123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635 |
- <?php
- /**
- * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
- * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
- * SPDX-License-Identifier: AGPL-3.0-only
- */
- namespace OC\User;
- use InvalidArgumentException;
- use OC\Accounts\AccountManager;
- use OC\Avatar\AvatarManager;
- use OC\Hooks\Emitter;
- use OC_Helper;
- use OCP\Accounts\IAccountManager;
- use OCP\Comments\ICommentsManager;
- use OCP\EventDispatcher\IEventDispatcher;
- use OCP\Group\Events\BeforeUserRemovedEvent;
- use OCP\Group\Events\UserRemovedEvent;
- use OCP\IAvatarManager;
- use OCP\IConfig;
- use OCP\IDBConnection;
- use OCP\IGroupManager;
- use OCP\IImage;
- use OCP\IURLGenerator;
- use OCP\IUser;
- use OCP\IUserBackend;
- use OCP\Notification\IManager as INotificationManager;
- use OCP\User\Backend\IGetHomeBackend;
- use OCP\User\Backend\IPasswordHashBackend;
- use OCP\User\Backend\IProvideAvatarBackend;
- use OCP\User\Backend\IProvideEnabledStateBackend;
- use OCP\User\Backend\ISetDisplayNameBackend;
- use OCP\User\Backend\ISetPasswordBackend;
- use OCP\User\Events\BeforePasswordUpdatedEvent;
- use OCP\User\Events\BeforeUserDeletedEvent;
- use OCP\User\Events\PasswordUpdatedEvent;
- use OCP\User\Events\UserChangedEvent;
- use OCP\User\Events\UserDeletedEvent;
- use OCP\User\GetQuotaEvent;
- use OCP\UserInterface;
- use Psr\Log\LoggerInterface;
- use function json_decode;
- use function json_encode;
- class User implements IUser {
- private const CONFIG_KEY_MANAGERS = 'manager';
- private IConfig $config;
- private IURLGenerator $urlGenerator;
- /** @var IAccountManager */
- protected $accountManager;
- /** @var string|null */
- private $displayName;
- /** @var bool|null */
- private $enabled;
- /** @var Emitter|Manager|null */
- private $emitter;
- /** @var string */
- private $home;
- /** @var int|null */
- private $lastLogin;
- /** @var IAvatarManager */
- private $avatarManager;
- public function __construct(
- private string $uid,
- private ?UserInterface $backend,
- private IEventDispatcher $dispatcher,
- $emitter = null,
- ?IConfig $config = null,
- $urlGenerator = null,
- ) {
- $this->emitter = $emitter;
- $this->config = $config ?? \OCP\Server::get(IConfig::class);
- $this->urlGenerator = $urlGenerator ?? \OCP\Server::get(IURLGenerator::class);
- }
- /**
- * get the user id
- *
- * @return string
- */
- public function getUID() {
- return $this->uid;
- }
- /**
- * get the display name for the user, if no specific display name is set it will fallback to the user id
- *
- * @return string
- */
- public function getDisplayName() {
- if ($this->displayName === null) {
- $displayName = '';
- if ($this->backend && $this->backend->implementsActions(Backend::GET_DISPLAYNAME)) {
- // get display name and strip whitespace from the beginning and end of it
- $backendDisplayName = $this->backend->getDisplayName($this->uid);
- if (is_string($backendDisplayName)) {
- $displayName = trim($backendDisplayName);
- }
- }
- if (!empty($displayName)) {
- $this->displayName = $displayName;
- } else {
- $this->displayName = $this->uid;
- }
- }
- return $this->displayName;
- }
- /**
- * set the displayname for the user
- *
- * @param string $displayName
- * @return bool
- *
- * @since 25.0.0 Throw InvalidArgumentException
- * @throws \InvalidArgumentException
- */
- public function setDisplayName($displayName) {
- $displayName = trim($displayName);
- $oldDisplayName = $this->getDisplayName();
