.php')
-	->actionInclude('settings/ajax/enableapp.php');
+    ->actionInclude('settings/ajax/enableapp.php');
 $this->create('settings_ajax_disableapp', '/settings/ajax/disableapp.php')
-	->actionInclude('settings/ajax/disableapp.php');
+    ->actionInclude('settings/ajax/disableapp.php');
 $this->create('settings_ajax_updateapp', '/settings/ajax/updateapp.php')
-	->actionInclude('settings/ajax/updateapp.php');
+    ->actionInclude('settings/ajax/updateapp.php');
 $this->create('settings_ajax_uninstallapp', '/settings/ajax/uninstallapp.php')
-	->actionInclude('settings/ajax/uninstallapp.php');
+    ->actionInclude('settings/ajax/uninstallapp.php');
 $this->create('settings_ajax_navigationdetect', '/settings/ajax/navigationdetect.php')
-	->actionInclude('settings/ajax/navigationdetect.php');
+    ->actionInclude('settings/ajax/navigationdetect.php');
 // admin
 $this->create('settings_ajax_excludegroups', '/settings/ajax/excludegroups.php')
-	->actionInclude('settings/ajax/excludegroups.php');
+    ->actionInclude('settings/ajax/excludegroups.php');

settings/templates/personal.php

Spacing +48 added lines, -48 removed lines

@@ -22,10 +22,10 @@ 
 
 <div id="app-navigation">
 	<ul class="with-icon">
-	<?php foreach($_['forms'] as $form) {
+	<?php foreach ($_['forms'] as $form) {
 		if (isset($form['anchor'])) {
-			$anchor = '#' . $form['anchor'];
-			$class = 'nav-icon-' . $form['anchor'];
+			$anchor = '#'.$form['anchor'];
+			$class = 'nav-icon-'.$form['anchor'];
 			$sectionName = $form['section-name'];
 			print_unescaped(sprintf("<li><a href='%s' class='%s'>%s</a></li>", \OCP\Util::sanitizeHTML($anchor),
 			\OCP\Util::sanitizeHTML($class), \OCP\Util::sanitizeHTML($sectionName)));
@@ -37,15 +37,15 @@ 
 <div id="app-content">
 
 <div id="quota" class="section">
-	<div style="width:<?php p($_['usage_relative']);?>%"
-		<?php if($_['usage_relative'] > 80): ?> class="quota-warning" <?php endif; ?>>
+	<div style="width:<?php p($_['usage_relative']); ?>%"
+		<?php if ($_['usage_relative'] > 80): ?> class="quota-warning" <?php endif; ?>>
 		<p id="quotatext">
 			<?php if ($_['quota'] === \OCP\Files\FileInfo::SPACE_UNLIMITED): ?>
 				<?php print_unescaped($l->t('You are using <strong>%s</strong> of <strong>%s</strong>',
-					[$_['usage'], $_['total_space']]));?>
+					[$_['usage'], $_['total_space']])); ?>
 			<?php else: ?>
 				<?php print_unescaped($l->t('You are using <strong>%s</strong> of <strong>%s</strong> (<strong>%s %%</strong>)',
-					[$_['usage'], $_['total_space'],  $_['usage_relative']]));?>
+					[$_['usage'], $_['total_space'], $_['usage_relative']])); ?>
 			<?php endif ?>
 		</p>
 	</div>
@@ -91,11 +91,11 @@ 
 				<span class="icon-password"/>
 			</h2>
 			<input type="text" id="displayname" name="displayname"
-				<?php if(!$_['displayNameChangeSupported']) { print_unescaped('class="hidden"'); } ?>
+				<?php if (!$_['displayNameChangeSupported']) { print_unescaped('class="hidden"'); } ?>
 				value="<?php p($_['displayName']) ?>"
 				autocomplete="on" autocapitalize="none" autocorrect="off" />
-			<?php if(!$_['displayNameChangeSupported']) { ?>
-				<span><?php if(isset($_['displayName']) && !empty($_['displayName'])) { p($_['displayName']); } else { p($l->t('No display name set')); } ?></span>
+			<?php if (!$_['displayNameChangeSupported']) { ?>
+				<span><?php if (isset($_['displayName']) && !empty($_['displayName'])) { p($_['displayName']); } else { p($l->t('No display name set')); } ?></span>
 			<?php } ?>
 			<span class="icon-checkmark hidden"/>
 			<input type="hidden" id="displaynamescope" value="<?php p($_['displayNameScope']) ?>">
@@ -109,13 +109,13 @@ 
 			</h2>
 			<span class="verify" id="verify-email">Verify</span>
 			<input type="email" name="email" id="email" value="<?php p($_['email']); ?>"
-				<?php if(!$_['displayNameChangeSupported']) { print_unescaped('class="hidden"'); } ?>
+				<?php if (!$_['displayNameChangeSupported']) { print_unescaped('class="hidden"'); } ?>
 				placeholder="<?php p($l->t('Your email address')); ?>"
 				autocomplete="on" autocapitalize="none" autocorrect="off" />
-			<?php if(!$_['displayNameChangeSupported']) { ?>
-				<span><?php if(isset($_['email']) && !empty($_['email'])) { p($_['email']); } else { p($l->t('No email address set')); }?></span>
+			<?php if (!$_['displayNameChangeSupported']) { ?>
+				<span><?php if (isset($_['email']) && !empty($_['email'])) { p($_['email']); } else { p($l->t('No email address set')); }?></span>
 			<?php } ?>
-			<?php if($_['displayNameChangeSupported']) { ?>
+			<?php if ($_['displayNameChangeSupported']) { ?>
 				<br />
 				<em><?php p($l->t('For password reset and notifications')); ?></em>
 			<?php } ?>
@@ -193,19 +193,19 @@ 
 </div>
 
 <?php
-if($_['passwordChangeSupported']) {
+if ($_['passwordChangeSupported']) {
 	script('jquery-showpassword');
 ?>
 <form id="passwordform" class="section">
-	<h2 class="inlineblock"><?php p($l->t('Password'));?></h2>
+	<h2 class="inlineblock"><?php p($l->t('Password')); ?></h2>
 	<div id="password-error-msg" class="msg success inlineblock" style="display: none;">Saved</div>
 	<br>
 	<label for="pass1" class="hidden-visually"><?php p($l->t('Current password')); ?>: </label>
 	<input type="password" id="pass1" name="oldpassword"
-		placeholder="<?php p($l->t('Current password'));?>"
+		placeholder="<?php p($l->t('Current password')); ?>"
 		autocomplete="off" autocapitalize="none" autocorrect="off" />
 	<div class="personal-show-container">
-		<label for="pass2" class="hidden-visually"><?php p($l->t('New password'));?>: </label>
+		<label for="pass2" class="hidden-visually"><?php p($l->t('New password')); ?>: </label>
 		<input type="password" id="pass2" name="newpassword"
 			placeholder="<?php p($l->t('New password')); ?>"
 			data-typetoggle="#personal-show"
@@ -221,44 +221,44 @@ 
 
 <form id="language" class="section">
 	<h2>
-		<label for="languageinput"><?php p($l->t('Language'));?></label>
+		<label for="languageinput"><?php p($l->t('Language')); ?></label>
 	</h2>
-	<select id="languageinput" name="lang" data-placeholder="<?php p($l->t('Language'));?>">
-		<option value="<?php p($_['activelanguage']['code']);?>">
-			<?php p($_['activelanguage']['name']);?>
+	<select id="languageinput" name="lang" data-placeholder="<?php p($l->t('Language')); ?>">
+		<option value="<?php p($_['activelanguage']['code']); ?>">
+			<?php p($_['activelanguage']['name']); ?>
 		</option>
-		<?php foreach($_['commonlanguages'] as $language):?>
-			<option value="<?php p($language['code']);?>">
-				<?php p($language['name']);?>
+		<?php foreach ($_['commonlanguages'] as $language):?>
+			<option value="<?php p($language['code']); ?>">
+				<?php p($language['name']); ?>
 			</option>
-		<?php endforeach;?>
+		<?php endforeach; ?>
 		<optgroup label="––––––––––"></optgroup>
-		<?php foreach($_['languages'] as $language):?>
-			<option value="<?php p($language['code']);?>">
-				<?php p($language['name']);?>
+		<?php foreach ($_['languages'] as $language):?>
+			<option value="<?php p($language['code']); ?>">
+				<?php p($language['name']); ?>
 			</option>
-		<?php endforeach;?>
+		<?php endforeach; ?>
 	</select>
 	<a href="https://www.transifex.com/nextcloud/nextcloud/"
 		target="_blank" rel="noreferrer">
-		<em><?php p($l->t('Help translate'));?></em>
+		<em><?php p($l->t('Help translate')); ?></em>
 	</a>
 </form>
 
