Inspection of "Merge pull request #27474 from nextcloud/feat/2686..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 62ff4f...9124c6 )

by John

created 2021-06-30 05:13 UTC

Status

Indentation +93 added lines, -93 removed lines patch added patch discarded remove patch

@@ -36,97 +36,97 @@
 block discarded – undo
 use RuntimeException;
 
 class Account implements IAccount {
-	use TAccountsHelper;
-
-	/** @var IAccountPropertyCollection[]|IAccountProperty[] */
-	private $properties = [];
-
-	/** @var IUser */
-	private $user;
-
-	public function __construct(IUser $user) {
-		$this->user = $user;
-	}
-
-	public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount {
-		if ($this->isCollection($property)) {
-			throw new \InvalidArgumentException('setProperty cannot set an IAccountsPropertyCollection');
-		}
-		$this->properties[$property] = new AccountProperty($property, $value, $scope, $verified, $verificationData);
-		return $this;
-	}
-
-	public function getProperty(string $property): IAccountProperty {
-		if ($this->isCollection($property)) {
-			throw new \InvalidArgumentException('getProperty cannot retrieve an IAccountsPropertyCollection');
-		}
-		if (!array_key_exists($property, $this->properties) || !$this->properties[$property] instanceof IAccountProperty) {
-			throw new PropertyDoesNotExistException($property);
-		}
-		return $this->properties[$property];
-	}
-
-	public function getProperties(): array {
-		return array_filter($this->properties, function ($obj) {
-			return $obj instanceof IAccountProperty;
-		});
-	}
-
-	public function getAllProperties(): Generator {
-		foreach ($this->properties as $propertyObject) {
-			if ($propertyObject instanceof IAccountProperty) {
-				yield $propertyObject;
-			} elseif ($propertyObject instanceof IAccountPropertyCollection) {
-				foreach ($propertyObject->getProperties() as $property) {
-					yield $property;
-				}
-			}
-		}
-	}
-
-	public function getFilteredProperties(string $scope = null, string $verified = null): array {
-		$result = $incrementals = [];
-		/** @var IAccountProperty $obj */
-		foreach ($this->getAllProperties() as $obj) {
-			if ($scope !== null && $scope !== $obj->getScope()) {
-				continue;
-			}
-			if ($verified !== null && $verified !== $obj->getVerified()) {
-				continue;
-			}
-			$index = $obj->getName();
-			if ($this->isCollection($index)) {
-				$incrementals[$index] = ($incrementals[$index] ?? -1) + 1;
-				$index .= '#' . $incrementals[$index];
-			}
-			$result[$index] = $obj;
-		}
-		return $result;
-	}
-
-	public function jsonSerialize() {
-		return $this->properties;
-	}
-
-	public function getUser(): IUser {
-		return $this->user;
-	}
-
-	public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount {
-		$this->properties[$propertyCollection->getName()] = $propertyCollection;
-		return $this;
-	}
-
-	public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection {
-		if (!$this->isCollection($propertyCollectionName)) {
-			throw new PropertyDoesNotExistException($propertyCollectionName);
-		}
-		if (!array_key_exists($propertyCollectionName, $this->properties)) {
-			$this->properties[$propertyCollectionName] = new AccountPropertyCollection($propertyCollectionName);
-		}
-		if (!$this->properties[$propertyCollectionName] instanceof IAccountPropertyCollection) {
-			throw new RuntimeException('Requested collection is not an IAccountPropertyCollection');
-		}
-		return $this->properties[$propertyCollectionName];
-	}
+    use TAccountsHelper;
+
+    /** @var IAccountPropertyCollection[]|IAccountProperty[] */
+    private $properties = [];
+
+    /** @var IUser */
+    private $user;
+
+    public function __construct(IUser $user) {
+        $this->user = $user;
+    }
+
+    public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount {
+        if ($this->isCollection($property)) {
+            throw new \InvalidArgumentException('setProperty cannot set an IAccountsPropertyCollection');
+        }
+        $this->properties[$property] = new AccountProperty($property, $value, $scope, $verified, $verificationData);
+        return $this;
+    }
+
+    public function getProperty(string $property): IAccountProperty {
+        if ($this->isCollection($property)) {
+            throw new \InvalidArgumentException('getProperty cannot retrieve an IAccountsPropertyCollection');
+        }
+        if (!array_key_exists($property, $this->properties) || !$this->properties[$property] instanceof IAccountProperty) {
+            throw new PropertyDoesNotExistException($property);
+        }
+        return $this->properties[$property];
+    }
+
+    public function getProperties(): array {
+        return array_filter($this->properties, function ($obj) {
+            return $obj instanceof IAccountProperty;
+        });
+    }
+
+    public function getAllProperties(): Generator {
+        foreach ($this->properties as $propertyObject) {
+            if ($propertyObject instanceof IAccountProperty) {
+                yield $propertyObject;
+            } elseif ($propertyObject instanceof IAccountPropertyCollection) {
+                foreach ($propertyObject->getProperties() as $property) {
+                    yield $property;
+                }
+            }
+        }
+    }
+
+    public function getFilteredProperties(string $scope = null, string $verified = null): array {
+        $result = $incrementals = [];
+        /** @var IAccountProperty $obj */
+        foreach ($this->getAllProperties() as $obj) {
+            if ($scope !== null && $scope !== $obj->getScope()) {
+                continue;
+            }
+            if ($verified !== null && $verified !== $obj->getVerified()) {
+                continue;
+            }
+            $index = $obj->getName();
+            if ($this->isCollection($index)) {
+                $incrementals[$index] = ($incrementals[$index] ?? -1) + 1;
+                $index .= '#' . $incrementals[$index];
+            }
+            $result[$index] = $obj;
+        }
+        return $result;
+    }
+
+    public function jsonSerialize() {
+        return $this->properties;
+    }
+
+    public function getUser(): IUser {
+        return $this->user;
+    }
+
+    public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount {
+        $this->properties[$propertyCollection->getName()] = $propertyCollection;
+        return $this;
+    }
+
+    public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection {
+        if (!$this->isCollection($propertyCollectionName)) {
+            throw new PropertyDoesNotExistException($propertyCollectionName);
+        }
+        if (!array_key_exists($propertyCollectionName, $this->properties)) {
+            $this->properties[$propertyCollectionName] = new AccountPropertyCollection($propertyCollectionName);
+        }
+        if (!$this->properties[$propertyCollectionName] instanceof IAccountPropertyCollection) {
+            throw new RuntimeException('Requested collection is not an IAccountPropertyCollection');
+        }
+        return $this->properties[$propertyCollectionName];
+    }
 }

Please login to merge, or discard this patch.

lib/private/Accounts/AccountPropertyCollection.php 1 patch

Indentation +67 added lines, -67 removed lines patch added patch discarded remove patch

@@ -33,71 +33,71 @@
 block discarded – undo
 
 class AccountPropertyCollection implements IAccountPropertyCollection {
 
-	/** @var string */
-	protected $collectionName = '';
-
-	/** @var IAccountProperty[] */
-	protected $properties = [];
-
-	public function __construct(string $collectionName) {
-		$this->collectionName = $collectionName;
-	}
-
-	public function setProperties(array $properties): IAccountPropertyCollection {
-		/** @var IAccountProperty $property */
-		$this->properties = [];
-		foreach ($properties as $property) {
-			$this->addProperty($property);
-		}
-		return $this;
-	}
-
-	public function getProperties(): array {
-		return $this->properties;
-	}
-
-	public function addProperty(IAccountProperty $property): IAccountPropertyCollection {
-		if ($property->getName() !== $this->collectionName) {
-			throw new InvalidArgumentException('Provided property does not match collection name');
-		}
-		$this->properties[] = $property;
-		return $this;
-	}
-
-	public function addPropertyWithDefaults(string $value): IAccountPropertyCollection {
-		$property = new AccountProperty(
-			$this->collectionName,
-			$value,
-			IAccountManager::SCOPE_LOCAL,
-			IAccountManager::NOT_VERIFIED,
-			''
-		);
-		$this->addProperty($property);
-		return $this;
-	}
-
-	public function removeProperty(IAccountProperty $property): IAccountPropertyCollection {
-		$ref = array_search($property, $this->properties, true);
-		if ($ref !== false) {
-			unset($this->properties[$ref]);
-		}
-		return $this;
-	}
-
-	public function removePropertyByValue(string $value): IAccountPropertyCollection {
-		foreach ($this->properties as $i => $property) {
-			if ($property->getValue() === $value) {
-				unset($this->properties[$i]);
-			}
-		}
-		return $this;
-	}
-
-	public function jsonSerialize() {
-		return [$this->collectionName => $this->properties];
-	}
-
-	public function getName(): string {
-		return $this->collectionName;
-	}
+    /** @var string */
+    protected $collectionName = '';
+
+    /** @var IAccountProperty[] */
+    protected $properties = [];
+
+    public function __construct(string $collectionName) {
+        $this->collectionName = $collectionName;
+    }
+
+    public function setProperties(array $properties): IAccountPropertyCollection {
+        /** @var IAccountProperty $property */
+        $this->properties = [];
+        foreach ($properties as $property) {
+            $this->addProperty($property);
+        }
+        return $this;
+    }
+
+    public function getProperties(): array {
+        return $this->properties;
+    }
+
+    public function addProperty(IAccountProperty $property): IAccountPropertyCollection {
+        if ($property->getName() !== $this->collectionName) {
+            throw new InvalidArgumentException('Provided property does not match collection name');
+        }
+        $this->properties[] = $property;
+        return $this;
+    }
+
+    public function addPropertyWithDefaults(string $value): IAccountPropertyCollection {
+        $property = new AccountProperty(
+            $this->collectionName,
+            $value,
+            IAccountManager::SCOPE_LOCAL,
+            IAccountManager::NOT_VERIFIED,
+            ''
+        );
+        $this->addProperty($property);
+        return $this;
+    }
+
+    public function removeProperty(IAccountProperty $property): IAccountPropertyCollection {
+        $ref = array_search($property, $this->properties, true);
+        if ($ref !== false) {
+            unset($this->properties[$ref]);
+        }
+        return $this;
+    }
+
+    public function removePropertyByValue(string $value): IAccountPropertyCollection {
+        foreach ($this->properties as $i => $property) {
+            if ($property->getValue() === $value) {
+                unset($this->properties[$i]);
+            }
+        }
+        return $this;
+    }
+
+    public function jsonSerialize() {
+        return [$this->collectionName => $this->properties];
+    }
+
+    public function getName(): string {
+        return $this->collectionName;
+    }
 }

Please login to merge, or discard this patch.

lib/private/Accounts/AccountManager.php 1 patch

Indentation +587 added lines, -587 removed lines patch added patch discarded remove patch

@@ -66,591 +66,591 @@
 block discarded – undo
  * @package OC\Accounts
  */
 class AccountManager implements IAccountManager {
-	use TAccountsHelper;
-
-	/** @var  IDBConnection database connection */
-	private $connection;
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var string table name */
-	private $table = 'accounts';
-
-	/** @var string table name */
-	private $dataTable = 'accounts_data';
-
-	/** @var EventDispatcherInterface */
-	private $eventDispatcher;
-
-	/** @var IJobList */
-	private $jobList;
-
-	/** @var LoggerInterface */
-	private $logger;
-
-	public function __construct(IDBConnection $connection,
-								IConfig $config,
-								EventDispatcherInterface $eventDispatcher,
-								IJobList $jobList,
-								LoggerInterface $logger) {
-		$this->connection = $connection;
-		$this->config = $config;
-		$this->eventDispatcher = $eventDispatcher;
-		$this->jobList = $jobList;
-		$this->logger = $logger;
-	}
-
-	/**
-	 * @param string $input
-	 * @return string Provided phone number in E.164 format when it was a valid number
-	 * @throws InvalidArgumentException When the phone number was invalid or no default region is set and the number doesn't start with a country code
-	 */
-	protected function parsePhoneNumber(string $input): string {
-		$defaultRegion = $this->config->getSystemValueString('default_phone_region', '');
-
-		if ($defaultRegion === '') {
-			// When no default region is set, only +49… numbers are valid
-			if (strpos($input, '+') !== 0) {
-				throw new InvalidArgumentException(self::PROPERTY_PHONE);
-			}
-
-			$defaultRegion = 'EN';
-		}
-
-		$phoneUtil = PhoneNumberUtil::getInstance();
-		try {
-			$phoneNumber = $phoneUtil->parse($input, $defaultRegion);
-			if ($phoneNumber instanceof PhoneNumber && $phoneUtil->isValidNumber($phoneNumber)) {
-				return $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
-			}
-		} catch (NumberParseException $e) {
-		}
-
-		throw new InvalidArgumentException(self::PROPERTY_PHONE);
-	}
-
-	/**
-	 *
-	 * @param string $input
-	 * @return string
-	 * @throws InvalidArgumentException When the website did not have http(s) as protocol or the host name was empty
-	 */
-	protected function parseWebsite(string $input): string {
-		$parts = parse_url($input);
-		if (!isset($parts['scheme']) || ($parts['scheme'] !== 'https' && $parts['scheme'] !== 'http')) {
-			throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
-		}
-
-		if (!isset($parts['host']) || $parts['host'] === '') {
-			throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
-		}
-
-		return $input;
-	}
-
-	/**
-	 * @param IAccountProperty[] $properties
-	 */
-	protected function testValueLengths(array $properties, bool $throwOnData = false): void {
-		foreach ($properties as $property) {
-			if (strlen($property->getValue()) > 2048) {
-				if ($throwOnData) {
-					throw new InvalidArgumentException();
-				} else {
-					$property->setValue('');
-				}
-			}
-		}
-	}
-
-	protected function testPropertyScope(IAccountProperty $property, array $allowedScopes, bool $throwOnData): void {
-		if ($throwOnData && !in_array($property->getScope(), $allowedScopes, true)) {
-			throw new InvalidArgumentException('scope');
-		}
-
-		if (
-			$property->getScope() === self::SCOPE_PRIVATE
-			&& in_array($property->getName(), [self::PROPERTY_DISPLAYNAME, self::PROPERTY_EMAIL])
-		) {
-			if ($throwOnData) {
-				// v2-private is not available for these fields
-				throw new InvalidArgumentException('scope');
-			} else {
-				// default to local
-				$property->setScope(self::SCOPE_LOCAL);
-			}
-		} else {
-			// migrate scope values to the new format
-			// invalid scopes are mapped to a default value
-			$property->setScope(AccountProperty::mapScopeToV2($property->getScope()));
-		}
-	}
-
-	protected function sanitizePhoneNumberValue(IAccountProperty $property, bool $throwOnData = false) {
-		if ($property->getName() !== self::PROPERTY_PHONE) {
-			if ($throwOnData) {
-				throw new InvalidArgumentException(sprintf('sanitizePhoneNumberValue can only sanitize phone numbers, %s given', $property->getName()));
-			}
-			return;
-		}
-		if ($property->getValue() === '') {
-			return;
-		}
-		try {
-			$property->setValue($this->parsePhoneNumber($property->getValue()));
-		} catch (InvalidArgumentException $e) {
-			if ($throwOnData) {
-				throw $e;
-			}
-			$property->setValue('');
-		}
-	}
-
-	protected function sanitizeWebsite(IAccountProperty $property, bool $throwOnData = false) {
-		if ($property->getName() !== self::PROPERTY_WEBSITE) {
-			if ($throwOnData) {
-				throw new InvalidArgumentException(sprintf('sanitizeWebsite can only sanitize web domains, %s given', $property->getName()));
-			}
-		}
-		try {
-			$property->setValue($this->parseWebsite($property->getValue()));
-		} catch (InvalidArgumentException $e) {
-			if ($throwOnData) {
-				throw $e;
-			}
-			$property->setValue('');
-		}
-	}
-
-	protected function updateUser(IUser $user, array $data, bool $throwOnData = false): array {
-		$oldUserData = $this->getUser($user, false);
-		$updated = true;
-
-		if ($oldUserData !== $data) {
-			$this->updateExistingUser($user, $data);
-		} else {
-			// nothing needs to be done if new and old data set are the same
-			$updated = false;
-		}
-
-		if ($updated) {
-			$this->eventDispatcher->dispatch(
-				'OC\AccountManager::userUpdated',
-				new GenericEvent($user, $data)
-			);
-		}
-
-		return $data;
-	}
-
-	/**
-	 * delete user from accounts table
-	 *
-	 * @param IUser $user
-	 */
-	public function deleteUser(IUser $user) {
-		$uid = $user->getUID();
-		$query = $this->connection->getQueryBuilder();
-		$query->delete($this->table)
-			->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
-			->execute();
-
-		$this->deleteUserData($user);
-	}
-
-	/**
-	 * delete user from accounts table
-	 *
-	 * @param IUser $user
-	 */
-	public function deleteUserData(IUser $user): void {
-		$uid = $user->getUID();
-		$query = $this->connection->getQueryBuilder();
-		$query->delete($this->dataTable)
-			->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
-			->execute();
-	}
-
-	/**
-	 * get stored data from a given user
-	 */
-	protected function getUser(IUser $user, bool $insertIfNotExists = true): array {
-		$uid = $user->getUID();
-		$query = $this->connection->getQueryBuilder();
-		$query->select('data')
-			->from($this->table)
-			->where($query->expr()->eq('uid', $query->createParameter('uid')))
-			->setParameter('uid', $uid);
-		$result = $query->executeQuery();
-		$accountData = $result->fetchAll();
-		$result->closeCursor();
-
-		if (empty($accountData)) {
-			$userData = $this->buildDefaultUserRecord($user);
-			if ($insertIfNotExists) {
-				$this->insertNewUser($user, $userData);
-			}
-			return $userData;
-		}
-
-		$userDataArray = $this->importFromJson($accountData[0]['data'], $uid);
-		if ($userDataArray === null || $userDataArray === []) {
-			return $this->buildDefaultUserRecord($user);
-		}
-
-		return $this->addMissingDefaultValues($userDataArray);
-	}
-
-	public function searchUsers(string $property, array $values): array {
-		$chunks = array_chunk($values, 500);
-		$query = $this->connection->getQueryBuilder();
-		$query->select('*')
-			->from($this->dataTable)
-			->where($query->expr()->eq('name', $query->createNamedParameter($property)))
-			->andWhere($query->expr()->in('value', $query->createParameter('values')));
-
-		$matches = [];
-		foreach ($chunks as $chunk) {
-			$query->setParameter('values', $chunk, IQueryBuilder::PARAM_STR_ARRAY);
-			$result = $query->executeQuery();
-
-			while ($row = $result->fetch()) {
-				$matches[$row['uid']] = $row['value'];
-			}
-			$result->closeCursor();
-		}
-
-		$result = array_merge($matches, $this->searchUsersForRelatedCollection($property, $values));
-
-		return array_flip($result);
-	}
-
-	protected function searchUsersForRelatedCollection(string $property, array $values): array {
-		switch ($property) {
-			case IAccountManager::PROPERTY_EMAIL:
-				return array_flip($this->searchUsers(IAccountManager::COLLECTION_EMAIL, $values));
-			default:
-				return [];
-		}
-	}
-
-	/**
-	 * check if we need to ask the server for email verification, if yes we create a cronjob
-	 *
-	 */
-	protected function checkEmailVerification(IAccount $updatedAccount, array $oldData): void {
-		try {
-			$property = $updatedAccount->getProperty(self::PROPERTY_EMAIL);
-		} catch (PropertyDoesNotExistException $e) {
-			return;
-		}
-		$oldMail = isset($oldData[self::PROPERTY_EMAIL]) ? $oldData[self::PROPERTY_EMAIL]['value']['value'] : '';
-		if ($oldMail !== $property->getValue()) {
-			$this->jobList->add(VerifyUserData::class,
-				[
-					'verificationCode' => '',
-					'data' => $property->getValue(),
-					'type' => self::PROPERTY_EMAIL,
-					'uid' => $updatedAccount->getUser()->getUID(),
-					'try' => 0,
-					'lastRun' => time()
-				]
-			);
-
-
-
-
-			$property->setVerified(self::VERIFICATION_IN_PROGRESS);
-		}
-	}
-
-	/**
-	 * make sure that all expected data are set
-	 *
-	 */
-	protected function addMissingDefaultValues(array $userData): array {
-		foreach ($userData as $i => $value) {
-			if (!isset($value['verified'])) {
-				$userData[$i]['verified'] = self::NOT_VERIFIED;
-			}
-		}
-
-		return $userData;
-	}
-
-	protected function updateVerificationStatus(IAccount $updatedAccount, array $oldData): void {
-		static $propertiesVerifiableByLookupServer = [
-			self::PROPERTY_TWITTER,
-			self::PROPERTY_WEBSITE,
-			self::PROPERTY_EMAIL,
-		];
-
-		foreach ($propertiesVerifiableByLookupServer as $propertyName) {
-			try {
-				$property = $updatedAccount->getProperty($propertyName);
-			} catch (PropertyDoesNotExistException $e) {
-				continue;
-			}
-			$wasVerified = isset($oldData[$propertyName])
-				&& isset($oldData[$propertyName]['verified'])
-				&& $oldData[$propertyName]['verified'] === self::VERIFIED;
-			if ((!isset($oldData[$propertyName])
-					|| !isset($oldData[$propertyName]['value'])
-					|| $property->getValue() !== $oldData[$propertyName]['value'])
-				&& ($property->getVerified() !== self::NOT_VERIFIED
-					|| $wasVerified)
-				) {
-				$property->setVerified(self::NOT_VERIFIED);
-			}
-		}
-	}
-
-
-	/**
-	 * add new user to accounts table
-	 *
-	 * @param IUser $user
-	 * @param array $data
-	 */
-	protected function insertNewUser(IUser $user, array $data): void {
-		$uid = $user->getUID();
-		$jsonEncodedData = $this->prepareJson($data);
-		$query = $this->connection->getQueryBuilder();
-		$query->insert($this->table)
-			->values(
-				[
-					'uid' => $query->createNamedParameter($uid),
-					'data' => $query->createNamedParameter($jsonEncodedData),
-				]
-			)
-			->executeStatement();
-
-		$this->deleteUserData($user);
-		$this->writeUserData($user, $data);
-	}
-
-	protected function prepareJson(array $data): string {
-		$preparedData = [];
-		foreach ($data as $dataRow) {
-			$propertyName = $dataRow['name'];
-			unset($dataRow['name']);
-			if (!$this->isCollection($propertyName)) {
-				$preparedData[$propertyName] = $dataRow;
-				continue;
-			}
-			if (!isset($preparedData[$propertyName])) {
-				$preparedData[$propertyName] = [];
-			}
-			$preparedData[$propertyName][] = $dataRow;
-		}
-		return json_encode($preparedData);
-	}
-
-	protected function importFromJson(string $json, string $userId): ?array {
-		$result = [];
-		$jsonArray = json_decode($json, true);
-		$jsonError = json_last_error();
-		if ($jsonError !== JSON_ERROR_NONE) {
-			$this->logger->critical(
-				'User data of {uid} contained invalid JSON (error {json_error}), hence falling back to a default user record',
-				[
-					'uid' => $userId,
-					'json_error' => $jsonError
-				]
-			);
-			return null;
-		}
-		foreach ($jsonArray as $propertyName => $row) {
-			if (!$this->isCollection($propertyName)) {
-				$result[] = array_merge($row, ['name' => $propertyName]);
-				continue;
-			}
-			foreach ($row as $singleRow) {
-				$result[] = array_merge($singleRow, ['name' => $propertyName]);
-			}
-		}
-		return $result;
-	}
-
-	/**
-	 * update existing user in accounts table
-	 *
-	 * @param IUser $user
-	 * @param array $data
-	 */
-	protected function updateExistingUser(IUser $user, array $data): void {
-		$uid = $user->getUID();
-		$jsonEncodedData = $this->prepareJson($data);
-		$query = $this->connection->getQueryBuilder();
-		$query->update($this->table)
-			->set('data', $query->createNamedParameter($jsonEncodedData))
-			->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
-			->executeStatement();
-
-		$this->deleteUserData($user);
-		$this->writeUserData($user, $data);
-	}
-
-	protected function writeUserData(IUser $user, array $data): void {
-		$query = $this->connection->getQueryBuilder();
-		$query->insert($this->dataTable)
-			->values(
-				[
-					'uid' => $query->createNamedParameter($user->getUID()),
-					'name' => $query->createParameter('name'),
-					'value' => $query->createParameter('value'),
-				]
-			);
-		$this->writeUserDataProperties($query, $data);
-	}
-
-	protected function writeUserDataProperties(IQueryBuilder $query, array $data): void {
-		foreach ($data as $property) {
-			if ($property['name'] === self::PROPERTY_AVATAR) {
-				continue;
-			}
-
-
-			$query->setParameter('name', $property['name'])
-				->setParameter('value', $property['value'] ?? '');
-			$query->executeStatement();
-		}
-	}
-
-	/**
-	 * build default user record in case not data set exists yet
-	 *
-	 * @param IUser $user
-	 * @return array
-	 */
-	protected function buildDefaultUserRecord(IUser $user) {
-		return [
-
-			[
-				'name' => self::PROPERTY_DISPLAYNAME,
-				'value' => $user->getDisplayName(),
-				'scope' => self::SCOPE_FEDERATED,
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_ADDRESS,
-				'value' => '',
-				'scope' => self::SCOPE_LOCAL,
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_WEBSITE,
-				'value' => '',
-				'scope' => self::SCOPE_LOCAL,
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_EMAIL,
-				'value' => $user->getEMailAddress(),
-				'scope' => self::SCOPE_FEDERATED,
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_AVATAR,
-				'scope' => self::SCOPE_FEDERATED
-			],
-
-			[
-				'name' => self::PROPERTY_PHONE,
-				'value' => '',
-				'scope' => self::SCOPE_LOCAL,
-				'verified' => self::NOT_VERIFIED,
-			],
-
-			[
-				'name' => self::PROPERTY_TWITTER,
-				'value' => '',
-				'scope' => self::SCOPE_LOCAL,
-				'verified' => self::NOT_VERIFIED,
-			],
-
-		];
-	}
-
-	private function arrayDataToCollection(IAccount $account, array $data): IAccountPropertyCollection {
-		$collection = $account->getPropertyCollection($data['name']);
-
-		$p = new AccountProperty(
-			$data['name'],
-			$data['value'] ?? '',
-			$data['scope'] ?? self::SCOPE_LOCAL,
-			$data['verified'] ?? self::NOT_VERIFIED,
-			''
-		);
-		$collection->addProperty($p);
-
-		return $collection;
-	}
-
-	private function parseAccountData(IUser $user, $data): Account {
-		$account = new Account($user);
-		foreach ($data as $accountData) {
-			if ($this->isCollection($accountData['name'])) {
-				$account->setPropertyCollection($this->arrayDataToCollection($account, $accountData));
-			} else {
-				$account->setProperty($accountData['name'], $accountData['value'] ?? '', $accountData['scope'] ?? self::SCOPE_LOCAL, $accountData['verified'] ?? self::NOT_VERIFIED);
-			}
-		}
-		return $account;
-	}
-
-	public function getAccount(IUser $user): IAccount {
-		return $this->parseAccountData($user, $this->getUser($user));
-	}
-
-	public function updateAccount(IAccount $account): void {
-		$this->testValueLengths(iterator_to_array($account->getAllProperties()), true);
-		try {
-			$property = $account->getProperty(self::PROPERTY_PHONE);
-			$this->sanitizePhoneNumberValue($property);
-		} catch (PropertyDoesNotExistException $e) {
-			//  valid case, nothing to do
-		}
-
-		try {
-			$property = $account->getProperty(self::PROPERTY_WEBSITE);
-			$this->sanitizeWebsite($property);
-		} catch (PropertyDoesNotExistException $e) {
-			//  valid case, nothing to do
-		}
-
-		static $allowedScopes = [
-			self::SCOPE_PRIVATE,
-			self::SCOPE_LOCAL,
-			self::SCOPE_FEDERATED,
-			self::SCOPE_PUBLISHED,
-			self::VISIBILITY_PRIVATE,
-			self::VISIBILITY_CONTACTS_ONLY,
-			self::VISIBILITY_PUBLIC,
-		];
-		foreach ($account->getAllProperties() as $property) {
-			$this->testPropertyScope($property, $allowedScopes, true);
-		}
-
-		$oldData = $this->getUser($account->getUser(), false);
-		$this->updateVerificationStatus($account, $oldData);
-		$this->checkEmailVerification($account, $oldData);
-
-		$data = [];
-		foreach ($account->getAllProperties() as $property) {
-			$data[] = [
-				'name' => $property->getName(),
-				'value' => $property->getValue(),
-				'scope' => $property->getScope(),
-				'verified' => $property->getVerified(),
-			];
-		}
-
-		$this->updateUser($account->getUser(), $data, true);
-	}
+    use TAccountsHelper;
+
+    /** @var  IDBConnection database connection */
+    private $connection;
+
+    /** @var IConfig */
+    private $config;
+
+    /** @var string table name */
+    private $table = 'accounts';
+
+    /** @var string table name */
+    private $dataTable = 'accounts_data';
+
+    /** @var EventDispatcherInterface */
+    private $eventDispatcher;
+
+    /** @var IJobList */
+    private $jobList;
+
+    /** @var LoggerInterface */
+    private $logger;
+
+    public function __construct(IDBConnection $connection,
+                                IConfig $config,
+                                EventDispatcherInterface $eventDispatcher,
+                                IJobList $jobList,
+                                LoggerInterface $logger) {
+        $this->connection = $connection;
+        $this->config = $config;
+        $this->eventDispatcher = $eventDispatcher;
+        $this->jobList = $jobList;
+        $this->logger = $logger;
+    }
+
+    /**
+     * @param string $input
+     * @return string Provided phone number in E.164 format when it was a valid number
+     * @throws InvalidArgumentException When the phone number was invalid or no default region is set and the number doesn't start with a country code
+     */
+    protected function parsePhoneNumber(string $input): string {
+        $defaultRegion = $this->config->getSystemValueString('default_phone_region', '');
+
+        if ($defaultRegion === '') {
+            // When no default region is set, only +49… numbers are valid
+            if (strpos($input, '+') !== 0) {
+                throw new InvalidArgumentException(self::PROPERTY_PHONE);
+            }
+
+            $defaultRegion = 'EN';
+        }
+
+        $phoneUtil = PhoneNumberUtil::getInstance();
+        try {
+            $phoneNumber = $phoneUtil->parse($input, $defaultRegion);
+            if ($phoneNumber instanceof PhoneNumber && $phoneUtil->isValidNumber($phoneNumber)) {
+                return $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
+            }
+        } catch (NumberParseException $e) {
+        }
+
+        throw new InvalidArgumentException(self::PROPERTY_PHONE);
+    }
+
+    /**
+     *
+     * @param string $input
+     * @return string
+     * @throws InvalidArgumentException When the website did not have http(s) as protocol or the host name was empty
+     */
+    protected function parseWebsite(string $input): string {
+        $parts = parse_url($input);
+        if (!isset($parts['scheme']) || ($parts['scheme'] !== 'https' && $parts['scheme'] !== 'http')) {
+            throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
+        }
+
+        if (!isset($parts['host']) || $parts['host'] === '') {
+            throw new InvalidArgumentException(self::PROPERTY_WEBSITE);
+        }
+
+        return $input;
+    }
+
+    /**
+     * @param IAccountProperty[] $properties
+     */
+    protected function testValueLengths(array $properties, bool $throwOnData = false): void {
+        foreach ($properties as $property) {
+            if (strlen($property->getValue()) > 2048) {
+                if ($throwOnData) {
+                    throw new InvalidArgumentException();
+                } else {
+                    $property->setValue('');
+                }
+            }
+        }
+    }
+
+    protected function testPropertyScope(IAccountProperty $property, array $allowedScopes, bool $throwOnData): void {
+        if ($throwOnData && !in_array($property->getScope(), $allowedScopes, true)) {
+            throw new InvalidArgumentException('scope');
+        }
+
+        if (
+            $property->getScope() === self::SCOPE_PRIVATE
+            && in_array($property->getName(), [self::PROPERTY_DISPLAYNAME, self::PROPERTY_EMAIL])
+        ) {
+            if ($throwOnData) {
+                // v2-private is not available for these fields
+                throw new InvalidArgumentException('scope');
+            } else {
+                // default to local
+                $property->setScope(self::SCOPE_LOCAL);
+            }
+        } else {
+            // migrate scope values to the new format
+            // invalid scopes are mapped to a default value
+            $property->setScope(AccountProperty::mapScopeToV2($property->getScope()));
+        }
+    }
+
+    protected function sanitizePhoneNumberValue(IAccountProperty $property, bool $throwOnData = false) {
+        if ($property->getName() !== self::PROPERTY_PHONE) {
+            if ($throwOnData) {
+                throw new InvalidArgumentException(sprintf('sanitizePhoneNumberValue can only sanitize phone numbers, %s given', $property->getName()));
+            }
+            return;
+        }
+        if ($property->getValue() === '') {
+            return;
+        }
+        try {
+            $property->setValue($this->parsePhoneNumber($property->getValue()));
+        } catch (InvalidArgumentException $e) {
+            if ($throwOnData) {
+                throw $e;
+            }
+            $property->setValue('');
+        }
+    }
+
+    protected function sanitizeWebsite(IAccountProperty $property, bool $throwOnData = false) {
+        if ($property->getName() !== self::PROPERTY_WEBSITE) {
+            if ($throwOnData) {
+                throw new InvalidArgumentException(sprintf('sanitizeWebsite can only sanitize web domains, %s given', $property->getName()));
+            }
+        }
+        try {
+            $property->setValue($this->parseWebsite($property->getValue()));
+        } catch (InvalidArgumentException $e) {
+            if ($throwOnData) {
+                throw $e;
+            }
+            $property->setValue('');
+        }
+    }
+
+    protected function updateUser(IUser $user, array $data, bool $throwOnData = false): array {
+        $oldUserData = $this->getUser($user, false);
+        $updated = true;
+
+        if ($oldUserData !== $data) {
+            $this->updateExistingUser($user, $data);
+        } else {
+            // nothing needs to be done if new and old data set are the same
+            $updated = false;
+        }
+
+        if ($updated) {
+            $this->eventDispatcher->dispatch(
+                'OC\AccountManager::userUpdated',
+                new GenericEvent($user, $data)
+            );
+        }
+
+        return $data;
+    }
+
+    /**
+     * delete user from accounts table
+     *
+     * @param IUser $user
+     */
+    public function deleteUser(IUser $user) {
+        $uid = $user->getUID();
+        $query = $this->connection->getQueryBuilder();
+        $query->delete($this->table)
+            ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
+            ->execute();
+
+        $this->deleteUserData($user);
+    }
+
+    /**
+     * delete user from accounts table
+     *
+     * @param IUser $user
+     */
+    public function deleteUserData(IUser $user): void {
+        $uid = $user->getUID();
+        $query = $this->connection->getQueryBuilder();
+        $query->delete($this->dataTable)
+            ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
+            ->execute();
+    }
+
+    /**
+     * get stored data from a given user
+     */
+    protected function getUser(IUser $user, bool $insertIfNotExists = true): array {
+        $uid = $user->getUID();
+        $query = $this->connection->getQueryBuilder();
+        $query->select('data')
+            ->from($this->table)
+            ->where($query->expr()->eq('uid', $query->createParameter('uid')))
+            ->setParameter('uid', $uid);
+        $result = $query->executeQuery();
+        $accountData = $result->fetchAll();
+        $result->closeCursor();
+
+        if (empty($accountData)) {
+            $userData = $this->buildDefaultUserRecord($user);
+            if ($insertIfNotExists) {
+                $this->insertNewUser($user, $userData);
+            }
+            return $userData;
+        }
+
+        $userDataArray = $this->importFromJson($accountData[0]['data'], $uid);
+        if ($userDataArray === null || $userDataArray === []) {
+            return $this->buildDefaultUserRecord($user);
+        }
+
+        return $this->addMissingDefaultValues($userDataArray);
+    }
+
+    public function searchUsers(string $property, array $values): array {
+        $chunks = array_chunk($values, 500);
+        $query = $this->connection->getQueryBuilder();
+        $query->select('*')
+            ->from($this->dataTable)
+            ->where($query->expr()->eq('name', $query->createNamedParameter($property)))
+            ->andWhere($query->expr()->in('value', $query->createParameter('values')));
+
+        $matches = [];
+        foreach ($chunks as $chunk) {
+            $query->setParameter('values', $chunk, IQueryBuilder::PARAM_STR_ARRAY);
+            $result = $query->executeQuery();
+
+            while ($row = $result->fetch()) {
+                $matches[$row['uid']] = $row['value'];
+            }
+            $result->closeCursor();
+        }
+
+        $result = array_merge($matches, $this->searchUsersForRelatedCollection($property, $values));
+
+        return array_flip($result);
+    }
+
+    protected function searchUsersForRelatedCollection(string $property, array $values): array {
+        switch ($property) {
+            case IAccountManager::PROPERTY_EMAIL:
+                return array_flip($this->searchUsers(IAccountManager::COLLECTION_EMAIL, $values));
+            default:
+                return [];
+        }
+    }
+
+    /**
+     * check if we need to ask the server for email verification, if yes we create a cronjob
+     *
+     */
+    protected function checkEmailVerification(IAccount $updatedAccount, array $oldData): void {
+        try {
+            $property = $updatedAccount->getProperty(self::PROPERTY_EMAIL);
+        } catch (PropertyDoesNotExistException $e) {
+            return;
+        }
+        $oldMail = isset($oldData[self::PROPERTY_EMAIL]) ? $oldData[self::PROPERTY_EMAIL]['value']['value'] : '';
+        if ($oldMail !== $property->getValue()) {
+            $this->jobList->add(VerifyUserData::class,
+                [
+                    'verificationCode' => '',
+                    'data' => $property->getValue(),
+                    'type' => self::PROPERTY_EMAIL,
+                    'uid' => $updatedAccount->getUser()->getUID(),
+                    'try' => 0,
+                    'lastRun' => time()
+                ]
+            );
+
+
+
+
+            $property->setVerified(self::VERIFICATION_IN_PROGRESS);
+        }
+    }
+
+    /**
+     * make sure that all expected data are set
+     *
+     */
+    protected function addMissingDefaultValues(array $userData): array {
+        foreach ($userData as $i => $value) {
+            if (!isset($value['verified'])) {
+                $userData[$i]['verified'] = self::NOT_VERIFIED;
+            }
+        }
+
+        return $userData;
+    }
+
+    protected function updateVerificationStatus(IAccount $updatedAccount, array $oldData): void {
+        static $propertiesVerifiableByLookupServer = [
+            self::PROPERTY_TWITTER,
+            self::PROPERTY_WEBSITE,
+            self::PROPERTY_EMAIL,
+        ];
+
+        foreach ($propertiesVerifiableByLookupServer as $propertyName) {
+            try {
+                $property = $updatedAccount->getProperty($propertyName);
+            } catch (PropertyDoesNotExistException $e) {
+                continue;
+            }
+            $wasVerified = isset($oldData[$propertyName])
+                && isset($oldData[$propertyName]['verified'])
+                && $oldData[$propertyName]['verified'] === self::VERIFIED;
+            if ((!isset($oldData[$propertyName])
+                    || !isset($oldData[$propertyName]['value'])
+                    || $property->getValue() !== $oldData[$propertyName]['value'])
+                && ($property->getVerified() !== self::NOT_VERIFIED
+                    || $wasVerified)
+                ) {
+                $property->setVerified(self::NOT_VERIFIED);
+            }
+        }
+    }
+
+
+    /**
+     * add new user to accounts table
+     *
+     * @param IUser $user
+     * @param array $data
+     */
+    protected function insertNewUser(IUser $user, array $data): void {
+        $uid = $user->getUID();
+        $jsonEncodedData = $this->prepareJson($data);
+        $query = $this->connection->getQueryBuilder();
+        $query->insert($this->table)
+            ->values(
+                [
+                    'uid' => $query->createNamedParameter($uid),
+                    'data' => $query->createNamedParameter($jsonEncodedData),
+                ]
+            )
+            ->executeStatement();
+
+        $this->deleteUserData($user);
+        $this->writeUserData($user, $data);
+    }
+
+    protected function prepareJson(array $data): string {
+        $preparedData = [];
+        foreach ($data as $dataRow) {
+            $propertyName = $dataRow['name'];
+            unset($dataRow['name']);
+            if (!$this->isCollection($propertyName)) {
+                $preparedData[$propertyName] = $dataRow;
+                continue;
+            }
+            if (!isset($preparedData[$propertyName])) {
+                $preparedData[$propertyName] = [];
+            }
+            $preparedData[$propertyName][] = $dataRow;
+        }
+        return json_encode($preparedData);
+    }
+
+    protected function importFromJson(string $json, string $userId): ?array {
+        $result = [];
+        $jsonArray = json_decode($json, true);
+        $jsonError = json_last_error();
+        if ($jsonError !== JSON_ERROR_NONE) {
+            $this->logger->critical(
+                'User data of {uid} contained invalid JSON (error {json_error}), hence falling back to a default user record',
+                [
+                    'uid' => $userId,
+                    'json_error' => $jsonError
+                ]
+            );
+            return null;
+        }
+        foreach ($jsonArray as $propertyName => $row) {
+            if (!$this->isCollection($propertyName)) {
+                $result[] = array_merge($row, ['name' => $propertyName]);
+                continue;
+            }
+            foreach ($row as $singleRow) {
+                $result[] = array_merge($singleRow, ['name' => $propertyName]);
+            }
+        }
+        return $result;
+    }
+
+    /**
+     * update existing user in accounts table
+     *
+     * @param IUser $user
+     * @param array $data
+     */
+    protected function updateExistingUser(IUser $user, array $data): void {
+        $uid = $user->getUID();
+        $jsonEncodedData = $this->prepareJson($data);
+        $query = $this->connection->getQueryBuilder();
+        $query->update($this->table)
+            ->set('data', $query->createNamedParameter($jsonEncodedData))
+            ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
+            ->executeStatement();
+
+        $this->deleteUserData($user);
+        $this->writeUserData($user, $data);
+    }
+
+    protected function writeUserData(IUser $user, array $data): void {
+        $query = $this->connection->getQueryBuilder();
+        $query->insert($this->dataTable)
+            ->values(
+                [
+                    'uid' => $query->createNamedParameter($user->getUID()),
+                    'name' => $query->createParameter('name'),
+                    'value' => $query->createParameter('value'),
+                ]
+            );
+        $this->writeUserDataProperties($query, $data);
+    }
+
+    protected function writeUserDataProperties(IQueryBuilder $query, array $data): void {
+        foreach ($data as $property) {
+            if ($property['name'] === self::PROPERTY_AVATAR) {
+                continue;
+            }
+
+
+            $query->setParameter('name', $property['name'])
+                ->setParameter('value', $property['value'] ?? '');
+            $query->executeStatement();
+        }
+    }
+
+    /**
+     * build default user record in case not data set exists yet
+     *
+     * @param IUser $user
+     * @return array
+     */
+    protected function buildDefaultUserRecord(IUser $user) {
+        return [
+
+            [
+                'name' => self::PROPERTY_DISPLAYNAME,
+                'value' => $user->getDisplayName(),
+                'scope' => self::SCOPE_FEDERATED,
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_ADDRESS,
+                'value' => '',
+                'scope' => self::SCOPE_LOCAL,
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_WEBSITE,
+                'value' => '',
+                'scope' => self::SCOPE_LOCAL,
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_EMAIL,
+                'value' => $user->getEMailAddress(),
+                'scope' => self::SCOPE_FEDERATED,
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_AVATAR,
+                'scope' => self::SCOPE_FEDERATED
+            ],
+
+            [
+                'name' => self::PROPERTY_PHONE,
+                'value' => '',
+                'scope' => self::SCOPE_LOCAL,
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+            [
+                'name' => self::PROPERTY_TWITTER,
+                'value' => '',
+                'scope' => self::SCOPE_LOCAL,
+                'verified' => self::NOT_VERIFIED,
+            ],
+
+        ];
+    }
+
+    private function arrayDataToCollection(IAccount $account, array $data): IAccountPropertyCollection {
+        $collection = $account->getPropertyCollection($data['name']);
+
+        $p = new AccountProperty(
+            $data['name'],
+            $data['value'] ?? '',
+            $data['scope'] ?? self::SCOPE_LOCAL,
+            $data['verified'] ?? self::NOT_VERIFIED,
+            ''
+        );
+        $collection->addProperty($p);
+
+        return $collection;
+    }
+
+    private function parseAccountData(IUser $user, $data): Account {
+        $account = new Account($user);
+        foreach ($data as $accountData) {
+            if ($this->isCollection($accountData['name'])) {
+                $account->setPropertyCollection($this->arrayDataToCollection($account, $accountData));
+            } else {
+                $account->setProperty($accountData['name'], $accountData['value'] ?? '', $accountData['scope'] ?? self::SCOPE_LOCAL, $accountData['verified'] ?? self::NOT_VERIFIED);
+            }
+        }
+        return $account;
+    }
+
+    public function getAccount(IUser $user): IAccount {
+        return $this->parseAccountData($user, $this->getUser($user));
+    }
+
+    public function updateAccount(IAccount $account): void {
+        $this->testValueLengths(iterator_to_array($account->getAllProperties()), true);
+        try {
+            $property = $account->getProperty(self::PROPERTY_PHONE);
+            $this->sanitizePhoneNumberValue($property);
+        } catch (PropertyDoesNotExistException $e) {
+            //  valid case, nothing to do
+        }
+
+        try {
+            $property = $account->getProperty(self::PROPERTY_WEBSITE);
+            $this->sanitizeWebsite($property);
+        } catch (PropertyDoesNotExistException $e) {
+            //  valid case, nothing to do
+        }
+
+        static $allowedScopes = [
+            self::SCOPE_PRIVATE,
+            self::SCOPE_LOCAL,
+            self::SCOPE_FEDERATED,
+            self::SCOPE_PUBLISHED,
+            self::VISIBILITY_PRIVATE,
+            self::VISIBILITY_CONTACTS_ONLY,
+            self::VISIBILITY_PUBLIC,
+        ];
+        foreach ($account->getAllProperties() as $property) {
+            $this->testPropertyScope($property, $allowedScopes, true);
+        }
+
+        $oldData = $this->getUser($account->getUser(), false);
+        $this->updateVerificationStatus($account, $oldData);
+        $this->checkEmailVerification($account, $oldData);
+
+        $data = [];
+        foreach ($account->getAllProperties() as $property) {
+            $data[] = [
+                'name' => $property->getName(),
+                'value' => $property->getValue(),
+                'scope' => $property->getScope(),
+                'verified' => $property->getVerified(),
+            ];
+        }
+
+        $this->updateUser($account->getUser(), $data, true);
+    }
 }

