3 years ago · ccb1675103
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -59,6 +59,8 @@ use OCP\IUserManager;
 
				 use OCP\IUserSession;
			
 
				 use OCP\L10N\IFactory;
			
 
				 use OCP\Security\ISecureRandom;
			
 
				+use OCP\Security\Events\GenerateSecurePasswordEvent;
			
 
				+use OCP\EventDispatcher\IEventDispatcher;
			
 
				 
			
 
				 class UsersController extends AUserData {
			
 
				 
			
@@ -76,6 +78,8 @@ class UsersController extends AUserData {
 
				 	private $secureRandom;
			
 
				 	/** @var RemoteWipe */
			
 
				 	private $remoteWipe;
			
 
				+	/** @var IEventDispatcher */
			
 
				+	private $eventDispatcher;
			
 
				 
			
 
				 	public function __construct(string $appName,
			
 
				 								IRequest $request,
			
@@ -90,7 +94,8 @@ class UsersController extends AUserData {
 
				 								NewUserMailHelper $newUserMailHelper,
			
 
				 								FederatedShareProviderFactory $federatedShareProviderFactory,
			
 
				 								ISecureRandom $secureRandom,
			
 
				-								RemoteWipe $remoteWipe) {
			
 
				+								RemoteWipe $remoteWipe,
			
 
				+								IEventDispatcher $eventDispatcher) {
			
 
				 		parent::__construct($appName,
			
 
				 							$request,
			
 
				 							$userManager,
			
@@ -107,6 +112,7 @@ class UsersController extends AUserData {
 
				 		$this->federatedShareProviderFactory = $federatedShareProviderFactory;
			
 
				 		$this->secureRandom = $secureRandom;
			
 
				 		$this->remoteWipe = $remoteWipe;
			
 
				+		$this->eventDispatcher = $eventDispatcher;
			
 
				 	}
			
 
				 
			
 
				 	/**
			
@@ -286,9 +292,18 @@ class UsersController extends AUserData {
 
				 				throw new OCSException('To send a password link to the user an email address is required.', 108);
			
 
				 			}
			
 
				 
			
 
				-			$password = $this->secureRandom->generate(10);
			
 
				-			// Make sure we pass the password_policy
			
 
				-			$password .= $this->secureRandom->generate(2, '$!.,;:-~+*[]{}()');
			
 
				+			$passwordEvent = new GenerateSecurePasswordEvent();
			
 
				+			$this->eventDispatcher->dispatchTyped($passwordEvent);
			
 
				+
			
 
				+			$password = $passwordEvent->getPassword();
			
 
				+			if ($password === null) {
			
 
				+				// Fallback: ensure to pass password_policy in any case
			
 
				+				$password = $this->secureRandom->generate(10)
			
 
				+					. $this->secureRandom->generate(1, ISecureRandom::CHAR_UPPER)
			
 
				+					. $this->secureRandom->generate(1, ISecureRandom::CHAR_LOWER)
			
 
				+					. $this->secureRandom->generate(1, ISecureRandom::CHAR_DIGITS)
			
 
				+					. $this->secureRandom->generate(1, ISecureRandom::CHAR_SYMBOLS);
			
 
				+			}
			
 
				 			$generatePasswordResetToken = true;
			
 
				 		}
			
 
				 
			
--- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php
+++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php
@@ -48,6 +48,7 @@ use OCA\Provisioning_API\FederatedShareProviderFactory;
 
				 use OCA\Settings\Mailer\NewUserMailHelper;
			
 
				 use OCP\App\IAppManager;
			
 
				 use OCP\AppFramework\Http\DataResponse;
			
 
				+use OCP\EventDispatcher\IEventDispatcher;
			
 
				 use OCP\IConfig;
			
 
				 use OCP\IGroup;
			
 
				 use OCP\IL10N;
			
@@ -58,6 +59,7 @@ use OCP\IUserManager;
 
				 use OCP\IUserSession;
			
 
				 use OCP\L10N\IFactory;
			
 
				 use OCP\Mail\IEMailTemplate;
			
 
				+use OCP\Security\Events\GenerateSecurePasswordEvent;
			
 
				 use OCP\Security\ISecureRandom;
			
 
				 use OCP\UserInterface;
			
 
				 use PHPUnit\Framework\MockObject\MockObject;
			
@@ -94,6 +96,8 @@ class UsersControllerTest extends TestCase {
 
				 	private $secureRandom;
			
 
				 	/** @var RemoteWipe|MockObject */
			
 
				 	private $remoteWipe;
			