 
 <div id="clientsbox" class="section clientsbox">
-	<h2><?php p($l->t('Get the apps to sync your files'));?></h2>
+	<h2><?php p($l->t('Get the apps to sync your files')); ?></h2>
 	<a href="<?php p($_['clients']['desktop']); ?>" rel="noreferrer" target="_blank">
 		<img src="<?php print_unescaped(image_path('core', 'desktopapp.svg')); ?>"
-			 alt="<?php p($l->t('Desktop client'));?>" />
+			 alt="<?php p($l->t('Desktop client')); ?>" />
 	</a>
 	<a href="<?php p($_['clients']['android']); ?>" rel="noreferrer" target="_blank">
 		<img src="<?php print_unescaped(image_path('core', 'googleplay.png')); ?>"
-			 alt="<?php p($l->t('Android app'));?>" />
+			 alt="<?php p($l->t('Android app')); ?>" />
 	</a>
 	<a href="<?php p($_['clients']['ios']); ?>" rel="noreferrer" target="_blank">
 		<img src="<?php print_unescaped(image_path('core', 'appstore.svg')); ?>"
-			 alt="<?php p($l->t('iOS app'));?>" />
+			 alt="<?php p($l->t('iOS app')); ?>" />
 	</a>
 
 		<p>
@@ -274,19 +274,19 @@ 
 				$l->t('If you want to support the project {contributeopen}join development{linkclose} or {contributeopen}spread the word{linkclose}!'))); ?>
 		</p>
 
-	<?php if(OC_APP::isEnabled('firstrunwizard')) {?>
-		<p><a class="button" href="#" id="showWizard"><?php p($l->t('Show First Run Wizard again'));?></a></p>
+	<?php if (OC_APP::isEnabled('firstrunwizard')) {?>
+		<p><a class="button" href="#" id="showWizard"><?php p($l->t('Show First Run Wizard again')); ?></a></p>
 	<?php }?>
 </div>
 
 <div id="sessions" class="section">
-	<h2><?php p($l->t('Sessions'));?></h2>
-	<span class="hidden-when-empty"><?php p($l->t('Web, desktop and mobile clients currently logged in to your account.'));?></span>
+	<h2><?php p($l->t('Sessions')); ?></h2>
+	<span class="hidden-when-empty"><?php p($l->t('Web, desktop and mobile clients currently logged in to your account.')); ?></span>
 	<table class="icon-loading">
 		<thead class="token-list-header">
 			<tr>
-				<th><?php p($l->t('Device'));?></th>
-				<th><?php p($l->t('Last activity'));?></th>
+				<th><?php p($l->t('Device')); ?></th>
+				<th><?php p($l->t('Last activity')); ?></th>
 				<th></th>
 			</tr>
 		</thead>
@@ -296,13 +296,13 @@ 
 </div>
 
 <div id="apppasswords" class="section">
-	<h2><?php p($l->t('App passwords'));?></h2>
-	<p><?php p($l->t('Passcodes that give an app or device permissions to access your account.'));?></p>
+	<h2><?php p($l->t('App passwords')); ?></h2>
+	<p><?php p($l->t('Passcodes that give an app or device permissions to access your account.')); ?></p>
 	<table class="icon-loading">
 		<thead class="hidden-when-empty">
 			<tr>
-				<th><?php p($l->t('Name'));?></th>
-				<th><?php p($l->t('Last activity'));?></th>
+				<th><?php p($l->t('Name')); ?></th>
+				<th><?php p($l->t('Last activity')); ?></th>
 				<th></th>
 			</tr>
 		</thead>
@@ -331,14 +331,14 @@ 
 	</div>
 </div>
 
-<?php foreach($_['forms'] as $form) {
+<?php foreach ($_['forms'] as $form) {
 	if (isset($form['form'])) {?>
-	<div id="<?php isset($form['anchor']) ? p($form['anchor']) : p('');?>"><?php print_unescaped($form['form']);?></div>
+	<div id="<?php isset($form['anchor']) ? p($form['anchor']) : p(''); ?>"><?php print_unescaped($form['form']); ?></div>
 	<?php }
 };?>
 
 <div class="section">
-	<h2><?php p($l->t('Version'));?></h2>
+	<h2><?php p($l->t('Version')); ?></h2>
 	<p><a href="<?php print_unescaped($theme->getBaseUrl()); ?>" target="_blank"><?php p($theme->getTitle()); ?></a> <?php p(OC_Util::getHumanVersion()) ?></p>
 	<p><?php include('settings.development.notice.php'); ?></p>
 </div>