Please login to merge, or discard this patch.

lib/private/Accounts/Hooks.php 2 patches

Indentation +37 added lines, -37 removed lines patch added patch discarded remove patch

@@ -34,46 +34,46 @@
 block discarded – undo
 
 class Hooks implements IEventListener {
 
-	/** @var IAccountManager */
-	private $accountManager;
-	/** @var LoggerInterface */
-	private $logger;
+    /** @var IAccountManager */
+    private $accountManager;
+    /** @var LoggerInterface */
+    private $logger;
 
-	public function __construct(LoggerInterface $logger, IAccountManager $accountManager) {
-		$this->logger = $logger;
-		$this->accountManager = $accountManager;
-	}
+    public function __construct(LoggerInterface $logger, IAccountManager $accountManager) {
+        $this->logger = $logger;
+        $this->accountManager = $accountManager;
+    }
 
-	/**
-	 * update accounts table if email address or display name was changed from outside
-	 */
-	public function changeUserHook(IUser $user, string $feature, $newValue): void {
-		$account = $this->accountManager->getAccount($user);
+    /**
+     * update accounts table if email address or display name was changed from outside
+     */
+    public function changeUserHook(IUser $user, string $feature, $newValue): void {
+        $account = $this->accountManager->getAccount($user);
 
-		try {
-			switch ($feature) {
-				case 'eMailAddress':
-					$property = $account->getProperty(IAccountManager::PROPERTY_EMAIL);
-					break;
-				case 'displayName':
-					$property = $account->getProperty(IAccountManager::PROPERTY_DISPLAYNAME);
-					break;
-			}
-		} catch (PropertyDoesNotExistException $e) {
-			$this->logger->debug($e->getMessage(), ['exception' => $e]);
-			return;
-		}
+        try {
+            switch ($feature) {
+                case 'eMailAddress':
+                    $property = $account->getProperty(IAccountManager::PROPERTY_EMAIL);
+                    break;
+                case 'displayName':
+                    $property = $account->getProperty(IAccountManager::PROPERTY_DISPLAYNAME);
+                    break;
+            }
+        } catch (PropertyDoesNotExistException $e) {
+            $this->logger->debug($e->getMessage(), ['exception' => $e]);
+            return;
+        }
 
-		if (isset($property) && $property->getValue() !== (string)$newValue) {
-			$property->setValue($newValue);
-			$this->accountManager->updateAccount($account);
-		}
-	}
+        if (isset($property) && $property->getValue() !== (string)$newValue) {
+            $property->setValue($newValue);
+            $this->accountManager->updateAccount($account);
+        }
+    }
 
-	public function handle(Event $event): void {
-		if (!$event instanceof UserChangedEvent) {
-			return;
-		}
-		$this->changeUserHook($event->getUser(), $event->getFeature(), $event->getValue());
-	}
+    public function handle(Event $event): void {
+        if (!$event instanceof UserChangedEvent) {
+            return;
+        }
+        $this->changeUserHook($event->getUser(), $event->getFeature(), $event->getValue());
+    }
 }

Please login to merge, or discard this patch.

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -64,7 +64,7 @@
 block discarded – undo
 			return;
 		}
 
-		if (isset($property) && $property->getValue() !== (string)$newValue) {
+		if (isset($property) && $property->getValue() !== (string) $newValue) {
 			$property->setValue($newValue);
 			$this->accountManager->updateAccount($account);
 		}

Please login to merge, or discard this patch.

lib/private/Avatar/AvatarManager.php 1 patch

Indentation +135 added lines, -135 removed lines patch added patch discarded remove patch

@@ -55,139 +55,139 @@
 block discarded – undo
  */
 class AvatarManager implements IAvatarManager {
 
-	/** @var IUserSession */
-	private $userSession;
-
-	/** @var Manager */
-	private $userManager;
-
-	/** @var IAppData */
-	private $appData;
-
-	/** @var IL10N */
-	private $l;
-
-	/** @var LoggerInterface */
-	private $logger;
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var IAccountManager */
-	private $accountManager;
-
-	/** @var KnownUserService */
-	private $knownUserService;
-
-	public function __construct(
-			IUserSession $userSession,
-			Manager $userManager,
-			IAppData $appData,
-			IL10N $l,
-			LoggerInterface $logger,
-			IConfig $config,
-			IAccountManager $accountManager,
-			KnownUserService $knownUserService
-	) {
-		$this->userSession = $userSession;
-		$this->userManager = $userManager;
-		$this->appData = $appData;
-		$this->l = $l;
-		$this->logger = $logger;
-		$this->config = $config;
-		$this->accountManager = $accountManager;
-		$this->knownUserService = $knownUserService;
-	}
-
-	/**
-	 * return a user specific instance of \OCP\IAvatar
-	 * @see \OCP\IAvatar
-	 * @param string $userId the ownCloud user id
-	 * @return \OCP\IAvatar
-	 * @throws \Exception In case the username is potentially dangerous
-	 * @throws NotFoundException In case there is no user folder yet
-	 */
-	public function getAvatar(string $userId) : IAvatar {
-		$user = $this->userManager->get($userId);
-		if ($user === null) {
-			throw new \Exception('user does not exist');
-		}
-
-		// sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below)
-		$userId = $user->getUID();
-
-		$requestingUser = null;
-		if ($this->userSession !== null) {
-			$requestingUser = $this->userSession->getUser();
-		}
-
-		try {
-			$folder = $this->appData->getFolder($userId);
-		} catch (NotFoundException $e) {
-			$folder = $this->appData->newFolder($userId);
-		}
-
-		try {
-			$account = $this->accountManager->getAccount($user);
-			$avatarProperties = $account->getProperty(IAccountManager::PROPERTY_AVATAR);
-			$avatarScope = $avatarProperties->getScope();
-		} catch (PropertyDoesNotExistException $e) {
-			$avatarScope = '';
-		}
-
-		if (
-			// v2-private scope hides the avatar from public access and from unknown users
-			$avatarScope === IAccountManager::SCOPE_PRIVATE
-			&& (
-				// accessing from public link
-				$requestingUser === null
-				// logged in, but unknown to user
-				|| !$this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)
-			)) {
-			// use a placeholder avatar which caches the generated images
-			return new PlaceholderAvatar($folder, $user, $this->logger);
-		}
-
-		return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
-	}
-
-	/**
-	 * Clear generated avatars
-	 */
-	public function clearCachedAvatars() {
-		$users = $this->config->getUsersForUserValue('avatar', 'generated', 'true');
-		foreach ($users as $userId) {
-			try {
-				$folder = $this->appData->getFolder($userId);
-				$folder->delete();
-			} catch (NotFoundException $e) {
-				$this->logger->debug("No cache for the user $userId. Ignoring...");
-			}
-			$this->config->setUserValue($userId, 'avatar', 'generated', 'false');
-		}
-	}
-
-	public function deleteUserAvatar(string $userId): void {
-		try {
-			$folder = $this->appData->getFolder($userId);
-			$folder->delete();
-		} catch (NotFoundException $e) {
-			$this->logger->debug("No cache for the user $userId. Ignoring avatar deletion");
-		} catch (NotPermittedException $e) {
-			$this->logger->error("Unable to delete user avatars for $userId. gnoring avatar deletion");
-		} catch (NoUserException $e) {
-			$this->logger->debug("User $userId not found. gnoring avatar deletion");
-		}
-		$this->config->deleteUserValue($userId, 'avatar', 'generated');
-	}
-
-	/**
-	 * Returns a GuestAvatar.
-	 *
-	 * @param string $name The guest name, e.g. "Albert".
-	 * @return IAvatar
-	 */
-	public function getGuestAvatar(string $name): IAvatar {
-		return new GuestAvatar($name, $this->logger);
-	}
+    /** @var IUserSession */
+    private $userSession;
+
+    /** @var Manager */
+    private $userManager;
+
+    /** @var IAppData */
+    private $appData;
+
+    /** @var IL10N */
+    private $l;
+
+    /** @var LoggerInterface */
+    private $logger;
+
+    /** @var IConfig */
+    private $config;
+
+    /** @var IAccountManager */
+    private $accountManager;
+
+    /** @var KnownUserService */
+    private $knownUserService;
+
+    public function __construct(
+            IUserSession $userSession,
+            Manager $userManager,
+            IAppData $appData,
+            IL10N $l,
+            LoggerInterface $logger,
+            IConfig $config,
+            IAccountManager $accountManager,
+            KnownUserService $knownUserService
+    ) {
+        $this->userSession = $userSession;
+        $this->userManager = $userManager;
+        $this->appData = $appData;
+        $this->l = $l;
+        $this->logger = $logger;
+        $this->config = $config;
+        $this->accountManager = $accountManager;
+        $this->knownUserService = $knownUserService;
+    }
+
+    /**
+     * return a user specific instance of \OCP\IAvatar
+     * @see \OCP\IAvatar
+     * @param string $userId the ownCloud user id
+     * @return \OCP\IAvatar
+     * @throws \Exception In case the username is potentially dangerous
+     * @throws NotFoundException In case there is no user folder yet
+     */
+    public function getAvatar(string $userId) : IAvatar {
+        $user = $this->userManager->get($userId);
+        if ($user === null) {
+            throw new \Exception('user does not exist');
+        }
+
+        // sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below)
+        $userId = $user->getUID();
+
+        $requestingUser = null;
+        if ($this->userSession !== null) {
+            $requestingUser = $this->userSession->getUser();
+        }
+
+        try {
+            $folder = $this->appData->getFolder($userId);
+        } catch (NotFoundException $e) {
+            $folder = $this->appData->newFolder($userId);
+        }
+
+        try {
+            $account = $this->accountManager->getAccount($user);
+            $avatarProperties = $account->getProperty(IAccountManager::PROPERTY_AVATAR);
+            $avatarScope = $avatarProperties->getScope();
+        } catch (PropertyDoesNotExistException $e) {
+            $avatarScope = '';
+        }
+
+        if (
+            // v2-private scope hides the avatar from public access and from unknown users
+            $avatarScope === IAccountManager::SCOPE_PRIVATE
+            && (
+                // accessing from public link
+                $requestingUser === null
+                // logged in, but unknown to user
+                || !$this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)
+            )) {
+            // use a placeholder avatar which caches the generated images
+            return new PlaceholderAvatar($folder, $user, $this->logger);
+        }
+
+        return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
+    }
+
+    /**
+     * Clear generated avatars
+     */
+    public function clearCachedAvatars() {
+        $users = $this->config->getUsersForUserValue('avatar', 'generated', 'true');
+        foreach ($users as $userId) {
+            try {
+                $folder = $this->appData->getFolder($userId);
+                $folder->delete();
+            } catch (NotFoundException $e) {
+                $this->logger->debug("No cache for the user $userId. Ignoring...");
+            }
+            $this->config->setUserValue($userId, 'avatar', 'generated', 'false');
+        }
+    }
+
+    public function deleteUserAvatar(string $userId): void {
+        try {
+            $folder = $this->appData->getFolder($userId);
+            $folder->delete();
+        } catch (NotFoundException $e) {
+            $this->logger->debug("No cache for the user $userId. Ignoring avatar deletion");
+        } catch (NotPermittedException $e) {
+            $this->logger->error("Unable to delete user avatars for $userId. gnoring avatar deletion");
+        } catch (NoUserException $e) {
+            $this->logger->debug("User $userId not found. gnoring avatar deletion");
+        }
+        $this->config->deleteUserValue($userId, 'avatar', 'generated');
+    }
+
+    /**
+     * Returns a GuestAvatar.
+     *
+     * @param string $name The guest name, e.g. "Albert".
+     * @return IAvatar
+     */
+    public function getGuestAvatar(string $name): IAvatar {
+        return new GuestAvatar($name, $this->logger);
+    }
 }

Please login to merge, or discard this patch.

lib/public/Accounts/IAccountPropertyCollection.php 1 patch

Indentation +45 added lines, -45 removed lines patch added patch discarded remove patch

@@ -38,55 +38,55 @@
 block discarded – undo
  */
 interface IAccountPropertyCollection extends JsonSerializable {
 
-	/**
-	 * retuns the collection name
-	 *
-	 * @since 22.0.0
-	 */
-	public function getName(): string;
+    /**
+     * retuns the collection name
+     *
+     * @since 22.0.0
+     */
+    public function getName(): string;
 
-	/**
-	 * set properties of this collection
-	 *
-	 * @param IAccountProperty[] $properties
-	 * @throws InvalidArgumentException
-	 * @since 22.0.0
-	 */
-	public function setProperties(array $properties): IAccountPropertyCollection;
+    /**
+     * set properties of this collection
+     *
+     * @param IAccountProperty[] $properties
+     * @throws InvalidArgumentException
+     * @since 22.0.0
+     */
+    public function setProperties(array $properties): IAccountPropertyCollection;
 
-	/**
-	 * @return IAccountProperty[]
-	 * @since 22.0.0
-	 */
-	public function getProperties(): array;
+    /**
+     * @return IAccountProperty[]
+     * @since 22.0.0
+     */
+    public function getProperties(): array;
 
-	/**
-	 * adds a property to this collection
-	 *
-	 * @throws InvalidArgumentException
-	 * @since 22.0.0
-	 */
-	public function addProperty(IAccountProperty $property): IAccountPropertyCollection;
+    /**
+     * adds a property to this collection
+     *
+     * @throws InvalidArgumentException
+     * @since 22.0.0
+     */
+    public function addProperty(IAccountProperty $property): IAccountPropertyCollection;
 
-	/**
-	 * adds a property to this collection with only specifying the value
-	 *
-	 * @throws InvalidArgumentException
-	 * @since 22.0.0
-	 */
-	public function addPropertyWithDefaults(string $value): IAccountPropertyCollection;
+    /**
+     * adds a property to this collection with only specifying the value
+     *
+     * @throws InvalidArgumentException
+     * @since 22.0.0
+     */
+    public function addPropertyWithDefaults(string $value): IAccountPropertyCollection;
 
-	/**
-	 * removes a property of this collection
-	 *
-	 * @since 22.0.0
-	 */
-	public function removeProperty(IAccountProperty $property): IAccountPropertyCollection;
+    /**
+     * removes a property of this collection
+     *
+     * @since 22.0.0
+     */
+    public function removeProperty(IAccountProperty $property): IAccountPropertyCollection;
 
-	/**
-	 * removes a property identified by its value
-	 *
-	 * @since 22.0.0
-	 */
-	public function removePropertyByValue(string $value): IAccountPropertyCollection;
+    /**
+     * removes a property identified by its value
+     *
+     * @since 22.0.0
+     */
+    public function removePropertyByValue(string $value): IAccountPropertyCollection;
 }

Please login to merge, or discard this patch.

lib/public/Accounts/IAccount.php 1 patch

Indentation +79 added lines, -79 removed lines patch added patch discarded remove patch

@@ -36,90 +36,90 @@
 block discarded – undo
  */
 interface IAccount extends \JsonSerializable {
 
-	/**
-	 * Set a property with data
-	 *
-	 * @since 15.0.0
-	 *
-	 * @param string $property  Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
-	 * @param string $value
-	 * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
-	 * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED | \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS | \OCP\Accounts\IAccountManager::VERIFIED
-	 * @param string $verificationData Optional, defaults to empty string. Since @22.0.0.
-	 * @return IAccount
-	 */
-	public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount;
+    /**
+     * Set a property with data
+     *
+     * @since 15.0.0
+     *
+     * @param string $property  Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
+     * @param string $value
+     * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
+     * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED | \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS | \OCP\Accounts\IAccountManager::VERIFIED
+     * @param string $verificationData Optional, defaults to empty string. Since @22.0.0.
+     * @return IAccount
+     */
+    public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount;
 
-	/**
-	 * Get a property by its key
-	 *
-	 * @since 15.0.0
-	 *
-	 * @param string $property Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
-	 * @return IAccountProperty
-	 * @throws PropertyDoesNotExistException
-	 */
-	public function getProperty(string $property): IAccountProperty;
+    /**
+     * Get a property by its key
+     *
+     * @since 15.0.0
+     *
+     * @param string $property Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
+     * @return IAccountProperty
+     * @throws PropertyDoesNotExistException
+     */
+    public function getProperty(string $property): IAccountProperty;
 
-	/**
-	 * Get all properties of an account. Array indices are property names.
-	 * Values from IAccountPropertyCollections are not included in the return
-	 * array.
-	 *
-	 * @since 15.0.0
-	 * @deprecated 22.0.0 use getAllProperties()
-	 */
-	public function getProperties(): array;
+    /**
+     * Get all properties of an account. Array indices are property names.
+     * Values from IAccountPropertyCollections are not included in the return
+     * array.
+     *
+     * @since 15.0.0
+     * @deprecated 22.0.0 use getAllProperties()
+     */
+    public function getProperties(): array;
 