- if ($this->backend->implementsActions(Backend::SET_DISPLAYNAME) && !empty($displayName) && $displayName !== $oldDisplayName) {
- /** @var ISetDisplayNameBackend $backend */
- $backend = $this->backend;
- $result = $backend->setDisplayName($this->uid, $displayName);
- if ($result) {
- $this->displayName = $displayName;
- $this->triggerChange('displayName', $displayName, $oldDisplayName);
- }
- return $result !== false;
- }
- return false;
- }
- /**
- * @inheritDoc
- */
- public function setEMailAddress($mailAddress) {
- $this->setSystemEMailAddress($mailAddress);
- }
- /**
- * @inheritDoc
- */
- public function setSystemEMailAddress(string $mailAddress): void {
- $oldMailAddress = $this->getSystemEMailAddress();
- if ($mailAddress === '') {
- $this->config->deleteUserValue($this->uid, 'settings', 'email');
- } else {
- $this->config->setUserValue($this->uid, 'settings', 'email', $mailAddress);
- }
- $primaryAddress = $this->getPrimaryEMailAddress();
- if ($primaryAddress === $mailAddress) {
- // on match no dedicated primary settings is necessary
- $this->setPrimaryEMailAddress('');
- }
- if ($oldMailAddress !== strtolower($mailAddress)) {
- $this->triggerChange('eMailAddress', $mailAddress, $oldMailAddress);
- }
- }
- /**
- * @inheritDoc
- */
- public function setPrimaryEMailAddress(string $mailAddress): void {
- if ($mailAddress === '') {
- $this->config->deleteUserValue($this->uid, 'settings', 'primary_email');
- return;
- }
- $this->ensureAccountManager();
- $account = $this->accountManager->getAccount($this);
- $property = $account->getPropertyCollection(IAccountManager::COLLECTION_EMAIL)
- ->getPropertyByValue($mailAddress);
- if ($property === null || $property->getLocallyVerified() !== IAccountManager::VERIFIED) {
- throw new InvalidArgumentException('Only verified emails can be set as primary');
- }
- $this->config->setUserValue($this->uid, 'settings', 'primary_email', $mailAddress);
- }
- private function ensureAccountManager() {
- if (!$this->accountManager instanceof IAccountManager) {
- $this->accountManager = \OC::$server->get(IAccountManager::class);
- }
- }
- /**
- * returns the timestamp of the user's last login or 0 if the user did never
- * login
- *
- * @return int
- */
- public function getLastLogin() {
- if ($this->lastLogin === null) {
- $this->lastLogin = (int)$this->config->getUserValue($this->uid, 'login', 'lastLogin', 0);
- }
- return (int)$this->lastLogin;
- }
- /**
- * updates the timestamp of the most recent login of this user
- */
- public function updateLastLoginTimestamp() {
- $previousLogin = $this->getLastLogin();
- $now = time();
- $firstTimeLogin = $previousLogin === 0;
- if ($now - $previousLogin > 60) {
- $this->lastLogin = time();
- $this->config->setUserValue(
- $this->uid, 'login', 'lastLogin', (string)$this->lastLogin);
- }
- return $firstTimeLogin;
- }
- /**
- * Delete the user
- *
- * @return bool
- */
- public function delete() {
- if ($this->backend === null) {
- \OCP\Server::get(LoggerInterface::class)->error('Cannot delete user: No backend set');
- return false;
- }
- if ($this->emitter) {
- /** @deprecated 21.0.0 use BeforeUserDeletedEvent event with the IEventDispatcher instead */
- $this->emitter->emit('\OC\User', 'preDelete', [$this]);
- }
- $this->dispatcher->dispatchTyped(new BeforeUserDeletedEvent($this));
- // Set delete flag on the user - this is needed to ensure that the user data is removed if there happen any exception in the backend
- // because we can not restore the user meaning we could not rollback to any stable state otherwise.