settings/Controller/UsersController.php

Indentation +845 added lines, -845 removed lines

@@ -57,850 +57,850 @@
  * @package OC\Settings\Controller
  */
 class UsersController extends Controller {
-	/** @var IL10N */
-	private $l10n;
-	/** @var IUserSession */
-	private $userSession;
-	/** @var bool */
-	private $isAdmin;
-	/** @var IUserManager */
-	private $userManager;
-	/** @var IGroupManager */
-	private $groupManager;
-	/** @var IConfig */
-	private $config;
-	/** @var ILogger */
-	private $log;
-	/** @var \OC_Defaults */
-	private $defaults;
-	/** @var IMailer */
-	private $mailer;
-	/** @var string */
-	private $fromMailAddress;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var bool contains the state of the encryption app */
-	private $isEncryptionAppEnabled;
-	/** @var bool contains the state of the admin recovery setting */
-	private $isRestoreEnabled = false;
-	/** @var IAvatarManager */
-	private $avatarManager;
-	/** @var AccountManager */
-	private $accountManager;
-	/** @var ISecureRandom */
-	private $secureRandom;
-	/** @var ITimeFactory */
-	private $timeFactory;
-	/** @var ICrypto */
-	private $crypto;
-	/** @var Manager */
-	private $keyManager;
-
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IUserManager $userManager
-	 * @param IGroupManager $groupManager
-	 * @param IUserSession $userSession
-	 * @param IConfig $config
-	 * @param bool $isAdmin
-	 * @param IL10N $l10n
-	 * @param ILogger $log
-	 * @param \OC_Defaults $defaults
-	 * @param IMailer $mailer
-	 * @param string $fromMailAddress
-	 * @param IURLGenerator $urlGenerator
-	 * @param IAppManager $appManager
-	 * @param IAvatarManager $avatarManager
-	 * @param AccountManager $accountManager
-	 * @param ISecureRandom $secureRandom
-	 * @param ITimeFactory $timeFactory
-	 * @param ICrypto $crypto
-	 * @param Manager $keyManager
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IUserManager $userManager,
-								IGroupManager $groupManager,
-								IUserSession $userSession,
-								IConfig $config,
-								$isAdmin,
-								IL10N $l10n,
-								ILogger $log,
-								\OC_Defaults $defaults,
-								IMailer $mailer,
-								$fromMailAddress,
-								IURLGenerator $urlGenerator,
-								IAppManager $appManager,
-								IAvatarManager $avatarManager,
-								AccountManager $accountManager,
-								ISecureRandom $secureRandom,
-								ITimeFactory $timeFactory,
-								ICrypto $crypto,
-								Manager $keyManager) {
-		parent::__construct($appName, $request);
-		$this->userManager = $userManager;
-		$this->groupManager = $groupManager;
-		$this->userSession = $userSession;
-		$this->config = $config;
-		$this->isAdmin = $isAdmin;
-		$this->l10n = $l10n;
-		$this->log = $log;
-		$this->defaults = $defaults;
-		$this->mailer = $mailer;
-		$this->fromMailAddress = $fromMailAddress;
-		$this->urlGenerator = $urlGenerator;
-		$this->avatarManager = $avatarManager;
-		$this->accountManager = $accountManager;
-		$this->secureRandom = $secureRandom;
-		$this->timeFactory = $timeFactory;
-		$this->crypto = $crypto;
-		$this->keyManager = $keyManager;
-
-		// check for encryption state - TODO see formatUserForIndex
-		$this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption');
-		if($this->isEncryptionAppEnabled) {
-			// putting this directly in empty is possible in PHP 5.5+
-			$result = $config->getAppValue('encryption', 'recoveryAdminEnabled', 0);
-			$this->isRestoreEnabled = !empty($result);
-		}
-	}
-
-	/**
-	 * @param IUser $user
-	 * @param array $userGroups
-	 * @return array
-	 */
-	private function formatUserForIndex(IUser $user, array $userGroups = null) {
-
-		// TODO: eliminate this encryption specific code below and somehow
-		// hook in additional user info from other apps
-
-		// recovery isn't possible if admin or user has it disabled and encryption
-		// is enabled - so we eliminate the else paths in the conditional tree
-		// below
-		$restorePossible = false;
-
-		if ($this->isEncryptionAppEnabled) {
-			if ($this->isRestoreEnabled) {
-				// check for the users recovery setting
-				$recoveryMode = $this->config->getUserValue($user->getUID(), 'encryption', 'recoveryEnabled', '0');
-				// method call inside empty is possible with PHP 5.5+
-				$recoveryModeEnabled = !empty($recoveryMode);
-				if ($recoveryModeEnabled) {
-					// user also has recovery mode enabled
-					$restorePossible = true;
-				}
-			}
-		} else {
-			// recovery is possible if encryption is disabled (plain files are
-			// available)
-			$restorePossible = true;
-		}
-
-		$subAdminGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($user);
-		foreach($subAdminGroups as $key => $subAdminGroup) {
-			$subAdminGroups[$key] = $subAdminGroup->getGID();
-		}
-
-		$displayName = $user->getEMailAddress();
-		if (is_null($displayName)) {
-			$displayName = '';
-		}
-
-		$avatarAvailable = false;
-		try {
-			$avatarAvailable = $this->avatarManager->getAvatar($user->getUID())->exists();
-		} catch (\Exception $e) {
-			//No avatar yet
-		}
-
-		return [
-			'name' => $user->getUID(),
-			'displayname' => $user->getDisplayName(),
-			'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups,
-			'subadmin' => $subAdminGroups,
-			'quota' => $user->getQuota(),
-			'storageLocation' => $user->getHome(),
-			'lastLogin' => $user->getLastLogin() * 1000,
-			'backend' => $user->getBackendClassName(),
-			'email' => $displayName,
-			'isRestoreDisabled' => !$restorePossible,
-			'isAvatarAvailable' => $avatarAvailable,
-		];
-	}
-
-	/**
-	 * @param array $userIDs Array with schema [$uid => $displayName]
-	 * @return IUser[]
-	 */
-	private function getUsersForUID(array $userIDs) {
-		$users = [];
-		foreach ($userIDs as $uid => $displayName) {
-			$users[$uid] = $this->userManager->get($uid);
-		}
-		return $users;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 *
-	 * @param int $offset
-	 * @param int $limit
-	 * @param string $gid GID to filter for
-	 * @param string $pattern Pattern to search for in the username
-	 * @param string $backend Backend to filter for (class-name)
-	 * @return DataResponse
-	 *
-	 * TODO: Tidy up and write unit tests - code is mainly static method calls
-	 */
-	public function index($offset = 0, $limit = 10, $gid = '', $pattern = '', $backend = '') {
-		// FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group.
-		if($gid === '_everyone') {
-			$gid = '';
-		}
-
-		// Remove backends
-		if(!empty($backend)) {
-			$activeBackends = $this->userManager->getBackends();
-			$this->userManager->clearBackends();
-			foreach($activeBackends as $singleActiveBackend) {
-				if($backend === get_class($singleActiveBackend)) {
-					$this->userManager->registerBackend($singleActiveBackend);
-					break;
-				}
-			}
-		}
-
-		$users = [];
-		if ($this->isAdmin) {
-
-			if($gid !== '') {
-				$batch = $this->getUsersForUID($this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset));
-			} else {
-				$batch = $this->userManager->search($pattern, $limit, $offset);
-			}
-
-			foreach ($batch as $user) {
-				$users[] = $this->formatUserForIndex($user);
-			}
-
-		} else {
-			$subAdminOfGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser());
-			// New class returns IGroup[] so convert back
-			$gids = [];
-			foreach ($subAdminOfGroups as $group) {
-				$gids[] = $group->getGID();
-			}
-			$subAdminOfGroups = $gids;
-
-			// Set the $gid parameter to an empty value if the subadmin has no rights to access a specific group
-			if($gid !== '' && !in_array($gid, $subAdminOfGroups)) {
-				$gid = '';
-			}
-
-			// Batch all groups the user is subadmin of when a group is specified
-			$batch = [];
-			if($gid === '') {
-				foreach($subAdminOfGroups as $group) {
-					$groupUsers = $this->groupManager->displayNamesInGroup($group, $pattern, $limit, $offset);
-
-					foreach($groupUsers as $uid => $displayName) {
-						$batch[$uid] = $displayName;
-					}
-				}
-			} else {
-				$batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset);
-			}
-			$batch = $this->getUsersForUID($batch);
-
-			foreach ($batch as $user) {
-				// Only add the groups, this user is a subadmin of
-				$userGroups = array_values(array_intersect(
-					$this->groupManager->getUserGroupIds($user),
-					$subAdminOfGroups
-				));
-				$users[] = $this->formatUserForIndex($user, $userGroups);
-			}
-		}
-
-		return new DataResponse($users);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $username
-	 * @param string $password
-	 * @param array $groups
-	 * @param string $email
-	 * @return DataResponse
-	 */
-	public function create($username, $password, array $groups=array(), $email='') {
-		if($email !== '' && !$this->mailer->validateMailAddress($email)) {
-			return new DataResponse(
-				array(
-					'message' => (string)$this->l10n->t('Invalid mail address')
-				),
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-
-		$currentUser = $this->userSession->getUser();
-
-		if (!$this->isAdmin) {
-			if (!empty($groups)) {
-				foreach ($groups as $key => $group) {
-					$groupObject = $this->groupManager->get($group);
-					if($groupObject === null) {
-						unset($groups[$key]);
-						continue;
-					}
-
-					if (!$this->groupManager->getSubAdmin()->isSubAdminofGroup($currentUser, $groupObject)) {
-						unset($groups[$key]);
-					}
-				}
-			}
-
-			if (empty($groups)) {
-				return new DataResponse(
-					array(
-						'message' => $this->l10n->t('No valid group selected'),
-					),
-					Http::STATUS_FORBIDDEN
-				);
-			}
-		}
-
-		if ($this->userManager->userExists($username)) {
-			return new DataResponse(
-				array(
-					'message' => (string)$this->l10n->t('A user with that name already exists.')
-				),
-				Http::STATUS_CONFLICT
-			);
-		}
-
-		$generatedPassword = false;
-		if ($password === '') {
-			if ($email === '') {
-				return new DataResponse(
-					array(
-						'message' => (string)$this->l10n->t('To send a password link to the user an email address is required.')
-					),
-					Http::STATUS_UNPROCESSABLE_ENTITY
-				);
-			}
-
-			$password = $this->secureRandom->generate(32);
-			$generatedPassword = true;
-		}
-
-		try {
-			$user = $this->userManager->createUser($username, $password);
-		} catch (\Exception $exception) {
-			$message = $exception->getMessage();
-			if (!$message) {
-				$message = $this->l10n->t('Unable to create user.');
-			}
-			return new DataResponse(
-				array(
-					'message' => (string) $message,
-				),
-				Http::STATUS_FORBIDDEN
-			);
-		}
-
-		if($user instanceof IUser) {
-			if($groups !== null) {
-				foreach($groups as $groupName) {
-					$group = $this->groupManager->get($groupName);
-
-					if(empty($group)) {
-						$group = $this->groupManager->createGroup($groupName);
-					}
-					$group->addUser($user);
-				}
-			}
-			/**
-			 * Send new user mail only if a mail is set
-			 */
-			if($email !== '') {
-				$user->setEMailAddress($email);
-
-				if ($generatedPassword) {
-					$token = $this->secureRandom->generate(
-						21,
-						ISecureRandom::CHAR_DIGITS .
-						ISecureRandom::CHAR_LOWER .
-						ISecureRandom::CHAR_UPPER
-					);
-					$tokenValue = $this->timeFactory->getTime() . ':' . $token;
-					$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
-					$encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress . $this->config->getSystemValue('secret'));
-					$this->config->setUserValue($username, 'core', 'lostpassword', $encryptedValue);
-
-					$link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', ['userId' => $username, 'token' => $token]);
-				} else {
-					$link = $this->urlGenerator->getAbsoluteURL('/');
-				}
-
-				// data for the mail template
-				$mailData = array(
-					'username' => $username,
-					'url' => $link
-				);
-
-				$mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank');
-				$mailContent = $mail->render();
-
-				$mail = new TemplateResponse('settings', 'email.new_user_plain_text', $mailData, 'blank');
-				$plainTextMailContent = $mail->render();
-
-				$subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]);
-
-				try {
-					$message = $this->mailer->createMessage();
-					$message->setTo([$email => $username]);
-					$message->setSubject($subject);
-					$message->setHtmlBody($mailContent);
-					$message->setPlainBody($plainTextMailContent);
-					$message->setFrom([$this->fromMailAddress => $this->defaults->getName()]);
-					$this->mailer->send($message);
-				} catch(\Exception $e) {
-					$this->log->error("Can't send new user mail to $email: " . $e->getMessage(), array('app' => 'settings'));
-				}
-			}
-			// fetch users groups
-			$userGroups = $this->groupManager->getUserGroupIds($user);
-
-			return new DataResponse(
-				$this->formatUserForIndex($user, $userGroups),
-				Http::STATUS_CREATED
-			);
-		}
-
-		return new DataResponse(
-			array(
-				'message' => (string)$this->l10n->t('Unable to create user.')
-			),
-			Http::STATUS_FORBIDDEN