-	/**
-	 * Get all properties of an account. Array indices are numeric. To get
-	 * the property name, call getName() against the value.
-	 *
-	 * IAccountPropertyCollections are being flattened into an IAccountProperty
-	 * for each value.
-	 *
-	 * @since 22.0.0
-	 *
-	 * @return Generator<int, IAccountProperty>
-	 */
-	public function getAllProperties(): Generator;
+    /**
+     * Get all properties of an account. Array indices are numeric. To get
+     * the property name, call getName() against the value.
+     *
+     * IAccountPropertyCollections are being flattened into an IAccountProperty
+     * for each value.
+     *
+     * @since 22.0.0
+     *
+     * @return Generator<int, IAccountProperty>
+     */
+    public function getAllProperties(): Generator;
 
-	/**
-	 * Set a property collection (multi-value properties)
-	 *
-	 * @since 22.0.0
-	 */
-	public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount;
+    /**
+     * Set a property collection (multi-value properties)
+     *
+     * @since 22.0.0
+     */
+    public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount;
 
-	/**
-	 * Returns the requestes propery collection (multi-value properties)
-	 *
-	 * @throws PropertyDoesNotExistException against invalid collection name
-	 * @since 22.0.0
-	 */
-	public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection;
+    /**
+     * Returns the requestes propery collection (multi-value properties)
+     *
+     * @throws PropertyDoesNotExistException against invalid collection name
+     * @since 22.0.0
+     */
+    public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection;
 
-	/**
-	 * Get all properties that match the provided filters for scope and verification status
-	 *
-	 * Since 22.0.0 values from IAccountPropertyCollection are included, but also
-	 * as IAccountProperty instances. They for properties of IAccountPropertyCollection are
-	 * suffixed incrementally, i.e. #0, #1 ... #n – the numbers have no further meaning.
-	 *
-	 * @since 15.0.0
-	 *
-	 * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
-	 * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED | \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS | \OCP\Accounts\IAccountManager::VERIFIED
-	 * @return IAccountProperty[]
-	 */
-	public function getFilteredProperties(string $scope = null, string $verified = null): array;
+    /**
+     * Get all properties that match the provided filters for scope and verification status
+     *
+     * Since 22.0.0 values from IAccountPropertyCollection are included, but also
+     * as IAccountProperty instances. They for properties of IAccountPropertyCollection are
+     * suffixed incrementally, i.e. #0, #1 ... #n – the numbers have no further meaning.
+     *
+     * @since 15.0.0
+     *
+     * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
+     * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED | \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS | \OCP\Accounts\IAccountManager::VERIFIED
+     * @return IAccountProperty[]
+     */
+    public function getFilteredProperties(string $scope = null, string $verified = null): array;
 
-	/**
-	 * Get the related user for the account data
-	 *
-	 * @since 15.0.0
-	 *
-	 * @return IUser
-	 */
-	public function getUser(): IUser;
+    /**
+     * Get the related user for the account data
+     *
+     * @since 15.0.0
+     *
+     * @return IUser
+     */
+    public function getUser(): IUser;
 }

Please login to merge, or discard this patch.

lib/base.php 1 patch

Indentation +1000 added lines, -1000 removed lines patch added patch discarded remove patch