- $this->config->setUserValue($this->uid, 'core', 'deleted', 'true');
- // We also need to backup the home path as this can not be reconstructed later if the original backend uses custom home paths
- $this->config->setUserValue($this->uid, 'core', 'deleted.home-path', $this->getHome());
- // Try to delete the user on the backend
- $result = $this->backend->deleteUser($this->uid);
- if ($result === false) {
- // The deletion was aborted or something else happened, we are in a defined state, so remove the delete flag
- $this->config->deleteUserValue($this->uid, 'core', 'deleted');
- return false;
- }
- // We have to delete the user from all groups
- $groupManager = \OCP\Server::get(IGroupManager::class);
- foreach ($groupManager->getUserGroupIds($this) as $groupId) {
- $group = $groupManager->get($groupId);
- if ($group) {
- $this->dispatcher->dispatchTyped(new BeforeUserRemovedEvent($group, $this));
- $group->removeUser($this);
- $this->dispatcher->dispatchTyped(new UserRemovedEvent($group, $this));
- }
- }
- $commentsManager = \OCP\Server::get(ICommentsManager::class);
- $commentsManager->deleteReferencesOfActor('users', $this->uid);
- $commentsManager->deleteReadMarksFromUser($this);
- $avatarManager = \OCP\Server::get(AvatarManager::class);
- $avatarManager->deleteUserAvatar($this->uid);
- $notificationManager = \OCP\Server::get(INotificationManager::class);
- $notification = $notificationManager->createNotification();
- $notification->setUser($this->uid);
- $notificationManager->markProcessed($notification);
- $accountManager = \OCP\Server::get(AccountManager::class);
- $accountManager->deleteUser($this);
- $database = \OCP\Server::get(IDBConnection::class);
- try {
- // We need to create a transaction to make sure we are in a defined state
- // because if all user values are removed also the flag is gone, but if an exception happens (e.g. database lost connection on the set operation)
- // exactly here we are in an undefined state as the data is still present but the user does not exist on the system anymore.
- $database->beginTransaction();
- // Remove all user settings
- $this->config->deleteAllUserValues($this->uid);
- // But again set flag that this user is about to be deleted
- $this->config->setUserValue($this->uid, 'core', 'deleted', 'true');
- $this->config->setUserValue($this->uid, 'core', 'deleted.home-path', $this->getHome());
- // Commit the transaction so we are in a defined state: either the preferences are removed or an exception occurred but the delete flag is still present
- $database->commit();
- } catch (\Throwable $e) {
- $database->rollback();
- throw $e;
- }
- if ($this->emitter !== null) {
- /** @deprecated 21.0.0 use UserDeletedEvent event with the IEventDispatcher instead */
- $this->emitter->emit('\OC\User', 'postDelete', [$this]);
- }
- $this->dispatcher->dispatchTyped(new UserDeletedEvent($this));
- // Finally we can unset the delete flag and all other states
- $this->config->deleteAllUserValues($this->uid);
- return true;
- }
- /**
- * Set the password of the user
- *
- * @param string $password
- * @param string $recoveryPassword for the encryption app to reset encryption keys
- * @return bool
- */
- public function setPassword($password, $recoveryPassword = null) {
- $this->dispatcher->dispatchTyped(new BeforePasswordUpdatedEvent($this, $password, $recoveryPassword));
- if ($this->emitter) {
- $this->emitter->emit('\OC\User', 'preSetPassword', [$this, $password, $recoveryPassword]);
- }
- if ($this->backend->implementsActions(Backend::SET_PASSWORD)) {
- /** @var ISetPasswordBackend $backend */
- $backend = $this->backend;
- $result = $backend->setPassword($this->uid, $password);
- if ($result !== false) {
- $this->dispatcher->dispatchTyped(new PasswordUpdatedEvent($this, $password, $recoveryPassword));
- if ($this->emitter) {
- $this->emitter->emit('\OC\User', 'postSetPassword', [$this, $password, $recoveryPassword]);
- }
- }
- return !($result === false);
- } else {
- return false;
- }
- }