-		);
-
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $id
-	 * @return DataResponse
-	 */
-	public function destroy($id) {
-		$userId = $this->userSession->getUser()->getUID();
-		$user = $this->userManager->get($id);
-
-		if($userId === $id) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Unable to delete user.')
-					)
-				),
-				Http::STATUS_FORBIDDEN
-			);
-		}
-
-		if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Authentication error')
-					)
-				),
-				Http::STATUS_FORBIDDEN
-			);
-		}
-
-		if($user) {
-			if($user->delete()) {
-				return new DataResponse(
-					array(
-						'status' => 'success',
-						'data' => array(
-							'username' => $id
-						)
-					),
-					Http::STATUS_NO_CONTENT
-				);
-			}
-		}
-
-		return new DataResponse(
-			array(
-				'status' => 'error',
-				'data' => array(
-					'message' => (string)$this->l10n->t('Unable to delete user.')
-				)
-			),
-			Http::STATUS_FORBIDDEN
-		);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $account
-	 * @return DataResponse
-	 */
-	public function getVerificationCode($account) {
-
-		$user = $this->userSession->getUser();
-		$cloudId = $user->getCloudId();
-		$message = "My Federated Cloud ID: " . $cloudId;
-		$privateKey = $this->keyManager->getKey($user)->getPrivate();
-		openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512);
-		$signatureBase64 = base64_encode($signature);
-
-		$code = $message . ' ' . $signatureBase64;
-
-		switch ($account) {
-			case 'verify-twitter':
-				$msg = $this->l10n->t('In order to verify your Twitter account post following tweet on Twitter:');
-				$code = substr($code, 0 , 140);
-				break;
-			case 'verify-website':
-				$msg = $this->l10n->t('In order to verify your Website store following content in your webroot at \'CloudIdVerificationCode.txt\':');
-				break;
-			default:
-				return new DataResponse([], Http::STATUS_BAD_REQUEST);
-				break;
-		}
-
-		return new DataResponse(['msg' => $msg, 'code' => $code]);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $avatarScope
-	 * @param string $displayname
-	 * @param string $displaynameScope
-	 * @param string $phone
-	 * @param string $phoneScope
-	 * @param string $email
-	 * @param string $emailScope
-	 * @param string $website
-	 * @param string $websiteScope
-	 * @param string $address
-	 * @param string $addressScope
-	 * @param string $twitter
-	 * @param string $twitterScope
-	 * @return DataResponse
-	 */
-	public function setUserSettings($avatarScope,
-									$displayname,
-									$displaynameScope,
-									$phone,
-									$phoneScope,
-									$email,
-									$emailScope,
-									$website,
-									$websiteScope,
-									$address,
-									$addressScope,
-									$twitter,
-									$twitterScope
-	) {
-
-		if(!empty($email) && !$this->mailer->validateMailAddress($email)) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Invalid mail address')
-					)
-				),
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-
-		$data = [
-			AccountManager::PROPERTY_AVATAR =>  ['scope' => $avatarScope],
-			AccountManager::PROPERTY_DISPLAYNAME => ['value' => $displayname, 'scope' => $displaynameScope],
-			AccountManager::PROPERTY_EMAIL=> ['value' => $email, 'scope' => $emailScope],
-			AccountManager::PROPERTY_WEBSITE => ['value' => $website, 'scope' => $websiteScope],
-			AccountManager::PROPERTY_ADDRESS => ['value' => $address, 'scope' => $addressScope],
-			AccountManager::PROPERTY_PHONE => ['value' => $phone, 'scope' => $phoneScope],
-			AccountManager::PROPERTY_TWITTER => ['value' => $twitter, 'scope' => $twitterScope]
-		];
-
-		$user = $this->userSession->getUser();
-
-		try {
-			$this->saveUserSettings($user, $data);
-			return new DataResponse(
-				array(
-					'status' => 'success',
-					'data' => array(
-						'userId' => $user->getUID(),
-						'avatarScope' => $avatarScope,
-						'displayname' => $displayname,
-						'displaynameScope' => $displaynameScope,
-						'email' => $email,
-						'emailScope' => $emailScope,
-						'website' => $website,
-						'websiteScope' => $websiteScope,
-						'address' => $address,
-						'addressScope' => $addressScope,
-						'message' => (string)$this->l10n->t('Settings saved')
-					)
-				),
-				Http::STATUS_OK
-			);
-		} catch (ForbiddenException $e) {
-			return new DataResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $e->getMessage()
-				],
-			]);
-		}
-
-	}
-
-
-	/**
-	 * update account manager with new user data
-	 *
-	 * @param IUser $user
-	 * @param array $data
-	 * @throws ForbiddenException
-	 */
-	protected function saveUserSettings(IUser $user, $data) {
-
-		// keep the user back-end up-to-date with the latest display name and email
-		// address
-		$oldDisplayName = $user->getDisplayName();
-		$oldDisplayName = is_null($oldDisplayName) ? '' : $oldDisplayName;
-		if (isset($data[AccountManager::PROPERTY_DISPLAYNAME]['value'])
-			&& $oldDisplayName !== $data[AccountManager::PROPERTY_DISPLAYNAME]['value']
-		) {
-			$result = $user->setDisplayName($data[AccountManager::PROPERTY_DISPLAYNAME]['value']);
-			if ($result === false) {
-				throw new ForbiddenException($this->l10n->t('Unable to change full name'));
-			}
-		}
-
-		$oldEmailAddress = $user->getEMailAddress();
-		$oldEmailAddress = is_null($oldEmailAddress) ? '' : $oldEmailAddress;
-		if (isset($data[AccountManager::PROPERTY_EMAIL]['value'])
-			&& $oldEmailAddress !== $data[AccountManager::PROPERTY_EMAIL]['value']
-		) {
-			// this is the only permission a backend provides and is also used
-			// for the permission of setting a email address
-			if (!$user->canChangeDisplayName()) {
-				throw new ForbiddenException($this->l10n->t('Unable to change email address'));
-			}
-			$user->setEMailAddress($data[AccountManager::PROPERTY_EMAIL]['value']);
-		}
-
-		$this->accountManager->updateUser($user, $data);
-	}
-
-	/**
-	 * Count all unique users visible for the current admin/subadmin.
-	 *
-	 * @NoAdminRequired
-	 *
-	 * @return DataResponse
-	 */
-	public function stats() {
-		$userCount = 0;
-		if ($this->isAdmin) {
-			$countByBackend = $this->userManager->countUsers();
-
-			if (!empty($countByBackend)) {
-				foreach ($countByBackend as $count) {
-					$userCount += $count;
-				}
-			}
-		} else {
-			$groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser());
-
-			$uniqueUsers = [];
-			foreach ($groups as $group) {
-				foreach($group->getUsers() as $uid => $displayName) {
-					$uniqueUsers[$uid] = true;
-				}
-			}
-
-			$userCount = count($uniqueUsers);
-		}
-
-		return new DataResponse(
-			[
-				'totalUsers' => $userCount
-			]
-		);
-	}
-
-
-	/**
-	 * Set the displayName of a user
-	 *
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @PasswordConfirmationRequired
-	 * @todo merge into saveUserSettings
-	 *
-	 * @param string $username
-	 * @param string $displayName
-	 * @return DataResponse
-	 */
-	public function setDisplayName($username, $displayName) {
-		$currentUser = $this->userSession->getUser();
-		$user = $this->userManager->get($username);
-
-		if ($user === null ||
-			!$user->canChangeDisplayName() ||
-			(
-				!$this->groupManager->isAdmin($currentUser->getUID()) &&
-				!$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) &&
-				$currentUser->getUID() !== $username
-
-			)
-		) {
-			return new DataResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $this->l10n->t('Authentication error'),
-				],
-			]);
-		}
-
-		$userData = $this->accountManager->getUser($user);
-		$userData[AccountManager::PROPERTY_DISPLAYNAME]['value'] = $displayName;
-
-
-		try {
-			$this->saveUserSettings($user, $userData);
-			return new DataResponse([
-				'status' => 'success',
-				'data' => [
-					'message' => $this->l10n->t('Your full name has been changed.'),
-					'username' => $username,
-					'displayName' => $displayName,
-				],
-			]);
-		} catch (ForbiddenException $e) {
-			return new DataResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $e->getMessage(),
-					'displayName' => $user->getDisplayName(),
-				],
-			]);
-		}
-	}
-
-	/**
-	 * Set the mail address of a user
-	 *
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $id
-	 * @param string $mailAddress
-	 * @return DataResponse
-	 */
-	public function setEMailAddress($id, $mailAddress) {
-		$user = $this->userManager->get($id);
-		if (!$this->isAdmin
-			&& !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)
-		) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Forbidden')
-					)
-				),
-				Http::STATUS_FORBIDDEN
-			);
-		}
-
-		if($mailAddress !== '' && !$this->mailer->validateMailAddress($mailAddress)) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Invalid mail address')
-					)
-				),
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-
-		if (!$user) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Invalid user')
-					)
-				),
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-		// this is the only permission a backend provides and is also used
-		// for the permission of setting a email address
-		if (!$user->canChangeDisplayName()) {
-			return new DataResponse(
-				array(
-					'status' => 'error',
-					'data' => array(
-						'message' => (string)$this->l10n->t('Unable to change mail address')
-					)
-				),
-				Http::STATUS_FORBIDDEN
-			);
-		}
-
-		$userData = $this->accountManager->getUser($user);
-		$userData[AccountManager::PROPERTY_EMAIL]['value'] = $mailAddress;
-
-		try {
-			$this->saveUserSettings($user, $userData);
-			return new DataResponse(
-				array(
-					'status' => 'success',
-					'data' => array(
-						'username' => $id,
-						'mailAddress' => $mailAddress,
-						'message' => (string)$this->l10n->t('Email saved')
-					)
-				),
-				Http::STATUS_OK
-			);
-		} catch (ForbiddenException $e) {
-			return new DataResponse([
-				'status' => 'error',
-				'data' => [
-					'message' => $e->getMessage()
-				],
-			]);
-		}
-	}
+    /** @var IL10N */
+    private $l10n;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var bool */
+    private $isAdmin;
+    /** @var IUserManager */
+    private $userManager;
+    /** @var IGroupManager */
+    private $groupManager;
+    /** @var IConfig */
+    private $config;
+    /** @var ILogger */
+    private $log;
+    /** @var \OC_Defaults */
+    private $defaults;
+    /** @var IMailer */
+    private $mailer;
+    /** @var string */
+    private $fromMailAddress;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var bool contains the state of the encryption app */
+    private $isEncryptionAppEnabled;
+    /** @var bool contains the state of the admin recovery setting */
+    private $isRestoreEnabled = false;
+    /** @var IAvatarManager */
+    private $avatarManager;
+    /** @var AccountManager */
+    private $accountManager;
+    /** @var ISecureRandom */
+    private $secureRandom;
+    /** @var ITimeFactory */
+    private $timeFactory;
+    /** @var ICrypto */
+    private $crypto;
+    /** @var Manager */
+    private $keyManager;
+
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IUserManager $userManager
+     * @param IGroupManager $groupManager
+     * @param IUserSession $userSession
+     * @param IConfig $config
+     * @param bool $isAdmin
+     * @param IL10N $l10n
+     * @param ILogger $log
+     * @param \OC_Defaults $defaults
+     * @param IMailer $mailer
+     * @param string $fromMailAddress
+     * @param IURLGenerator $urlGenerator
+     * @param IAppManager $appManager
+     * @param IAvatarManager $avatarManager
+     * @param AccountManager $accountManager
+     * @param ISecureRandom $secureRandom
+     * @param ITimeFactory $timeFactory
+     * @param ICrypto $crypto
+     * @param Manager $keyManager
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IUserManager $userManager,
+                                IGroupManager $groupManager,
+                                IUserSession $userSession,
+                                IConfig $config,
+                                $isAdmin,
+                                IL10N $l10n,
+                                ILogger $log,
+                                \OC_Defaults $defaults,
+                                IMailer $mailer,
+                                $fromMailAddress,
+                                IURLGenerator $urlGenerator,
+                                IAppManager $appManager,
+                                IAvatarManager $avatarManager,
+                                AccountManager $accountManager,
+                                ISecureRandom $secureRandom,
+                                ITimeFactory $timeFactory,
+                                ICrypto $crypto,
+                                Manager $keyManager) {
+        parent::__construct($appName, $request);
+        $this->userManager = $userManager;
+        $this->groupManager = $groupManager;
+        $this->userSession = $userSession;
