Merge pull request #22159 from nextcloud/enh/22014/generate-passwords-policy
Generate password on addUser by password_policy app
This commit is contained in:
commit
ccb1675103
|
@ -59,6 +59,8 @@ use OCP\IUserManager;
|
||||||
use OCP\IUserSession;
|
use OCP\IUserSession;
|
||||||
use OCP\L10N\IFactory;
|
use OCP\L10N\IFactory;
|
||||||
use OCP\Security\ISecureRandom;
|
use OCP\Security\ISecureRandom;
|
||||||
|
use OCP\Security\Events\GenerateSecurePasswordEvent;
|
||||||
|
use OCP\EventDispatcher\IEventDispatcher;
|
||||||
|
|
||||||
class UsersController extends AUserData {
|
class UsersController extends AUserData {
|
||||||
|
|
||||||
|
@ -76,6 +78,8 @@ class UsersController extends AUserData {
|
||||||
private $secureRandom;
|
private $secureRandom;
|
||||||
/** @var RemoteWipe */
|
/** @var RemoteWipe */
|
||||||
private $remoteWipe;
|
private $remoteWipe;
|
||||||
|
/** @var IEventDispatcher */
|
||||||
|
private $eventDispatcher;
|
||||||
|
|
||||||
public function __construct(string $appName,
|
public function __construct(string $appName,
|
||||||
IRequest $request,
|
IRequest $request,
|
||||||
|
@ -90,7 +94,8 @@ class UsersController extends AUserData {
|
||||||
NewUserMailHelper $newUserMailHelper,
|
NewUserMailHelper $newUserMailHelper,
|
||||||
FederatedShareProviderFactory $federatedShareProviderFactory,
|
FederatedShareProviderFactory $federatedShareProviderFactory,
|
||||||
ISecureRandom $secureRandom,
|
ISecureRandom $secureRandom,
|
||||||
RemoteWipe $remoteWipe) {
|
RemoteWipe $remoteWipe,
|
||||||
|
IEventDispatcher $eventDispatcher) {
|
||||||
parent::__construct($appName,
|
parent::__construct($appName,
|
||||||
$request,
|
$request,
|
||||||
$userManager,
|
$userManager,
|
||||||
|
@ -107,6 +112,7 @@ class UsersController extends AUserData {
|
||||||
$this->federatedShareProviderFactory = $federatedShareProviderFactory;
|
$this->federatedShareProviderFactory = $federatedShareProviderFactory;
|
||||||
$this->secureRandom = $secureRandom;
|
$this->secureRandom = $secureRandom;
|
||||||
$this->remoteWipe = $remoteWipe;
|
$this->remoteWipe = $remoteWipe;
|
||||||
|
$this->eventDispatcher = $eventDispatcher;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -286,9 +292,18 @@ class UsersController extends AUserData {
|
||||||
throw new OCSException('To send a password link to the user an email address is required.', 108);
|
throw new OCSException('To send a password link to the user an email address is required.', 108);
|
||||||
}
|
}
|
||||||
|
|
||||||
$password = $this->secureRandom->generate(10);
|
$passwordEvent = new GenerateSecurePasswordEvent();
|
||||||
// Make sure we pass the password_policy
|
$this->eventDispatcher->dispatchTyped($passwordEvent);
|
||||||
$password .= $this->secureRandom->generate(2, '$!.,;:-~+*[]{}()');
|
|
||||||
|
$password = $passwordEvent->getPassword();
|
||||||
|
if ($password === null) {
|
||||||
|
// Fallback: ensure to pass password_policy in any case
|
||||||
|
$password = $this->secureRandom->generate(10)
|
||||||
|
. $this->secureRandom->generate(1, ISecureRandom::CHAR_UPPER)
|
||||||
|