 
				+	/** @var IEventDispatcher */
			
 
				+	private $eventDispatcher;
			
 
				 
			
 
				 	protected function setUp(): void {
			
 
				 		parent::setUp();
			
@@ -111,6 +115,7 @@ class UsersControllerTest extends TestCase {
 
				 		$this->federatedShareProviderFactory = $this->createMock(FederatedShareProviderFactory::class);
			
 
				 		$this->secureRandom = $this->createMock(ISecureRandom::class);
			
 
				 		$this->remoteWipe = $this->createMock(RemoteWipe::class);
			
 
				+		$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
			
 
				 
			
 
				 		$this->api = $this->getMockBuilder(UsersController::class)
			
 
				 			->setConstructorArgs([
			
@@ -128,6 +133,7 @@ class UsersControllerTest extends TestCase {
 
				 				$this->federatedShareProviderFactory,
			
 
				 				$this->secureRandom,
			
 
				 				$this->remoteWipe,
			
 
				+				$this->eventDispatcher,
			
 
				 			])
			
 
				 			->setMethods(['fillStorageInfo'])
			
 
				 			->getMock();
			
@@ -389,7 +395,8 @@ class UsersControllerTest extends TestCase {
 
				 				$this->newUserMailHelper,
			
 
				 				$this->federatedShareProviderFactory,
			
 
				 				$this->secureRandom,
			
 
				-				$this->remoteWipe
			
 
				+				$this->remoteWipe,
			
 
				+				$this->eventDispatcher,
			
 
				 			])
			
 
				 			->setMethods(['editUser'])
			
 
				 			->getMock();
			
@@ -486,6 +493,46 @@ class UsersControllerTest extends TestCase {
 
				 		));
			
 
				 	}
			
 
				 
			
 
				+	public function testAddUserSuccessfulGeneratePassword() {
			
 
				+		$this->userManager
			
 
				+			->expects($this->once())
			
 
				+			->method('userExists')
			
 
				+			->with('NewUser')
			
 
				+			->willReturn(false);
			
 
				+		$this->userManager
			
 
				+			->expects($this->once())
			
 
				+			->method('createUser');
			
 
				+		$this->logger
			
 
				+			->expects($this->once())
			
 
				+			->method('info')
			
 
				+			->with('Successful addUser call with userid: NewUser', ['app' => 'ocs_api']);
			
 
				+		$loggedInUser = $this->getMockBuilder(IUser::class)
			
 
				+			->disableOriginalConstructor()
			
 
				+			->getMock();
			
 
				+		$loggedInUser
			
 
				+			->expects($this->once())
			
 
				+			->method('getUID')
			
 
				+			->willReturn('adminUser');
			
 
				+		$this->userSession
			
 
				+			->expects($this->once())
			
 
				+			->method('getUser')
			
 
				+			->willReturn($loggedInUser);
			
 
				+		$this->groupManager
			
 
				+			->expects($this->once())
			
 
				+			->method('isAdmin')
			
 
				+			->with('adminUser')
			
 
				+			->willReturn(true);
			
 
				+		$this->eventDispatcher
			
 
				+			->expects($this->once())
			
 
				+			->method('dispatchTyped')
			
 
				+			->with(new GenerateSecurePasswordEvent());
			
 
				+
			
 
				+		$this->assertTrue(key_exists(
			
 
				+			'id',
			
 
				+			$this->api->addUser('NewUser', '', '', 'foo@bar')->getData()
			
 
				+		));
			
 
				+	}
			
 
				+
			
 
				 
			
 
				 	public function testAddUserFailedToGenerateUserID() {
			
 
				 		$this->expectException(\OCP\AppFramework\OCS\OCSException::class);
			
@@ -3126,6 +3173,7 @@ class UsersControllerTest extends TestCase {
 
				 				$this->federatedShareProviderFactory,
			
 
				 				$this->secureRandom,
			
 
				 				$this->remoteWipe,
			
 
				+				$this->eventDispatcher,
			
 
				 			])
			
 
				 			->setMethods(['getUserData'])
			
 
				 			->getMock();
			
@@ -3190,6 +3238,7 @@ class UsersControllerTest extends TestCase {
 
				 				$this->federatedShareProviderFactory,
			
 
				 				$this->secureRandom,
			
 
				 				$this->remoteWipe,
			
 
				+				$this->eventDispatcher,
			
 
				 			])
			
 
				 			->setMethods(['getUserData'])
			
 
				 			->getMock();