+        $this->config = $config;
+        $this->isAdmin = $isAdmin;
+        $this->l10n = $l10n;
+        $this->log = $log;
+        $this->defaults = $defaults;
+        $this->mailer = $mailer;
+        $this->fromMailAddress = $fromMailAddress;
+        $this->urlGenerator = $urlGenerator;
+        $this->avatarManager = $avatarManager;
+        $this->accountManager = $accountManager;
+        $this->secureRandom = $secureRandom;
+        $this->timeFactory = $timeFactory;
+        $this->crypto = $crypto;
+        $this->keyManager = $keyManager;
+
+        // check for encryption state - TODO see formatUserForIndex
+        $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption');
+        if($this->isEncryptionAppEnabled) {
+            // putting this directly in empty is possible in PHP 5.5+
+            $result = $config->getAppValue('encryption', 'recoveryAdminEnabled', 0);
+            $this->isRestoreEnabled = !empty($result);
+        }
+    }
+
+    /**
+     * @param IUser $user
+     * @param array $userGroups
+     * @return array
+     */
+    private function formatUserForIndex(IUser $user, array $userGroups = null) {
+
+        // TODO: eliminate this encryption specific code below and somehow
+        // hook in additional user info from other apps
+
+        // recovery isn't possible if admin or user has it disabled and encryption
+        // is enabled - so we eliminate the else paths in the conditional tree
+        // below
+        $restorePossible = false;
+
+        if ($this->isEncryptionAppEnabled) {
+            if ($this->isRestoreEnabled) {
+                // check for the users recovery setting
+                $recoveryMode = $this->config->getUserValue($user->getUID(), 'encryption', 'recoveryEnabled', '0');
+                // method call inside empty is possible with PHP 5.5+
+                $recoveryModeEnabled = !empty($recoveryMode);
+                if ($recoveryModeEnabled) {
+                    // user also has recovery mode enabled
+                    $restorePossible = true;
+                }
+            }
+        } else {
+            // recovery is possible if encryption is disabled (plain files are
+            // available)
+            $restorePossible = true;
+        }
+
+        $subAdminGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($user);
+        foreach($subAdminGroups as $key => $subAdminGroup) {
+            $subAdminGroups[$key] = $subAdminGroup->getGID();
+        }
+
+        $displayName = $user->getEMailAddress();
+        if (is_null($displayName)) {
+            $displayName = '';
+        }
+
+        $avatarAvailable = false;
+        try {
+            $avatarAvailable = $this->avatarManager->getAvatar($user->getUID())->exists();
+        } catch (\Exception $e) {
+            //No avatar yet
+        }
+
+        return [
+            'name' => $user->getUID(),
+            'displayname' => $user->getDisplayName(),
+            'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups,
+            'subadmin' => $subAdminGroups,
+            'quota' => $user->getQuota(),
+            'storageLocation' => $user->getHome(),
+            'lastLogin' => $user->getLastLogin() * 1000,
+            'backend' => $user->getBackendClassName(),
+            'email' => $displayName,
+            'isRestoreDisabled' => !$restorePossible,
+            'isAvatarAvailable' => $avatarAvailable,
+        ];
+    }
+
+    /**
+     * @param array $userIDs Array with schema [$uid => $displayName]
+     * @return IUser[]
+     */
+    private function getUsersForUID(array $userIDs) {
+        $users = [];
+        foreach ($userIDs as $uid => $displayName) {
+            $users[$uid] = $this->userManager->get($uid);
+        }
+        return $users;
+    }
+
+    /**
+     * @NoAdminRequired
+     *
+     * @param int $offset
+     * @param int $limit
+     * @param string $gid GID to filter for
+     * @param string $pattern Pattern to search for in the username
+     * @param string $backend Backend to filter for (class-name)
+     * @return DataResponse
+     *
+     * TODO: Tidy up and write unit tests - code is mainly static method calls
+     */
+    public function index($offset = 0, $limit = 10, $gid = '', $pattern = '', $backend = '') {
+        // FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group.
+        if($gid === '_everyone') {
+            $gid = '';
+        }
+
+        // Remove backends
+        if(!empty($backend)) {
+            $activeBackends = $this->userManager->getBackends();
+            $this->userManager->clearBackends();
+            foreach($activeBackends as $singleActiveBackend) {
+                if($backend === get_class($singleActiveBackend)) {
+                    $this->userManager->registerBackend($singleActiveBackend);
+                    break;
+                }
+            }
+        }
+
+        $users = [];
+        if ($this->isAdmin) {
+
+            if($gid !== '') {
+                $batch = $this->getUsersForUID($this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset));
+            } else {
+                $batch = $this->userManager->search($pattern, $limit, $offset);
+            }
+
+            foreach ($batch as $user) {
+                $users[] = $this->formatUserForIndex($user);
+            }
+
+        } else {
+            $subAdminOfGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser());
+            // New class returns IGroup[] so convert back
+            $gids = [];
+            foreach ($subAdminOfGroups as $group) {
+                $gids[] = $group->getGID();
+            }
+            $subAdminOfGroups = $gids;
+
+            // Set the $gid parameter to an empty value if the subadmin has no rights to access a specific group
+            if($gid !== '' && !in_array($gid, $subAdminOfGroups)) {
+                $gid = '';
+            }
+
+            // Batch all groups the user is subadmin of when a group is specified
+            $batch = [];
+            if($gid === '') {
+                foreach($subAdminOfGroups as $group) {
+                    $groupUsers = $this->groupManager->displayNamesInGroup($group, $pattern, $limit, $offset);
+
+                    foreach($groupUsers as $uid => $displayName) {
+                        $batch[$uid] = $displayName;
+                    }
+                }
+            } else {
+                $batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset);
+            }
+            $batch = $this->getUsersForUID($batch);
+
+            foreach ($batch as $user) {
+                // Only add the groups, this user is a subadmin of
+                $userGroups = array_values(array_intersect(
+                    $this->groupManager->getUserGroupIds($user),
+                    $subAdminOfGroups
+                ));
+                $users[] = $this->formatUserForIndex($user, $userGroups);
+            }
+        }
+
+        return new DataResponse($users);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $username
+     * @param string $password
+     * @param array $groups
+     * @param string $email
+     * @return DataResponse
+     */
+    public function create($username, $password, array $groups=array(), $email='') {
+        if($email !== '' && !$this->mailer->validateMailAddress($email)) {
+            return new DataResponse(
+                array(
+                    'message' => (string)$this->l10n->t('Invalid mail address')
+                ),
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+
+        $currentUser = $this->userSession->getUser();
+
+        if (!$this->isAdmin) {
+            if (!empty($groups)) {
+                foreach ($groups as $key => $group) {
+                    $groupObject = $this->groupManager->get($group);
+                    if($groupObject === null) {
+                        unset($groups[$key]);
+                        continue;
+                    }
+
+                    if (!$this->groupManager->getSubAdmin()->isSubAdminofGroup($currentUser, $groupObject)) {
+                        unset($groups[$key]);
+                    }
+                }
+            }
+
+            if (empty($groups)) {
+                return new DataResponse(
+                    array(
+                        'message' => $this->l10n->t('No valid group selected'),
+                    ),
+                    Http::STATUS_FORBIDDEN
+                );
+            }
+        }
+
+        if ($this->userManager->userExists($username)) {
+            return new DataResponse(
+                array(
+                    'message' => (string)$this->l10n->t('A user with that name already exists.')
+                ),
+                Http::STATUS_CONFLICT
+            );
+        }
+
+        $generatedPassword = false;
+        if ($password === '') {
+            if ($email === '') {
+                return new DataResponse(
+                    array(
+                        'message' => (string)$this->l10n->t('To send a password link to the user an email address is required.')
+                    ),
+                    Http::STATUS_UNPROCESSABLE_ENTITY
+                );
+            }
+
+            $password = $this->secureRandom->generate(32);
+            $generatedPassword = true;
+        }
+
+        try {
+            $user = $this->userManager->createUser($username, $password);
+        } catch (\Exception $exception) {
+            $message = $exception->getMessage();
+            if (!$message) {
+                $message = $this->l10n->t('Unable to create user.');
+            }
+            return new DataResponse(
+                array(
+                    'message' => (string) $message,
+                ),
+                Http::STATUS_FORBIDDEN
+            );
+        }
+
+        if($user instanceof IUser) {
+            if($groups !== null) {
+                foreach($groups as $groupName) {
+                    $group = $this->groupManager->get($groupName);
+
+                    if(empty($group)) {
+                        $group = $this->groupManager->createGroup($groupName);
+                    }
+                    $group->addUser($user);
+                }
+            }
+            /**
+             * Send new user mail only if a mail is set
+             */
+            if($email !== '') {
+                $user->setEMailAddress($email);
+
+                if ($generatedPassword) {
+                    $token = $this->secureRandom->generate(
+                        21,
+                        ISecureRandom::CHAR_DIGITS .
+                        ISecureRandom::CHAR_LOWER .
+                        ISecureRandom::CHAR_UPPER
+                    );
+                    $tokenValue = $this->timeFactory->getTime() . ':' . $token;
+                    $mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
+                    $encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress . $this->config->getSystemValue('secret'));
+                    $this->config->setUserValue($username, 'core', 'lostpassword', $encryptedValue);
+
+                    $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', ['userId' => $username, 'token' => $token]);
+                } else {
+                    $link = $this->urlGenerator->getAbsoluteURL('/');
+                }
+
+                // data for the mail template
+                $mailData = array(
+                    'username' => $username,
+                    'url' => $link
+                );
+
+                $mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank');
+                $mailContent = $mail->render();
+
+                $mail = new TemplateResponse('settings', 'email.new_user_plain_text', $mailData, 'blank');
+                $plainTextMailContent = $mail->render();
+
+                $subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]);
+
+                try {
+                    $message = $this->mailer->createMessage();
+                    $message->setTo([$email => $username]);
+                    $message->setSubject($subject);
+                    $message->setHtmlBody($mailContent);
+                    $message->setPlainBody($plainTextMailContent);
+                    $message->setFrom([$this->fromMailAddress => $this->defaults->getName()]);
+                    $this->mailer->send($message);
+                } catch(\Exception $e) {
+                    $this->log->error("Can't send new user mail to $email: " . $e->getMessage(), array('app' => 'settings'));
+                }
+            }
+            // fetch users groups
+            $userGroups = $this->groupManager->getUserGroupIds($user);
+
+            return new DataResponse(
+                $this->formatUserForIndex($user, $userGroups),
+                Http::STATUS_CREATED
+            );
+        }
+
+        return new DataResponse(