- public function getPasswordHash(): ?string {
- if (!($this->backend instanceof IPasswordHashBackend)) {
- return null;
- }
- return $this->backend->getPasswordHash($this->uid);
- }
- public function setPasswordHash(string $passwordHash): bool {
- if (!($this->backend instanceof IPasswordHashBackend)) {
- return false;
- }
- return $this->backend->setPasswordHash($this->uid, $passwordHash);
- }
- /**
- * get the users home folder to mount
- *
- * @return string
- */
- public function getHome() {
- if (!$this->home) {
- /** @psalm-suppress UndefinedInterfaceMethod Once we get rid of the legacy implementsActions, psalm won't complain anymore */
- if (($this->backend instanceof IGetHomeBackend || $this->backend->implementsActions(Backend::GET_HOME)) && $home = $this->backend->getHome($this->uid)) {
- $this->home = $home;
- } else {
- $this->home = $this->config->getSystemValueString('datadirectory', \OC::$SERVERROOT . '/data') . '/' . $this->uid;
- }
- }
- return $this->home;
- }
- /**
- * Get the name of the backend class the user is connected with
- *
- * @return string
- */
- public function getBackendClassName() {
- if ($this->backend instanceof IUserBackend) {
- return $this->backend->getBackendName();
- }
- return get_class($this->backend);
- }
- public function getBackend(): ?UserInterface {
- return $this->backend;
- }
- /**
- * Check if the backend allows the user to change their avatar on Personal page
- *
- * @return bool
- */
- public function canChangeAvatar() {
- if ($this->backend instanceof IProvideAvatarBackend || $this->backend->implementsActions(Backend::PROVIDE_AVATAR)) {
- /** @var IProvideAvatarBackend $backend */
- $backend = $this->backend;
- return $backend->canChangeAvatar($this->uid);
- }
- return true;
- }
- /**
- * check if the backend supports changing passwords
- *
- * @return bool
- */
- public function canChangePassword() {
- return $this->backend->implementsActions(Backend::SET_PASSWORD);
- }
- /**
- * check if the backend supports changing display names
- *
- * @return bool
- */
- public function canChangeDisplayName() {
- if (!$this->config->getSystemValueBool('allow_user_to_change_display_name', true)) {
- return false;
- }
- return $this->backend->implementsActions(Backend::SET_DISPLAYNAME);
- }
- /**
- * check if the user is enabled
- *
- * @return bool
- */
- public function isEnabled() {
- $queryDatabaseValue = function (): bool {
- if ($this->enabled === null) {
- $enabled = $this->config->getUserValue($this->uid, 'core', 'enabled', 'true');
- $this->enabled = $enabled === 'true';
- }
- return $this->enabled;
- };
- if ($this->backend instanceof IProvideEnabledStateBackend) {
- return $this->backend->isUserEnabled($this->uid, $queryDatabaseValue);
- } else {
- return $queryDatabaseValue();
- }
- }
- /**
- * set the enabled status for the user
- *
- * @return void
- */
- public function setEnabled(bool $enabled = true) {
- $oldStatus = $this->isEnabled();
- $setDatabaseValue = function (bool $enabled): void {
- $this->config->setUserValue($this->uid, 'core', 'enabled', $enabled ? 'true' : 'false');
- $this->enabled = $enabled;
- };
- if ($this->backend instanceof IProvideEnabledStateBackend) {
- $queryDatabaseValue = function (): bool {
- if ($this->enabled === null) {
- $enabled = $this->config->getUserValue($this->uid, 'core', 'enabled', 'true');
- $this->enabled = $enabled === 'true';
- }
- return $this->enabled;
- };
- $enabled = $this->backend->setUserEnabled($this->uid, $enabled, $queryDatabaseValue, $setDatabaseValue);
- if ($oldStatus !== $enabled) {
- $this->triggerChange('enabled', $enabled, $oldStatus);
- }
- } elseif ($oldStatus !== $enabled) {
- $setDatabaseValue($enabled);
- $this->triggerChange('enabled', $enabled, $oldStatus);
- }
- }
- /**
- * get the users email address
- *
- * @return string|null
- * @since 9.0.0
- */
- public function getEMailAddress() {
- return $this->getPrimaryEMailAddress() ?? $this->getSystemEMailAddress();
- }
- /**
- * @inheritDoc
- */
- public function getSystemEMailAddress(): ?string {