@@ -78,1006 +78,1006 @@
 block discarded – undo
  * OC_autoload!
  */
 class OC {
-	/**
-	 * Associative array for autoloading. classname => filename
-	 */
-	public static $CLASSPATH = [];
-	/**
-	 * The installation path for Nextcloud  on the server (e.g. /srv/http/nextcloud)
-	 */
-	public static $SERVERROOT = '';
-	/**
-	 * the current request path relative to the Nextcloud root (e.g. files/index.php)
-	 */
-	private static $SUBURI = '';
-	/**
-	 * the Nextcloud root path for http requests (e.g. nextcloud/)
-	 */
-	public static $WEBROOT = '';
-	/**
-	 * The installation path array of the apps folder on the server (e.g. /srv/http/nextcloud) 'path' and
-	 * web path in 'url'
-	 */
-	public static $APPSROOTS = [];
-
-	/**
-	 * @var string
-	 */
-	public static $configDir;
-
-	/**
-	 * requested app
-	 */
-	public static $REQUESTEDAPP = '';
-
-	/**
-	 * check if Nextcloud runs in cli mode
-	 */
-	public static $CLI = false;
-
-	/**
-	 * @var \OC\Autoloader $loader
-	 */
-	public static $loader = null;
-
-	/** @var \Composer\Autoload\ClassLoader $composerAutoloader */
-	public static $composerAutoloader = null;
-
-	/**
-	 * @var \OC\Server
-	 */
-	public static $server = null;
-
-	/**
-	 * @var \OC\Config
-	 */
-	private static $config = null;
-
-	/**
-	 * @throws \RuntimeException when the 3rdparty directory is missing or
-	 * the app path list is empty or contains an invalid path
-	 */
-	public static function initPaths() {
-		if (defined('PHPUNIT_CONFIG_DIR')) {
-			self::$configDir = OC::$SERVERROOT . '/' . PHPUNIT_CONFIG_DIR . '/';
-		} elseif (defined('PHPUNIT_RUN') and PHPUNIT_RUN and is_dir(OC::$SERVERROOT . '/tests/config/')) {
-			self::$configDir = OC::$SERVERROOT . '/tests/config/';
-		} elseif ($dir = getenv('NEXTCLOUD_CONFIG_DIR')) {
-			self::$configDir = rtrim($dir, '/') . '/';
-		} else {
-			self::$configDir = OC::$SERVERROOT . '/config/';
-		}
-		self::$config = new \OC\Config(self::$configDir);
-
-		OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
-		/**
-		 * FIXME: The following lines are required because we can't yet instantiate
-		 *        \OC::$server->getRequest() since \OC::$server does not yet exist.
-		 */
-		$params = [
-			'server' => [
-				'SCRIPT_NAME' => $_SERVER['SCRIPT_NAME'],
-				'SCRIPT_FILENAME' => $_SERVER['SCRIPT_FILENAME'],
-			],
-		];
-		$fakeRequest = new \OC\AppFramework\Http\Request($params, new \OC\Security\SecureRandom(), new \OC\AllConfig(new \OC\SystemConfig(self::$config)));
-		$scriptName = $fakeRequest->getScriptName();
-		if (substr($scriptName, -1) == '/') {
-			$scriptName .= 'index.php';
-			//make sure suburi follows the same rules as scriptName
-			if (substr(OC::$SUBURI, -9) != 'index.php') {
-				if (substr(OC::$SUBURI, -1) != '/') {
-					OC::$SUBURI = OC::$SUBURI . '/';
-				}
-				OC::$SUBURI = OC::$SUBURI . 'index.php';
-			}
-		}
-
-
-		if (OC::$CLI) {
-			OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
-		} else {
-			if (substr($scriptName, 0 - strlen(OC::$SUBURI)) === OC::$SUBURI) {
-				OC::$WEBROOT = substr($scriptName, 0, 0 - strlen(OC::$SUBURI));
-
-				if (OC::$WEBROOT != '' && OC::$WEBROOT[0] !== '/') {
-					OC::$WEBROOT = '/' . OC::$WEBROOT;
-				}
-			} else {
-				// The scriptName is not ending with OC::$SUBURI
-				// This most likely means that we are calling from CLI.
-				// However some cron jobs still need to generate
-				// a web URL, so we use overwritewebroot as a fallback.
-				OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
-			}
-
-			// Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
-			// slash which is required by URL generation.
-			if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
-					substr($_SERVER['REQUEST_URI'], -1) !== '/') {
-				header('Location: '.\OC::$WEBROOT.'/');
-				exit();
-			}
-		}
-
-		// search the apps folder
-		$config_paths = self::$config->getValue('apps_paths', []);
-		if (!empty($config_paths)) {
-			foreach ($config_paths as $paths) {
-				if (isset($paths['url']) && isset($paths['path'])) {
-					$paths['url'] = rtrim($paths['url'], '/');
-					$paths['path'] = rtrim($paths['path'], '/');
-					OC::$APPSROOTS[] = $paths;
-				}
-			}
-		} elseif (file_exists(OC::$SERVERROOT . '/apps')) {
-			OC::$APPSROOTS[] = ['path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true];
-		}
-
-		if (empty(OC::$APPSROOTS)) {
-			throw new \RuntimeException('apps directory not found! Please put the Nextcloud apps folder in the Nextcloud folder'
-				. '. You can also configure the location in the config.php file.');
-		}
-		$paths = [];
-		foreach (OC::$APPSROOTS as $path) {
-			$paths[] = $path['path'];
-			if (!is_dir($path['path'])) {
-				throw new \RuntimeException(sprintf('App directory "%s" not found! Please put the Nextcloud apps folder in the'
-					. ' Nextcloud folder. You can also configure the location in the config.php file.', $path['path']));
-			}
-		}
-
-		// set the right include path
-		set_include_path(
-			implode(PATH_SEPARATOR, $paths)
-		);
-	}
-
-	public static function checkConfig() {
-		$l = \OC::$server->getL10N('lib');
-
-		// Create config if it does not already exist
-		$configFilePath = self::$configDir .'/config.php';
-		if (!file_exists($configFilePath)) {
-			@touch($configFilePath);
-		}
-
-		// Check if config is writable
-		$configFileWritable = is_writable($configFilePath);
-		if (!$configFileWritable && !OC_Helper::isReadOnlyConfigEnabled()
-			|| !$configFileWritable && \OCP\Util::needUpgrade()) {
-			$urlGenerator = \OC::$server->getURLGenerator();
-
-			if (self::$CLI) {
-				echo $l->t('Cannot write into "config" directory!')."\n";
-				echo $l->t('This can usually be fixed by giving the webserver write access to the config directory.')."\n";
-				echo "\n";
-				echo $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.')."\n";
-				echo $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ])."\n";
-				exit;
-			} else {
-				OC_Template::printErrorPage(
-					$l->t('Cannot write into "config" directory!'),
-					$l->t('This can usually be fixed by giving the webserver write access to the config directory.') . ' '
-					. $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.') . ' '
-					. $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ]),
-					503
-				);
-			}
-		}
-	}
-
-	public static function checkInstalled(\OC\SystemConfig $systemConfig) {
-		if (defined('OC_CONSOLE')) {
-			return;
-		}
-		// Redirect to installer if not installed
-		if (!$systemConfig->getValue('installed', false) && OC::$SUBURI !== '/index.php' && OC::$SUBURI !== '/status.php') {
-			if (OC::$CLI) {
-				throw new Exception('Not installed');
-			} else {
-				$url = OC::$WEBROOT . '/index.php';
-				header('Location: ' . $url);
-			}
-			exit();
-		}
-	}
-
-	public static function checkMaintenanceMode(\OC\SystemConfig $systemConfig) {
-		// Allow ajax update script to execute without being stopped
-		if (((bool) $systemConfig->getValue('maintenance', false)) && OC::$SUBURI != '/core/ajax/update.php') {
-			// send http status 503
-			http_response_code(503);
-			header('Retry-After: 120');
-
-			// render error page
-			$template = new OC_Template('', 'update.user', 'guest');
-			OC_Util::addScript('dist/maintenance');
-			OC_Util::addStyle('core', 'guest');
-			$template->printPage();
-			die();
-		}
-	}
-
-	/**
-	 * Prints the upgrade page
-	 *
-	 * @param \OC\SystemConfig $systemConfig
-	 */
-	private static function printUpgradePage(\OC\SystemConfig $systemConfig) {
-		$disableWebUpdater = $systemConfig->getValue('upgrade.disable-web', false);
-		$tooBig = false;
-		if (!$disableWebUpdater) {
-			$apps = \OC::$server->getAppManager();
-			if ($apps->isInstalled('user_ldap')) {
-				$qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-
-				$result = $qb->select($qb->func()->count('*', 'user_count'))
-					->from('ldap_user_mapping')
-					->execute();
-				$row = $result->fetch();
-				$result->closeCursor();
-
-				$tooBig = ($row['user_count'] > 50);
-			}
-			if (!$tooBig && $apps->isInstalled('user_saml')) {
-				$qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-
-				$result = $qb->select($qb->func()->count('*', 'user_count'))
-					->from('user_saml_users')
-					->execute();
-				$row = $result->fetch();
-				$result->closeCursor();
-
-				$tooBig = ($row['user_count'] > 50);
-			}
-			if (!$tooBig) {
-				// count users
-				$stats = \OC::$server->getUserManager()->countUsers();
-				$totalUsers = array_sum($stats);
-				$tooBig = ($totalUsers > 50);
-			}
-		}
-		$ignoreTooBigWarning = isset($_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup']) &&
-			$_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup'] === 'IAmSuperSureToDoThis';
-
-		if ($disableWebUpdater || ($tooBig && !$ignoreTooBigWarning)) {
-			// send http status 503
-			http_response_code(503);
-			header('Retry-After: 120');
-
-			// render error page
-			$template = new OC_Template('', 'update.use-cli', 'guest');
-			$template->assign('productName', 'nextcloud'); // for now
-			$template->assign('version', OC_Util::getVersionString());
-			$template->assign('tooBig', $tooBig);
-
-			$template->printPage();
-			die();
-		}
-
-		// check whether this is a core update or apps update
-		$installedVersion = $systemConfig->getValue('version', '0.0.0');
-		$currentVersion = implode('.', \OCP\Util::getVersion());
-
-		// if not a core upgrade, then it's apps upgrade
-		$isAppsOnlyUpgrade = version_compare($currentVersion, $installedVersion, '=');
-
-		$oldTheme = $systemConfig->getValue('theme');
-		$systemConfig->setValue('theme', '');
-		OC_Util::addScript('update');
-
-		/** @var \OC\App\AppManager $appManager */
-		$appManager = \OC::$server->getAppManager();
-
-		$tmpl = new OC_Template('', 'update.admin', 'guest');
-		$tmpl->assign('version', OC_Util::getVersionString());
-		$tmpl->assign('isAppsOnlyUpgrade', $isAppsOnlyUpgrade);
-
-		// get third party apps
-		$ocVersion = \OCP\Util::getVersion();
-		$ocVersion = implode('.', $ocVersion);
-		$incompatibleApps = $appManager->getIncompatibleApps($ocVersion);
-		$incompatibleShippedApps = [];
-		foreach ($incompatibleApps as $appInfo) {
-			if ($appManager->isShipped($appInfo['id'])) {
-				$incompatibleShippedApps[] = $appInfo['name'] . ' (' . $appInfo['id'] . ')';
-			}
-		}
-
-		if (!empty($incompatibleShippedApps)) {
-			$l = \OC::$server->getL10N('core');
-			$hint = $l->t('The files of the app %1$s were not replaced correctly. Make sure it is a version compatible with the server.', [implode(', ', $incompatibleShippedApps)]);
-			throw new \OC\HintException('The files of the app ' . implode(', ', $incompatibleShippedApps) . ' were not replaced correctly. Make sure it is a version compatible with the server.', $hint);
-		}
-
-		$tmpl->assign('appsToUpgrade', $appManager->getAppsNeedingUpgrade($ocVersion));
-		$tmpl->assign('incompatibleAppsList', $incompatibleApps);
-		try {
-			$defaults = new \OC_Defaults();
-			$tmpl->assign('productName', $defaults->getName());
-		} catch (Throwable $error) {
-			$tmpl->assign('productName', 'Nextcloud');
-		}
-		$tmpl->assign('oldTheme', $oldTheme);
-		$tmpl->printPage();
-	}
-
-	public static function initSession() {
-		if (self::$server->getRequest()->getServerProtocol() === 'https') {
-			ini_set('session.cookie_secure', 'true');
-		}
-
-		// prevents javascript from accessing php session cookies
-		ini_set('session.cookie_httponly', 'true');
-
-		// set the cookie path to the Nextcloud directory
-		$cookie_path = OC::$WEBROOT ? : '/';
-		ini_set('session.cookie_path', $cookie_path);
-
-		// Let the session name be changed in the initSession Hook
-		$sessionName = OC_Util::getInstanceId();
-
-		try {
-			// set the session name to the instance id - which is unique
-			$session = new \OC\Session\Internal($sessionName);
-
-			$cryptoWrapper = \OC::$server->getSessionCryptoWrapper();
-			$session = $cryptoWrapper->wrapSession($session);
-			self::$server->setSession($session);
-
-			// if session can't be started break with http 500 error
-		} catch (Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'base']);
-			//show the user a detailed error page
-			OC_Template::printExceptionErrorPage($e, 500);
-			die();
-		}
-
-		$sessionLifeTime = self::getSessionLifeTime();
-
-		// session timeout
-		if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) {
-			if (isset($_COOKIE[session_name()])) {
-				setcookie(session_name(), '', -1, self::$WEBROOT ? : '/');
-			}
-			\OC::$server->getUserSession()->logout();
-		}
-
-		$session->set('LAST_ACTIVITY', time());
-	}
-
-	/**
-	 * @return string
-	 */
-	private static function getSessionLifeTime() {
-		return \OC::$server->getConfig()->getSystemValue('session_lifetime', 60 * 60 * 24);
-	}
-
-	/**
-	 * Try to set some values to the required Nextcloud default
-	 */
-	public static function setRequiredIniValues() {
-		@ini_set('default_charset', 'UTF-8');
-		@ini_set('gd.jpeg_ignore_warning', '1');
-	}
-
-	/**
-	 * Send the same site cookies
-	 */
-	private static function sendSameSiteCookies() {
-		$cookieParams = session_get_cookie_params();
-		$secureCookie = ($cookieParams['secure'] === true) ? 'secure; ' : '';
-		$policies = [
-			'lax',
-			'strict',
-		];
-
-		// Append __Host to the cookie if it meets the requirements
-		$cookiePrefix = '';
-		if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') {
-			$cookiePrefix = '__Host-';
-		}
-
-		foreach ($policies as $policy) {
-			header(
-				sprintf(
-					'Set-Cookie: %snc_sameSiteCookie%s=true; path=%s; httponly;' . $secureCookie . 'expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=%s',
-					$cookiePrefix,
-					$policy,
-					$cookieParams['path'],
-					$policy
-				),
-				false
-			);
-		}
-	}
-
-	/**
-	 * Same Site cookie to further mitigate CSRF attacks. This cookie has to
-	 * be set in every request if cookies are sent to add a second level of
-	 * defense against CSRF.
-	 *
-	 * If the cookie is not sent this will set the cookie and reload the page.
-	 * We use an additional cookie since we want to protect logout CSRF and
-	 * also we can't directly interfere with PHP's session mechanism.
-	 */
-	private static function performSameSiteCookieProtection(\OCP\IConfig $config) {
-		$request = \OC::$server->getRequest();
-
-		// Some user agents are notorious and don't really properly follow HTTP
-		// specifications. For those, have an automated opt-out. Since the protection
-		// for remote.php is applied in base.php as starting point we need to opt out
-		// here.
-		$incompatibleUserAgents = $config->getSystemValue('csrf.optout');
-
-		// Fallback, if csrf.optout is unset
-		if (!is_array($incompatibleUserAgents)) {
-			$incompatibleUserAgents = [
-				// OS X Finder
-				'/^WebDAVFS/',
-				// Windows webdav drive
-				'/^Microsoft-WebDAV-MiniRedir/',
-			];
-		}
-
-		if ($request->isUserAgent($incompatibleUserAgents)) {
-			return;
-		}
-
-		if (count($_COOKIE) > 0) {
-			$requestUri = $request->getScriptName();
-			$processingScript = explode('/', $requestUri);
-			$processingScript = $processingScript[count($processingScript) - 1];
-
-			// index.php routes are handled in the middleware
-			if ($processingScript === 'index.php') {
-				return;
-			}
-
-			// All other endpoints require the lax and the strict cookie
-			if (!$request->passesStrictCookieCheck()) {
-				self::sendSameSiteCookies();
-				// Debug mode gets access to the resources without strict cookie
-				// due to the fact that the SabreDAV browser also lives there.
-				if (!$config->getSystemValue('debug', false)) {
-					http_response_code(\OCP\AppFramework\Http::STATUS_SERVICE_UNAVAILABLE);
-					exit();
-				}
-			}
-		} elseif (!isset($_COOKIE['nc_sameSiteCookielax']) || !isset($_COOKIE['nc_sameSiteCookiestrict'])) {
-			self::sendSameSiteCookies();
-		}
-	}
-
-	public static function init() {
-		// calculate the root directories
-		OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
-
-		// register autoloader
-		$loaderStart = microtime(true);
-		require_once __DIR__ . '/autoloader.php';
-		self::$loader = new \OC\Autoloader([
-			OC::$SERVERROOT . '/lib/private/legacy',
-		]);
-		if (defined('PHPUNIT_RUN')) {
-			self::$loader->addValidRoot(OC::$SERVERROOT . '/tests');
-		}
-		spl_autoload_register([self::$loader, 'load']);
-		$loaderEnd = microtime(true);
-
-		self::$CLI = (php_sapi_name() == 'cli');
-
-		// Add default composer PSR-4 autoloader
-		self::$composerAutoloader = require_once OC::$SERVERROOT . '/lib/composer/autoload.php';
-
-		try {
-			self::initPaths();
-			// setup 3rdparty autoloader
-			$vendorAutoLoad = OC::$SERVERROOT. '/3rdparty/autoload.php';
-			if (!file_exists($vendorAutoLoad)) {
-				throw new \RuntimeException('Composer autoloader not found, unable to continue. Check the folder "3rdparty". Running "git submodule update --init" will initialize the git submodule that handles the subfolder "3rdparty".');
-			}
-			require_once $vendorAutoLoad;
-		} catch (\RuntimeException $e) {
-			if (!self::$CLI) {
-				http_response_code(503);
-			}
-			// we can't use the template error page here, because this needs the
-			// DI container which isn't available yet
-			print($e->getMessage());
-			exit();
-		}
-
-		// setup the basic server
-		self::$server = new \OC\Server(\OC::$WEBROOT, self::$config);
-		self::$server->boot();
-		$eventLogger = \OC::$server->getEventLogger();
-		$eventLogger->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
-		$eventLogger->start('boot', 'Initialize');
-
-		// Override php.ini and log everything if we're troubleshooting
-		if (self::$config->getValue('loglevel') === ILogger::DEBUG) {
-			error_reporting(E_ALL);
-		}
-
-		// Don't display errors and log them
-		@ini_set('display_errors', '0');
-		@ini_set('log_errors', '1');
-
-		if (!date_default_timezone_set('UTC')) {
-			throw new \RuntimeException('Could not set timezone to UTC');
-		}
-
-		//try to configure php to enable big file uploads.
-		//this doesn´t work always depending on the webserver and php configuration.
-		//Let´s try to overwrite some defaults anyway
-
-		//try to set the maximum execution time to 60min
-		if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-			@set_time_limit(3600);
-		}
-		@ini_set('max_execution_time', '3600');
-		@ini_set('max_input_time', '3600');
-
-		self::setRequiredIniValues();
-		self::handleAuthHeaders();
-		$systemConfig = \OC::$server->get(\OC\SystemConfig::class);
-		self::registerAutoloaderCache($systemConfig);
-
-		// initialize intl fallback if necessary
-		OC_Util::isSetLocaleWorking();
-
-		$config = \OC::$server->get(\OCP\IConfig::class);
-		if (!defined('PHPUNIT_RUN')) {
-			OC\Log\ErrorHandler::setLogger(\OC::$server->getLogger());
-			$debug = $config->getSystemValue('debug', false);
-			OC\Log\ErrorHandler::register($debug);
-		}
-
-		/** @var \OC\AppFramework\Bootstrap\Coordinator $bootstrapCoordinator */
-		$bootstrapCoordinator = \OC::$server->query(\OC\AppFramework\Bootstrap\Coordinator::class);
-		$bootstrapCoordinator->runInitialRegistration();
-
-		$eventLogger->start('init_session', 'Initialize session');
-		OC_App::loadApps(['session']);
-		if (!self::$CLI) {
-			self::initSession();
-		}
-		$eventLogger->end('init_session');
-		self::checkConfig();
-		self::checkInstalled($systemConfig);
-
-		OC_Response::addSecurityHeaders();
-
-		self::performSameSiteCookieProtection($config);
-
-		if (!defined('OC_CONSOLE')) {
-			$errors = OC_Util::checkServer($systemConfig);
-			if (count($errors) > 0) {
-				if (!self::$CLI) {
-					http_response_code(503);
-					OC_Util::addStyle('guest');
-					try {
-						OC_Template::printGuestPage('', 'error', ['errors' => $errors]);
-						exit;
-					} catch (\Exception $e) {
-						// In case any error happens when showing the error page, we simply fall back to posting the text.
-						// This might be the case when e.g. the data directory is broken and we can not load/write SCSS to/from it.
-					}
-				}
-
-				// Convert l10n string into regular string for usage in database
-				$staticErrors = [];
-				foreach ($errors as $error) {
-					echo $error['error'] . "\n";
-					echo $error['hint'] . "\n\n";
-					$staticErrors[] = [
-						'error' => (string)$error['error'],
-						'hint' => (string)$error['hint'],
-					];
-				}
-
-				try {
-					$config->setAppValue('core', 'cronErrors', json_encode($staticErrors));
-				} catch (\Exception $e) {
-					echo('Writing to database failed');
-				}
-				exit(1);
-			} elseif (self::$CLI && $config->getSystemValue('installed', false)) {
-				$config->deleteAppValue('core', 'cronErrors');
-			}
-		}
-		//try to set the session lifetime
-		$sessionLifeTime = self::getSessionLifeTime();
-		@ini_set('gc_maxlifetime', (string)$sessionLifeTime);
-
-		// User and Groups
-		if (!$systemConfig->getValue("installed", false)) {
-			self::$server->getSession()->set('user_id', '');
-		}
-
-		OC_User::useBackend(new \OC\User\Database());
-		\OC::$server->getGroupManager()->addBackend(new \OC\Group\Database());
-
-		// Subscribe to the hook
-		\OCP\Util::connectHook(
-			'\OCA\Files_Sharing\API\Server2Server',
-			'preLoginNameUsedAsUserName',
-			'\OC\User\Database',
-			'preLoginNameUsedAsUserName'
-		);
-
-		//setup extra user backends
-		if (!\OCP\Util::needUpgrade()) {
-			OC_User::setupBackends();
-		} else {
-			// Run upgrades in incognito mode
-			OC_User::setIncognitoMode(true);
-		}
-
-		self::registerCleanupHooks($systemConfig);
-		self::registerFilesystemHooks();
-		self::registerShareHooks($systemConfig);
-		self::registerEncryptionWrapperAndHooks();
-		self::registerAccountHooks();
-		self::registerResourceCollectionHooks();
-		self::registerAppRestrictionsHooks();
-
-		// Make sure that the application class is not loaded before the database is setup
-		if ($systemConfig->getValue("installed", false)) {
-			OC_App::loadApp('settings');
-		}
-
-		//make sure temporary files are cleaned up
-		$tmpManager = \OC::$server->getTempManager();
-		register_shutdown_function([$tmpManager, 'clean']);
-		$lockProvider = \OC::$server->getLockingProvider();
-		register_shutdown_function([$lockProvider, 'releaseAll']);
-
-		// Check whether the sample configuration has been copied
-		if ($systemConfig->getValue('copied_sample_config', false)) {
-			$l = \OC::$server->getL10N('lib');
-			OC_Template::printErrorPage(
-				$l->t('Sample configuration detected'),
-				$l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php'),
-				503
-			);
-			return;
-		}
-
-		$request = \OC::$server->getRequest();
-		$host = $request->getInsecureServerHost();
-		/**
-		 * if the host passed in headers isn't trusted
-		 * FIXME: Should not be in here at all :see_no_evil:
-		 */
-		if (!OC::$CLI
-			&& !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host)
-			&& $config->getSystemValue('installed', false)
-		) {
-			// Allow access to CSS resources
-			$isScssRequest = false;
-			if (strpos($request->getPathInfo(), '/css/') === 0) {
-				$isScssRequest = true;
-			}
-
-			if (substr($request->getRequestUri(), -11) === '/status.php') {
-				http_response_code(400);
-				header('Content-Type: application/json');
-				echo '{"error": "Trusted domain error.", "code": 15}';
-				exit();
-			}
-
-			if (!$isScssRequest) {
-				http_response_code(400);
-
-				\OC::$server->getLogger()->info(
-					'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.',
-					[
-						'app' => 'core',
-						'remoteAddress' => $request->getRemoteAddress(),
-						'host' => $host,
-					]
-				);
-
-				$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
-				$tmpl->assign('docUrl', \OC::$server->getURLGenerator()->linkToDocs('admin-trusted-domains'));
-				$tmpl->printPage();
-
-				exit();
-			}
-		}
-		$eventLogger->end('boot');
-	}
-
-	/**
-	 * register hooks for the cleanup of cache and bruteforce protection
-	 */
-	public static function registerCleanupHooks(\OC\SystemConfig $systemConfig) {
-		//don't try to do this before we are properly setup
-		if ($systemConfig->getValue('installed', false) && !\OCP\Util::needUpgrade()) {
-
-			// NOTE: This will be replaced to use OCP
-			$userSession = self::$server->getUserSession();
-			$userSession->listen('\OC\User', 'postLogin', function () use ($userSession) {
-				if (!defined('PHPUNIT_RUN') && $userSession->isLoggedIn()) {
-					// reset brute force delay for this IP address and username
-					$uid = \OC::$server->getUserSession()->getUser()->getUID();
-					$request = \OC::$server->getRequest();
-					$throttler = \OC::$server->getBruteForceThrottler();
-					$throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
-				}
-
-				try {
-					$cache = new \OC\Cache\File();
-					$cache->gc();
-				} catch (\OC\ServerNotAvailableException $e) {
-					// not a GC exception, pass it on
-					throw $e;
-				} catch (\OC\ForbiddenException $e) {
-					// filesystem blocked for this request, ignore
-				} catch (\Exception $e) {
-					// a GC exception should not prevent users from using OC,
-					// so log the exception
-					\OC::$server->getLogger()->logException($e, [
-						'message' => 'Exception when running cache gc.',
-						'level' => ILogger::WARN,
-						'app' => 'core',
-					]);
-				}
-			});
-		}
-	}
-
-	private static function registerEncryptionWrapperAndHooks() {
-		$manager = self::$server->getEncryptionManager();
-		\OCP\Util::connectHook('OC_Filesystem', 'preSetup', $manager, 'setupStorage');
-
-		$enabled = $manager->isEnabled();
-		if ($enabled) {
-			\OCP\Util::connectHook(Share::class, 'post_shared', HookManager::class, 'postShared');
-			\OCP\Util::connectHook(Share::class, 'post_unshare', HookManager::class, 'postUnshared');
-			\OCP\Util::connectHook('OC_Filesystem', 'post_rename', HookManager::class, 'postRename');
-			\OCP\Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', HookManager::class, 'postRestore');
-		}
-	}
-
-	private static function registerAccountHooks() {
-		/** @var IEventDispatcher $dispatcher */
-		$dispatcher = \OC::$server->get(IEventDispatcher::class);
-		$dispatcher->addServiceListener(UserChangedEvent::class, \OC\Accounts\Hooks::class);
-	}
-
-	private static function registerAppRestrictionsHooks() {
-		/** @var \OC\Group\Manager $groupManager */
-		$groupManager = self::$server->query(\OCP\IGroupManager::class);
-		$groupManager->listen('\OC\Group', 'postDelete', function (\OCP\IGroup $group) {
-			$appManager = self::$server->getAppManager();
-			$apps = $appManager->getEnabledAppsForGroup($group);
-			foreach ($apps as $appId) {
-				$restrictions = $appManager->getAppRestriction($appId);
-				if (empty($restrictions)) {
-					continue;
-				}
-				$key = array_search($group->getGID(), $restrictions);
-				unset($restrictions[$key]);
-				$restrictions = array_values($restrictions);
-				if (empty($restrictions)) {
-					$appManager->disableApp($appId);
-				} else {
-					$appManager->enableAppForGroups($appId, $restrictions);
-				}
-			}
-		});
-	}
-
-	private static function registerResourceCollectionHooks() {
-		\OC\Collaboration\Resources\Listener::register(\OC::$server->getEventDispatcher());
-	}
-
-	/**
-	 * register hooks for the filesystem
-	 */
-	public static function registerFilesystemHooks() {
-		// Check for blacklisted files
-		OC_Hook::connect('OC_Filesystem', 'write', Filesystem::class, 'isBlacklisted');
-		OC_Hook::connect('OC_Filesystem', 'rename', Filesystem::class, 'isBlacklisted');
-	}
-
-	/**
-	 * register hooks for sharing
-	 */
-	public static function registerShareHooks(\OC\SystemConfig $systemConfig) {
-		if ($systemConfig->getValue('installed')) {
-			OC_Hook::connect('OC_User', 'post_deleteUser', Hooks::class, 'post_deleteUser');
-			OC_Hook::connect('OC_User', 'post_deleteGroup', Hooks::class, 'post_deleteGroup');
-
-			/** @var IEventDispatcher $dispatcher */
-			$dispatcher = \OC::$server->get(IEventDispatcher::class);
-			$dispatcher->addServiceListener(UserRemovedEvent::class, \OC\Share20\UserRemovedListener::class);
-		}
-	}
-
-	protected static function registerAutoloaderCache(\OC\SystemConfig $systemConfig) {
-		// The class loader takes an optional low-latency cache, which MUST be
-		// namespaced. The instanceid is used for namespacing, but might be
-		// unavailable at this point. Furthermore, it might not be possible to
-		// generate an instanceid via \OC_Util::getInstanceId() because the
-		// config file may not be writable. As such, we only register a class
-		// loader cache if instanceid is available without trying to create one.
-		$instanceId = $systemConfig->getValue('instanceid', null);
-		if ($instanceId) {
-			try {
-				$memcacheFactory = \OC::$server->getMemCacheFactory();
-				self::$loader->setMemoryCache($memcacheFactory->createLocal('Autoloader'));
-			} catch (\Exception $ex) {
-			}
-		}
-	}
-
-	/**
-	 * Handle the request
-	 */
-	public static function handleRequest() {
-		\OC::$server->getEventLogger()->start('handle_request', 'Handle request');
-		$systemConfig = \OC::$server->getSystemConfig();
-
-		// Check if Nextcloud is installed or in maintenance (update) mode
-		if (!$systemConfig->getValue('installed', false)) {
-			\OC::$server->getSession()->clear();
-			$setupHelper = new OC\Setup(
-				$systemConfig,
-				\OC::$server->get(\bantu\IniGetWrapper\IniGetWrapper::class),
-				\OC::$server->getL10N('lib'),
-				\OC::$server->query(\OCP\Defaults::class),
-				\OC::$server->get(\Psr\Log\LoggerInterface::class),
-				\OC::$server->getSecureRandom(),
-				\OC::$server->query(\OC\Installer::class)
-			);
-			$controller = new OC\Core\Controller\SetupController($setupHelper);
-			$controller->run($_POST);
-			exit();
-		}
-
-		$request = \OC::$server->getRequest();
-		$requestPath = $request->getRawPathInfo();
-		if ($requestPath === '/heartbeat') {
-			return;
-		}
-		if (substr($requestPath, -3) !== '.js') { // we need these files during the upgrade
-			self::checkMaintenanceMode($systemConfig);
-
-			if (\OCP\Util::needUpgrade()) {
-				if (function_exists('opcache_reset')) {
-					opcache_reset();
-				}
-				if (!((bool) $systemConfig->getValue('maintenance', false))) {
-					self::printUpgradePage($systemConfig);
-					exit();
-				}
-			}
-		}
-
-		// emergency app disabling
-		if ($requestPath === '/disableapp'
-			&& $request->getMethod() === 'POST'
-			&& ((array)$request->getParam('appid')) !== ''
-		) {
-			\OC_JSON::callCheck();
-			\OC_JSON::checkAdminUser();
-			$appIds = (array)$request->getParam('appid');
-			foreach ($appIds as $appId) {
-				$appId = \OC_App::cleanAppId($appId);
-				\OC::$server->getAppManager()->disableApp($appId);
-			}
-			\OC_JSON::success();
-			exit();
-		}
-
-		// Always load authentication apps
-		OC_App::loadApps(['authentication']);
-
-		// Load minimum set of apps
-		if (!\OCP\Util::needUpgrade()
-			&& !((bool) $systemConfig->getValue('maintenance', false))) {
-			// For logged-in users: Load everything
-			if (\OC::$server->getUserSession()->isLoggedIn()) {
-				OC_App::loadApps();
-			} else {
-				// For guests: Load only filesystem and logging
-				OC_App::loadApps(['filesystem', 'logging']);
-				self::handleLogin($request);
-			}
-		}
-
-		if (!self::$CLI) {
-			try {
-				if (!((bool) $systemConfig->getValue('maintenance', false)) && !\OCP\Util::needUpgrade()) {
-					OC_App::loadApps(['filesystem', 'logging']);
-					OC_App::loadApps();
-				}
-				OC::$server->get(\OC\Route\Router::class)->match($request->getRawPathInfo());
-				return;
-			} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
-				//header('HTTP/1.0 404 Not Found');
-			} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
-				http_response_code(405);
-				return;
-			}
-		}
-
-		// Handle WebDAV
-		if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'PROPFIND') {
-			// not allowed any more to prevent people
-			// mounting this root directly.
-			// Users need to mount remote.php/webdav instead.
-			http_response_code(405);
-			return;
-		}
-
-		// Someone is logged in
-		if (\OC::$server->getUserSession()->isLoggedIn()) {
-			OC_App::loadApps();
-			OC_User::setupBackends();
-			OC_Util::setupFS();
-			// FIXME
-			// Redirect to default application
-			OC_Util::redirectToDefaultPage();
-		} else {
-			// Not handled and not logged in
-			header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute('core.login.showLoginForm'));
-		}
-	}
-
-	/**
-	 * Check login: apache auth, auth token, basic auth
-	 *
-	 * @param OCP\IRequest $request
-	 * @return boolean
-	 */
-	public static function handleLogin(OCP\IRequest $request) {
-		$userSession = self::$server->getUserSession();
-		if (OC_User::handleApacheAuth()) {
-			return true;
-		}
-		if ($userSession->tryTokenLogin($request)) {
-			return true;
-		}
-		if (isset($_COOKIE['nc_username'])
-			&& isset($_COOKIE['nc_token'])
-			&& isset($_COOKIE['nc_session_id'])
-			&& $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) {
-			return true;
-		}
-		if ($userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
-			return true;
-		}
-		return false;
-	}
-
-	protected static function handleAuthHeaders() {
-		//copy http auth headers for apache+php-fcgid work around
-		if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
-			$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
-		}
-
-		// Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
-		$vars = [
-			'HTTP_AUTHORIZATION', // apache+php-cgi work around
-			'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
-		];
-		foreach ($vars as $var) {
-			if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
-				$credentials = explode(':', base64_decode($matches[1]), 2);
-				if (count($credentials) === 2) {
-					$_SERVER['PHP_AUTH_USER'] = $credentials[0];
-					$_SERVER['PHP_AUTH_PW'] = $credentials[1];
-					break;
-				}
-			}
-		}
-	}
+    /**
+     * Associative array for autoloading. classname => filename
+     */
+    public static $CLASSPATH = [];
+    /**
+     * The installation path for Nextcloud  on the server (e.g. /srv/http/nextcloud)
+     */
+    public static $SERVERROOT = '';
+    /**
+     * the current request path relative to the Nextcloud root (e.g. files/index.php)
+     */
+    private static $SUBURI = '';
+    /**
+     * the Nextcloud root path for http requests (e.g. nextcloud/)
+     */
+    public static $WEBROOT = '';
+    /**
+     * The installation path array of the apps folder on the server (e.g. /srv/http/nextcloud) 'path' and
+     * web path in 'url'
+     */
+    public static $APPSROOTS = [];
+
+    /**
+     * @var string
+     */
+    public static $configDir;
+
+    /**
+     * requested app
+     */
+    public static $REQUESTEDAPP = '';
+
+    /**
+     * check if Nextcloud runs in cli mode
+     */
+    public static $CLI = false;
+
+    /**
+     * @var \OC\Autoloader $loader
+     */
+    public static $loader = null;
+
+    /** @var \Composer\Autoload\ClassLoader $composerAutoloader */
+    public static $composerAutoloader = null;
+
+    /**
+     * @var \OC\Server
+     */
+    public static $server = null;
+
+    /**
+     * @var \OC\Config
+     */
+    private static $config = null;
+
+    /**
+     * @throws \RuntimeException when the 3rdparty directory is missing or
+     * the app path list is empty or contains an invalid path
+     */
+    public static function initPaths() {
+        if (defined('PHPUNIT_CONFIG_DIR')) {
+            self::$configDir = OC::$SERVERROOT . '/' . PHPUNIT_CONFIG_DIR . '/';
+        } elseif (defined('PHPUNIT_RUN') and PHPUNIT_RUN and is_dir(OC::$SERVERROOT . '/tests/config/')) {
+            self::$configDir = OC::$SERVERROOT . '/tests/config/';
+        } elseif ($dir = getenv('NEXTCLOUD_CONFIG_DIR')) {
+            self::$configDir = rtrim($dir, '/') . '/';
+        } else {
+            self::$configDir = OC::$SERVERROOT . '/config/';
+        }
+        self::$config = new \OC\Config(self::$configDir);
+
+        OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
+        /**
+         * FIXME: The following lines are required because we can't yet instantiate
+         *        \OC::$server->getRequest() since \OC::$server does not yet exist.
+         */
+        $params = [
+            'server' => [
+                'SCRIPT_NAME' => $_SERVER['SCRIPT_NAME'],
+                'SCRIPT_FILENAME' => $_SERVER['SCRIPT_FILENAME'],
+            ],
+        ];
+        $fakeRequest = new \OC\AppFramework\Http\Request($params, new \OC\Security\SecureRandom(), new \OC\AllConfig(new \OC\SystemConfig(self::$config)));
+        $scriptName = $fakeRequest->getScriptName();
+        if (substr($scriptName, -1) == '/') {
+            $scriptName .= 'index.php';
+            //make sure suburi follows the same rules as scriptName
+            if (substr(OC::$SUBURI, -9) != 'index.php') {
+                if (substr(OC::$SUBURI, -1) != '/') {
+                    OC::$SUBURI = OC::$SUBURI . '/';
+                }
+                OC::$SUBURI = OC::$SUBURI . 'index.php';
+            }
+        }
+
+
+        if (OC::$CLI) {
+            OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
+        } else {
+            if (substr($scriptName, 0 - strlen(OC::$SUBURI)) === OC::$SUBURI) {
+                OC::$WEBROOT = substr($scriptName, 0, 0 - strlen(OC::$SUBURI));