+            array(
+                'message' => (string)$this->l10n->t('Unable to create user.')
+            ),
+            Http::STATUS_FORBIDDEN
+        );
+
+    }
+
+    /**
+     * @NoAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $id
+     * @return DataResponse
+     */
+    public function destroy($id) {
+        $userId = $this->userSession->getUser()->getUID();
+        $user = $this->userManager->get($id);
+
+        if($userId === $id) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Unable to delete user.')
+                    )
+                ),
+                Http::STATUS_FORBIDDEN
+            );
+        }
+
+        if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Authentication error')
+                    )
+                ),
+                Http::STATUS_FORBIDDEN
+            );
+        }
+
+        if($user) {
+            if($user->delete()) {
+                return new DataResponse(
+                    array(
+                        'status' => 'success',
+                        'data' => array(
+                            'username' => $id
+                        )
+                    ),
+                    Http::STATUS_NO_CONTENT
+                );
+            }
+        }
+
+        return new DataResponse(
+            array(
+                'status' => 'error',
+                'data' => array(
+                    'message' => (string)$this->l10n->t('Unable to delete user.')
+                )
+            ),
+            Http::STATUS_FORBIDDEN
+        );
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $account
+     * @return DataResponse
+     */
+    public function getVerificationCode($account) {
+
+        $user = $this->userSession->getUser();
+        $cloudId = $user->getCloudId();
+        $message = "My Federated Cloud ID: " . $cloudId;
+        $privateKey = $this->keyManager->getKey($user)->getPrivate();
+        openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512);
+        $signatureBase64 = base64_encode($signature);
+
+        $code = $message . ' ' . $signatureBase64;
+
+        switch ($account) {
+            case 'verify-twitter':
+                $msg = $this->l10n->t('In order to verify your Twitter account post following tweet on Twitter:');
+                $code = substr($code, 0 , 140);
+                break;
+            case 'verify-website':
+                $msg = $this->l10n->t('In order to verify your Website store following content in your webroot at \'CloudIdVerificationCode.txt\':');
+                break;
+            default:
+                return new DataResponse([], Http::STATUS_BAD_REQUEST);
+                break;
+        }
+
+        return new DataResponse(['msg' => $msg, 'code' => $code]);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $avatarScope
+     * @param string $displayname
+     * @param string $displaynameScope
+     * @param string $phone
+     * @param string $phoneScope
+     * @param string $email
+     * @param string $emailScope
+     * @param string $website
+     * @param string $websiteScope
+     * @param string $address
+     * @param string $addressScope
+     * @param string $twitter
+     * @param string $twitterScope
+     * @return DataResponse
+     */
+    public function setUserSettings($avatarScope,
+                                    $displayname,
+                                    $displaynameScope,
+                                    $phone,
+                                    $phoneScope,
+                                    $email,
+                                    $emailScope,
+                                    $website,
+                                    $websiteScope,
+                                    $address,
+                                    $addressScope,
+                                    $twitter,
+                                    $twitterScope
+    ) {
+
+        if(!empty($email) && !$this->mailer->validateMailAddress($email)) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Invalid mail address')
+                    )
+                ),
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+
+        $data = [
+            AccountManager::PROPERTY_AVATAR =>  ['scope' => $avatarScope],
+            AccountManager::PROPERTY_DISPLAYNAME => ['value' => $displayname, 'scope' => $displaynameScope],
+            AccountManager::PROPERTY_EMAIL=> ['value' => $email, 'scope' => $emailScope],
+            AccountManager::PROPERTY_WEBSITE => ['value' => $website, 'scope' => $websiteScope],
+            AccountManager::PROPERTY_ADDRESS => ['value' => $address, 'scope' => $addressScope],
+            AccountManager::PROPERTY_PHONE => ['value' => $phone, 'scope' => $phoneScope],
+            AccountManager::PROPERTY_TWITTER => ['value' => $twitter, 'scope' => $twitterScope]
+        ];
+
+        $user = $this->userSession->getUser();
+
+        try {
+            $this->saveUserSettings($user, $data);
+            return new DataResponse(
+                array(
+                    'status' => 'success',
+                    'data' => array(
+                        'userId' => $user->getUID(),
+                        'avatarScope' => $avatarScope,
+                        'displayname' => $displayname,
+                        'displaynameScope' => $displaynameScope,
+                        'email' => $email,
+                        'emailScope' => $emailScope,
+                        'website' => $website,
+                        'websiteScope' => $websiteScope,
+                        'address' => $address,
+                        'addressScope' => $addressScope,
+                        'message' => (string)$this->l10n->t('Settings saved')
+                    )
+                ),
+                Http::STATUS_OK
+            );
+        } catch (ForbiddenException $e) {
+            return new DataResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $e->getMessage()
+                ],
+            ]);
+        }
+
+    }
+
+
+    /**
+     * update account manager with new user data
+     *
+     * @param IUser $user
+     * @param array $data
+     * @throws ForbiddenException
+     */
+    protected function saveUserSettings(IUser $user, $data) {
+
+        // keep the user back-end up-to-date with the latest display name and email
+        // address
+        $oldDisplayName = $user->getDisplayName();
+        $oldDisplayName = is_null($oldDisplayName) ? '' : $oldDisplayName;
+        if (isset($data[AccountManager::PROPERTY_DISPLAYNAME]['value'])
+            && $oldDisplayName !== $data[AccountManager::PROPERTY_DISPLAYNAME]['value']
+        ) {
+            $result = $user->setDisplayName($data[AccountManager::PROPERTY_DISPLAYNAME]['value']);
+            if ($result === false) {
+                throw new ForbiddenException($this->l10n->t('Unable to change full name'));
+            }
+        }
+
+        $oldEmailAddress = $user->getEMailAddress();
+        $oldEmailAddress = is_null($oldEmailAddress) ? '' : $oldEmailAddress;
+        if (isset($data[AccountManager::PROPERTY_EMAIL]['value'])
+            && $oldEmailAddress !== $data[AccountManager::PROPERTY_EMAIL]['value']
+        ) {
+            // this is the only permission a backend provides and is also used
+            // for the permission of setting a email address
+            if (!$user->canChangeDisplayName()) {
+                throw new ForbiddenException($this->l10n->t('Unable to change email address'));
+            }
+            $user->setEMailAddress($data[AccountManager::PROPERTY_EMAIL]['value']);
+        }
+
+        $this->accountManager->updateUser($user, $data);
+    }
+
+    /**
+     * Count all unique users visible for the current admin/subadmin.
+     *
+     * @NoAdminRequired
+     *
+     * @return DataResponse
+     */
+    public function stats() {
+        $userCount = 0;
+        if ($this->isAdmin) {
+            $countByBackend = $this->userManager->countUsers();
+
+            if (!empty($countByBackend)) {
+                foreach ($countByBackend as $count) {
+                    $userCount += $count;
+                }
+            }
+        } else {
+            $groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser());
+
+            $uniqueUsers = [];
+            foreach ($groups as $group) {
+                foreach($group->getUsers() as $uid => $displayName) {
+                    $uniqueUsers[$uid] = true;
+                }
+            }
+
+            $userCount = count($uniqueUsers);
+        }
+
+        return new DataResponse(
+            [
+                'totalUsers' => $userCount
+            ]
+        );
+    }
+
+
+    /**
+     * Set the displayName of a user
+     *
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @PasswordConfirmationRequired
+     * @todo merge into saveUserSettings
+     *
+     * @param string $username
+     * @param string $displayName
+     * @return DataResponse
+     */
+    public function setDisplayName($username, $displayName) {
+        $currentUser = $this->userSession->getUser();
+        $user = $this->userManager->get($username);
+
+        if ($user === null ||
+            !$user->canChangeDisplayName() ||
+            (
+                !$this->groupManager->isAdmin($currentUser->getUID()) &&
+                !$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) &&
+                $currentUser->getUID() !== $username
+
+            )
+        ) {
+            return new DataResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $this->l10n->t('Authentication error'),
+                ],
+            ]);
+        }
+
+        $userData = $this->accountManager->getUser($user);
+        $userData[AccountManager::PROPERTY_DISPLAYNAME]['value'] = $displayName;
+
+
+        try {
+            $this->saveUserSettings($user, $userData);
+            return new DataResponse([
+                'status' => 'success',
+                'data' => [
+                    'message' => $this->l10n->t('Your full name has been changed.'),
+                    'username' => $username,
+                    'displayName' => $displayName,
+                ],
+            ]);
+        } catch (ForbiddenException $e) {
+            return new DataResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $e->getMessage(),
+                    'displayName' => $user->getDisplayName(),
+                ],
+            ]);
+        }
+    }
+
+    /**
+     * Set the mail address of a user
+     *
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $id
+     * @param string $mailAddress
+     * @return DataResponse
+     */
+    public function setEMailAddress($id, $mailAddress) {
+        $user = $this->userManager->get($id);
+        if (!$this->isAdmin
+            && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)
+        ) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Forbidden')
+                    )
+                ),
+                Http::STATUS_FORBIDDEN
+            );
+        }
+
+        if($mailAddress !== '' && !$this->mailer->validateMailAddress($mailAddress)) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Invalid mail address')
+                    )
+                ),
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+
+        if (!$user) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Invalid user')
+                    )
+                ),
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+        // this is the only permission a backend provides and is also used
+        // for the permission of setting a email address
+        if (!$user->canChangeDisplayName()) {
+            return new DataResponse(
+                array(
+                    'status' => 'error',
+                    'data' => array(
+                        'message' => (string)$this->l10n->t('Unable to change mail address')
+                    )
+                ),
+                Http::STATUS_FORBIDDEN
+            );
+        }
+
+        $userData = $this->accountManager->getUser($user);
+        $userData[AccountManager::PROPERTY_EMAIL]['value'] = $mailAddress;
+
+        try {
+            $this->saveUserSettings($user, $userData);
+            return new DataResponse(
+                array(
+                    'status' => 'success',
+                    'data' => array(
+                        'username' => $id,
+                        'mailAddress' => $mailAddress,
+                        'message' => (string)$this->l10n->t('Email saved')
+                    )
+                ),
+                Http::STATUS_OK
+            );
+        } catch (ForbiddenException $e) {
+            return new DataResponse([
+                'status' => 'error',
+                'data' => [
+                    'message' => $e->getMessage()
+                ],
+            ]);
+        }
+    }
 