. $this->secureRandom->generate(1, ISecureRandom::CHAR_LOWER)
|
||||||
|
. $this->secureRandom->generate(1, ISecureRandom::CHAR_DIGITS)
|
||||||
|
. $this->secureRandom->generate(1, ISecureRandom::CHAR_SYMBOLS);
|
||||||
|
}
|
||||||
$generatePasswordResetToken = true;
|
$generatePasswordResetToken = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -48,6 +48,7 @@ use OCA\Provisioning_API\FederatedShareProviderFactory;
|
||||||
use OCA\Settings\Mailer\NewUserMailHelper;
|
use OCA\Settings\Mailer\NewUserMailHelper;
|
||||||
use OCP\App\IAppManager;
|
use OCP\App\IAppManager;
|
||||||
use OCP\AppFramework\Http\DataResponse;
|
use OCP\AppFramework\Http\DataResponse;
|
||||||
|
use OCP\EventDispatcher\IEventDispatcher;
|
||||||
use OCP\IConfig;
|
use OCP\IConfig;
|
||||||
use OCP\IGroup;
|
use OCP\IGroup;
|
||||||
use OCP\IL10N;
|
use OCP\IL10N;
|
||||||
|
@ -58,6 +59,7 @@ use OCP\IUserManager;
|
||||||
use OCP\IUserSession;
|
use OCP\IUserSession;
|
||||||
use OCP\L10N\IFactory;
|
use OCP\L10N\IFactory;
|
||||||
use OCP\Mail\IEMailTemplate;
|
use OCP\Mail\IEMailTemplate;
|
||||||
|
use OCP\Security\Events\GenerateSecurePasswordEvent;
|
||||||
use OCP\Security\ISecureRandom;
|
use OCP\Security\ISecureRandom;
|
||||||
use OCP\UserInterface;
|
use OCP\UserInterface;
|
||||||
use PHPUnit\Framework\MockObject\MockObject;
|
use PHPUnit\Framework\MockObject\MockObject;
|
||||||
|
@ -94,6 +96,8 @@ class UsersControllerTest extends TestCase {
|
||||||
private $secureRandom;
|
private $secureRandom;
|
||||||
/** @var RemoteWipe|MockObject */
|
/** @var RemoteWipe|MockObject */
|
||||||
private $remoteWipe;
|
private $remoteWipe;
|
||||||
|
/** @var IEventDispatcher */
|
||||||
|
private $eventDispatcher;
|
||||||
|
|
||||||
protected function setUp(): void {
|
protected function setUp(): void {
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
|
@ -111,6 +115,7 @@ class UsersControllerTest extends TestCase {
|
||||||
$this->federatedShareProviderFactory = $this->createMock(FederatedShareProviderFactory::class);
|
$this->federatedShareProviderFactory = $this->createMock(FederatedShareProviderFactory::class);
|
||||||
$this->secureRandom = $this->createMock(ISecureRandom::class);
|
$this->secureRandom = $this->createMock(ISecureRandom::class);
|
||||||
$this->remoteWipe = $this->createMock(RemoteWipe::class);
|
$this->remoteWipe = $this->createMock(RemoteWipe::class);
|
||||||
|
$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
|
||||||
|
|
||||||
$this->api = $this->getMockBuilder(UsersController::class)
|
$this->api = $this->getMockBuilder(UsersController::class)
|
||||||
->setConstructorArgs([
|
->setConstructorArgs([
|
||||||
|
@ -128,6 +133,7 @@ class UsersControllerTest extends TestCase {
|
||||||
$this->federatedShareProviderFactory,
|
$this->federatedShareProviderFactory,
|
||||||
$this->secureRandom,
|
$this->secureRandom,
|
||||||
$this->remoteWipe,
|
$this->remoteWipe,
|
||||||
|
$this->eventDispatcher,
|
||||||
])
|
])
|
||||||
->setMethods(['fillStorageInfo'])
|
->setMethods(['fillStorageInfo'])
|
||||||
->getMock();
|
->getMock();
|
||||||
|