+
+                if (OC::$WEBROOT != '' && OC::$WEBROOT[0] !== '/') {
+                    OC::$WEBROOT = '/' . OC::$WEBROOT;
+                }
+            } else {
+                // The scriptName is not ending with OC::$SUBURI
+                // This most likely means that we are calling from CLI.
+                // However some cron jobs still need to generate
+                // a web URL, so we use overwritewebroot as a fallback.
+                OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
+            }
+
+            // Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
+            // slash which is required by URL generation.
+            if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
+                    substr($_SERVER['REQUEST_URI'], -1) !== '/') {
+                header('Location: '.\OC::$WEBROOT.'/');
+                exit();
+            }
+        }
+
+        // search the apps folder
+        $config_paths = self::$config->getValue('apps_paths', []);
+        if (!empty($config_paths)) {
+            foreach ($config_paths as $paths) {
+                if (isset($paths['url']) && isset($paths['path'])) {
+                    $paths['url'] = rtrim($paths['url'], '/');
+                    $paths['path'] = rtrim($paths['path'], '/');
+                    OC::$APPSROOTS[] = $paths;
+                }
+            }
+        } elseif (file_exists(OC::$SERVERROOT . '/apps')) {
+            OC::$APPSROOTS[] = ['path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true];
+        }
+
+        if (empty(OC::$APPSROOTS)) {
+            throw new \RuntimeException('apps directory not found! Please put the Nextcloud apps folder in the Nextcloud folder'
+                . '. You can also configure the location in the config.php file.');
+        }
+        $paths = [];
+        foreach (OC::$APPSROOTS as $path) {
+            $paths[] = $path['path'];
+            if (!is_dir($path['path'])) {
+                throw new \RuntimeException(sprintf('App directory "%s" not found! Please put the Nextcloud apps folder in the'
+                    . ' Nextcloud folder. You can also configure the location in the config.php file.', $path['path']));
+            }
+        }
+
+        // set the right include path
+        set_include_path(
+            implode(PATH_SEPARATOR, $paths)
+        );
+    }
+
+    public static function checkConfig() {
+        $l = \OC::$server->getL10N('lib');
+
+        // Create config if it does not already exist
+        $configFilePath = self::$configDir .'/config.php';
+        if (!file_exists($configFilePath)) {
+            @touch($configFilePath);
+        }
+
+        // Check if config is writable
+        $configFileWritable = is_writable($configFilePath);
+        if (!$configFileWritable && !OC_Helper::isReadOnlyConfigEnabled()
+            || !$configFileWritable && \OCP\Util::needUpgrade()) {
+            $urlGenerator = \OC::$server->getURLGenerator();
+
+            if (self::$CLI) {
+                echo $l->t('Cannot write into "config" directory!')."\n";
+                echo $l->t('This can usually be fixed by giving the webserver write access to the config directory.')."\n";
+                echo "\n";
+                echo $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.')."\n";
+                echo $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ])."\n";
+                exit;
+            } else {
+                OC_Template::printErrorPage(
+                    $l->t('Cannot write into "config" directory!'),
+                    $l->t('This can usually be fixed by giving the webserver write access to the config directory.') . ' '
+                    . $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.') . ' '
+                    . $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ]),
+                    503
+                );
+            }
+        }
+    }
+
+    public static function checkInstalled(\OC\SystemConfig $systemConfig) {
+        if (defined('OC_CONSOLE')) {
+            return;
+        }
+        // Redirect to installer if not installed
+        if (!$systemConfig->getValue('installed', false) && OC::$SUBURI !== '/index.php' && OC::$SUBURI !== '/status.php') {
+            if (OC::$CLI) {
+                throw new Exception('Not installed');
+            } else {
+                $url = OC::$WEBROOT . '/index.php';
+                header('Location: ' . $url);
+            }
+            exit();
+        }
+    }
+
+    public static function checkMaintenanceMode(\OC\SystemConfig $systemConfig) {
+        // Allow ajax update script to execute without being stopped
+        if (((bool) $systemConfig->getValue('maintenance', false)) && OC::$SUBURI != '/core/ajax/update.php') {
+            // send http status 503
+            http_response_code(503);
+            header('Retry-After: 120');
+
+            // render error page
+            $template = new OC_Template('', 'update.user', 'guest');
+            OC_Util::addScript('dist/maintenance');
+            OC_Util::addStyle('core', 'guest');
+            $template->printPage();
+            die();
+        }
+    }
+
+    /**
+     * Prints the upgrade page
+     *
+     * @param \OC\SystemConfig $systemConfig
+     */
+    private static function printUpgradePage(\OC\SystemConfig $systemConfig) {
+        $disableWebUpdater = $systemConfig->getValue('upgrade.disable-web', false);
+        $tooBig = false;
+        if (!$disableWebUpdater) {
+            $apps = \OC::$server->getAppManager();
+            if ($apps->isInstalled('user_ldap')) {
+                $qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+
+                $result = $qb->select($qb->func()->count('*', 'user_count'))
+                    ->from('ldap_user_mapping')
+                    ->execute();
+                $row = $result->fetch();
+                $result->closeCursor();
+
+                $tooBig = ($row['user_count'] > 50);
+            }
+            if (!$tooBig && $apps->isInstalled('user_saml')) {
+                $qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+
+                $result = $qb->select($qb->func()->count('*', 'user_count'))
+                    ->from('user_saml_users')
+                    ->execute();
+                $row = $result->fetch();
+                $result->closeCursor();
+
+                $tooBig = ($row['user_count'] > 50);
+            }
+            if (!$tooBig) {
+                // count users
+                $stats = \OC::$server->getUserManager()->countUsers();
+                $totalUsers = array_sum($stats);
+                $tooBig = ($totalUsers > 50);
+            }
+        }
+        $ignoreTooBigWarning = isset($_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup']) &&
+            $_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup'] === 'IAmSuperSureToDoThis';
+
+        if ($disableWebUpdater || ($tooBig && !$ignoreTooBigWarning)) {
+            // send http status 503
+            http_response_code(503);
+            header('Retry-After: 120');
+
+            // render error page
+            $template = new OC_Template('', 'update.use-cli', 'guest');
+            $template->assign('productName', 'nextcloud'); // for now
+            $template->assign('version', OC_Util::getVersionString());
+            $template->assign('tooBig', $tooBig);
+
+            $template->printPage();
+            die();
+        }
+
+        // check whether this is a core update or apps update
+        $installedVersion = $systemConfig->getValue('version', '0.0.0');
+        $currentVersion = implode('.', \OCP\Util::getVersion());
+
+        // if not a core upgrade, then it's apps upgrade
+        $isAppsOnlyUpgrade = version_compare($currentVersion, $installedVersion, '=');
+
+        $oldTheme = $systemConfig->getValue('theme');
+        $systemConfig->setValue('theme', '');
+        OC_Util::addScript('update');
+
+        /** @var \OC\App\AppManager $appManager */
+        $appManager = \OC::$server->getAppManager();
+
+        $tmpl = new OC_Template('', 'update.admin', 'guest');
+        $tmpl->assign('version', OC_Util::getVersionString());
+        $tmpl->assign('isAppsOnlyUpgrade', $isAppsOnlyUpgrade);
+
+        // get third party apps
+        $ocVersion = \OCP\Util::getVersion();
+        $ocVersion = implode('.', $ocVersion);
+        $incompatibleApps = $appManager->getIncompatibleApps($ocVersion);
+        $incompatibleShippedApps = [];
+        foreach ($incompatibleApps as $appInfo) {
+            if ($appManager->isShipped($appInfo['id'])) {
+                $incompatibleShippedApps[] = $appInfo['name'] . ' (' . $appInfo['id'] . ')';
+            }
+        }
+
+        if (!empty($incompatibleShippedApps)) {
+            $l = \OC::$server->getL10N('core');
+            $hint = $l->t('The files of the app %1$s were not replaced correctly. Make sure it is a version compatible with the server.', [implode(', ', $incompatibleShippedApps)]);
+            throw new \OC\HintException('The files of the app ' . implode(', ', $incompatibleShippedApps) . ' were not replaced correctly. Make sure it is a version compatible with the server.', $hint);
+        }
+
+        $tmpl->assign('appsToUpgrade', $appManager->getAppsNeedingUpgrade($ocVersion));
+        $tmpl->assign('incompatibleAppsList', $incompatibleApps);
+        try {
+            $defaults = new \OC_Defaults();
+            $tmpl->assign('productName', $defaults->getName());
+        } catch (Throwable $error) {
+            $tmpl->assign('productName', 'Nextcloud');
+        }
+        $tmpl->assign('oldTheme', $oldTheme);
+        $tmpl->printPage();
+    }
+
+    public static function initSession() {
+        if (self::$server->getRequest()->getServerProtocol() === 'https') {
+            ini_set('session.cookie_secure', 'true');
+        }
+
+        // prevents javascript from accessing php session cookies
+        ini_set('session.cookie_httponly', 'true');
+
+        // set the cookie path to the Nextcloud directory
+        $cookie_path = OC::$WEBROOT ? : '/';
+        ini_set('session.cookie_path', $cookie_path);
+
+        // Let the session name be changed in the initSession Hook
+        $sessionName = OC_Util::getInstanceId();
+
+        try {
+            // set the session name to the instance id - which is unique
+            $session = new \OC\Session\Internal($sessionName);
+
+            $cryptoWrapper = \OC::$server->getSessionCryptoWrapper();
+            $session = $cryptoWrapper->wrapSession($session);
+            self::$server->setSession($session);
+
+            // if session can't be started break with http 500 error
+        } catch (Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'base']);
+            //show the user a detailed error page
+            OC_Template::printExceptionErrorPage($e, 500);
+            die();
+        }
+
+        $sessionLifeTime = self::getSessionLifeTime();
+
+        // session timeout
+        if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) {
+            if (isset($_COOKIE[session_name()])) {
+                setcookie(session_name(), '', -1, self::$WEBROOT ? : '/');
+            }
+            \OC::$server->getUserSession()->logout();
+        }
+
+        $session->set('LAST_ACTIVITY', time());
+    }
+
+    /**
+     * @return string
+     */
+    private static function getSessionLifeTime() {
+        return \OC::$server->getConfig()->getSystemValue('session_lifetime', 60 * 60 * 24);
+    }
+
+    /**
+     * Try to set some values to the required Nextcloud default
+     */
+    public static function setRequiredIniValues() {
+        @ini_set('default_charset', 'UTF-8');
+        @ini_set('gd.jpeg_ignore_warning', '1');
+    }
+
+    /**
+     * Send the same site cookies
+     */
+    private static function sendSameSiteCookies() {
+        $cookieParams = session_get_cookie_params();
+        $secureCookie = ($cookieParams['secure'] === true) ? 'secure; ' : '';
+        $policies = [
+            'lax',
+            'strict',
+        ];
+
+        // Append __Host to the cookie if it meets the requirements
+        $cookiePrefix = '';
+        if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') {
+            $cookiePrefix = '__Host-';
+        }
+
+        foreach ($policies as $policy) {
+            header(
+                sprintf(
+                    'Set-Cookie: %snc_sameSiteCookie%s=true; path=%s; httponly;' . $secureCookie . 'expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=%s',
+                    $cookiePrefix,
+                    $policy,
+                    $cookieParams['path'],
+                    $policy
+                ),
+                false
+            );
+        }
+    }
+
+    /**
+     * Same Site cookie to further mitigate CSRF attacks. This cookie has to
+     * be set in every request if cookies are sent to add a second level of
+     * defense against CSRF.
+     *
+     * If the cookie is not sent this will set the cookie and reload the page.
+     * We use an additional cookie since we want to protect logout CSRF and
+     * also we can't directly interfere with PHP's session mechanism.
+     */
+    private static function performSameSiteCookieProtection(\OCP\IConfig $config) {
+        $request = \OC::$server->getRequest();
+
+        // Some user agents are notorious and don't really properly follow HTTP
+        // specifications. For those, have an automated opt-out. Since the protection
+        // for remote.php is applied in base.php as starting point we need to opt out
+        // here.
+        $incompatibleUserAgents = $config->getSystemValue('csrf.optout');
+
+        // Fallback, if csrf.optout is unset
+        if (!is_array($incompatibleUserAgents)) {
+            $incompatibleUserAgents = [
+                // OS X Finder
+                '/^WebDAVFS/',
+                // Windows webdav drive
+                '/^Microsoft-WebDAV-MiniRedir/',
+            ];
+        }
+
+        if ($request->isUserAgent($incompatibleUserAgents)) {
+            return;
+        }
+
+        if (count($_COOKIE) > 0) {
+            $requestUri = $request->getScriptName();
+            $processingScript = explode('/', $requestUri);
+            $processingScript = $processingScript[count($processingScript) - 1];
+
+            // index.php routes are handled in the middleware
+            if ($processingScript === 'index.php') {
+                return;
+            }
+
+            // All other endpoints require the lax and the strict cookie
+            if (!$request->passesStrictCookieCheck()) {
+                self::sendSameSiteCookies();
+                // Debug mode gets access to the resources without strict cookie
+                // due to the fact that the SabreDAV browser also lives there.
+                if (!$config->getSystemValue('debug', false)) {
+                    http_response_code(\OCP\AppFramework\Http::STATUS_SERVICE_UNAVAILABLE);
+                    exit();
+                }
+            }
+        } elseif (!isset($_COOKIE['nc_sameSiteCookielax']) || !isset($_COOKIE['nc_sameSiteCookiestrict'])) {
+            self::sendSameSiteCookies();
+        }
+    }
+
+    public static function init() {
+        // calculate the root directories
+        OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
+
+        // register autoloader
+        $loaderStart = microtime(true);
+        require_once __DIR__ . '/autoloader.php';
+        self::$loader = new \OC\Autoloader([
+            OC::$SERVERROOT . '/lib/private/legacy',
+        ]);
+        if (defined('PHPUNIT_RUN')) {
+            self::$loader->addValidRoot(OC::$SERVERROOT . '/tests');
+        }
+        spl_autoload_register([self::$loader, 'load']);
+        $loaderEnd = microtime(true);
+
+        self::$CLI = (php_sapi_name() == 'cli');
+
+        // Add default composer PSR-4 autoloader
+        self::$composerAutoloader = require_once OC::$SERVERROOT . '/lib/composer/autoload.php';
+
+        try {
+            self::initPaths();
+            // setup 3rdparty autoloader
+            $vendorAutoLoad = OC::$SERVERROOT. '/3rdparty/autoload.php';
+            if (!file_exists($vendorAutoLoad)) {
+                throw new \RuntimeException('Composer autoloader not found, unable to continue. Check the folder "3rdparty". Running "git submodule update --init" will initialize the git submodule that handles the subfolder "3rdparty".');
+            }
+            require_once $vendorAutoLoad;
+        } catch (\RuntimeException $e) {
+            if (!self::$CLI) {
+                http_response_code(503);
+            }
+            // we can't use the template error page here, because this needs the
+            // DI container which isn't available yet
+            print($e->getMessage());
+            exit();
+        }
+
+        // setup the basic server
+        self::$server = new \OC\Server(\OC::$WEBROOT, self::$config);
+        self::$server->boot();
+        $eventLogger = \OC::$server->getEventLogger();
+        $eventLogger->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
+        $eventLogger->start('boot', 'Initialize');
+
+        // Override php.ini and log everything if we're troubleshooting
+        if (self::$config->getValue('loglevel') === ILogger::DEBUG) {
+            error_reporting(E_ALL);
+        }
+
+        // Don't display errors and log them
+        @ini_set('display_errors', '0');
+        @ini_set('log_errors', '1');
+
+        if (!date_default_timezone_set('UTC')) {
+            throw new \RuntimeException('Could not set timezone to UTC');
+        }
+
+        //try to configure php to enable big file uploads.
+        //this doesn´t work always depending on the webserver and php configuration.
+        //Let´s try to overwrite some defaults anyway
+
+        //try to set the maximum execution time to 60min
+        if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
+            @set_time_limit(3600);
+        }
+        @ini_set('max_execution_time', '3600');
+        @ini_set('max_input_time', '3600');
+
+        self::setRequiredIniValues();
+        self::handleAuthHeaders();
+        $systemConfig = \OC::$server->get(\OC\SystemConfig::class);
+        self::registerAutoloaderCache($systemConfig);
+
+        // initialize intl fallback if necessary
+        OC_Util::isSetLocaleWorking();
+
+        $config = \OC::$server->get(\OCP\IConfig::class);
+        if (!defined('PHPUNIT_RUN')) {
+            OC\Log\ErrorHandler::setLogger(\OC::$server->getLogger());
+            $debug = $config->getSystemValue('debug', false);
+            OC\Log\ErrorHandler::register($debug);
+        }
+
+        /** @var \OC\AppFramework\Bootstrap\Coordinator $bootstrapCoordinator */
+        $bootstrapCoordinator = \OC::$server->query(\OC\AppFramework\Bootstrap\Coordinator::class);
+        $bootstrapCoordinator->runInitialRegistration();
+
+        $eventLogger->start('init_session', 'Initialize session');
+        OC_App::loadApps(['session']);
+        if (!self::$CLI) {
+            self::initSession();
+        }
+        $eventLogger->end('init_session');
+        self::checkConfig();
+        self::checkInstalled($systemConfig);
+
+        OC_Response::addSecurityHeaders();
+
+        self::performSameSiteCookieProtection($config);
+
+        if (!defined('OC_CONSOLE')) {
+            $errors = OC_Util::checkServer($systemConfig);
+            if (count($errors) > 0) {
+                if (!self::$CLI) {
+                    http_response_code(503);
+                    OC_Util::addStyle('guest');
+                    try {
+                        OC_Template::printGuestPage('', 'error', ['errors' => $errors]);
+                        exit;
+                    } catch (\Exception $e) {
+                        // In case any error happens when showing the error page, we simply fall back to posting the text.
+                        // This might be the case when e.g. the data directory is broken and we can not load/write SCSS to/from it.
+                    }
+                }
+
+                // Convert l10n string into regular string for usage in database
+                $staticErrors = [];
+                foreach ($errors as $error) {
+                    echo $error['error'] . "\n";
+                    echo $error['hint'] . "\n\n";
+                    $staticErrors[] = [
+                        'error' => (string)$error['error'],
+                        'hint' => (string)$error['hint'],
+                    ];
+                }
+
+                try {
+                    $config->setAppValue('core', 'cronErrors', json_encode($staticErrors));
+                } catch (\Exception $e) {
+                    echo('Writing to database failed');
+                }
+                exit(1);
+            } elseif (self::$CLI && $config->getSystemValue('installed', false)) {
+                $config->deleteAppValue('core', 'cronErrors');
+            }
+        }
+        //try to set the session lifetime
+        $sessionLifeTime = self::getSessionLifeTime();
+        @ini_set('gc_maxlifetime', (string)$sessionLifeTime);
+
+        // User and Groups
+        if (!$systemConfig->getValue("installed", false)) {
+            self::$server->getSession()->set('user_id', '');
+        }
+
+        OC_User::useBackend(new \OC\User\Database());
+        \OC::$server->getGroupManager()->addBackend(new \OC\Group\Database());
+
+        // Subscribe to the hook
+        \OCP\Util::connectHook(
+            '\OCA\Files_Sharing\API\Server2Server',
+            'preLoginNameUsedAsUserName',
+            '\OC\User\Database',
+            'preLoginNameUsedAsUserName'
+        );
+
+        //setup extra user backends
+        if (!\OCP\Util::needUpgrade()) {
+            OC_User::setupBackends();
+        } else {
+            // Run upgrades in incognito mode
+            OC_User::setIncognitoMode(true);
+        }
+
+        self::registerCleanupHooks($systemConfig);
+        self::registerFilesystemHooks();
+        self::registerShareHooks($systemConfig);
+        self::registerEncryptionWrapperAndHooks();
+        self::registerAccountHooks();
+        self::registerResourceCollectionHooks();
+        self::registerAppRestrictionsHooks();
+
+        // Make sure that the application class is not loaded before the database is setup
+        if ($systemConfig->getValue("installed", false)) {
+            OC_App::loadApp('settings');
+        }
+
+        //make sure temporary files are cleaned up
+        $tmpManager = \OC::$server->getTempManager();
+        register_shutdown_function([$tmpManager, 'clean']);
+        $lockProvider = \OC::$server->getLockingProvider();
+        register_shutdown_function([$lockProvider, 'releaseAll']);
+
+        // Check whether the sample configuration has been copied
+        if ($systemConfig->getValue('copied_sample_config', false)) {
+            $l = \OC::$server->getL10N('lib');
+            OC_Template::printErrorPage(
+                $l->t('Sample configuration detected'),
+                $l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php'),
+                503
+            );
+            return;
+        }
+
+        $request = \OC::$server->getRequest();
+        $host = $request->getInsecureServerHost();
+        /**
+         * if the host passed in headers isn't trusted
+         * FIXME: Should not be in here at all :see_no_evil:
+         */
+        if (!OC::$CLI
+            && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host)
+            && $config->getSystemValue('installed', false)
+        ) {
+            // Allow access to CSS resources
+            $isScssRequest = false;
+            if (strpos($request->getPathInfo(), '/css/') === 0) {
+                $isScssRequest = true;
+            }
+
+            if (substr($request->getRequestUri(), -11) === '/status.php') {
+                http_response_code(400);
+                header('Content-Type: application/json');
+                echo '{"error": "Trusted domain error.", "code": 15}';
+                exit();
+            }
+
+            if (!$isScssRequest) {
+                http_response_code(400);
+
+                \OC::$server->getLogger()->info(
+                    'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.',
+                    [
+                        'app' => 'core',
+                        'remoteAddress' => $request->getRemoteAddress(),
+                        'host' => $host,
+                    ]
+                );
+
+                $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
+                $tmpl->assign('docUrl', \OC::$server->getURLGenerator()->linkToDocs('admin-trusted-domains'));
+                $tmpl->printPage();
+
+                exit();
+            }
+        }
+        $eventLogger->end('boot');
+    }
+
+    /**
+     * register hooks for the cleanup of cache and bruteforce protection
+     */
+    public static function registerCleanupHooks(\OC\SystemConfig $systemConfig) {
+        //don't try to do this before we are properly setup
+        if ($systemConfig->getValue('installed', false) && !\OCP\Util::needUpgrade()) {
+
+            // NOTE: This will be replaced to use OCP
+            $userSession = self::$server->getUserSession();
+            $userSession->listen('\OC\User', 'postLogin', function () use ($userSession) {
+                if (!defined('PHPUNIT_RUN') && $userSession->isLoggedIn()) {
+                    // reset brute force delay for this IP address and username
+                    $uid = \OC::$server->getUserSession()->getUser()->getUID();
+                    $request = \OC::$server->getRequest();
+                    $throttler = \OC::$server->getBruteForceThrottler();
+                    $throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
+                }
+
+                try {
+                    $cache = new \OC\Cache\File();
+                    $cache->gc();
+                } catch (\OC\ServerNotAvailableException $e) {
+                    // not a GC exception, pass it on
+                    throw $e;
+                } catch (\OC\ForbiddenException $e) {
+                    // filesystem blocked for this request, ignore
+                } catch (\Exception $e) {
+                    // a GC exception should not prevent users from using OC,
+                    // so log the exception
+                    \OC::$server->getLogger()->logException($e, [
+                        'message' => 'Exception when running cache gc.',
+                        'level' => ILogger::WARN,
+                        'app' => 'core',
+                    ]);
+                }
+            });
+        }
+    }
+
+    private static function registerEncryptionWrapperAndHooks() {
+        $manager = self::$server->getEncryptionManager();
+        \OCP\Util::connectHook('OC_Filesystem', 'preSetup', $manager, 'setupStorage');
+
+        $enabled = $manager->isEnabled();
+        if ($enabled) {
+            \OCP\Util::connectHook(Share::class, 'post_shared', HookManager::class, 'postShared');
+            \OCP\Util::connectHook(Share::class, 'post_unshare', HookManager::class, 'postUnshared');
+            \OCP\Util::connectHook('OC_Filesystem', 'post_rename', HookManager::class, 'postRename');
+            \OCP\Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', HookManager::class, 'postRestore');
+        }
+    }
+
+    private static function registerAccountHooks() {
+        /** @var IEventDispatcher $dispatcher */
+        $dispatcher = \OC::$server->get(IEventDispatcher::class);
+        $dispatcher->addServiceListener(UserChangedEvent::class, \OC\Accounts\Hooks::class);
+    }
+
+    private static function registerAppRestrictionsHooks() {
+        /** @var \OC\Group\Manager $groupManager */
+        $groupManager = self::$server->query(\OCP\IGroupManager::class);
+        $groupManager->listen('\OC\Group', 'postDelete', function (\OCP\IGroup $group) {
+            $appManager = self::$server->getAppManager();
+            $apps = $appManager->getEnabledAppsForGroup($group);
+            foreach ($apps as $appId) {
+                $restrictions = $appManager->getAppRestriction($appId);
+                if (empty($restrictions)) {
+                    continue;
+                }
+                $key = array_search($group->getGID(), $restrictions);
+                unset($restrictions[$key]);
+                $restrictions = array_values($restrictions);
+                if (empty($restrictions)) {
+                    $appManager->disableApp($appId);
+                } else {
+                    $appManager->enableAppForGroups($appId, $restrictions);
+                }
+            }
+        });
+    }
+
+    private static function registerResourceCollectionHooks() {
+        \OC\Collaboration\Resources\Listener::register(\OC::$server->getEventDispatcher());
+    }
+
+    /**
+     * register hooks for the filesystem
+     */
+    public static function registerFilesystemHooks() {
+        // Check for blacklisted files
+        OC_Hook::connect('OC_Filesystem', 'write', Filesystem::class, 'isBlacklisted');
+        OC_Hook::connect('OC_Filesystem', 'rename', Filesystem::class, 'isBlacklisted');
+    }
+
+    /**
+     * register hooks for sharing
+     */
+    public static function registerShareHooks(\OC\SystemConfig $systemConfig) {
+        if ($systemConfig->getValue('installed')) {
+            OC_Hook::connect('OC_User', 'post_deleteUser', Hooks::class, 'post_deleteUser');
+            OC_Hook::connect('OC_User', 'post_deleteGroup', Hooks::class, 'post_deleteGroup');
+
+            /** @var IEventDispatcher $dispatcher */
+            $dispatcher = \OC::$server->get(IEventDispatcher::class);
+            $dispatcher->addServiceListener(UserRemovedEvent::class, \OC\Share20\UserRemovedListener::class);
+        }
+    }
+
+    protected static function registerAutoloaderCache(\OC\SystemConfig $systemConfig) {
+        // The class loader takes an optional low-latency cache, which MUST be
+        // namespaced. The instanceid is used for namespacing, but might be
+        // unavailable at this point. Furthermore, it might not be possible to
+        // generate an instanceid via \OC_Util::getInstanceId() because the
+        // config file may not be writable. As such, we only register a class
+        // loader cache if instanceid is available without trying to create one.
+        $instanceId = $systemConfig->getValue('instanceid', null);
+        if ($instanceId) {
+            try {
+                $memcacheFactory = \OC::$server->getMemCacheFactory();
+                self::$loader->setMemoryCache($memcacheFactory->createLocal('Autoloader'));
+            } catch (\Exception $ex) {
+            }
+        }
+    }
+
+    /**
+     * Handle the request
+     */
+    public static function handleRequest() {
+        \OC::$server->getEventLogger()->start('handle_request', 'Handle request');
+        $systemConfig = \OC::$server->getSystemConfig();
+
+        // Check if Nextcloud is installed or in maintenance (update) mode
+        if (!$systemConfig->getValue('installed', false)) {
+            \OC::$server->getSession()->clear();
+            $setupHelper = new OC\Setup(
+                $systemConfig,
+                \OC::$server->get(\bantu\IniGetWrapper\IniGetWrapper::class),
+                \OC::$server->getL10N('lib'),
+                \OC::$server->query(\OCP\Defaults::class),
+                \OC::$server->get(\Psr\Log\LoggerInterface::class),
+                \OC::$server->getSecureRandom(),
+                \OC::$server->query(\OC\Installer::class)
+            );
+            $controller = new OC\Core\Controller\SetupController($setupHelper);
+            $controller->run($_POST);
+            exit();
+        }
+
+        $request = \OC::$server->getRequest();
+        $requestPath = $request->getRawPathInfo();
+        if ($requestPath === '/heartbeat') {
+            return;
+        }
+        if (substr($requestPath, -3) !== '.js') { // we need these files during the upgrade
+            self::checkMaintenanceMode($systemConfig);
+
+            if (\OCP\Util::needUpgrade()) {
+                if (function_exists('opcache_reset')) {
+                    opcache_reset();
+                }
+                if (!((bool) $systemConfig->getValue('maintenance', false))) {
+                    self::printUpgradePage($systemConfig);
+                    exit();
+                }
+            }
+        }
+
+        // emergency app disabling
+        if ($requestPath === '/disableapp'
+            && $request->getMethod() === 'POST'
+            && ((array)$request->getParam('appid')) !== ''
+        ) {
+            \OC_JSON::callCheck();
+            \OC_JSON::checkAdminUser();
+            $appIds = (array)$request->getParam('appid');
+            foreach ($appIds as $appId) {
+                $appId = \OC_App::cleanAppId($appId);
+                \OC::$server->getAppManager()->disableApp($appId);
+            }
+            \OC_JSON::success();
+            exit();
+        }
+
+        // Always load authentication apps
+        OC_App::loadApps(['authentication']);
+
+        // Load minimum set of apps
+        if (!\OCP\Util::needUpgrade()
+            && !((bool) $systemConfig->getValue('maintenance', false))) {
+            // For logged-in users: Load everything
+            if (\OC::$server->getUserSession()->isLoggedIn()) {
+                OC_App::loadApps();
+            } else {
+                // For guests: Load only filesystem and logging
+                OC_App::loadApps(['filesystem', 'logging']);
+                self::handleLogin($request);
+            }
+        }
+
+        if (!self::$CLI) {
+            try {
+                if (!((bool) $systemConfig->getValue('maintenance', false)) && !\OCP\Util::needUpgrade()) {
+                    OC_App::loadApps(['filesystem', 'logging']);
+                    OC_App::loadApps();
+                }
+                OC::$server->get(\OC\Route\Router::class)->match($request->getRawPathInfo());
+                return;
+            } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
+                //header('HTTP/1.0 404 Not Found');
+            } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
+                http_response_code(405);
+                return;
+            }
+        }
+
+        // Handle WebDAV
+        if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'PROPFIND') {
+            // not allowed any more to prevent people
+            // mounting this root directly.
+            // Users need to mount remote.php/webdav instead.
+            http_response_code(405);
+            return;
+        }
+
+        // Someone is logged in
+        if (\OC::$server->getUserSession()->isLoggedIn()) {
+            OC_App::loadApps();
+            OC_User::setupBackends();
+            OC_Util::setupFS();
+            // FIXME
+            // Redirect to default application
+            OC_Util::redirectToDefaultPage();
+        } else {
+            // Not handled and not logged in
+            header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute('core.login.showLoginForm'));
+        }
+    }
+
+    /**
+     * Check login: apache auth, auth token, basic auth
+     *
+     * @param OCP\IRequest $request
+     * @return boolean
+     */
+    public static function handleLogin(OCP\IRequest $request) {
+        $userSession = self::$server->getUserSession();
+        if (OC_User::handleApacheAuth()) {
+            return true;
+        }
+        if ($userSession->tryTokenLogin($request)) {
+            return true;
+        }
+        if (isset($_COOKIE['nc_username'])
+            && isset($_COOKIE['nc_token'])
+            && isset($_COOKIE['nc_session_id'])
+            && $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) {
+            return true;
+        }
+        if ($userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
+            return true;
+        }
+        return false;
+    }
+
+    protected static function handleAuthHeaders() {
+        //copy http auth headers for apache+php-fcgid work around
+        if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
+            $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
+        }
+
+        // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
+        $vars = [
+            'HTTP_AUTHORIZATION', // apache+php-cgi work around
+            'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
+        ];
+        foreach ($vars as $var) {
+            if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
+                $credentials = explode(':', base64_decode($matches[1]), 2);
+                if (count($credentials) === 2) {
+                    $_SERVER['PHP_AUTH_USER'] = $credentials[0];
+                    $_SERVER['PHP_AUTH_PW'] = $credentials[1];
+                    break;
+                }
+            }
+        }
+    }
 }
 
