* @author Christopher Schäpers * @author Clark Tomlinson * @author Joas Schilling * @author Laurens Post * @author Roeland Jago Douma * @author Sujith H * * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see * */ namespace OC\Core\Command\User; use OC\Core\Command\Base; use OCP\App\IAppManager; use OCP\IUser; use OCP\IUserManager; use Stecman\Component\Symfony\Console\BashCompletion\CompletionContext; use Symfony\Component\Console\Helper\QuestionHelper; use Symfony\Component\Console\Input\InputArgument; use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; use Symfony\Component\Console\Question\ConfirmationQuestion; use Symfony\Component\Console\Question\Question; class ResetPassword extends Base { public function __construct( protected IUserManager $userManager, private IAppManager $appManager, ) { parent::__construct(); } protected function configure() { $this ->setName('user:resetpassword') ->setDescription('Resets the password of the named user') ->addArgument( 'user', InputArgument::REQUIRED, 'Login to reset password' ) ->addOption( 'password-from-env', null, InputOption::VALUE_NONE, 'read password from environment variable OC_PASS' ) ; } protected function execute(InputInterface $input, OutputInterface $output): int { $username = $input->getArgument('user'); $user = $this->userManager->get($username); if (is_null($user)) { $output->writeln('User does not exist'); return 1; } if ($input->getOption('password-from-env')) { $password = getenv('OC_PASS'); if (!$password) { $output->writeln('--password-from-env given, but OC_PASS is empty!'); return 1; } } elseif ($input->isInteractive()) { /** @var QuestionHelper $helper */ $helper = $this->getHelper('question'); if ($this->appManager->isEnabledForUser('encryption', $user)) { $output->writeln( 'Warning: Resetting the password when using encryption will result in data loss!' ); $question = new ConfirmationQuestion('Do you want to continue?'); if (!$helper->ask($input, $output, $question)) { return 1; } } $question = new Question('Enter a new password: '); $question->setHidden(true); $password = $helper->ask($input, $output, $question); if ($password === null) { $output->writeln("Password cannot be empty!"); return 1; } $question = new Question('Confirm the new password: '); $question->setHidden(true); $confirm = $helper->ask($input, $output, $question); if ($password !== $confirm) { $output->writeln("Passwords did not match!"); return 1; } } else { $output->writeln("Interactive input or --password-from-env is needed for entering a new password!"); return 1; } try { $success = $user->setPassword($password); } catch (\Exception $e) { $output->writeln('' . $e->getMessage() . ''); return 1; } if ($success) { $output->writeln("Successfully reset password for " . $username . ""); } else { $output->writeln("Error while resetting password!"); return 1; } return 0; } /** * @param string $argumentName * @param CompletionContext $context * @return string[] */ public function completeArgumentValues($argumentName, CompletionContext $context) { if ($argumentName === 'user') { return array_map(static fn (IUser $user) => $user->getUID(), $this->userManager->search($context->getCurrentWord())); } return []; } }