@ -389,7 +395,8 @@ class UsersControllerTest extends TestCase {
|
||||||
$this->newUserMailHelper,
|
$this->newUserMailHelper,
|
||||||
$this->federatedShareProviderFactory,
|
$this->federatedShareProviderFactory,
|
||||||
$this->secureRandom,
|
$this->secureRandom,
|
||||||
$this->remoteWipe
|
$this->remoteWipe,
|
||||||
|
$this->eventDispatcher,
|
||||||
])
|
])
|
||||||
->setMethods(['editUser'])
|
->setMethods(['editUser'])
|
||||||
->getMock();
|
->getMock();
|
||||||
|
@ -486,6 +493,46 @@ class UsersControllerTest extends TestCase {
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testAddUserSuccessfulGeneratePassword() {
|
||||||
|
$this->userManager
|
||||||
|
->expects($this->once())
|
||||||
|
->method('userExists')
|
||||||
|
->with('NewUser')
|
||||||
|
->willReturn(false);
|
||||||
|
$this->userManager
|
||||||
|
->expects($this->once())
|
||||||
|
->method('createUser');
|
||||||
|
$this->logger
|
||||||
|
->expects($this->once())
|
||||||
|
->method('info')
|
||||||
|
->with('Successful addUser call with userid: NewUser', ['app' => 'ocs_api']);
|
||||||
|
$loggedInUser = $this->getMockBuilder(IUser::class)
|
||||||
|
->disableOriginalConstructor()
|
||||||
|
->getMock();
|
||||||
|
$loggedInUser
|
||||||
|
->expects($this->once())
|
||||||
|
->method('getUID')
|
||||||
|
->willReturn('adminUser');
|
||||||
|
$this->userSession
|
||||||
|
->expects($this->once())
|
||||||
|
->method('getUser')
|
||||||
|
->willReturn($loggedInUser);
|
||||||
|
$this->groupManager
|
||||||
|
->expects($this->once())
|
||||||
|
->method('isAdmin')
|
||||||
|
->with('adminUser')
|
||||||
|
->willReturn(true);
|
||||||
|
$this->eventDispatcher
|
||||||
|
->expects($this->once())
|
||||||
|
->method('dispatchTyped')
|
||||||
|
->with(new GenerateSecurePasswordEvent());
|
||||||
|
|
||||||
|
$this->assertTrue(key_exists(
|
||||||
|
'id',
|
||||||
|
$this->api->addUser('NewUser', '', '', 'foo@bar')->getData()
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public function testAddUserFailedToGenerateUserID() {
|
public function testAddUserFailedToGenerateUserID() {
|
||||||
$this->expectException(\OCP\AppFramework\OCS\OCSException::class);
|
$this->expectException(\OCP\AppFramework\OCS\OCSException::class);
|
||||||
|
@ -3126,6 +3173,7 @@ class UsersControllerTest extends TestCase {
|
||||||
$this->federatedShareProviderFactory,
|
$this->federatedShareProviderFactory,
|
||||||
$this->secureRandom,
|
$this->secureRandom,
|
||||||
$this->remoteWipe,
|
$this->remoteWipe,
|
||||||
|
$this->eventDispatcher,
|
||||||
])
|
])
|
||||||
->setMethods(['getUserData'])
|
->setMethods(['getUserData'])
|
||||||
->getMock();
|
->getMock();
|
||||||
|
@ -3190,6 +3238,7 @@ class UsersControllerTest extends TestCase {
|
||||||
$this->federatedShareProviderFactory,
|
$this->federatedShareProviderFactory,
|
||||||
$this->secureRandom,
|
$this->secureRandom,
|
||||||
$this->remoteWipe,
|
$this->remoteWipe,
|
||||||
|
$this->eventDispatcher,
|
||||||
])
|
])
|
||||||
->setMethods(['getUserData'])
|
->setMethods(['getUserData'])
|
||||||
->getMock();
|
->getMock();
|
||||||
|
|
Loading…
Reference in New Issue