 OC::init();

Please login to merge, or discard this patch.

apps/provisioning_api/lib/Controller/UsersController.php 2 patches

Indentation +1210 added lines, -1210 removed lines patch added patch discarded remove patch

@@ -76,1214 +76,1214 @@
 block discarded – undo
 
 class UsersController extends AUserData {
 
-	/** @var IURLGenerator */
-	protected $urlGenerator;
-	/** @var LoggerInterface */
-	private $logger;
-	/** @var IFactory */
-	protected $l10nFactory;
-	/** @var NewUserMailHelper */
-	private $newUserMailHelper;
-	/** @var ISecureRandom */
-	private $secureRandom;
-	/** @var RemoteWipe */
-	private $remoteWipe;
-	/** @var KnownUserService */
-	private $knownUserService;
-	/** @var IEventDispatcher */
-	private $eventDispatcher;
-
-	public function __construct(string $appName,
-								IRequest $request,
-								IUserManager $userManager,
-								IConfig $config,
-								IGroupManager $groupManager,
-								IUserSession $userSession,
-								IAccountManager $accountManager,
-								IURLGenerator $urlGenerator,
-								LoggerInterface $logger,
-								IFactory $l10nFactory,
-								NewUserMailHelper $newUserMailHelper,
-								ISecureRandom $secureRandom,
-								RemoteWipe $remoteWipe,
-								KnownUserService $knownUserService,
-								IEventDispatcher $eventDispatcher) {
-		parent::__construct($appName,
-							$request,
-							$userManager,
-							$config,
-							$groupManager,
-							$userSession,
-							$accountManager,
-							$l10nFactory);
-
-		$this->urlGenerator = $urlGenerator;
-		$this->logger = $logger;
-		$this->l10nFactory = $l10nFactory;
-		$this->newUserMailHelper = $newUserMailHelper;
-		$this->secureRandom = $secureRandom;
-		$this->remoteWipe = $remoteWipe;
-		$this->knownUserService = $knownUserService;
-		$this->eventDispatcher = $eventDispatcher;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 *
-	 * returns a list of users
-	 *
-	 * @param string $search
-	 * @param int $limit
-	 * @param int $offset
-	 * @return DataResponse
-	 */
-	public function getUsers(string $search = '', int $limit = null, int $offset = 0): DataResponse {
-		$user = $this->userSession->getUser();
-		$users = [];
-
-		// Admin? Or SubAdmin?
-		$uid = $user->getUID();
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if ($this->groupManager->isAdmin($uid)) {
-			$users = $this->userManager->search($search, $limit, $offset);
-		} elseif ($subAdminManager->isSubAdmin($user)) {
-			$subAdminOfGroups = $subAdminManager->getSubAdminsGroups($user);
-			foreach ($subAdminOfGroups as $key => $group) {
-				$subAdminOfGroups[$key] = $group->getGID();
-			}
-
-			$users = [];
-			foreach ($subAdminOfGroups as $group) {
-				$users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search, $limit, $offset));
-			}
-		}
-
-		$users = array_keys($users);
-
-		return new DataResponse([
-			'users' => $users
-		]);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 *
-	 * returns a list of users and their data
-	 */
-	public function getUsersDetails(string $search = '', int $limit = null, int $offset = 0): DataResponse {
-		$currentUser = $this->userSession->getUser();
-		$users = [];
-
-		// Admin? Or SubAdmin?
-		$uid = $currentUser->getUID();
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if ($this->groupManager->isAdmin($uid)) {
-			$users = $this->userManager->search($search, $limit, $offset);
-			$users = array_keys($users);
-		} elseif ($subAdminManager->isSubAdmin($currentUser)) {
-			$subAdminOfGroups = $subAdminManager->getSubAdminsGroups($currentUser);
-			foreach ($subAdminOfGroups as $key => $group) {
-				$subAdminOfGroups[$key] = $group->getGID();
-			}
-
-			$users = [];
-			foreach ($subAdminOfGroups as $group) {
-				$users[] = array_keys($this->groupManager->displayNamesInGroup($group, $search, $limit, $offset));
-			}
-			$users = array_merge(...$users);
-		}
-
-		$usersDetails = [];
-		foreach ($users as $userId) {
-			$userId = (string) $userId;
-			$userData = $this->getUserData($userId);
-			// Do not insert empty entry
-			if (!empty($userData)) {
-				$usersDetails[$userId] = $userData;
-			} else {
-				// Logged user does not have permissions to see this user
-				// only showing its id
-				$usersDetails[$userId] = ['id' => $userId];
-			}
-		}
-
-		return new DataResponse([
-			'users' => $usersDetails
-		]);
-	}
-
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 *
-	 * @param string $location
-	 * @param array $search
-	 * @return DataResponse
-	 */
-	public function searchByPhoneNumbers(string $location, array $search): DataResponse {
-		$phoneUtil = PhoneNumberUtil::getInstance();
-
-		if ($phoneUtil->getCountryCodeForRegion($location) === 0) {
-			// Not a valid region code
-			return new DataResponse([], Http::STATUS_BAD_REQUEST);
-		}
-
-		/** @var IUser $user */
-		$user = $this->userSession->getUser();
-		$knownTo = $user->getUID();
-		$defaultPhoneRegion = $this->config->getSystemValueString('default_phone_region');
-
-		$normalizedNumberToKey = [];
-		foreach ($search as $key => $phoneNumbers) {
-			foreach ($phoneNumbers as $phone) {
-				try {
-					$phoneNumber = $phoneUtil->parse($phone, $location);
-					if ($phoneNumber instanceof PhoneNumber && $phoneUtil->isValidNumber($phoneNumber)) {
-						$normalizedNumber = $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
-						$normalizedNumberToKey[$normalizedNumber] = (string) $key;
-					}
-				} catch (NumberParseException $e) {
-				}
-
-				if ($defaultPhoneRegion !== '' && $defaultPhoneRegion !== $location && strpos($phone, '0') === 0) {
-					// If the number has a leading zero (no country code),
-					// we also check the default phone region of the instance,
-					// when it's different to the user's given region.
-					try {
-						$phoneNumber = $phoneUtil->parse($phone, $defaultPhoneRegion);
-						if ($phoneNumber instanceof PhoneNumber && $phoneUtil->isValidNumber($phoneNumber)) {
-							$normalizedNumber = $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
-							$normalizedNumberToKey[$normalizedNumber] = (string) $key;
-						}
-					} catch (NumberParseException $e) {
-					}
-				}
-			}
-		}
-
-		$phoneNumbers = array_keys($normalizedNumberToKey);
-
-		if (empty($phoneNumbers)) {
-			return new DataResponse();
-		}
-
-		// Cleanup all previous entries and only allow new matches
-		$this->knownUserService->deleteKnownTo($knownTo);
-
-		$userMatches = $this->accountManager->searchUsers(IAccountManager::PROPERTY_PHONE, $phoneNumbers);
-
-		if (empty($userMatches)) {
-			return new DataResponse();
-		}
-
-		$cloudUrl = rtrim($this->urlGenerator->getAbsoluteURL('/'), '/');
-		if (strpos($cloudUrl, 'http://') === 0) {
-			$cloudUrl = substr($cloudUrl, strlen('http://'));
-		} elseif (strpos($cloudUrl, 'https://') === 0) {
-			$cloudUrl = substr($cloudUrl, strlen('https://'));
-		}
-
-		$matches = [];
-		foreach ($userMatches as $phone => $userId) {
-			// Not using the ICloudIdManager as that would run a search for each contact to find the display name in the address book
-			$matches[$normalizedNumberToKey[$phone]] = $userId . '@' . $cloudUrl;
-			$this->knownUserService->storeIsKnownToUser($knownTo, $userId);
-		}
-
-		return new DataResponse($matches);
-	}
-
-	/**
-	 * @throws OCSException
-	 */
-	private function createNewUserId(): string {
-		$attempts = 0;
-		do {
-			$uidCandidate = $this->secureRandom->generate(10, ISecureRandom::CHAR_HUMAN_READABLE);
-			if (!$this->userManager->userExists($uidCandidate)) {
-				return $uidCandidate;
-			}
-			$attempts++;
-		} while ($attempts < 10);
-		throw new OCSException('Could not create non-existing user id', 111);
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userid
-	 * @param string $password
-	 * @param string $displayName
-	 * @param string $email
-	 * @param array $groups
-	 * @param array $subadmin
-	 * @param string $quota
-	 * @param string $language
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function addUser(string $userid,
-							string $password = '',
-							string $displayName = '',
-							string $email = '',
-							array $groups = [],
-							array $subadmin = [],
-							string $quota = '',
-							string $language = ''): DataResponse {
-		$user = $this->userSession->getUser();
-		$isAdmin = $this->groupManager->isAdmin($user->getUID());
-		$subAdminManager = $this->groupManager->getSubAdmin();
-
-		if (empty($userid) && $this->config->getAppValue('core', 'newUser.generateUserID', 'no') === 'yes') {
-			$userid = $this->createNewUserId();
-		}
-
-		if ($this->userManager->userExists($userid)) {
-			$this->logger->error('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']);
-			throw new OCSException('User already exists', 102);
-		}
-
-		if ($groups !== []) {
-			foreach ($groups as $group) {
-				if (!$this->groupManager->groupExists($group)) {
-					throw new OCSException('group '.$group.' does not exist', 104);
-				}
-				if (!$isAdmin && !$subAdminManager->isSubAdminOfGroup($user, $this->groupManager->get($group))) {
-					throw new OCSException('insufficient privileges for group '. $group, 105);
-				}
-			}
-		} else {
-			if (!$isAdmin) {
-				throw new OCSException('no group specified (required for subadmins)', 106);
-			}
-		}
-
-		$subadminGroups = [];
-		if ($subadmin !== []) {
-			foreach ($subadmin as $groupid) {
-				$group = $this->groupManager->get($groupid);
-				// Check if group exists
-				if ($group === null) {
-					throw new OCSException('Subadmin group does not exist',  102);
-				}
-				// Check if trying to make subadmin of admin group
-				if ($group->getGID() === 'admin') {
-					throw new OCSException('Cannot create subadmins for admin group', 103);
-				}
-				// Check if has permission to promote subadmins
-				if (!$subAdminManager->isSubAdminOfGroup($user, $group) && !$isAdmin) {
-					throw new OCSForbiddenException('No permissions to promote subadmins');
-				}
-				$subadminGroups[] = $group;
-			}
-		}
-
-		$generatePasswordResetToken = false;
-		if ($password === '') {
-			if ($email === '') {
-				throw new OCSException('To send a password link to the user an email address is required.', 108);
-			}
-
-			$passwordEvent = new GenerateSecurePasswordEvent();
-			$this->eventDispatcher->dispatchTyped($passwordEvent);
-
-			$password = $passwordEvent->getPassword();
-			if ($password === null) {
-				// Fallback: ensure to pass password_policy in any case
-				$password = $this->secureRandom->generate(10)
-					. $this->secureRandom->generate(1, ISecureRandom::CHAR_UPPER)
-					. $this->secureRandom->generate(1, ISecureRandom::CHAR_LOWER)
-					. $this->secureRandom->generate(1, ISecureRandom::CHAR_DIGITS)
-					. $this->secureRandom->generate(1, ISecureRandom::CHAR_SYMBOLS);
-			}
-			$generatePasswordResetToken = true;
-		}
-
-		if ($email === '' && $this->config->getAppValue('core', 'newUser.requireEmail', 'no') === 'yes') {
-			throw new OCSException('Required email address was not provided', 110);
-		}
-
-		try {
-			$newUser = $this->userManager->createUser($userid, $password);
-			$this->logger->info('Successful addUser call with userid: ' . $userid, ['app' => 'ocs_api']);
-
-			foreach ($groups as $group) {
-				$this->groupManager->get($group)->addUser($newUser);
-				$this->logger->info('Added userid ' . $userid . ' to group ' . $group, ['app' => 'ocs_api']);
-			}
-			foreach ($subadminGroups as $group) {
-				$subAdminManager->createSubAdmin($newUser, $group);
-			}
-
-			if ($displayName !== '') {
-				$this->editUser($userid, 'display', $displayName);
-			}
-
-			if ($quota !== '') {
-				$this->editUser($userid, 'quota', $quota);
-			}
-
-			if ($language !== '') {
-				$this->editUser($userid, 'language', $language);
-			}
-
-			// Send new user mail only if a mail is set
-			if ($email !== '') {
-				$newUser->setEMailAddress($email);
-				if ($this->config->getAppValue('core', 'newUser.sendEmail', 'yes') === 'yes') {
-					try {
-						$emailTemplate = $this->newUserMailHelper->generateTemplate($newUser, $generatePasswordResetToken);
-						$this->newUserMailHelper->sendMail($newUser, $emailTemplate);
-					} catch (\Exception $e) {
-						// Mail could be failing hard or just be plain not configured
-						// Logging error as it is the hardest of the two
-						$this->logger->error("Unable to send the invitation mail to $email",
-							[
-								'app' => 'ocs_api',
-								'exception' => $e,
-							]
-						);
-					}
-				}
-			}
-
-			return new DataResponse(['id' => $userid]);
-		} catch (HintException $e) {
-			$this->logger->warning('Failed addUser attempt with hint exception.',
-				[
-					'app' => 'ocs_api',
-					'exception' => $e,
-				]
-			);
-			throw new OCSException($e->getHint(), 107);
-		} catch (OCSException $e) {
-			$this->logger->warning('Failed addUser attempt with ocs exeption.',
-				[
-					'app' => 'ocs_api',
-					'exception' => $e,
-				]
-			);
-			throw $e;
-		} catch (\InvalidArgumentException $e) {
-			$this->logger->error('Failed addUser attempt with invalid argument exeption.',
-				[
-					'app' => 'ocs_api',
-					'exception' => $e,
-				]
-			);
-			throw new OCSException($e->getMessage(), 101);
-		} catch (\Exception $e) {
-			$this->logger->error('Failed addUser attempt with exception.',
-				[
-					'app' => 'ocs_api',
-					'exception' => $e
-				]
-			);
-			throw new OCSException('Bad request', 101);
-		}
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 *
-	 * gets user info
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function getUser(string $userId): DataResponse {
-		$includeScopes = false;
-		$currentUser = $this->userSession->getUser();
-		if ($currentUser && $currentUser->getUID() === $userId) {
-			$includeScopes = true;
-		}
-
-		$data = $this->getUserData($userId, $includeScopes);
-		// getUserData returns empty array if not enough permissions
-		if (empty($data)) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-		return new DataResponse($data);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 *
-	 * gets user info from the currently logged in user
-	 *
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function getCurrentUser(): DataResponse {
-		$user = $this->userSession->getUser();
-		if ($user) {
-			$data = $this->getUserData($user->getUID(), true);
-			// rename "displayname" to "display-name" only for this call to keep
-			// the API stable.
-			$data['display-name'] = $data['displayname'];
-			unset($data['displayname']);
-			return new DataResponse($data);
-		}
-
-		throw new OCSException('', OCSController::RESPOND_UNAUTHORISED);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 *
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function getEditableFields(): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-		if (!$currentLoggedInUser instanceof IUser) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		return $this->getEditableFieldsForUser($currentLoggedInUser->getUID());
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function getEditableFieldsForUser(string $userId): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-		if (!$currentLoggedInUser instanceof IUser) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		$permittedFields = [];
-
-		if ($userId !== $currentLoggedInUser->getUID()) {
-			$targetUser = $this->userManager->get($userId);
-			if (!$targetUser instanceof IUser) {
-				throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-			}
-
-			$subAdminManager = $this->groupManager->getSubAdmin();
-			if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID())
-				&& !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
-				throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-			}
-		} else {
-			$targetUser = $currentLoggedInUser;
-		}
-
-		// Editing self (display, email)
-		if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
-			if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
-				|| $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
-				$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
-			}
-			$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
-		}
-
-		$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
-		$permittedFields[] = IAccountManager::PROPERTY_PHONE;
-		$permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
-		$permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
-		$permittedFields[] = IAccountManager::PROPERTY_TWITTER;
-
-		return new DataResponse($permittedFields);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @throws OCSException
-	 */
-	public function editUserMultiValue(
-		string $userId,
-		string $collectionName,
-		string $key,
-		string $value
-	): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-		if ($currentLoggedInUser === null) {
-			throw new OCSException('', OCSController::RESPOND_UNAUTHORISED);
-		}
-
-		$targetUser = $this->userManager->get($userId);
-		if ($targetUser === null) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		$permittedFields = [];
-		if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
-			// Editing self (display, email)
-			$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
-			$permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX;
-		} else {
-			// Check if admin / subadmin
-			$subAdminManager = $this->groupManager->getSubAdmin();
-			if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
-				|| $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
-				// They have permissions over the user
-
-				$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
-			} else {
-				// No rights
-				throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-			}
-		}
-
-		// Check if permitted to edit this field
-		if (!in_array($collectionName, $permittedFields)) {
-			throw new OCSException('', 103);
-		}
-
-		switch ($collectionName) {
-			case IAccountManager::COLLECTION_EMAIL:
-				$userAccount = $this->accountManager->getAccount($targetUser);
-				$mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
-				$mailCollection->removePropertyByValue($key);
-				if ($value !== '') {
-					$mailCollection->addPropertyWithDefaults($value);
-				}
-				$this->accountManager->updateAccount($userAccount);
-				break;
-
-			case IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX:
-				$userAccount = $this->accountManager->getAccount($targetUser);
-				$mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
-				$targetProperty = null;
-				foreach ($mailCollection->getProperties() as $property) {
-					if ($property->getValue() === $key) {
-						$targetProperty = $property;
-						break;
-					}
-				}
-				if ($targetProperty instanceof IAccountProperty) {
-					try {
-						$targetProperty->setScope($value);
-						$this->accountManager->updateAccount($userAccount);
-					} catch (\InvalidArgumentException $e) {
-						throw new OCSException('', 102);
-					}
-				} else {
-					throw new OCSException('', 102);
-				}
-				break;
-
-			default:
-				throw new OCSException('', 103);
-		}
-		return new DataResponse();
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * edit users
-	 *
-	 * @param string $userId
-	 * @param string $key
-	 * @param string $value
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function editUser(string $userId, string $key, string $value): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-
-		$targetUser = $this->userManager->get($userId);
-		if ($targetUser === null) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		$permittedFields = [];
-		if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
-			// Editing self (display, email)
-			if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
-				if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
-					|| $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
-					$permittedFields[] = 'display';
-					$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
-				}
-				$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
-			}
-
-			$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX;
-
-			$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
-
-			$permittedFields[] = 'password';
-			if ($this->config->getSystemValue('force_language', false) === false ||
-				$this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
-				$permittedFields[] = 'language';
-			}
-
-			if ($this->config->getSystemValue('force_locale', false) === false ||
-				$this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
-				$permittedFields[] = 'locale';
-			}
-
-			$permittedFields[] = IAccountManager::PROPERTY_PHONE;
-			$permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
-			$permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
-			$permittedFields[] = IAccountManager::PROPERTY_TWITTER;
-			$permittedFields[] = IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX;
-
-			$permittedFields[] = IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX;
-
-			// If admin they can edit their own quota
-			if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
-				$permittedFields[] = 'quota';
-			}
-		} else {
-			// Check if admin / subadmin
-			$subAdminManager = $this->groupManager->getSubAdmin();
-			if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
-			|| $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
-				// They have permissions over the user
-				if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
-					|| $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
-					$permittedFields[] = 'display';
-					$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
-				}
-				$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
-				$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
-				$permittedFields[] = 'password';
-				$permittedFields[] = 'language';
-				$permittedFields[] = 'locale';
-				$permittedFields[] = IAccountManager::PROPERTY_PHONE;
-				$permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
-				$permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
-				$permittedFields[] = IAccountManager::PROPERTY_TWITTER;
-				$permittedFields[] = 'quota';
-			} else {
-				// No rights
-				throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-			}
-		}
-		// Check if permitted to edit this field
-		if (!in_array($key, $permittedFields)) {
-			throw new OCSException('', 103);
-		}
-		// Process the edit
-		switch ($key) {
-			case 'display':
-			case IAccountManager::PROPERTY_DISPLAYNAME:
-				$targetUser->setDisplayName($value);
-				break;
-			case 'quota':
-				$quota = $value;
-				if ($quota !== 'none' && $quota !== 'default') {
-					if (is_numeric($quota)) {
-						$quota = (float) $quota;
-					} else {
-						$quota = \OCP\Util::computerFileSize($quota);
-					}
-					if ($quota === false) {
-						throw new OCSException('Invalid quota value '.$value, 102);
-					}
-					if ($quota === -1) {
-						$quota = 'none';
-					} else {
-						$quota = \OCP\Util::humanFileSize($quota);
-					}
-				}
-				$targetUser->setQuota($quota);
-				break;
-			case 'password':
-				try {
-					if (!$targetUser->canChangePassword()) {
-						throw new OCSException('Setting the password is not supported by the users backend', 103);
-					}
-					$targetUser->setPassword($value);
-				} catch (HintException $e) { // password policy error
-					throw new OCSException($e->getMessage(), 103);
-				}
-				break;
-			case 'language':
-				$languagesCodes = $this->l10nFactory->findAvailableLanguages();
-				if (!in_array($value, $languagesCodes, true) && $value !== 'en') {
-					throw new OCSException('Invalid language', 102);
-				}
-				$this->config->setUserValue($targetUser->getUID(), 'core', 'lang', $value);
-				break;
-			case 'locale':
-				if (!$this->l10nFactory->localeExists($value)) {
-					throw new OCSException('Invalid locale', 102);
-				}
-				$this->config->setUserValue($targetUser->getUID(), 'core', 'locale', $value);
-				break;
-			case IAccountManager::PROPERTY_EMAIL:
-				if (filter_var($value, FILTER_VALIDATE_EMAIL) || $value === '') {
-					$targetUser->setEMailAddress($value);
-				} else {
-					throw new OCSException('', 102);
-				}
-				break;
-			case IAccountManager::COLLECTION_EMAIL:
-				if (filter_var($value, FILTER_VALIDATE_EMAIL) && $value !== $targetUser->getEMailAddress()) {
-					$userAccount = $this->accountManager->getAccount($targetUser);
-					$mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
-					foreach ($mailCollection->getProperties() as $property) {
-						if ($property->getValue() === $value) {
-							break;
-						}
-					}
-					$mailCollection->addPropertyWithDefaults($value);
-					$this->accountManager->updateAccount($userAccount);
-				} else {
-					throw new OCSException('', 102);
-				}
-				break;
-			case IAccountManager::PROPERTY_PHONE:
-			case IAccountManager::PROPERTY_ADDRESS:
-			case IAccountManager::PROPERTY_WEBSITE:
-			case IAccountManager::PROPERTY_TWITTER:
-				$userAccount = $this->accountManager->getAccount($targetUser);
-				try {
-					$userProperty = $userAccount->getProperty($key);
-					if ($userProperty->getValue() !== $value) {
-						try {
-							$userProperty->setValue($value);
-							if ($userProperty->getName() === IAccountManager::PROPERTY_PHONE) {
-								$this->knownUserService->deleteByContactUserId($targetUser->getUID());
-							}
-						} catch (\InvalidArgumentException $e) {
-							throw new OCSException('Invalid ' . $e->getMessage(), 102);
-						}
-					}
-				} catch (PropertyDoesNotExistException $e) {
-					$userAccount->setProperty($key, $value, IAccountManager::SCOPE_PRIVATE, IAccountManager::NOT_VERIFIED);
-				}
-				$this->accountManager->updateAccount($userAccount);
-				break;
-			case IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX:
-				$propertyName = substr($key, 0, strlen($key) - strlen(self::SCOPE_SUFFIX));
-				$userAccount = $this->accountManager->getAccount($targetUser);
-				$userProperty = $userAccount->getProperty($propertyName);
-				if ($userProperty->getScope() !== $value) {
-					try {
-						$userProperty->setScope($value);
-						$this->accountManager->updateAccount($userAccount);
-					} catch (\InvalidArgumentException $e) {
-						throw new OCSException('Invalid ' . $e->getMessage(), 102);
-					}
-				}
-				break;
-			default:
-				throw new OCSException('', 103);
-		}
-		return new DataResponse();
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userId
-	 *
-	 * @return DataResponse
-	 *
-	 * @throws OCSException
-	 */
-	public function wipeUserDevices(string $userId): DataResponse {
-		/** @var IUser $currentLoggedInUser */
-		$currentLoggedInUser = $this->userSession->getUser();
-
-		$targetUser = $this->userManager->get($userId);
-
-		if ($targetUser === null) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
-			throw new OCSException('', 101);
-		}
-
-		// If not permitted
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		$this->remoteWipe->markAllTokensForWipe($targetUser);
-
-		return new DataResponse();
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function deleteUser(string $userId): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-
-		$targetUser = $this->userManager->get($userId);
-
-		if ($targetUser === null) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
-			throw new OCSException('', 101);
-		}
-
-		// If not permitted
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		// Go ahead with the delete
-		if ($targetUser->delete()) {
-			return new DataResponse();
-		} else {
-			throw new OCSException('', 101);
-		}
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 * @throws OCSForbiddenException
-	 */
-	public function disableUser(string $userId): DataResponse {
-		return $this->setEnabled($userId, false);
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 * @throws OCSForbiddenException
-	 */
-	public function enableUser(string $userId): DataResponse {
-		return $this->setEnabled($userId, true);
-	}
-
-	/**
-	 * @param string $userId
-	 * @param bool $value
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	private function setEnabled(string $userId, bool $value): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-
-		$targetUser = $this->userManager->get($userId);
-		if ($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
-			throw new OCSException('', 101);
-		}
-
-		// If not permitted
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		// enable/disable the user now
-		$targetUser->setEnabled($value);
-		return new DataResponse();
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubAdminRequired
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function getUsersGroups(string $userId): DataResponse {
-		$loggedInUser = $this->userSession->getUser();
-
-		$targetUser = $this->userManager->get($userId);
-		if ($targetUser === null) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		if ($targetUser->getUID() === $loggedInUser->getUID() || $this->groupManager->isAdmin($loggedInUser->getUID())) {
-			// Self lookup or admin lookup
-			return new DataResponse([
-				'groups' => $this->groupManager->getUserGroupIds($targetUser)
-			]);
-		} else {
-			$subAdminManager = $this->groupManager->getSubAdmin();
-
-			// Looking up someone else
-			if ($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) {
-				// Return the group that the method caller is subadmin of for the user in question
-				/** @var IGroup[] $getSubAdminsGroups */
-				$getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
-				foreach ($getSubAdminsGroups as $key => $group) {
-					$getSubAdminsGroups[$key] = $group->getGID();
-				}
-				$groups = array_intersect(
-					$getSubAdminsGroups,
-					$this->groupManager->getUserGroupIds($targetUser)
-				);
-				return new DataResponse(['groups' => $groups]);
-			} else {
-				// Not permitted
-				throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-			}
-		}
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userId
-	 * @param string $groupid
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function addToGroup(string $userId, string $groupid = ''): DataResponse {
-		if ($groupid === '') {
-			throw new OCSException('', 101);
-		}
-
-		$group = $this->groupManager->get($groupid);
-		$targetUser = $this->userManager->get($userId);
-		if ($group === null) {
-			throw new OCSException('', 102);
-		}
-		if ($targetUser === null) {
-			throw new OCSException('', 103);
-		}
-
-		// If they're not an admin, check they are a subadmin of the group in question
-		$loggedInUser = $this->userSession->getUser();
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) {
-			throw new OCSException('', 104);
-		}
-
-		// Add user to group
-		$group->addUser($targetUser);
-		return new DataResponse();
-	}
-
-	/**
-	 * @PasswordConfirmationRequired
-	 * @NoAdminRequired
-	 *
-	 * @param string $userId
-	 * @param string $groupid
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function removeFromGroup(string $userId, string $groupid): DataResponse {
-		$loggedInUser = $this->userSession->getUser();
-
-		if ($groupid === null || trim($groupid) === '') {
-			throw new OCSException('', 101);
-		}
-
-		$group = $this->groupManager->get($groupid);
-		if ($group === null) {
-			throw new OCSException('', 102);
-		}
-
-		$targetUser = $this->userManager->get($userId);
-		if ($targetUser === null) {
-			throw new OCSException('', 103);
-		}
-
-		// If they're not an admin, check they are a subadmin of the group in question
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) {
-			throw new OCSException('', 104);
-		}
-
-		// Check they aren't removing themselves from 'admin' or their 'subadmin; group
-		if ($targetUser->getUID() === $loggedInUser->getUID()) {
-			if ($this->groupManager->isAdmin($loggedInUser->getUID())) {
-				if ($group->getGID() === 'admin') {
-					throw new OCSException('Cannot remove yourself from the admin group', 105);
-				}
-			} else {
-				// Not an admin, so the user must be a subadmin of this group, but that is not allowed.
-				throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105);
-			}
-		} elseif (!$this->groupManager->isAdmin($loggedInUser->getUID())) {
-			/** @var IGroup[] $subAdminGroups */
-			$subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
-			$subAdminGroups = array_map(function (IGroup $subAdminGroup) {
-				return $subAdminGroup->getGID();
-			}, $subAdminGroups);
-			$userGroups = $this->groupManager->getUserGroupIds($targetUser);
-			$userSubAdminGroups = array_intersect($subAdminGroups, $userGroups);
-
-			if (count($userSubAdminGroups) <= 1) {
-				// Subadmin must not be able to remove a user from all their subadmin groups.
-				throw new OCSException('Not viable to remove user from the last group you are SubAdmin of', 105);
-			}
-		}
-
-		// Remove user from group
-		$group->removeUser($targetUser);
-		return new DataResponse();
-	}
-
-	/**
-	 * Creates a subadmin
-	 *
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $userId
-	 * @param string $groupid
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function addSubAdmin(string $userId, string $groupid): DataResponse {
-		$group = $this->groupManager->get($groupid);
-		$user = $this->userManager->get($userId);
-
-		// Check if the user exists
-		if ($user === null) {
-			throw new OCSException('User does not exist', 101);
-		}
-		// Check if group exists
-		if ($group === null) {
-			throw new OCSException('Group does not exist',  102);
-		}
-		// Check if trying to make subadmin of admin group
-		if ($group->getGID() === 'admin') {
-			throw new OCSException('Cannot create subadmins for admin group', 103);
-		}
-
-		$subAdminManager = $this->groupManager->getSubAdmin();
-
-		// We cannot be subadmin twice
-		if ($subAdminManager->isSubAdminOfGroup($user, $group)) {
-			return new DataResponse();
-		}
-		// Go
-		$subAdminManager->createSubAdmin($user, $group);
-		return new DataResponse();
-	}
-
-	/**
-	 * Removes a subadmin from a group
-	 *
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $userId
-	 * @param string $groupid
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function removeSubAdmin(string $userId, string $groupid): DataResponse {
-		$group = $this->groupManager->get($groupid);
-		$user = $this->userManager->get($userId);
-		$subAdminManager = $this->groupManager->getSubAdmin();
-
-		// Check if the user exists
-		if ($user === null) {
-			throw new OCSException('User does not exist', 101);
-		}
-		// Check if the group exists
-		if ($group === null) {
-			throw new OCSException('Group does not exist', 101);
-		}
-		// Check if they are a subadmin of this said group
-		if (!$subAdminManager->isSubAdminOfGroup($user, $group)) {
-			throw new OCSException('User is not a subadmin of this group', 102);
-		}
-
-		// Go
-		$subAdminManager->deleteSubAdmin($user, $group);
-		return new DataResponse();
-	}
-
-	/**
-	 * Get the groups a user is a subadmin of
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function getUserSubAdminGroups(string $userId): DataResponse {
-		$groups = $this->getUserSubAdminGroupsData($userId);
-		return new DataResponse($groups);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * resend welcome message
-	 *
-	 * @param string $userId
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function resendWelcomeMessage(string $userId): DataResponse {
-		$currentLoggedInUser = $this->userSession->getUser();
-
-		$targetUser = $this->userManager->get($userId);
-		if ($targetUser === null) {
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		// Check if admin / subadmin
-		$subAdminManager = $this->groupManager->getSubAdmin();
-		if (!$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)
-			&& !$this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
-			// No rights
-			throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
-		}
-
-		$email = $targetUser->getEMailAddress();
-		if ($email === '' || $email === null) {
-			throw new OCSException('Email address not available', 101);
-		}
-
-		try {
-			$emailTemplate = $this->newUserMailHelper->generateTemplate($targetUser, false);
-			$this->newUserMailHelper->sendMail($targetUser, $emailTemplate);
-		} catch (\Exception $e) {
-			$this->logger->error("Can't send new user mail to $email",
-				[
-					'app' => 'settings',
-					'exception' => $e,
-				]
-			);
-			throw new OCSException('Sending email failed', 102);
-		}
-
-		return new DataResponse();
-	}
+    /** @var IURLGenerator */
+    protected $urlGenerator;
+    /** @var LoggerInterface */
+    private $logger;
+    /** @var IFactory */
+    protected $l10nFactory;
+    /** @var NewUserMailHelper */
+    private $newUserMailHelper;
+    /** @var ISecureRandom */
+    private $secureRandom;
+    /** @var RemoteWipe */
+    private $remoteWipe;
+    /** @var KnownUserService */
+    private $knownUserService;
+    /** @var IEventDispatcher */
+    private $eventDispatcher;
+
+    public function __construct(string $appName,
+                                IRequest $request,
+                                IUserManager $userManager,
+                                IConfig $config,
+                                IGroupManager $groupManager,
+                                IUserSession $userSession,
+                                IAccountManager $accountManager,
+                                IURLGenerator $urlGenerator,
+                                LoggerInterface $logger,
+                                IFactory $l10nFactory,
+                                NewUserMailHelper $newUserMailHelper,
+                                ISecureRandom $secureRandom,
+                                RemoteWipe $remoteWipe,
+                                KnownUserService $knownUserService,
+                                IEventDispatcher $eventDispatcher) {
+        parent::__construct($appName,
+                            $request,
+                            $userManager,
+                            $config,
+                            $groupManager,
+                            $userSession,
+                            $accountManager,
+                            $l10nFactory);
+
+        $this->urlGenerator = $urlGenerator;
+        $this->logger = $logger;
+        $this->l10nFactory = $l10nFactory;
+        $this->newUserMailHelper = $newUserMailHelper;
+        $this->secureRandom = $secureRandom;
+        $this->remoteWipe = $remoteWipe;
+        $this->knownUserService = $knownUserService;
+        $this->eventDispatcher = $eventDispatcher;
+    }
+
+    /**
+     * @NoAdminRequired
+     *
+     * returns a list of users
+     *
+     * @param string $search
+     * @param int $limit
+     * @param int $offset
+     * @return DataResponse
+     */
+    public function getUsers(string $search = '', int $limit = null, int $offset = 0): DataResponse {
+        $user = $this->userSession->getUser();
+        $users = [];
+
+        // Admin? Or SubAdmin?
+        $uid = $user->getUID();
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if ($this->groupManager->isAdmin($uid)) {
+            $users = $this->userManager->search($search, $limit, $offset);
+        } elseif ($subAdminManager->isSubAdmin($user)) {
+            $subAdminOfGroups = $subAdminManager->getSubAdminsGroups($user);
+            foreach ($subAdminOfGroups as $key => $group) {
+                $subAdminOfGroups[$key] = $group->getGID();
+            }
+
+            $users = [];
+            foreach ($subAdminOfGroups as $group) {
+                $users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search, $limit, $offset));
+            }
+        }
+
+        $users = array_keys($users);
+
+        return new DataResponse([
+            'users' => $users
+        ]);
+    }
+
+    /**
+     * @NoAdminRequired
+     *
+     * returns a list of users and their data
+     */
+    public function getUsersDetails(string $search = '', int $limit = null, int $offset = 0): DataResponse {
+        $currentUser = $this->userSession->getUser();
+        $users = [];
+
+        // Admin? Or SubAdmin?
+        $uid = $currentUser->getUID();
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if ($this->groupManager->isAdmin($uid)) {
+            $users = $this->userManager->search($search, $limit, $offset);
+            $users = array_keys($users);
+        } elseif ($subAdminManager->isSubAdmin($currentUser)) {
+            $subAdminOfGroups = $subAdminManager->getSubAdminsGroups($currentUser);
+            foreach ($subAdminOfGroups as $key => $group) {
+                $subAdminOfGroups[$key] = $group->getGID();
+            }
+
+            $users = [];
+            foreach ($subAdminOfGroups as $group) {
+                $users[] = array_keys($this->groupManager->displayNamesInGroup($group, $search, $limit, $offset));
+            }
+            $users = array_merge(...$users);
+        }
+
+        $usersDetails = [];
+        foreach ($users as $userId) {
+            $userId = (string) $userId;
+            $userData = $this->getUserData($userId);
+            // Do not insert empty entry
+            if (!empty($userData)) {
+                $usersDetails[$userId] = $userData;
+            } else {
+                // Logged user does not have permissions to see this user
+                // only showing its id
+                $usersDetails[$userId] = ['id' => $userId];
+            }
+        }
+
+        return new DataResponse([
+            'users' => $usersDetails
+        ]);
+    }
+
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     *
+     * @param string $location
+     * @param array $search
+     * @return DataResponse
+     */
+    public function searchByPhoneNumbers(string $location, array $search): DataResponse {
+        $phoneUtil = PhoneNumberUtil::getInstance();
+
+        if ($phoneUtil->getCountryCodeForRegion($location) === 0) {
+            // Not a valid region code
+            return new DataResponse([], Http::STATUS_BAD_REQUEST);
+        }
+
+        /** @var IUser $user */
+        $user = $this->userSession->getUser();
+        $knownTo = $user->getUID();
+        $defaultPhoneRegion = $this->config->getSystemValueString('default_phone_region');
+
+        $normalizedNumberToKey = [];
+        foreach ($search as $key => $phoneNumbers) {
+            foreach ($phoneNumbers as $phone) {
+                try {
+                    $phoneNumber = $phoneUtil->parse($phone, $location);
+                    if ($phoneNumber instanceof PhoneNumber && $phoneUtil->isValidNumber($phoneNumber)) {
+                        $normalizedNumber = $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
+                        $normalizedNumberToKey[$normalizedNumber] = (string) $key;
+                    }
+                } catch (NumberParseException $e) {
+                }
+
+                if ($defaultPhoneRegion !== '' && $defaultPhoneRegion !== $location && strpos($phone, '0') === 0) {
+                    // If the number has a leading zero (no country code),
+                    // we also check the default phone region of the instance,
+                    // when it's different to the user's given region.
+                    try {
+                        $phoneNumber = $phoneUtil->parse($phone, $defaultPhoneRegion);
+                        if ($phoneNumber instanceof PhoneNumber && $phoneUtil->isValidNumber($phoneNumber)) {
+                            $normalizedNumber = $phoneUtil->format($phoneNumber, PhoneNumberFormat::E164);
+                            $normalizedNumberToKey[$normalizedNumber] = (string) $key;
+                        }
+                    } catch (NumberParseException $e) {
+                    }
+                }
+            }
+        }
+
+        $phoneNumbers = array_keys($normalizedNumberToKey);
+
+        if (empty($phoneNumbers)) {
+            return new DataResponse();
+        }
+
+        // Cleanup all previous entries and only allow new matches
+        $this->knownUserService->deleteKnownTo($knownTo);
+
+        $userMatches = $this->accountManager->searchUsers(IAccountManager::PROPERTY_PHONE, $phoneNumbers);
+
+        if (empty($userMatches)) {
+            return new DataResponse();
+        }
+
+        $cloudUrl = rtrim($this->urlGenerator->getAbsoluteURL('/'), '/');
+        if (strpos($cloudUrl, 'http://') === 0) {
+            $cloudUrl = substr($cloudUrl, strlen('http://'));
+        } elseif (strpos($cloudUrl, 'https://') === 0) {
+            $cloudUrl = substr($cloudUrl, strlen('https://'));
+        }
+
+        $matches = [];
+        foreach ($userMatches as $phone => $userId) {
+            // Not using the ICloudIdManager as that would run a search for each contact to find the display name in the address book
+            $matches[$normalizedNumberToKey[$phone]] = $userId . '@' . $cloudUrl;
+            $this->knownUserService->storeIsKnownToUser($knownTo, $userId);
+        }
+
+        return new DataResponse($matches);
+    }
+
+    /**
+     * @throws OCSException
+     */
+    private function createNewUserId(): string {
+        $attempts = 0;
+        do {
+            $uidCandidate = $this->secureRandom->generate(10, ISecureRandom::CHAR_HUMAN_READABLE);
+            if (!$this->userManager->userExists($uidCandidate)) {
+                return $uidCandidate;
+            }
+            $attempts++;
+        } while ($attempts < 10);
+        throw new OCSException('Could not create non-existing user id', 111);
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userid
+     * @param string $password
+     * @param string $displayName
+     * @param string $email
+     * @param array $groups
+     * @param array $subadmin
+     * @param string $quota
+     * @param string $language
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function addUser(string $userid,
+                            string $password = '',
+                            string $displayName = '',
+                            string $email = '',
+                            array $groups = [],
+                            array $subadmin = [],
+                            string $quota = '',
+                            string $language = ''): DataResponse {
+        $user = $this->userSession->getUser();
+        $isAdmin = $this->groupManager->isAdmin($user->getUID());
+        $subAdminManager = $this->groupManager->getSubAdmin();
+
+        if (empty($userid) && $this->config->getAppValue('core', 'newUser.generateUserID', 'no') === 'yes') {
+            $userid = $this->createNewUserId();
+        }
+
+        if ($this->userManager->userExists($userid)) {
+            $this->logger->error('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']);
+            throw new OCSException('User already exists', 102);
+        }
+
+        if ($groups !== []) {
+            foreach ($groups as $group) {
+                if (!$this->groupManager->groupExists($group)) {
+                    throw new OCSException('group '.$group.' does not exist', 104);
+                }
+                if (!$isAdmin && !$subAdminManager->isSubAdminOfGroup($user, $this->groupManager->get($group))) {
+                    throw new OCSException('insufficient privileges for group '. $group, 105);
+                }
+            }
+        } else {
+            if (!$isAdmin) {
+                throw new OCSException('no group specified (required for subadmins)', 106);
+            }
+        }
+
+        $subadminGroups = [];
+        if ($subadmin !== []) {
+            foreach ($subadmin as $groupid) {
+                $group = $this->groupManager->get($groupid);
+                // Check if group exists
+                if ($group === null) {
+                    throw new OCSException('Subadmin group does not exist',  102);
+                }
+                // Check if trying to make subadmin of admin group
+                if ($group->getGID() === 'admin') {
+                    throw new OCSException('Cannot create subadmins for admin group', 103);
+                }
+                // Check if has permission to promote subadmins
+                if (!$subAdminManager->isSubAdminOfGroup($user, $group) && !$isAdmin) {
+                    throw new OCSForbiddenException('No permissions to promote subadmins');
+                }
+                $subadminGroups[] = $group;
+            }
+        }
+
+        $generatePasswordResetToken = false;
+        if ($password === '') {
+            if ($email === '') {
+                throw new OCSException('To send a password link to the user an email address is required.', 108);
+            }
+
+            $passwordEvent = new GenerateSecurePasswordEvent();
+            $this->eventDispatcher->dispatchTyped($passwordEvent);
+
+            $password = $passwordEvent->getPassword();
+            if ($password === null) {
+                // Fallback: ensure to pass password_policy in any case
+                $password = $this->secureRandom->generate(10)
+                    . $this->secureRandom->generate(1, ISecureRandom::CHAR_UPPER)
+                    . $this->secureRandom->generate(1, ISecureRandom::CHAR_LOWER)
+                    . $this->secureRandom->generate(1, ISecureRandom::CHAR_DIGITS)
+                    . $this->secureRandom->generate(1, ISecureRandom::CHAR_SYMBOLS);
+            }
+            $generatePasswordResetToken = true;
+        }
+
+        if ($email === '' && $this->config->getAppValue('core', 'newUser.requireEmail', 'no') === 'yes') {
+            throw new OCSException('Required email address was not provided', 110);
+        }
+
+        try {
+            $newUser = $this->userManager->createUser($userid, $password);
+            $this->logger->info('Successful addUser call with userid: ' . $userid, ['app' => 'ocs_api']);
+
+            foreach ($groups as $group) {
+                $this->groupManager->get($group)->addUser($newUser);
+                $this->logger->info('Added userid ' . $userid . ' to group ' . $group, ['app' => 'ocs_api']);
+            }
+            foreach ($subadminGroups as $group) {
+                $subAdminManager->createSubAdmin($newUser, $group);
+            }
+
+            if ($displayName !== '') {
+                $this->editUser($userid, 'display', $displayName);
+            }
+
+            if ($quota !== '') {
+                $this->editUser($userid, 'quota', $quota);
+            }
+
+            if ($language !== '') {
+                $this->editUser($userid, 'language', $language);
+            }
+
+            // Send new user mail only if a mail is set
+            if ($email !== '') {
+                $newUser->setEMailAddress($email);
+                if ($this->config->getAppValue('core', 'newUser.sendEmail', 'yes') === 'yes') {
+                    try {
+                        $emailTemplate = $this->newUserMailHelper->generateTemplate($newUser, $generatePasswordResetToken);
+                        $this->newUserMailHelper->sendMail($newUser, $emailTemplate);
+                    } catch (\Exception $e) {
+                        // Mail could be failing hard or just be plain not configured
+                        // Logging error as it is the hardest of the two
+                        $this->logger->error("Unable to send the invitation mail to $email",
+                            [
+                                'app' => 'ocs_api',
+                                'exception' => $e,
+                            ]
+                        );
+                    }
+                }
+            }
+
+            return new DataResponse(['id' => $userid]);
+        } catch (HintException $e) {
+            $this->logger->warning('Failed addUser attempt with hint exception.',
+                [
+                    'app' => 'ocs_api',
+                    'exception' => $e,
+                ]
+            );
+            throw new OCSException($e->getHint(), 107);
+        } catch (OCSException $e) {
+            $this->logger->warning('Failed addUser attempt with ocs exeption.',
+                [
+                    'app' => 'ocs_api',
+                    'exception' => $e,
+                ]
+            );
+            throw $e;
+        } catch (\InvalidArgumentException $e) {
+            $this->logger->error('Failed addUser attempt with invalid argument exeption.',
+                [
+                    'app' => 'ocs_api',
+                    'exception' => $e,
+                ]
+            );
+            throw new OCSException($e->getMessage(), 101);
+        } catch (\Exception $e) {
+            $this->logger->error('Failed addUser attempt with exception.',
+                [
+                    'app' => 'ocs_api',
+                    'exception' => $e
+                ]
+            );
+            throw new OCSException('Bad request', 101);
+        }
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     *
+     * gets user info
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function getUser(string $userId): DataResponse {
+        $includeScopes = false;
+        $currentUser = $this->userSession->getUser();
+        if ($currentUser && $currentUser->getUID() === $userId) {
+            $includeScopes = true;
+        }
+
+        $data = $this->getUserData($userId, $includeScopes);
+        // getUserData returns empty array if not enough permissions
+        if (empty($data)) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+        return new DataResponse($data);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     *
+     * gets user info from the currently logged in user
+     *
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function getCurrentUser(): DataResponse {
+        $user = $this->userSession->getUser();
+        if ($user) {
+            $data = $this->getUserData($user->getUID(), true);
+            // rename "displayname" to "display-name" only for this call to keep
+            // the API stable.
+            $data['display-name'] = $data['displayname'];
+            unset($data['displayname']);
+            return new DataResponse($data);
+        }
+
+        throw new OCSException('', OCSController::RESPOND_UNAUTHORISED);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     *
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function getEditableFields(): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+        if (!$currentLoggedInUser instanceof IUser) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        return $this->getEditableFieldsForUser($currentLoggedInUser->getUID());
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function getEditableFieldsForUser(string $userId): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+        if (!$currentLoggedInUser instanceof IUser) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        $permittedFields = [];
+
+        if ($userId !== $currentLoggedInUser->getUID()) {
+            $targetUser = $this->userManager->get($userId);
+            if (!$targetUser instanceof IUser) {
+                throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+            }
+
+            $subAdminManager = $this->groupManager->getSubAdmin();
+            if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID())
+                && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+                throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+            }
+        } else {
+            $targetUser = $currentLoggedInUser;
+        }
+
+        // Editing self (display, email)
+        if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
+            if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
+                || $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
+                $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
+            }
+            $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
+        }
+
+        $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+        $permittedFields[] = IAccountManager::PROPERTY_PHONE;
+        $permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
+        $permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
+        $permittedFields[] = IAccountManager::PROPERTY_TWITTER;
+
+        return new DataResponse($permittedFields);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @throws OCSException
+     */
+    public function editUserMultiValue(
+        string $userId,
+        string $collectionName,
+        string $key,
+        string $value
+    ): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+        if ($currentLoggedInUser === null) {
+            throw new OCSException('', OCSController::RESPOND_UNAUTHORISED);
+        }
+
+        $targetUser = $this->userManager->get($userId);
+        if ($targetUser === null) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        $permittedFields = [];
+        if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
+            // Editing self (display, email)
+            $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+            $permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX;
+        } else {
+            // Check if admin / subadmin
+            $subAdminManager = $this->groupManager->getSubAdmin();
+            if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
+                || $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+                // They have permissions over the user
+
+                $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+            } else {
+                // No rights
+                throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+            }
+        }
+
+        // Check if permitted to edit this field
+        if (!in_array($collectionName, $permittedFields)) {
+            throw new OCSException('', 103);
+        }
+
+        switch ($collectionName) {
+            case IAccountManager::COLLECTION_EMAIL:
+                $userAccount = $this->accountManager->getAccount($targetUser);
+                $mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
+                $mailCollection->removePropertyByValue($key);
+                if ($value !== '') {
+                    $mailCollection->addPropertyWithDefaults($value);
+                }
+                $this->accountManager->updateAccount($userAccount);
+                break;
+
+            case IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX:
+                $userAccount = $this->accountManager->getAccount($targetUser);
+                $mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
+                $targetProperty = null;
+                foreach ($mailCollection->getProperties() as $property) {
+                    if ($property->getValue() === $key) {
+                        $targetProperty = $property;
+                        break;
+                    }
+                }
+                if ($targetProperty instanceof IAccountProperty) {
+                    try {
+                        $targetProperty->setScope($value);
+                        $this->accountManager->updateAccount($userAccount);
+                    } catch (\InvalidArgumentException $e) {
+                        throw new OCSException('', 102);
+                    }
+                } else {
+                    throw new OCSException('', 102);
+                }
+                break;
+
+            default:
+                throw new OCSException('', 103);
+        }
+        return new DataResponse();
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * edit users
+     *
+     * @param string $userId
+     * @param string $key
+     * @param string $value
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function editUser(string $userId, string $key, string $value): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+
+        $targetUser = $this->userManager->get($userId);
+        if ($targetUser === null) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        $permittedFields = [];
+        if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
+            // Editing self (display, email)
+            if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
+                if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
+                    || $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
+                    $permittedFields[] = 'display';
+                    $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
+                }
+                $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
+            }
+
+            $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX;
+            $permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX;
+
+            $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+
+            $permittedFields[] = 'password';
+            if ($this->config->getSystemValue('force_language', false) === false ||
+                $this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
+                $permittedFields[] = 'language';
+            }
+
+            if ($this->config->getSystemValue('force_locale', false) === false ||
+                $this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
+                $permittedFields[] = 'locale';
+            }
+
+            $permittedFields[] = IAccountManager::PROPERTY_PHONE;
+            $permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
+            $permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
+            $permittedFields[] = IAccountManager::PROPERTY_TWITTER;
+            $permittedFields[] = IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX;
+            $permittedFields[] = IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX;
+            $permittedFields[] = IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX;
+            $permittedFields[] = IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX;
+
+            $permittedFields[] = IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX;
+
+            // If admin they can edit their own quota
+            if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
+                $permittedFields[] = 'quota';
+            }
+        } else {
+            // Check if admin / subadmin
+            $subAdminManager = $this->groupManager->getSubAdmin();
+            if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
+            || $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+                // They have permissions over the user
+                if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
+                    || $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
+                    $permittedFields[] = 'display';
+                    $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
+                }
+                $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
+                $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+                $permittedFields[] = 'password';
+                $permittedFields[] = 'language';
+                $permittedFields[] = 'locale';
+                $permittedFields[] = IAccountManager::PROPERTY_PHONE;
+                $permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
+                $permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
+                $permittedFields[] = IAccountManager::PROPERTY_TWITTER;
+                $permittedFields[] = 'quota';
+            } else {
+                // No rights
+                throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+            }
+        }
+        // Check if permitted to edit this field
+        if (!in_array($key, $permittedFields)) {
+            throw new OCSException('', 103);
+        }
+        // Process the edit
+        switch ($key) {
+            case 'display':
+            case IAccountManager::PROPERTY_DISPLAYNAME:
+                $targetUser->setDisplayName($value);
+                break;
+            case 'quota':
+                $quota = $value;
+                if ($quota !== 'none' && $quota !== 'default') {
+                    if (is_numeric($quota)) {
+                        $quota = (float) $quota;
+                    } else {
+                        $quota = \OCP\Util::computerFileSize($quota);
+                    }
+                    if ($quota === false) {
+                        throw new OCSException('Invalid quota value '.$value, 102);
+                    }
+                    if ($quota === -1) {
+                        $quota = 'none';
+                    } else {
+                        $quota = \OCP\Util::humanFileSize($quota);
+                    }
+                }
+                $targetUser->setQuota($quota);
+                break;
+            case 'password':
+                try {
+                    if (!$targetUser->canChangePassword()) {
+                        throw new OCSException('Setting the password is not supported by the users backend', 103);
+                    }
+                    $targetUser->setPassword($value);
+                } catch (HintException $e) { // password policy error
+                    throw new OCSException($e->getMessage(), 103);
+                }
+                break;
+            case 'language':
+                $languagesCodes = $this->l10nFactory->findAvailableLanguages();
+                if (!in_array($value, $languagesCodes, true) && $value !== 'en') {
+                    throw new OCSException('Invalid language', 102);
+                }
+                $this->config->setUserValue($targetUser->getUID(), 'core', 'lang', $value);
+                break;
+            case 'locale':
+                if (!$this->l10nFactory->localeExists($value)) {
+                    throw new OCSException('Invalid locale', 102);
+                }
+                $this->config->setUserValue($targetUser->getUID(), 'core', 'locale', $value);
+                break;
+            case IAccountManager::PROPERTY_EMAIL:
+                if (filter_var($value, FILTER_VALIDATE_EMAIL) || $value === '') {
+                    $targetUser->setEMailAddress($value);
+                } else {
+                    throw new OCSException('', 102);
+                }
+                break;
+            case IAccountManager::COLLECTION_EMAIL:
+                if (filter_var($value, FILTER_VALIDATE_EMAIL) && $value !== $targetUser->getEMailAddress()) {
+                    $userAccount = $this->accountManager->getAccount($targetUser);
+                    $mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
+                    foreach ($mailCollection->getProperties() as $property) {
+                        if ($property->getValue() === $value) {
+                            break;
+                        }
+                    }
+                    $mailCollection->addPropertyWithDefaults($value);
+                    $this->accountManager->updateAccount($userAccount);
+                } else {
+                    throw new OCSException('', 102);
+                }
+                break;
+            case IAccountManager::PROPERTY_PHONE:
+            case IAccountManager::PROPERTY_ADDRESS:
+            case IAccountManager::PROPERTY_WEBSITE:
+            case IAccountManager::PROPERTY_TWITTER:
+                $userAccount = $this->accountManager->getAccount($targetUser);
+                try {
+                    $userProperty = $userAccount->getProperty($key);
+                    if ($userProperty->getValue() !== $value) {
+                        try {
+                            $userProperty->setValue($value);
+                            if ($userProperty->getName() === IAccountManager::PROPERTY_PHONE) {
+                                $this->knownUserService->deleteByContactUserId($targetUser->getUID());
+                            }
+                        } catch (\InvalidArgumentException $e) {
+                            throw new OCSException('Invalid ' . $e->getMessage(), 102);
+                        }
+                    }
+                } catch (PropertyDoesNotExistException $e) {
+                    $userAccount->setProperty($key, $value, IAccountManager::SCOPE_PRIVATE, IAccountManager::NOT_VERIFIED);
+                }
+                $this->accountManager->updateAccount($userAccount);
+                break;
+            case IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX:
+            case IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX:
+            case IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX:
+            case IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX:
+            case IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX:
+            case IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX:
+            case IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX:
+                $propertyName = substr($key, 0, strlen($key) - strlen(self::SCOPE_SUFFIX));
+                $userAccount = $this->accountManager->getAccount($targetUser);
+                $userProperty = $userAccount->getProperty($propertyName);
+                if ($userProperty->getScope() !== $value) {
+                    try {
+                        $userProperty->setScope($value);
+                        $this->accountManager->updateAccount($userAccount);
+                    } catch (\InvalidArgumentException $e) {
+                        throw new OCSException('Invalid ' . $e->getMessage(), 102);
+                    }
+                }
+                break;
+            default:
+                throw new OCSException('', 103);
+        }
+        return new DataResponse();
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userId
+     *
+     * @return DataResponse
+     *
+     * @throws OCSException
+     */
+    public function wipeUserDevices(string $userId): DataResponse {
+        /** @var IUser $currentLoggedInUser */
+        $currentLoggedInUser = $this->userSession->getUser();
+
+        $targetUser = $this->userManager->get($userId);
+
+        if ($targetUser === null) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
+            throw new OCSException('', 101);
+        }
+
+        // If not permitted
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        $this->remoteWipe->markAllTokensForWipe($targetUser);
+
+        return new DataResponse();
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function deleteUser(string $userId): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+
+        $targetUser = $this->userManager->get($userId);
+
+        if ($targetUser === null) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
+            throw new OCSException('', 101);
+        }
+
+        // If not permitted
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        // Go ahead with the delete
+        if ($targetUser->delete()) {
+            return new DataResponse();
+        } else {
+            throw new OCSException('', 101);
+        }
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     * @throws OCSForbiddenException
+     */
+    public function disableUser(string $userId): DataResponse {
+        return $this->setEnabled($userId, false);
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     * @throws OCSForbiddenException
+     */
+    public function enableUser(string $userId): DataResponse {
+        return $this->setEnabled($userId, true);
+    }
+
+    /**
+     * @param string $userId
+     * @param bool $value
+     * @return DataResponse
+     * @throws OCSException
+     */
+    private function setEnabled(string $userId, bool $value): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+
+        $targetUser = $this->userManager->get($userId);
+        if ($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
+            throw new OCSException('', 101);
+        }
+
+        // If not permitted
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        // enable/disable the user now
+        $targetUser->setEnabled($value);
+        return new DataResponse();
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubAdminRequired
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function getUsersGroups(string $userId): DataResponse {
+        $loggedInUser = $this->userSession->getUser();
+
+        $targetUser = $this->userManager->get($userId);
+        if ($targetUser === null) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        if ($targetUser->getUID() === $loggedInUser->getUID() || $this->groupManager->isAdmin($loggedInUser->getUID())) {
+            // Self lookup or admin lookup
+            return new DataResponse([
+                'groups' => $this->groupManager->getUserGroupIds($targetUser)
+            ]);
+        } else {
+            $subAdminManager = $this->groupManager->getSubAdmin();
+
+            // Looking up someone else
+            if ($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) {
+                // Return the group that the method caller is subadmin of for the user in question
+                /** @var IGroup[] $getSubAdminsGroups */
+                $getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
+                foreach ($getSubAdminsGroups as $key => $group) {
+                    $getSubAdminsGroups[$key] = $group->getGID();
+                }
+                $groups = array_intersect(
+                    $getSubAdminsGroups,
+                    $this->groupManager->getUserGroupIds($targetUser)
+                );
+                return new DataResponse(['groups' => $groups]);
+            } else {
+                // Not permitted
+                throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+            }
+        }
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userId
+     * @param string $groupid
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function addToGroup(string $userId, string $groupid = ''): DataResponse {
+        if ($groupid === '') {
+            throw new OCSException('', 101);
+        }
+
+        $group = $this->groupManager->get($groupid);
+        $targetUser = $this->userManager->get($userId);
+        if ($group === null) {
+            throw new OCSException('', 102);
+        }
+        if ($targetUser === null) {
+            throw new OCSException('', 103);
+        }
+
+        // If they're not an admin, check they are a subadmin of the group in question
+        $loggedInUser = $this->userSession->getUser();
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) {
+            throw new OCSException('', 104);
+        }
+
+        // Add user to group
+        $group->addUser($targetUser);
+        return new DataResponse();
+    }
+
+    /**
+     * @PasswordConfirmationRequired
+     * @NoAdminRequired
+     *
+     * @param string $userId
+     * @param string $groupid
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function removeFromGroup(string $userId, string $groupid): DataResponse {
+        $loggedInUser = $this->userSession->getUser();
+
+        if ($groupid === null || trim($groupid) === '') {
+            throw new OCSException('', 101);
+        }
+
+        $group = $this->groupManager->get($groupid);
+        if ($group === null) {
+            throw new OCSException('', 102);
+        }
+
+        $targetUser = $this->userManager->get($userId);
+        if ($targetUser === null) {
+            throw new OCSException('', 103);
+        }
+
+        // If they're not an admin, check they are a subadmin of the group in question
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) {
+            throw new OCSException('', 104);
+        }
+
+        // Check they aren't removing themselves from 'admin' or their 'subadmin; group
+        if ($targetUser->getUID() === $loggedInUser->getUID()) {
+            if ($this->groupManager->isAdmin($loggedInUser->getUID())) {
+                if ($group->getGID() === 'admin') {
+                    throw new OCSException('Cannot remove yourself from the admin group', 105);
+                }
+            } else {
+                // Not an admin, so the user must be a subadmin of this group, but that is not allowed.
+                throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105);
+            }
+        } elseif (!$this->groupManager->isAdmin($loggedInUser->getUID())) {
+            /** @var IGroup[] $subAdminGroups */
+            $subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
+            $subAdminGroups = array_map(function (IGroup $subAdminGroup) {
+                return $subAdminGroup->getGID();
+            }, $subAdminGroups);
+            $userGroups = $this->groupManager->getUserGroupIds($targetUser);
+            $userSubAdminGroups = array_intersect($subAdminGroups, $userGroups);
+
+            if (count($userSubAdminGroups) <= 1) {
+                // Subadmin must not be able to remove a user from all their subadmin groups.
+                throw new OCSException('Not viable to remove user from the last group you are SubAdmin of', 105);
+            }
+        }
+
+        // Remove user from group
+        $group->removeUser($targetUser);
+        return new DataResponse();
+    }
+
+    /**
+     * Creates a subadmin
+     *
+     * @PasswordConfirmationRequired
+     *
+     * @param string $userId
+     * @param string $groupid
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function addSubAdmin(string $userId, string $groupid): DataResponse {
+        $group = $this->groupManager->get($groupid);
+        $user = $this->userManager->get($userId);
+
+        // Check if the user exists
+        if ($user === null) {
+            throw new OCSException('User does not exist', 101);
+        }
+        // Check if group exists
+        if ($group === null) {
+            throw new OCSException('Group does not exist',  102);
+        }
+        // Check if trying to make subadmin of admin group
+        if ($group->getGID() === 'admin') {
+            throw new OCSException('Cannot create subadmins for admin group', 103);
+        }
+
+        $subAdminManager = $this->groupManager->getSubAdmin();
+
+        // We cannot be subadmin twice
+        if ($subAdminManager->isSubAdminOfGroup($user, $group)) {
+            return new DataResponse();
+        }
+        // Go
+        $subAdminManager->createSubAdmin($user, $group);
+        return new DataResponse();
+    }
+
+    /**
+     * Removes a subadmin from a group
+     *
+     * @PasswordConfirmationRequired
+     *
+     * @param string $userId
+     * @param string $groupid
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function removeSubAdmin(string $userId, string $groupid): DataResponse {
+        $group = $this->groupManager->get($groupid);
+        $user = $this->userManager->get($userId);
+        $subAdminManager = $this->groupManager->getSubAdmin();
+
+        // Check if the user exists
+        if ($user === null) {
+            throw new OCSException('User does not exist', 101);
+        }
+        // Check if the group exists
+        if ($group === null) {
+            throw new OCSException('Group does not exist', 101);
+        }
+        // Check if they are a subadmin of this said group
+        if (!$subAdminManager->isSubAdminOfGroup($user, $group)) {
+            throw new OCSException('User is not a subadmin of this group', 102);
+        }
+
+        // Go
+        $subAdminManager->deleteSubAdmin($user, $group);
+        return new DataResponse();
+    }
+
+    /**
+     * Get the groups a user is a subadmin of
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function getUserSubAdminGroups(string $userId): DataResponse {
+        $groups = $this->getUserSubAdminGroupsData($userId);
+        return new DataResponse($groups);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @PasswordConfirmationRequired
+     *
+     * resend welcome message
+     *
+     * @param string $userId
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function resendWelcomeMessage(string $userId): DataResponse {
+        $currentLoggedInUser = $this->userSession->getUser();
+
+        $targetUser = $this->userManager->get($userId);
+        if ($targetUser === null) {
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        // Check if admin / subadmin
+        $subAdminManager = $this->groupManager->getSubAdmin();
+        if (!$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)
+            && !$this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
+            // No rights
+            throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
+        }
+
+        $email = $targetUser->getEMailAddress();
+        if ($email === '' || $email === null) {
+            throw new OCSException('Email address not available', 101);
+        }
+
+        try {
+            $emailTemplate = $this->newUserMailHelper->generateTemplate($targetUser, false);
+            $this->newUserMailHelper->sendMail($targetUser, $emailTemplate);
+        } catch (\Exception $e) {
+            $this->logger->error("Can't send new user mail to $email",
+                [
+                    'app' => 'settings',
+                    'exception' => $e,
+                ]
+            );
+            throw new OCSException('Sending email failed', 102);
+        }
+
+        return new DataResponse();
+    }
 }