- return $this->config->getUserValue($this->uid, 'settings', 'email', null);
- }
- /**
- * @inheritDoc
- */
- public function getPrimaryEMailAddress(): ?string {
- return $this->config->getUserValue($this->uid, 'settings', 'primary_email', null);
- }
- /**
- * get the users' quota
- *
- * @return string
- * @since 9.0.0
- */
- public function getQuota() {
- // allow apps to modify the user quota by hooking into the event
- $event = new GetQuotaEvent($this);
- $this->dispatcher->dispatchTyped($event);
- $overwriteQuota = $event->getQuota();
- if ($overwriteQuota) {
- $quota = $overwriteQuota;
- } else {
- $quota = $this->config->getUserValue($this->uid, 'files', 'quota', 'default');
- }
- if ($quota === 'default') {
- $quota = $this->config->getAppValue('files', 'default_quota', 'none');
- // if unlimited quota is not allowed => avoid getting 'unlimited' as default_quota fallback value
- // use the first preset instead
- $allowUnlimitedQuota = $this->config->getAppValue('files', 'allow_unlimited_quota', '1') === '1';
- if (!$allowUnlimitedQuota) {
- $presets = $this->config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB');
- $presets = array_filter(array_map('trim', explode(',', $presets)));
- $quotaPreset = array_values(array_diff($presets, ['default', 'none']));
- if (count($quotaPreset) > 0) {
- $quota = $this->config->getAppValue('files', 'default_quota', $quotaPreset[0]);
- }
- }
- }
- return $quota;
- }
- /**
- * set the users' quota
- *
- * @param string $quota
- * @return void
- * @throws InvalidArgumentException
- * @since 9.0.0
- */
- public function setQuota($quota) {
- $oldQuota = $this->config->getUserValue($this->uid, 'files', 'quota', '');
- if ($quota !== 'none' and $quota !== 'default') {
- $bytesQuota = OC_Helper::computerFileSize($quota);
- if ($bytesQuota === false) {
- throw new InvalidArgumentException('Failed to set quota to invalid value ' . $quota);
- }
- $quota = OC_Helper::humanFileSize($bytesQuota);
- }
- if ($quota !== $oldQuota) {
- $this->config->setUserValue($this->uid, 'files', 'quota', $quota);
- $this->triggerChange('quota', $quota, $oldQuota);
- }
- \OC_Helper::clearStorageInfo('/' . $this->uid . '/files');
- }
- public function getManagerUids(): array {
- $encodedUids = $this->config->getUserValue(
- $this->uid,
- 'settings',
- self::CONFIG_KEY_MANAGERS,
- '[]'
- );
- return json_decode($encodedUids, false, 512, JSON_THROW_ON_ERROR);
- }
- public function setManagerUids(array $uids): void {
- $oldUids = $this->getManagerUids();
- $this->config->setUserValue(
- $this->uid,
- 'settings',
- self::CONFIG_KEY_MANAGERS,
- json_encode($uids, JSON_THROW_ON_ERROR)
- );
- $this->triggerChange('managers', $uids, $oldUids);
- }
- /**
- * get the avatar image if it exists
- *
- * @param int $size
- * @return IImage|null
- * @since 9.0.0
- */
- public function getAvatarImage($size) {
- // delay the initialization
- if (is_null($this->avatarManager)) {
- $this->avatarManager = \OC::$server->get(IAvatarManager::class);
- }
- $avatar = $this->avatarManager->getAvatar($this->uid);
- $image = $avatar->get($size);
- if ($image) {
- return $image;
- }
- return null;
- }
- /**
- * get the federation cloud id
- *
- * @return string
- * @since 9.0.0
- */
- public function getCloudId() {
- $uid = $this->getUID();
- $server = rtrim($this->urlGenerator->getAbsoluteURL('/'), '/');
- if (str_ends_with($server, '/index.php')) {
- $server = substr($server, 0, -10);
- }
- $server = $this->removeProtocolFromUrl($server);
- return $uid . '@' . $server;
- }
- private function removeProtocolFromUrl(string $url): string {
- if (str_starts_with($url, 'https://')) {
- return substr($url, strlen('https://'));
- }
- return $url;
- }
- public function triggerChange($feature, $value = null, $oldValue = null) {
- $this->dispatcher->dispatchTyped(new UserChangedEvent($this, $feature, $value, $oldValue));
- if ($this->emitter) {
- $this->emitter->emit('\OC\User', 'changeUser', [$this, $feature, $value, $oldValue]);
- }
- }
- }
|