 }

Spacing +49 added lines, -49 removed lines

@@ -160,7 +160,7 @@ 
 
 		// check for encryption state - TODO see formatUserForIndex
 		$this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption');
-		if($this->isEncryptionAppEnabled) {
+		if ($this->isEncryptionAppEnabled) {
 			// putting this directly in empty is possible in PHP 5.5+
 			$result = $config->getAppValue('encryption', 'recoveryAdminEnabled', 0);
 			$this->isRestoreEnabled = !empty($result);
@@ -200,7 +200,7 @@ 
 		}
 
 		$subAdminGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($user);
-		foreach($subAdminGroups as $key => $subAdminGroup) {
+		foreach ($subAdminGroups as $key => $subAdminGroup) {
 			$subAdminGroups[$key] = $subAdminGroup->getGID();
 		}
 
@@ -257,16 +257,16 @@ 
 	 */
 	public function index($offset = 0, $limit = 10, $gid = '', $pattern = '', $backend = '') {
 		// FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group.
-		if($gid === '_everyone') {
+		if ($gid === '_everyone') {
 			$gid = '';
 		}
 
 		// Remove backends
-		if(!empty($backend)) {
+		if (!empty($backend)) {
 			$activeBackends = $this->userManager->getBackends();
 			$this->userManager->clearBackends();
-			foreach($activeBackends as $singleActiveBackend) {
-				if($backend === get_class($singleActiveBackend)) {
+			foreach ($activeBackends as $singleActiveBackend) {
+				if ($backend === get_class($singleActiveBackend)) {
 					$this->userManager->registerBackend($singleActiveBackend);
 					break;
 				}
@@ -276,7 +276,7 @@ 
 		$users = [];
 		if ($this->isAdmin) {
 
-			if($gid !== '') {
+			if ($gid !== '') {
 				$batch = $this->getUsersForUID($this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset));
 			} else {
 				$batch = $this->userManager->search($pattern, $limit, $offset);
@@ -296,17 +296,17 @@ 
 			$subAdminOfGroups = $gids;
 
 			// Set the $gid parameter to an empty value if the subadmin has no rights to access a specific group
-			if($gid !== '' && !in_array($gid, $subAdminOfGroups)) {
+			if ($gid !== '' && !in_array($gid, $subAdminOfGroups)) {
 				$gid = '';
 			}
 
 			// Batch all groups the user is subadmin of when a group is specified
 			$batch = [];
-			if($gid === '') {
-				foreach($subAdminOfGroups as $group) {
+			if ($gid === '') {
+				foreach ($subAdminOfGroups as $group) {
 					$groupUsers = $this->groupManager->displayNamesInGroup($group, $pattern, $limit, $offset);
 
