Add.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. namespace OC\Core\Command\User;
  8. use OC\Files\Filesystem;
  9. use OCA\Settings\Mailer\NewUserMailHelper;
  10. use OCP\EventDispatcher\IEventDispatcher;
  11. use OCP\IAppConfig;
  12. use OCP\IGroup;
  13. use OCP\IGroupManager;
  14. use OCP\IUser;
  15. use OCP\IUserManager;
  16. use OCP\Mail\IMailer;
  17. use OCP\Security\Events\GenerateSecurePasswordEvent;
  18. use OCP\Security\ISecureRandom;
  19. use Symfony\Component\Console\Command\Command;
  20. use Symfony\Component\Console\Helper\QuestionHelper;
  21. use Symfony\Component\Console\Input\InputArgument;
  22. use Symfony\Component\Console\Input\InputInterface;
  23. use Symfony\Component\Console\Input\InputOption;
  24. use Symfony\Component\Console\Output\OutputInterface;
  25. use Symfony\Component\Console\Question\Question;
  26. class Add extends Command {
  27. public function __construct(
  28. protected IUserManager $userManager,
  29. protected IGroupManager $groupManager,
  30. protected IMailer $mailer,
  31. private IAppConfig $appConfig,
  32. private NewUserMailHelper $mailHelper,
  33. private IEventDispatcher $eventDispatcher,
  34. private ISecureRandom $secureRandom,
  35. ) {
  36. parent::__construct();
  37. }
  38. protected function configure(): void {
  39. $this
  40. ->setName('user:add')
  41. ->setDescription('adds an account')
  42. ->addArgument(
  43. 'uid',
  44. InputArgument::REQUIRED,
  45. 'Account ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @)'
  46. )
  47. ->addOption(
  48. 'password-from-env',
  49. null,
  50. InputOption::VALUE_NONE,
  51. 'read password from environment variable OC_PASS'
  52. )
  53. ->addOption(
  54. 'generate-password',
  55. null,
  56. InputOption::VALUE_NONE,
  57. 'Generate a secure password. A welcome email with a reset link will be sent to the user via an email if --email option and newUser.sendEmail config are set'
  58. )
  59. ->addOption(
  60. 'display-name',
  61. null,
  62. InputOption::VALUE_OPTIONAL,
  63. 'Login used in the web UI (can contain any characters)'
  64. )
  65. ->addOption(
  66. 'group',
  67. 'g',
  68. InputOption::VALUE_OPTIONAL | InputOption::VALUE_IS_ARRAY,
  69. 'groups the account should be added to (The group will be created if it does not exist)'
  70. )
  71. ->addOption(
  72. 'email',
  73. null,
  74. InputOption::VALUE_REQUIRED,
  75. 'When set, users may register using the default email verification workflow'
  76. );
  77. }
  78. protected function execute(InputInterface $input, OutputInterface $output): int {
  79. $uid = $input->getArgument('uid');
  80. if ($this->userManager->userExists($uid)) {
  81. $output->writeln('<error>The account "' . $uid . '" already exists.</error>');
  82. return 1;
  83. }
  84. $password = '';
  85. // Setup password.
  86. if ($input->getOption('password-from-env')) {
  87. $password = getenv('OC_PASS');
  88. if (!$password) {
  89. $output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>');
  90. return 1;
  91. }
  92. } elseif ($input->getOption('generate-password')) {
  93. $passwordEvent = new GenerateSecurePasswordEvent();
  94. $this->eventDispatcher->dispatchTyped($passwordEvent);
  95. $password = $passwordEvent->getPassword() ?? $this->secureRandom->generate(20);
  96. } elseif ($input->isInteractive()) {
  97. /** @var QuestionHelper $helper */
  98. $helper = $this->getHelper('question');
  99. $question = new Question('Enter password: ');
  100. $question->setHidden(true);
  101. $password = $helper->ask($input, $output, $question);
  102. $question = new Question('Confirm password: ');
  103. $question->setHidden(true);
  104. $confirm = $helper->ask($input, $output, $question);
  105. if ($password !== $confirm) {
  106. $output->writeln("<error>Passwords did not match!</error>");
  107. return 1;
  108. }
  109. } else {
  110. $output->writeln("<error>Interactive input or --password-from-env or --generate-password is needed for setting a password!</error>");
  111. return 1;
  112. }
  113. try {
  114. $user = $this->userManager->createUser(
  115. $input->getArgument('uid'),
  116. $password,
  117. );
  118. } catch (\Exception $e) {
  119. $output->writeln('<error>' . $e->getMessage() . '</error>');
  120. return 1;
  121. }
  122. if ($user instanceof IUser) {
  123. $output->writeln('<info>The account "' . $user->getUID() . '" was created successfully</info>');
  124. } else {
  125. $output->writeln('<error>An error occurred while creating the account</error>');
  126. return 1;
  127. }
  128. if ($input->getOption('display-name')) {
  129. $user->setDisplayName($input->getOption('display-name'));
  130. $output->writeln('Display name set to "' . $user->getDisplayName() . '"');
  131. }
  132. $groups = $input->getOption('group');
  133. if (!empty($groups)) {
  134. // Make sure we init the Filesystem for the user, in case we need to
  135. // init some group shares.
  136. Filesystem::init($user->getUID(), '');
  137. }
  138. foreach ($groups as $groupName) {
  139. $group = $this->groupManager->get($groupName);
  140. if (!$group) {
  141. $this->groupManager->createGroup($groupName);
  142. $group = $this->groupManager->get($groupName);
  143. if ($group instanceof IGroup) {
  144. $output->writeln('Created group "' . $group->getGID() . '"');
  145. }
  146. }
  147. if ($group instanceof IGroup) {
  148. $group->addUser($user);
  149. $output->writeln('Account "' . $user->getUID() . '" added to group "' . $group->getGID() . '"');
  150. }
  151. }
  152. $email = $input->getOption('email');
  153. if (!empty($email)) {
  154. if (!$this->mailer->validateMailAddress($email)) {
  155. $output->writeln(\sprintf(
  156. '<error>The given email address "%s" is invalid. Email not set for the user.</error>',
  157. $email,
  158. ));
  159. return 1;
  160. }
  161. $user->setSystemEMailAddress($email);
  162. if ($this->appConfig->getValueString('core', 'newUser.sendEmail', 'yes') === 'yes') {
  163. try {
  164. $this->mailHelper->sendMail($user, $this->mailHelper->generateTemplate($user, true));
  165. $output->writeln('Welcome email sent to ' . $email);
  166. } catch (\Exception $e) {
  167. $output->writeln('Unable to send the welcome email to ' . $email);
  168. }
  169. }
  170. }
  171. return 0;
  172. }
  173. }