Please login to merge, or discard this patch.

Spacing +25 added lines, -25 removed lines patch added patch discarded remove patch

@@ -287,7 +287,7 @@  discard block
 block discarded – undo
 		$matches = [];
 		foreach ($userMatches as $phone => $userId) {
 			// Not using the ICloudIdManager as that would run a search for each contact to find the display name in the address book
-			$matches[$normalizedNumberToKey[$phone]] = $userId . '@' . $cloudUrl;
+			$matches[$normalizedNumberToKey[$phone]] = $userId.'@'.$cloudUrl;
 			$this->knownUserService->storeIsKnownToUser($knownTo, $userId);
 		}
 
@@ -351,7 +351,7 @@  discard block
 block discarded – undo
 					throw new OCSException('group '.$group.' does not exist', 104);
 				}
 				if (!$isAdmin && !$subAdminManager->isSubAdminOfGroup($user, $this->groupManager->get($group))) {
-					throw new OCSException('insufficient privileges for group '. $group, 105);
+					throw new OCSException('insufficient privileges for group '.$group, 105);
 				}
 			}
 		} else {
@@ -366,7 +366,7 @@  discard block
 block discarded – undo
 				$group = $this->groupManager->get($groupid);
 				// Check if group exists
 				if ($group === null) {
-					throw new OCSException('Subadmin group does not exist',  102);
+					throw new OCSException('Subadmin group does not exist', 102);
 				}
 				// Check if trying to make subadmin of admin group
 				if ($group->getGID() === 'admin') {
@@ -407,11 +407,11 @@  discard block
 block discarded – undo
 
 		try {
 			$newUser = $this->userManager->createUser($userid, $password);
-			$this->logger->info('Successful addUser call with userid: ' . $userid, ['app' => 'ocs_api']);
+			$this->logger->info('Successful addUser call with userid: '.$userid, ['app' => 'ocs_api']);
 
 			foreach ($groups as $group) {
 				$this->groupManager->get($group)->addUser($newUser);
-				$this->logger->info('Added userid ' . $userid . ' to group ' . $group, ['app' => 'ocs_api']);
+				$this->logger->info('Added userid '.$userid.' to group '.$group, ['app' => 'ocs_api']);
 			}
 			foreach ($subadminGroups as $group) {
 				$subAdminManager->createSubAdmin($newUser, $group);
@@ -625,7 +625,7 @@  discard block
 block discarded – undo
 		if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
 			// Editing self (display, email)
 			$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
-			$permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::COLLECTION_EMAIL.self::SCOPE_SUFFIX;
 		} else {
 			// Check if admin / subadmin
 			$subAdminManager = $this->groupManager->getSubAdmin();
@@ -656,7 +656,7 @@  discard block
 block discarded – undo
 				$this->accountManager->updateAccount($userAccount);
 				break;
 
-			case IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX:
+			case IAccountManager::COLLECTION_EMAIL.self::SCOPE_SUFFIX:
 				$userAccount = $this->accountManager->getAccount($targetUser);
 				$mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
 				$targetProperty = null;
@@ -717,8 +717,8 @@  discard block
 block discarded – undo
 				$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
 			}
 
-			$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME.self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_EMAIL.self::SCOPE_SUFFIX;
 
 			$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
 
@@ -737,12 +737,12 @@  discard block
 block discarded – undo
 			$permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
 			$permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
 			$permittedFields[] = IAccountManager::PROPERTY_TWITTER;
-			$permittedFields[] = IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX;
-			$permittedFields[] = IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_PHONE.self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_ADDRESS.self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_WEBSITE.self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_TWITTER.self::SCOPE_SUFFIX;
 
-			$permittedFields[] = IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX;
+			$permittedFields[] = IAccountManager::PROPERTY_AVATAR.self::SCOPE_SUFFIX;
 
 			// If admin they can edit their own quota
 			if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
@@ -862,7 +862,7 @@  discard block
 block discarded – undo
 								$this->knownUserService->deleteByContactUserId($targetUser->getUID());
 							}
 						} catch (\InvalidArgumentException $e) {
-							throw new OCSException('Invalid ' . $e->getMessage(), 102);
+							throw new OCSException('Invalid '.$e->getMessage(), 102);
 						}
 					}
 				} catch (PropertyDoesNotExistException $e) {
@@ -870,13 +870,13 @@  discard block
 block discarded – undo
 				}
 				$this->accountManager->updateAccount($userAccount);
 				break;
-			case IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX:
-			case IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_DISPLAYNAME.self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_EMAIL.self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_PHONE.self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_ADDRESS.self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_WEBSITE.self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_TWITTER.self::SCOPE_SUFFIX:
+			case IAccountManager::PROPERTY_AVATAR.self::SCOPE_SUFFIX:
 				$propertyName = substr($key, 0, strlen($key) - strlen(self::SCOPE_SUFFIX));
 				$userAccount = $this->accountManager->getAccount($targetUser);
 				$userProperty = $userAccount->getProperty($propertyName);
@@ -885,7 +885,7 @@  discard block
 block discarded – undo
 						$userProperty->setScope($value);
 						$this->accountManager->updateAccount($userAccount);
 					} catch (\InvalidArgumentException $e) {
-						throw new OCSException('Invalid ' . $e->getMessage(), 102);
+						throw new OCSException('Invalid '.$e->getMessage(), 102);
 					}
 				}
 				break;
@@ -1140,7 +1140,7 @@  discard block
 block discarded – undo
 		} elseif (!$this->groupManager->isAdmin($loggedInUser->getUID())) {
 			/** @var IGroup[] $subAdminGroups */
 			$subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
-			$subAdminGroups = array_map(function (IGroup $subAdminGroup) {
+			$subAdminGroups = array_map(function(IGroup $subAdminGroup) {
 				return $subAdminGroup->getGID();
 			}, $subAdminGroups);
 			$userGroups = $this->groupManager->getUserGroupIds($targetUser);
@@ -1177,7 +1177,7 @@  discard block
 block discarded – undo
 		}
 		// Check if group exists
 		if ($group === null) {
-			throw new OCSException('Group does not exist',  102);
+			throw new OCSException('Group does not exist', 102);
 		}
 		// Check if trying to make subadmin of admin group
 		if ($group->getGID() === 'admin') {

Please login to merge, or discard this patch.

		@@ -287,7 +287,7 @@ discard block
		block discarded – undo
287	287	$matches = [];
288	288	foreach ($userMatches as $phone => $userId) {
289	289	// Not using the ICloudIdManager as that would run a search for each contact to find the display name in the address book
290		- $matches[$normalizedNumberToKey[$phone]] = $userId . '@' . $cloudUrl;
	290	+ $matches[$normalizedNumberToKey[$phone]] = $userId.'@'.$cloudUrl;
291	291	$this->knownUserService->storeIsKnownToUser($knownTo, $userId);
292	292	}
293	293
		@@ -351,7 +351,7 @@ discard block
		block discarded – undo
351	351	throw new OCSException('group '.$group.' does not exist', 104);
352	352	}
353	353	if (!$isAdmin && !$subAdminManager->isSubAdminOfGroup($user, $this->groupManager->get($group))) {
354		- throw new OCSException('insufficient privileges for group '. $group, 105);
	354	+ throw new OCSException('insufficient privileges for group '.$group, 105);
355	355	}
356	356	}
357	357	} else {
		@@ -366,7 +366,7 @@ discard block
		block discarded – undo
366	366	$group = $this->groupManager->get($groupid);
367	367	// Check if group exists
368	368	if ($group === null) {
369		- throw new OCSException('Subadmin group does not exist', 102);
	369	+ throw new OCSException('Subadmin group does not exist', 102);
370	370	}
371	371	// Check if trying to make subadmin of admin group
372	372	if ($group->getGID() === 'admin') {
		@@ -407,11 +407,11 @@ discard block
		block discarded – undo
407	407
408	408	try {
409	409	$newUser = $this->userManager->createUser($userid, $password);
410		- $this->logger->info('Successful addUser call with userid: ' . $userid, ['app' => 'ocs_api']);
	410	+ $this->logger->info('Successful addUser call with userid: '.$userid, ['app' => 'ocs_api']);
411	411
412	412	foreach ($groups as $group) {
413	413	$this->groupManager->get($group)->addUser($newUser);
414		- $this->logger->info('Added userid ' . $userid . ' to group ' . $group, ['app' => 'ocs_api']);
	414	+ $this->logger->info('Added userid '.$userid.' to group '.$group, ['app' => 'ocs_api']);
415	415	}
416	416	foreach ($subadminGroups as $group) {
417	417	$subAdminManager->createSubAdmin($newUser, $group);
		@@ -625,7 +625,7 @@ discard block
		block discarded – undo
625	625	if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
626	626	// Editing self (display, email)
627	627	$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
628		- $permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX;
	628	+ $permittedFields[] = IAccountManager::COLLECTION_EMAIL.self::SCOPE_SUFFIX;
629	629	} else {
630	630	// Check if admin / subadmin
631	631	$subAdminManager = $this->groupManager->getSubAdmin();
		@@ -656,7 +656,7 @@ discard block
		block discarded – undo
656	656	$this->accountManager->updateAccount($userAccount);
657	657	break;
658	658
659		- case IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX:
	659	+ case IAccountManager::COLLECTION_EMAIL.self::SCOPE_SUFFIX:
660	660	$userAccount = $this->accountManager->getAccount($targetUser);
661	661	$mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
662	662	$targetProperty = null;
		@@ -717,8 +717,8 @@ discard block
		block discarded – undo
717	717	$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
718	718	}
719	719
720		- $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX;
721		- $permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX;
	720	+ $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME.self::SCOPE_SUFFIX;
	721	+ $permittedFields[] = IAccountManager::PROPERTY_EMAIL.self::SCOPE_SUFFIX;
722	722
723	723	$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
724	724
		@@ -737,12 +737,12 @@ discard block
		block discarded – undo
737	737	$permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
738	738	$permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
739	739	$permittedFields[] = IAccountManager::PROPERTY_TWITTER;
740		- $permittedFields[] = IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX;
741		- $permittedFields[] = IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX;
742		- $permittedFields[] = IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX;
743		- $permittedFields[] = IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX;
	740	+ $permittedFields[] = IAccountManager::PROPERTY_PHONE.self::SCOPE_SUFFIX;
	741	+ $permittedFields[] = IAccountManager::PROPERTY_ADDRESS.self::SCOPE_SUFFIX;
	742	+ $permittedFields[] = IAccountManager::PROPERTY_WEBSITE.self::SCOPE_SUFFIX;
	743	+ $permittedFields[] = IAccountManager::PROPERTY_TWITTER.self::SCOPE_SUFFIX;
744	744
745		- $permittedFields[] = IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX;
	745	+ $permittedFields[] = IAccountManager::PROPERTY_AVATAR.self::SCOPE_SUFFIX;
746	746
747	747	// If admin they can edit their own quota
748	748	if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
		@@ -862,7 +862,7 @@ discard block
		block discarded – undo
862	862	$this->knownUserService->deleteByContactUserId($targetUser->getUID());
863	863	}
864	864	} catch (\InvalidArgumentException $e) {
865		- throw new OCSException('Invalid ' . $e->getMessage(), 102);
	865	+ throw new OCSException('Invalid '.$e->getMessage(), 102);
866	866	}
867	867	}
868	868	} catch (PropertyDoesNotExistException $e) {
		@@ -870,13 +870,13 @@ discard block
		block discarded – undo
870	870	}
871	871	$this->accountManager->updateAccount($userAccount);
872	872	break;
873		- case IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX:
874		- case IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX:
875		- case IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX:
876		- case IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX:
877		- case IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX:
878		- case IAccountManager::PROPERTY_TWITTER . self::SCOPE_SUFFIX:
879		- case IAccountManager::PROPERTY_AVATAR . self::SCOPE_SUFFIX:
	873	+ case IAccountManager::PROPERTY_DISPLAYNAME.self::SCOPE_SUFFIX:
	874	+ case IAccountManager::PROPERTY_EMAIL.self::SCOPE_SUFFIX:
	875	+ case IAccountManager::PROPERTY_PHONE.self::SCOPE_SUFFIX:
	876	+ case IAccountManager::PROPERTY_ADDRESS.self::SCOPE_SUFFIX:
	877	+ case IAccountManager::PROPERTY_WEBSITE.self::SCOPE_SUFFIX:
	878	+ case IAccountManager::PROPERTY_TWITTER.self::SCOPE_SUFFIX:
	879	+ case IAccountManager::PROPERTY_AVATAR.self::SCOPE_SUFFIX:
880	880	$propertyName = substr($key, 0, strlen($key) - strlen(self::SCOPE_SUFFIX));
881	881	$userAccount = $this->accountManager->getAccount($targetUser);
882	882	$userProperty = $userAccount->getProperty($propertyName);
		@@ -885,7 +885,7 @@ discard block
		block discarded – undo
885	885	$userProperty->setScope($value);
886	886	$this->accountManager->updateAccount($userAccount);
887	887	} catch (\InvalidArgumentException $e) {
888		- throw new OCSException('Invalid ' . $e->getMessage(), 102);
	888	+ throw new OCSException('Invalid '.$e->getMessage(), 102);
889	889	}
890	890	}
891	891	break;
		@@ -1140,7 +1140,7 @@ discard block
		block discarded – undo
1140	1140	} elseif (!$this->groupManager->isAdmin($loggedInUser->getUID())) {
1141	1141	/** @var IGroup[] $subAdminGroups */
1142	1142	$subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
1143		- $subAdminGroups = array_map(function (IGroup $subAdminGroup) {
	1143	+ $subAdminGroups = array_map(function(IGroup $subAdminGroup) {
1144	1144	return $subAdminGroup->getGID();
1145	1145	}, $subAdminGroups);
1146	1146	$userGroups = $this->groupManager->getUserGroupIds($targetUser);
		@@ -1177,7 +1177,7 @@ discard block
		block discarded – undo
1177	1177	}
1178	1178	// Check if group exists
1179	1179	if ($group === null) {
1180		- throw new OCSException('Group does not exist', 102);
	1180	+ throw new OCSException('Group does not exist', 102);
1181	1181	}
1182	1182	// Check if trying to make subadmin of admin group
1183	1183	if ($group->getGID() === 'admin') {