-					foreach($groupUsers as $uid => $displayName) {
+					foreach ($groupUsers as $uid => $displayName) {
 						$batch[$uid] = $displayName;
 					}
 				}
@@ -338,11 +338,11 @@ 
 	 * @param string $email
 	 * @return DataResponse
 	 */
-	public function create($username, $password, array $groups=array(), $email='') {
-		if($email !== '' && !$this->mailer->validateMailAddress($email)) {
+	public function create($username, $password, array $groups = array(), $email = '') {
+		if ($email !== '' && !$this->mailer->validateMailAddress($email)) {
 			return new DataResponse(
 				array(
-					'message' => (string)$this->l10n->t('Invalid mail address')
+					'message' => (string) $this->l10n->t('Invalid mail address')
 				),
 				Http::STATUS_UNPROCESSABLE_ENTITY
 			);
@@ -354,7 +354,7 @@ 
 			if (!empty($groups)) {
 				foreach ($groups as $key => $group) {
 					$groupObject = $this->groupManager->get($group);
-					if($groupObject === null) {
+					if ($groupObject === null) {
 						unset($groups[$key]);
 						continue;
 					}
@@ -378,7 +378,7 @@ 
 		if ($this->userManager->userExists($username)) {
 			return new DataResponse(
 				array(
-					'message' => (string)$this->l10n->t('A user with that name already exists.')
+					'message' => (string) $this->l10n->t('A user with that name already exists.')
 				),
 				Http::STATUS_CONFLICT
 			);
@@ -389,7 +389,7 @@ 
 			if ($email === '') {
 				return new DataResponse(
 					array(
-						'message' => (string)$this->l10n->t('To send a password link to the user an email address is required.')
+						'message' => (string) $this->l10n->t('To send a password link to the user an email address is required.')
 					),
 					Http::STATUS_UNPROCESSABLE_ENTITY
 				);
@@ -414,12 +414,12 @@ 
 			);
 		}
 
-		if($user instanceof IUser) {
-			if($groups !== null) {
-				foreach($groups as $groupName) {
+		if ($user instanceof IUser) {
+			if ($groups !== null) {
+				foreach ($groups as $groupName) {
 					$group = $this->groupManager->get($groupName);
 
-					if(empty($group)) {
+					if (empty($group)) {
 						$group = $this->groupManager->createGroup($groupName);
 					}
 					$group->addUser($user);
@@ -428,19 +428,19 @@ 
 			/**
 			 * Send new user mail only if a mail is set
 			 */
-			if($email !== '') {
+			if ($email !== '') {
 				$user->setEMailAddress($email);
 
 				if ($generatedPassword) {
 					$token = $this->secureRandom->generate(
 						21,
-						ISecureRandom::CHAR_DIGITS .
-						ISecureRandom::CHAR_LOWER .
+						ISecureRandom::CHAR_DIGITS.
+						ISecureRandom::CHAR_LOWER.
 						ISecureRandom::CHAR_UPPER
 					);
-					$tokenValue = $this->timeFactory->getTime() . ':' . $token;
+					$tokenValue = $this->timeFactory->getTime().':'.$token;
 					$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
-					$encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress . $this->config->getSystemValue('secret'));
+					$encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress.$this->config->getSystemValue('secret'));
 					$this->config->setUserValue($username, 'core', 'lostpassword', $encryptedValue);
 
 					$link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', ['userId' => $username, 'token' => $token]);
@@ -470,8 +470,8 @@ 
 					$message->setPlainBody($plainTextMailContent);
 					$message->setFrom([$this->fromMailAddress => $this->defaults->getName()]);
 					$this->mailer->send($message);
-				} catch(\Exception $e) {
-					$this->log->error("Can't send new user mail to $email: " . $e->getMessage(), array('app' => 'settings'));
+				} catch (\Exception $e) {
+					$this->log->error("Can't send new user mail to $email: ".$e->getMessage(), array('app' => 'settings'));
 				}
 			}
 			// fetch users groups
@@ -485,7 +485,7 @@ 
 
 		return new DataResponse(
 			array(
-				'message' => (string)$this->l10n->t('Unable to create user.')
+				'message' => (string) $this->l10n->t('Unable to create user.')
 			),
 			Http::STATUS_FORBIDDEN
 		);
@@ -503,32 +503,32 @@ 
 		$userId = $this->userSession->getUser()->getUID();
 		$user = $this->userManager->get($id);
 
-		if($userId === $id) {
+		if ($userId === $id) {
 			return new DataResponse(
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Unable to delete user.')
+						'message' => (string) $this->l10n->t('Unable to delete user.')
 					)
 				),
 				Http::STATUS_FORBIDDEN
 			);
 		}
 
-		if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
+		if (!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
 			return new DataResponse(
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Authentication error')
+						'message' => (string) $this->l10n->t('Authentication error')
 					)
 				),
 				Http::STATUS_FORBIDDEN
 			);
 		}
 
-		if($user) {
-			if($user->delete()) {
+		if ($user) {
+			if ($user->delete()) {
 				return new DataResponse(
 					array(
 						'status' => 'success',
@@ -545,7 +545,7 @@ 
 			array(
 				'status' => 'error',
 				'data' => array(
-					'message' => (string)$this->l10n->t('Unable to delete user.')
+					'message' => (string) $this->l10n->t('Unable to delete user.')
 				)
 			),
 			Http::STATUS_FORBIDDEN
@@ -564,17 +564,17 @@ 
 
 		$user = $this->userSession->getUser();
 		$cloudId = $user->getCloudId();
-		$message = "My Federated Cloud ID: " . $cloudId;
+		$message = "My Federated Cloud ID: ".$cloudId;
 		$privateKey = $this->keyManager->getKey($user)->getPrivate();
 		openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512);
 		$signatureBase64 = base64_encode($signature);
 
-		$code = $message . ' ' . $signatureBase64;
+		$code = $message.' '.$signatureBase64;
 
 		switch ($account) {
 			case 'verify-twitter':
 				$msg = $this->l10n->t('In order to verify your Twitter account post following tweet on Twitter:');
-				$code = substr($code, 0 , 140);
+				$code = substr($code, 0, 140);
 				break;
 			case 'verify-website':
 				$msg = $this->l10n->t('In order to verify your Website store following content in your webroot at \'CloudIdVerificationCode.txt\':');
@@ -622,12 +622,12 @@ 
 									$twitterScope
 	) {
 
-		if(!empty($email) && !$this->mailer->validateMailAddress($email)) {
+		if (!empty($email) && !$this->mailer->validateMailAddress($email)) {
 			return new DataResponse(
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Invalid mail address')
+						'message' => (string) $this->l10n->t('Invalid mail address')
 					)
 				),
 				Http::STATUS_UNPROCESSABLE_ENTITY
@@ -662,7 +662,7 @@ 
 						'websiteScope' => $websiteScope,
 						'address' => $address,
 						'addressScope' => $addressScope,
-						'message' => (string)$this->l10n->t('Settings saved')
+						'message' => (string) $this->l10n->t('Settings saved')
 					)
 				),
 				Http::STATUS_OK
@@ -739,7 +739,7 @@ 
 
 			$uniqueUsers = [];
 			foreach ($groups as $group) {
-				foreach($group->getUsers() as $uid => $displayName) {
+				foreach ($group->getUsers() as $uid => $displayName) {
 					$uniqueUsers[$uid] = true;
 				}
 			}
@@ -833,19 +833,19 @@ 
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Forbidden')
+						'message' => (string) $this->l10n->t('Forbidden')
 					)
 				),
 				Http::STATUS_FORBIDDEN
 			);
 		}
 
-		if($mailAddress !== '' && !$this->mailer->validateMailAddress($mailAddress)) {
+		if ($mailAddress !== '' && !$this->mailer->validateMailAddress($mailAddress)) {
 			return new DataResponse(
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Invalid mail address')
+						'message' => (string) $this->l10n->t('Invalid mail address')
 					)
 				),
 				Http::STATUS_UNPROCESSABLE_ENTITY
@@ -857,7 +857,7 @@ 
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Invalid user')
+						'message' => (string) $this->l10n->t('Invalid user')
 					)
 				),
 				Http::STATUS_UNPROCESSABLE_ENTITY
@@ -870,7 +870,7 @@ 
 				array(
 					'status' => 'error',
 					'data' => array(
-						'message' => (string)$this->l10n->t('Unable to change mail address')
+						'message' => (string) $this->l10n->t('Unable to change mail address')
 					)
 				),
 				Http::STATUS_FORBIDDEN
@@ -888,7 +888,7 @@ 
 					'data' => array(
 						'username' => $id,
 						'mailAddress' => $mailAddress,
-						'message' => (string)$this->l10n->t('Email saved')
+						'message' => (string) $this->l10n->t('Email saved')
 					)
 				),
 				Http::STATUS_OK