		@@ -36,97 +36,97 @@
		block discarded – undo
36	36	use RuntimeException;
37	37
38	38	class Account implements IAccount {
39		- use TAccountsHelper;
40		-
41		- /** @var IAccountPropertyCollection[]\|IAccountProperty[] */
42		- private $properties = [];
43		-
44		- /** @var IUser */
45		- private $user;
46		-
47		- public function __construct(IUser $user) {
48		- $this->user = $user;
49		- }
50		-
51		- public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount {
52		- if ($this->isCollection($property)) {
53		- throw new \InvalidArgumentException('setProperty cannot set an IAccountsPropertyCollection');
54		- }
55		- $this->properties[$property] = new AccountProperty($property, $value, $scope, $verified, $verificationData);
56		- return $this;
57		- }
58		-
59		- public function getProperty(string $property): IAccountProperty {
60		- if ($this->isCollection($property)) {
61		- throw new \InvalidArgumentException('getProperty cannot retrieve an IAccountsPropertyCollection');
62		- }
63		- if (!array_key_exists($property, $this->properties) \|\| !$this->properties[$property] instanceof IAccountProperty) {
64		- throw new PropertyDoesNotExistException($property);
65		- }
66		- return $this->properties[$property];
67		- }
68		-
69		- public function getProperties(): array {
70		- return array_filter($this->properties, function ($obj) {
71		- return $obj instanceof IAccountProperty;
72		- });
73		- }
74		-
75		- public function getAllProperties(): Generator {
76		- foreach ($this->properties as $propertyObject) {
77		- if ($propertyObject instanceof IAccountProperty) {
78		- yield $propertyObject;
79		- } elseif ($propertyObject instanceof IAccountPropertyCollection) {
80		- foreach ($propertyObject->getProperties() as $property) {
81		- yield $property;
82		- }
83		- }
84		- }
85		- }
86		-
87		- public function getFilteredProperties(string $scope = null, string $verified = null): array {
88		- $result = $incrementals = [];
89		- /** @var IAccountProperty $obj */
90		- foreach ($this->getAllProperties() as $obj) {
91		- if ($scope !== null && $scope !== $obj->getScope()) {
92		- continue;
93		- }
94		- if ($verified !== null && $verified !== $obj->getVerified()) {
95		- continue;
96		- }
97		- $index = $obj->getName();
98		- if ($this->isCollection($index)) {
99		- $incrementals[$index] = ($incrementals[$index] ?? -1) + 1;
100		- $index .= '#' . $incrementals[$index];
101		- }
102		- $result[$index] = $obj;
103		- }
104		- return $result;
105		- }
106		-
107		- public function jsonSerialize() {
108		- return $this->properties;
109		- }
110		-
111		- public function getUser(): IUser {
112		- return $this->user;
113		- }
114		-
115		- public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount {
116		- $this->properties[$propertyCollection->getName()] = $propertyCollection;
117		- return $this;
118		- }
119		-
120		- public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection {
121		- if (!$this->isCollection($propertyCollectionName)) {
122		- throw new PropertyDoesNotExistException($propertyCollectionName);
123		- }
124		- if (!array_key_exists($propertyCollectionName, $this->properties)) {
125		- $this->properties[$propertyCollectionName] = new AccountPropertyCollection($propertyCollectionName);
126		- }
127		- if (!$this->properties[$propertyCollectionName] instanceof IAccountPropertyCollection) {
128		- throw new RuntimeException('Requested collection is not an IAccountPropertyCollection');
129		- }
130		- return $this->properties[$propertyCollectionName];
131		- }
	39	+ use TAccountsHelper;
	40	+
	41	+ /** @var IAccountPropertyCollection[]\|IAccountProperty[] */
	42	+ private $properties = [];
	43	+
	44	+ /** @var IUser */
	45	+ private $user;
	46	+
	47	+ public function __construct(IUser $user) {
	48	+ $this->user = $user;
	49	+ }
	50	+
	51	+ public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount {
	52	+ if ($this->isCollection($property)) {
	53	+ throw new \InvalidArgumentException('setProperty cannot set an IAccountsPropertyCollection');
	54	+ }
	55	+ $this->properties[$property] = new AccountProperty($property, $value, $scope, $verified, $verificationData);
	56	+ return $this;
	57	+ }
	58	+
	59	+ public function getProperty(string $property): IAccountProperty {
	60	+ if ($this->isCollection($property)) {
	61	+ throw new \InvalidArgumentException('getProperty cannot retrieve an IAccountsPropertyCollection');
	62	+ }
	63	+ if (!array_key_exists($property, $this->properties) \|\| !$this->properties[$property] instanceof IAccountProperty) {
	64	+ throw new PropertyDoesNotExistException($property);
	65	+ }
	66	+ return $this->properties[$property];
	67	+ }
	68	+
	69	+ public function getProperties(): array {
	70	+ return array_filter($this->properties, function ($obj) {
	71	+ return $obj instanceof IAccountProperty;
	72	+ });
	73	+ }
	74	+
	75	+ public function getAllProperties(): Generator {
	76	+ foreach ($this->properties as $propertyObject) {
	77	+ if ($propertyObject instanceof IAccountProperty) {
	78	+ yield $propertyObject;
	79	+ } elseif ($propertyObject instanceof IAccountPropertyCollection) {
	80	+ foreach ($propertyObject->getProperties() as $property) {
	81	+ yield $property;
	82	+ }
	83	+ }
	84	+ }
	85	+ }
	86	+
	87	+ public function getFilteredProperties(string $scope = null, string $verified = null): array {
	88	+ $result = $incrementals = [];
	89	+ /** @var IAccountProperty $obj */
	90	+ foreach ($this->getAllProperties() as $obj) {
	91	+ if ($scope !== null && $scope !== $obj->getScope()) {
	92	+ continue;
	93	+ }
	94	+ if ($verified !== null && $verified !== $obj->getVerified()) {
	95	+ continue;
	96	+ }
	97	+ $index = $obj->getName();
	98	+ if ($this->isCollection($index)) {
	99	+ $incrementals[$index] = ($incrementals[$index] ?? -1) + 1;
	100	+ $index .= '#' . $incrementals[$index];
	101	+ }
	102	+ $result[$index] = $obj;
	103	+ }
	104	+ return $result;
	105	+ }
	106	+
	107	+ public function jsonSerialize() {
	108	+ return $this->properties;
	109	+ }
	110	+
	111	+ public function getUser(): IUser {
	112	+ return $this->user;
	113	+ }
	114	+
	115	+ public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount {
	116	+ $this->properties[$propertyCollection->getName()] = $propertyCollection;
	117	+ return $this;
	118	+ }
	119	+
	120	+ public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection {
	121	+ if (!$this->isCollection($propertyCollectionName)) {
	122	+ throw new PropertyDoesNotExistException($propertyCollectionName);
	123	+ }
	124	+ if (!array_key_exists($propertyCollectionName, $this->properties)) {
	125	+ $this->properties[$propertyCollectionName] = new AccountPropertyCollection($propertyCollectionName);
	126	+ }
	127	+ if (!$this->properties[$propertyCollectionName] instanceof IAccountPropertyCollection) {
	128	+ throw new RuntimeException('Requested collection is not an IAccountPropertyCollection');
	129	+ }
	130	+ return $this->properties[$propertyCollectionName];
	131	+ }
132	132	}

		@@ -33,71 +33,71 @@
		block discarded – undo
33	33
34	34	class AccountPropertyCollection implements IAccountPropertyCollection {
35	35
36		- /** @var string */
37		- protected $collectionName = '';
38		-
39		- /** @var IAccountProperty[] */
40		- protected $properties = [];
41		-
42		- public function __construct(string $collectionName) {
43		- $this->collectionName = $collectionName;
44		- }
45		-
46		- public function setProperties(array $properties): IAccountPropertyCollection {
47		- /** @var IAccountProperty $property */
48		- $this->properties = [];
49		- foreach ($properties as $property) {
50		- $this->addProperty($property);
51		- }
52		- return $this;
53		- }
54		-
55		- public function getProperties(): array {
56		- return $this->properties;
57		- }
58		-
59		- public function addProperty(IAccountProperty $property): IAccountPropertyCollection {
60		- if ($property->getName() !== $this->collectionName) {
61		- throw new InvalidArgumentException('Provided property does not match collection name');
62		- }
63		- $this->properties[] = $property;
64		- return $this;
65		- }
66		-
67		- public function addPropertyWithDefaults(string $value): IAccountPropertyCollection {
68		- $property = new AccountProperty(
69		- $this->collectionName,
70		- $value,
71		- IAccountManager::SCOPE_LOCAL,
72		- IAccountManager::NOT_VERIFIED,
73		- ''
74		- );
75		- $this->addProperty($property);
76		- return $this;
77		- }
78		-
79		- public function removeProperty(IAccountProperty $property): IAccountPropertyCollection {
80		- $ref = array_search($property, $this->properties, true);
81		- if ($ref !== false) {
82		- unset($this->properties[$ref]);
83		- }
84		- return $this;
85		- }
86		-
87		- public function removePropertyByValue(string $value): IAccountPropertyCollection {
88		- foreach ($this->properties as $i => $property) {
89		- if ($property->getValue() === $value) {
90		- unset($this->properties[$i]);
91		- }
92		- }
93		- return $this;
94		- }
95		-
96		- public function jsonSerialize() {
97		- return [$this->collectionName => $this->properties];
98		- }
99		-
100		- public function getName(): string {
101		- return $this->collectionName;
102		- }
	36	+ /** @var string */
	37	+ protected $collectionName = '';
	38	+
	39	+ /** @var IAccountProperty[] */
	40	+ protected $properties = [];
	41	+
	42	+ public function __construct(string $collectionName) {
	43	+ $this->collectionName = $collectionName;
	44	+ }
	45	+
	46	+ public function setProperties(array $properties): IAccountPropertyCollection {
	47	+ /** @var IAccountProperty $property */
	48	+ $this->properties = [];
	49	+ foreach ($properties as $property) {
	50	+ $this->addProperty($property);
	51	+ }
	52	+ return $this;
	53	+ }
	54	+
	55	+ public function getProperties(): array {
	56	+ return $this->properties;
	57	+ }
	58	+
	59	+ public function addProperty(IAccountProperty $property): IAccountPropertyCollection {
	60	+ if ($property->getName() !== $this->collectionName) {
	61	+ throw new InvalidArgumentException('Provided property does not match collection name');
	62	+ }
	63	+ $this->properties[] = $property;
	64	+ return $this;
	65	+ }
	66	+
	67	+ public function addPropertyWithDefaults(string $value): IAccountPropertyCollection {
	68	+ $property = new AccountProperty(
	69	+ $this->collectionName,
	70	+ $value,
	71	+ IAccountManager::SCOPE_LOCAL,
	72	+ IAccountManager::NOT_VERIFIED,
	73	+ ''
	74	+ );
	75	+ $this->addProperty($property);
	76	+ return $this;
	77	+ }
	78	+
	79	+ public function removeProperty(IAccountProperty $property): IAccountPropertyCollection {
	80	+ $ref = array_search($property, $this->properties, true);
	81	+ if ($ref !== false) {
	82	+ unset($this->properties[$ref]);
	83	+ }
	84	+ return $this;
	85	+ }
	86	+
	87	+ public function removePropertyByValue(string $value): IAccountPropertyCollection {
	88	+ foreach ($this->properties as $i => $property) {
	89	+ if ($property->getValue() === $value) {
	90	+ unset($this->properties[$i]);
	91	+ }
	92	+ }
	93	+ return $this;
	94	+ }
	95	+
	96	+ public function jsonSerialize() {
	97	+ return [$this->collectionName => $this->properties];
	98	+ }
	99	+
	100	+ public function getName(): string {
	101	+ return $this->collectionName;
	102	+ }
103	103	}

		@@ -34,46 +34,46 @@
		block discarded – undo
34	34
35	35	class Hooks implements IEventListener {
36	36
37		- /** @var IAccountManager */
38		- private $accountManager;
39		- /** @var LoggerInterface */
40		- private $logger;
	37	+ /** @var IAccountManager */
	38	+ private $accountManager;
	39	+ /** @var LoggerInterface */
	40	+ private $logger;
41	41
42		- public function __construct(LoggerInterface $logger, IAccountManager $accountManager) {
43		- $this->logger = $logger;
44		- $this->accountManager = $accountManager;
45		- }
	42	+ public function __construct(LoggerInterface $logger, IAccountManager $accountManager) {
	43	+ $this->logger = $logger;
	44	+ $this->accountManager = $accountManager;
	45	+ }
46	46
47		- /**
48		- * update accounts table if email address or display name was changed from outside
49		- */
50		- public function changeUserHook(IUser $user, string $feature, $newValue): void {
51		- $account = $this->accountManager->getAccount($user);
	47	+ /**
	48	+ * update accounts table if email address or display name was changed from outside
	49	+ */
	50	+ public function changeUserHook(IUser $user, string $feature, $newValue): void {
	51	+ $account = $this->accountManager->getAccount($user);
52	52
53		- try {
54		- switch ($feature) {
55		- case 'eMailAddress':
56		- $property = $account->getProperty(IAccountManager::PROPERTY_EMAIL);
57		- break;
58		- case 'displayName':
59		- $property = $account->getProperty(IAccountManager::PROPERTY_DISPLAYNAME);
60		- break;
61		- }
62		- } catch (PropertyDoesNotExistException $e) {
63		- $this->logger->debug($e->getMessage(), ['exception' => $e]);
64		- return;
65		- }
	53	+ try {
	54	+ switch ($feature) {
	55	+ case 'eMailAddress':
	56	+ $property = $account->getProperty(IAccountManager::PROPERTY_EMAIL);
	57	+ break;
	58	+ case 'displayName':
	59	+ $property = $account->getProperty(IAccountManager::PROPERTY_DISPLAYNAME);
	60	+ break;
	61	+ }
	62	+ } catch (PropertyDoesNotExistException $e) {
	63	+ $this->logger->debug($e->getMessage(), ['exception' => $e]);
	64	+ return;
	65	+ }
66	66
67		- if (isset($property) && $property->getValue() !== (string)$newValue) {
68		- $property->setValue($newValue);
69		- $this->accountManager->updateAccount($account);
70		- }
71		- }
	67	+ if (isset($property) && $property->getValue() !== (string)$newValue) {
	68	+ $property->setValue($newValue);
	69	+ $this->accountManager->updateAccount($account);
	70	+ }
	71	+ }
72	72
73		- public function handle(Event $event): void {
74		- if (!$event instanceof UserChangedEvent) {
75		- return;
76		- }
77		- $this->changeUserHook($event->getUser(), $event->getFeature(), $event->getValue());
78		- }
	73	+ public function handle(Event $event): void {
	74	+ if (!$event instanceof UserChangedEvent) {
	75	+ return;
	76	+ }
	77	+ $this->changeUserHook($event->getUser(), $event->getFeature(), $event->getValue());
	78	+ }
79	79	}

		@@ -64,7 +64,7 @@
		block discarded – undo
64	64	return;
65	65	}
66	66
67		- if (isset($property) && $property->getValue() !== (string)$newValue) {
	67	+ if (isset($property) && $property->getValue() !== (string) $newValue) {
68	68	$property->setValue($newValue);
69	69	$this->accountManager->updateAccount($account);
70	70	}

		@@ -55,139 +55,139 @@
		block discarded – undo
55	55	*/
56	56	class AvatarManager implements IAvatarManager {
57	57
58		- /** @var IUserSession */
59		- private $userSession;
60		-
61		- /** @var Manager */
62		- private $userManager;
63		-
64		- /** @var IAppData */
65		- private $appData;
66		-
67		- /** @var IL10N */
68		- private $l;
69		-
70		- /** @var LoggerInterface */
71		- private $logger;
72		-
73		- /** @var IConfig */
74		- private $config;
75		-
76		- /** @var IAccountManager */
77		- private $accountManager;
78		-
79		- /** @var KnownUserService */
80		- private $knownUserService;
81		-
82		- public function __construct(
83		- IUserSession $userSession,
84		- Manager $userManager,
85		- IAppData $appData,
86		- IL10N $l,
87		- LoggerInterface $logger,
88		- IConfig $config,
89		- IAccountManager $accountManager,
90		- KnownUserService $knownUserService
91		- ) {
92		- $this->userSession = $userSession;
93		- $this->userManager = $userManager;
94		- $this->appData = $appData;
95		- $this->l = $l;
96		- $this->logger = $logger;
97		- $this->config = $config;
98		- $this->accountManager = $accountManager;
99		- $this->knownUserService = $knownUserService;
100		- }
101		-
102		- /**
103		- * return a user specific instance of \OCP\IAvatar
104		- * @see \OCP\IAvatar
105		- * @param string $userId the ownCloud user id
106		- * @return \OCP\IAvatar
107		- * @throws \Exception In case the username is potentially dangerous
108		- * @throws NotFoundException In case there is no user folder yet
109		- */
110		- public function getAvatar(string $userId) : IAvatar {
111		- $user = $this->userManager->get($userId);
112		- if ($user === null) {
113		- throw new \Exception('user does not exist');
114		- }
115		-
116		- // sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below)
117		- $userId = $user->getUID();
118		-
119		- $requestingUser = null;
120		- if ($this->userSession !== null) {
121		- $requestingUser = $this->userSession->getUser();
122		- }
123		-
124		- try {
125		- $folder = $this->appData->getFolder($userId);
126		- } catch (NotFoundException $e) {
127		- $folder = $this->appData->newFolder($userId);
128		- }
129		-
130		- try {
131		- $account = $this->accountManager->getAccount($user);
132		- $avatarProperties = $account->getProperty(IAccountManager::PROPERTY_AVATAR);
133		- $avatarScope = $avatarProperties->getScope();
134		- } catch (PropertyDoesNotExistException $e) {
135		- $avatarScope = '';
136		- }
137		-
138		- if (
139		- // v2-private scope hides the avatar from public access and from unknown users
140		- $avatarScope === IAccountManager::SCOPE_PRIVATE
141		- && (
142		- // accessing from public link
143		- $requestingUser === null
144		- // logged in, but unknown to user
145		- \|\| !$this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)
146		- )) {
147		- // use a placeholder avatar which caches the generated images
148		- return new PlaceholderAvatar($folder, $user, $this->logger);
149		- }
150		-
151		- return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
152		- }
153		-
154		- /**
155		- * Clear generated avatars
156		- */
157		- public function clearCachedAvatars() {
158		- $users = $this->config->getUsersForUserValue('avatar', 'generated', 'true');
159		- foreach ($users as $userId) {
160		- try {
161		- $folder = $this->appData->getFolder($userId);
162		- $folder->delete();
163		- } catch (NotFoundException $e) {
164		- $this->logger->debug("No cache for the user $userId. Ignoring...");
165		- }
166		- $this->config->setUserValue($userId, 'avatar', 'generated', 'false');
167		- }
168		- }
169		-
170		- public function deleteUserAvatar(string $userId): void {
171		- try {
172		- $folder = $this->appData->getFolder($userId);
173		- $folder->delete();
174		- } catch (NotFoundException $e) {
175		- $this->logger->debug("No cache for the user $userId. Ignoring avatar deletion");
176		- } catch (NotPermittedException $e) {
177		- $this->logger->error("Unable to delete user avatars for $userId. gnoring avatar deletion");
178		- } catch (NoUserException $e) {
179		- $this->logger->debug("User $userId not found. gnoring avatar deletion");
180		- }
181		- $this->config->deleteUserValue($userId, 'avatar', 'generated');
182		- }
183		-
184		- /**
185		- * Returns a GuestAvatar.
186		- *
187		- * @param string $name The guest name, e.g. "Albert".
188		- * @return IAvatar
189		- */
190		- public function getGuestAvatar(string $name): IAvatar {
191		- return new GuestAvatar($name, $this->logger);
192		- }
	58	+ /** @var IUserSession */
	59	+ private $userSession;
	60	+
	61	+ /** @var Manager */
	62	+ private $userManager;
	63	+
	64	+ /** @var IAppData */
	65	+ private $appData;
	66	+
	67	+ /** @var IL10N */
	68	+ private $l;
	69	+
	70	+ /** @var LoggerInterface */
	71	+ private $logger;
	72	+
	73	+ /** @var IConfig */
	74	+ private $config;
	75	+
	76	+ /** @var IAccountManager */
	77	+ private $accountManager;
	78	+
	79	+ /** @var KnownUserService */
	80	+ private $knownUserService;
	81	+
	82	+ public function __construct(
	83	+ IUserSession $userSession,
	84	+ Manager $userManager,
	85	+ IAppData $appData,
	86	+ IL10N $l,
	87	+ LoggerInterface $logger,
	88	+ IConfig $config,
	89	+ IAccountManager $accountManager,
	90	+ KnownUserService $knownUserService
	91	+ ) {
	92	+ $this->userSession = $userSession;
	93	+ $this->userManager = $userManager;
	94	+ $this->appData = $appData;
	95	+ $this->l = $l;
	96	+ $this->logger = $logger;
	97	+ $this->config = $config;
	98	+ $this->accountManager = $accountManager;
	99	+ $this->knownUserService = $knownUserService;
	100	+ }
	101	+
	102	+ /**
	103	+ * return a user specific instance of \OCP\IAvatar
	104	+ * @see \OCP\IAvatar
	105	+ * @param string $userId the ownCloud user id
	106	+ * @return \OCP\IAvatar
	107	+ * @throws \Exception In case the username is potentially dangerous
	108	+ * @throws NotFoundException In case there is no user folder yet
	109	+ */
	110	+ public function getAvatar(string $userId) : IAvatar {
	111	+ $user = $this->userManager->get($userId);
	112	+ if ($user === null) {
	113	+ throw new \Exception('user does not exist');
	114	+ }
	115	+
	116	+ // sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below)
	117	+ $userId = $user->getUID();
	118	+
	119	+ $requestingUser = null;
	120	+ if ($this->userSession !== null) {
	121	+ $requestingUser = $this->userSession->getUser();
	122	+ }
	123	+
	124	+ try {
	125	+ $folder = $this->appData->getFolder($userId);
	126	+ } catch (NotFoundException $e) {
	127	+ $folder = $this->appData->newFolder($userId);
	128	+ }
	129	+
	130	+ try {
	131	+ $account = $this->accountManager->getAccount($user);
	132	+ $avatarProperties = $account->getProperty(IAccountManager::PROPERTY_AVATAR);
	133	+ $avatarScope = $avatarProperties->getScope();
	134	+ } catch (PropertyDoesNotExistException $e) {
	135	+ $avatarScope = '';
	136	+ }
	137	+
	138	+ if (
	139	+ // v2-private scope hides the avatar from public access and from unknown users
	140	+ $avatarScope === IAccountManager::SCOPE_PRIVATE
	141	+ && (
	142	+ // accessing from public link
	143	+ $requestingUser === null
	144	+ // logged in, but unknown to user
	145	+ \|\| !$this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)
	146	+ )) {
	147	+ // use a placeholder avatar which caches the generated images
	148	+ return new PlaceholderAvatar($folder, $user, $this->logger);
	149	+ }
	150	+
	151	+ return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
	152	+ }
	153	+
	154	+ /**
	155	+ * Clear generated avatars
	156	+ */
	157	+ public function clearCachedAvatars() {
	158	+ $users = $this->config->getUsersForUserValue('avatar', 'generated', 'true');
	159	+ foreach ($users as $userId) {
	160	+ try {
	161	+ $folder = $this->appData->getFolder($userId);
	162	+ $folder->delete();
	163	+ } catch (NotFoundException $e) {
	164	+ $this->logger->debug("No cache for the user $userId. Ignoring...");
	165	+ }
	166	+ $this->config->setUserValue($userId, 'avatar', 'generated', 'false');
	167	+ }
	168	+ }
	169	+
	170	+ public function deleteUserAvatar(string $userId): void {
	171	+ try {
	172	+ $folder = $this->appData->getFolder($userId);
	173	+ $folder->delete();
	174	+ } catch (NotFoundException $e) {
	175	+ $this->logger->debug("No cache for the user $userId. Ignoring avatar deletion");
	176	+ } catch (NotPermittedException $e) {
	177	+ $this->logger->error("Unable to delete user avatars for $userId. gnoring avatar deletion");
	178	+ } catch (NoUserException $e) {
	179	+ $this->logger->debug("User $userId not found. gnoring avatar deletion");
	180	+ }
	181	+ $this->config->deleteUserValue($userId, 'avatar', 'generated');
	182	+ }
	183	+
	184	+ /**
	185	+ * Returns a GuestAvatar.
	186	+ *
	187	+ * @param string $name The guest name, e.g. "Albert".
	188	+ * @return IAvatar
	189	+ */
	190	+ public function getGuestAvatar(string $name): IAvatar {
	191	+ return new GuestAvatar($name, $this->logger);
	192	+ }
193	193	}

		@@ -38,55 +38,55 @@
		block discarded – undo
38	38	*/
39	39	interface IAccountPropertyCollection extends JsonSerializable {
40	40
41		- /**
42		- * retuns the collection name
43		- *
44		- * @since 22.0.0
45		- */
46		- public function getName(): string;
	41	+ /**
	42	+ * retuns the collection name
	43	+ *
	44	+ * @since 22.0.0
	45	+ */
	46	+ public function getName(): string;
47	47
48		- /**
49		- * set properties of this collection
50		- *
51		- * @param IAccountProperty[] $properties
52		- * @throws InvalidArgumentException
53		- * @since 22.0.0
54		- */
55		- public function setProperties(array $properties): IAccountPropertyCollection;
	48	+ /**
	49	+ * set properties of this collection
	50	+ *
	51	+ * @param IAccountProperty[] $properties
	52	+ * @throws InvalidArgumentException
	53	+ * @since 22.0.0
	54	+ */
	55	+ public function setProperties(array $properties): IAccountPropertyCollection;
56	56
57		- /**
58		- * @return IAccountProperty[]
59		- * @since 22.0.0
60		- */
61		- public function getProperties(): array;
	57	+ /**
	58	+ * @return IAccountProperty[]
	59	+ * @since 22.0.0
	60	+ */
	61	+ public function getProperties(): array;
62	62
63		- /**
64		- * adds a property to this collection
65		- *
66		- * @throws InvalidArgumentException
67		- * @since 22.0.0
68		- */
69		- public function addProperty(IAccountProperty $property): IAccountPropertyCollection;
	63	+ /**
	64	+ * adds a property to this collection
	65	+ *
	66	+ * @throws InvalidArgumentException
	67	+ * @since 22.0.0
	68	+ */
	69	+ public function addProperty(IAccountProperty $property): IAccountPropertyCollection;
70	70
71		- /**
72		- * adds a property to this collection with only specifying the value
73		- *
74		- * @throws InvalidArgumentException
75		- * @since 22.0.0
76		- */
77		- public function addPropertyWithDefaults(string $value): IAccountPropertyCollection;
	71	+ /**
	72	+ * adds a property to this collection with only specifying the value
	73	+ *
	74	+ * @throws InvalidArgumentException
	75	+ * @since 22.0.0
	76	+ */
	77	+ public function addPropertyWithDefaults(string $value): IAccountPropertyCollection;
78	78
79		- /**
80		- * removes a property of this collection
81		- *
82		- * @since 22.0.0
83		- */
84		- public function removeProperty(IAccountProperty $property): IAccountPropertyCollection;
	79	+ /**
	80	+ * removes a property of this collection
	81	+ *
	82	+ * @since 22.0.0
	83	+ */
	84	+ public function removeProperty(IAccountProperty $property): IAccountPropertyCollection;
85	85
86		- /**
87		- * removes a property identified by its value
88		- *
89		- * @since 22.0.0
90		- */
91		- public function removePropertyByValue(string $value): IAccountPropertyCollection;
	86	+ /**
	87	+ * removes a property identified by its value
	88	+ *
	89	+ * @since 22.0.0
	90	+ */
	91	+ public function removePropertyByValue(string $value): IAccountPropertyCollection;
92	92	}

		@@ -36,90 +36,90 @@
		block discarded – undo
36	36	*/
37	37	interface IAccount extends \JsonSerializable {
38	38
39		- /**
40		- * Set a property with data
41		- *
42		- * @since 15.0.0
43		- *
44		- * @param string $property Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
45		- * @param string $value
46		- * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
47		- * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED \| \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS \| \OCP\Accounts\IAccountManager::VERIFIED
48		- * @param string $verificationData Optional, defaults to empty string. Since @22.0.0.
49		- * @return IAccount
50		- */
51		- public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount;
	39	+ /**
	40	+ * Set a property with data
	41	+ *
	42	+ * @since 15.0.0
	43	+ *
	44	+ * @param string $property Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
	45	+ * @param string $value
	46	+ * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
	47	+ * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED \| \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS \| \OCP\Accounts\IAccountManager::VERIFIED
	48	+ * @param string $verificationData Optional, defaults to empty string. Since @22.0.0.
	49	+ * @return IAccount
	50	+ */
	51	+ public function setProperty(string $property, string $value, string $scope, string $verified, string $verificationData = ''): IAccount;
52	52
53		- /**
54		- * Get a property by its key
55		- *
56		- * @since 15.0.0
57		- *
58		- * @param string $property Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
59		- * @return IAccountProperty
60		- * @throws PropertyDoesNotExistException
61		- */
62		- public function getProperty(string $property): IAccountProperty;
	53	+ /**
	54	+ * Get a property by its key
	55	+ *
	56	+ * @since 15.0.0
	57	+ *
	58	+ * @param string $property Must be one of the PROPERTY_ prefixed constants of \OCP\Accounts\IAccountManager
	59	+ * @return IAccountProperty
	60	+ * @throws PropertyDoesNotExistException
	61	+ */
	62	+ public function getProperty(string $property): IAccountProperty;
63	63
64		- /**
65		- * Get all properties of an account. Array indices are property names.
66		- * Values from IAccountPropertyCollections are not included in the return
67		- * array.
68		- *
69		- * @since 15.0.0
70		- * @deprecated 22.0.0 use getAllProperties()
71		- */
72		- public function getProperties(): array;
	64	+ /**
	65	+ * Get all properties of an account. Array indices are property names.
	66	+ * Values from IAccountPropertyCollections are not included in the return
	67	+ * array.
	68	+ *
	69	+ * @since 15.0.0
	70	+ * @deprecated 22.0.0 use getAllProperties()
	71	+ */
	72	+ public function getProperties(): array;
73	73
74		- /**
75		- * Get all properties of an account. Array indices are numeric. To get
76		- * the property name, call getName() against the value.
77		- *
78		- * IAccountPropertyCollections are being flattened into an IAccountProperty
79		- * for each value.
80		- *
81		- * @since 22.0.0
82		- *
83		- * @return Generator<int, IAccountProperty>
84		- */
85		- public function getAllProperties(): Generator;
	74	+ /**
	75	+ * Get all properties of an account. Array indices are numeric. To get
	76	+ * the property name, call getName() against the value.
	77	+ *
	78	+ * IAccountPropertyCollections are being flattened into an IAccountProperty
	79	+ * for each value.
	80	+ *
	81	+ * @since 22.0.0
	82	+ *
	83	+ * @return Generator<int, IAccountProperty>
	84	+ */
	85	+ public function getAllProperties(): Generator;
86	86
87		- /**
88		- * Set a property collection (multi-value properties)
89		- *
90		- * @since 22.0.0
91		- */
92		- public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount;
	87	+ /**
	88	+ * Set a property collection (multi-value properties)
	89	+ *
	90	+ * @since 22.0.0
	91	+ */
	92	+ public function setPropertyCollection(IAccountPropertyCollection $propertyCollection): IAccount;
93	93
94		- /**
95		- * Returns the requestes propery collection (multi-value properties)
96		- *
97		- * @throws PropertyDoesNotExistException against invalid collection name
98		- * @since 22.0.0
99		- */
100		- public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection;
	94	+ /**
	95	+ * Returns the requestes propery collection (multi-value properties)
	96	+ *
	97	+ * @throws PropertyDoesNotExistException against invalid collection name
	98	+ * @since 22.0.0
	99	+ */
	100	+ public function getPropertyCollection(string $propertyCollectionName): IAccountPropertyCollection;
101	101
102		- /**
103		- * Get all properties that match the provided filters for scope and verification status
104		- *
105		- * Since 22.0.0 values from IAccountPropertyCollection are included, but also
106		- * as IAccountProperty instances. They for properties of IAccountPropertyCollection are
107		- * suffixed incrementally, i.e. #0, #1 ... #n – the numbers have no further meaning.
108		- *
109		- * @since 15.0.0
110		- *
111		- * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
112		- * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED \| \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS \| \OCP\Accounts\IAccountManager::VERIFIED
113		- * @return IAccountProperty[]
114		- */
115		- public function getFilteredProperties(string $scope = null, string $verified = null): array;
	102	+ /**
	103	+ * Get all properties that match the provided filters for scope and verification status
	104	+ *
	105	+ * Since 22.0.0 values from IAccountPropertyCollection are included, but also
	106	+ * as IAccountProperty instances. They for properties of IAccountPropertyCollection are
	107	+ * suffixed incrementally, i.e. #0, #1 ... #n – the numbers have no further meaning.
	108	+ *
	109	+ * @since 15.0.0
	110	+ *
	111	+ * @param string $scope Must be one of the VISIBILITY_ prefixed constants of \OCP\Accounts\IAccountManager
	112	+ * @param string $verified \OCP\Accounts\IAccountManager::NOT_VERIFIED \| \OCP\Accounts\IAccountManager::VERIFICATION_IN_PROGRESS \| \OCP\Accounts\IAccountManager::VERIFIED
	113	+ * @return IAccountProperty[]
	114	+ */
	115	+ public function getFilteredProperties(string $scope = null, string $verified = null): array;
116	116
117		- /**
118		- * Get the related user for the account data
119		- *
120		- * @since 15.0.0
121		- *
122		- * @return IUser
123		- */
124		- public function getUser(): IUser;
	117	+ /**
	118	+ * Get the related user for the account data
	119	+ *
	120	+ * @since 15.0.0
	121	+ *
	122	+ * @return IUser
	123	+ */
	124	+ public function getUser(): IUser;
125	125	}

nextcloud / server

Push — master ( 62ff4f...9124c6 )

Status

Category

Indentation +93 added lines, -93 removed lines patch added patch discarded remove patch

Indentation +67 added lines, -67 removed lines patch added patch discarded remove patch

Indentation +587 added lines, -587 removed lines patch added patch discarded remove patch

Indentation +37 added lines, -37 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +135 added lines, -135 removed lines patch added patch discarded remove patch

Indentation +45 added lines, -45 removed lines patch added patch discarded remove patch

Indentation +79 added lines, -79 removed lines patch added patch discarded remove patch

Indentation +1000 added lines, -1000 removed lines patch added patch discarded remove patch

Indentation +1210 added lines, -1210 removed lines patch added patch discarded remove patch

Spacing +25 added lines, -25 removed lines patch added patch discarded remove patch