Add password reset typed events

These hooks are only used in the Encryption app from what I can see. Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2 years ago · 44e13848a1
parent 5f8e1b7fb9
commit 44e13848a1
6 changed files with 172 additions and 13 deletions
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@ -36,6 +36,8 @@
 namespace OC\Core\Controller;

 use OC\Authentication\TwoFactorAuth\Manager;
+use OC\Core\Events\BeforePasswordResetEvent;
+use OC\Core\Events\PasswordResetEvent;
 use OC\Core\Exception\ResetPasswordException;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\JSONResponse;
@ -43,6 +45,7 @@ use OCP\AppFramework\Http\TemplateResponse;
 use OCP\Defaults;
 use OCP\Encryption\IEncryptionModule;
 use OCP\Encryption\IManager;
+use OCP\EventDispatcher\IEventDispatcher;
 use OCP\HintException;
 use OCP\IConfig;
 use OCP\IInitialStateService;
@ -80,6 +83,8 @@ class LostController extends Controller {
 	private IInitialStateService $initialStateService;
 	private IVerificationToken $verificationToken;

+	private IEventDispatcher $eventDispatcher;
+
 	public function __construct(
 		string $appName,
 		IRequest $request,
@ -94,7 +99,8 @@ class LostController extends Controller {
 		LoggerInterface $logger,
 		Manager $twoFactorManager,
 		IInitialStateService $initialStateService,
-		IVerificationToken $verificationToken
+		IVerificationToken $verificationToken,
+		IEventDispatcher $eventDispatcher
 	) {
 		parent::__construct($appName, $request);
 		$this->urlGenerator = $urlGenerator;
@ -109,6 +115,7 @@ class LostController extends Controller {
 		$this->twoFactorManager = $twoFactorManager;
 		$this->initialStateService = $initialStateService;
 		$this->verificationToken = $verificationToken;
+		$this->eventDispatcher = $eventDispatcher;
 	}

 	/**
@ -225,12 +232,14 @@ class LostController extends Controller {
 			$this->checkPasswordResetToken($token, $userId);
 			$user = $this->userManager->get($userId);

+			$this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password));
 			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]);

 			if (!$user->setPassword($password)) {
 				throw new \Exception();
 			}

+			$this->eventDispatcher->dispatchTyped(new PasswordResetEvent($user, $password));
 			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', ['uid' => $userId, 'password' => $password]);

 			$this->twoFactorManager->clearTwoFactorPending($userId);
--- a/core/Events/BeforePasswordResetEvent.php
+++ b/core/Events/BeforePasswordResetEvent.php
@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Morris Jobke <hey@morrisjobke.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OC\Core\Events;
+
+use OCP\EventDispatcher\Event;
+use OCP\IUser;
+
+/**
+ * Emitted before the user password is reset.
+ *
+ * @since 25.0.0
+ */
+class BeforePasswordResetEvent extends Event {
+	private IUser $user;
+	private string $password;
+
+	/**
+	 * @since 25.0.0
+	 */
+	public function __construct(IUser $user, string $password) {
+		parent::__construct();
+		$this->user = $user;
+		$this->password = $password;
+	}
+
+	/**
+	 * @since 25.0.0
+	 */
+	public function getUser(): IUser {
+		return $this->user;
+	}
+
+	/**
+	 * @since 25.0.0
+	 */
+	public function getPassword(): string {
+		return $this->password;
+	}
+}
--- a/core/Events/PasswordResetEvent.php
+++ b/core/Events/PasswordResetEvent.php
@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Morris Jobke <hey@morrisjobke.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OC\Core\Events;
+
+use OCP\EventDispatcher\Event;
+use OCP\IUser;
+
+/**
+ * Emitted after the user password is reset.
+ *
+ * @since 25.0.0
+ */
+class PasswordResetEvent extends Event {
+	private IUser $user;
+	private string $password;
+
+	/**
+	 * @since 25.0.0
+	 */
+	public function __construct(IUser $user, string $password) {
+		parent::__construct();
+		$this->user = $user;
+		$this->password = $password;
+	}
+
+	/**
+	 * @since 25.0.0
+	 */
+	public function getUser(): IUser {
+		return $this->user;
+	}
+
+	/**
+	 * @since 25.0.0
+	 */
+	public function getPassword(): string {
+		return $this->password;
+	}
+}
--- a/lib/composer/composer/autoload_classmap.php
+++ b/lib/composer/composer/autoload_classmap.php
@ -981,6 +981,8 @@ return array(
    'OC\\Core\\Db\\LoginFlowV2Mapper' => $baseDir . '/core/Db/LoginFlowV2Mapper.php',
    'OC\\Core\\Db\\ProfileConfig' => $baseDir . '/core/Db/ProfileConfig.php',
    'OC\\Core\\Db\\ProfileConfigMapper' => $baseDir . '/core/Db/ProfileConfigMapper.php',
+    'OC\\Core\\Events\\BeforePasswordResetEvent' => $baseDir . '/core/Events/BeforePasswordResetEvent.php',
+    'OC\\Core\\Events\\PasswordResetEvent' => $baseDir . '/core/Events/PasswordResetEvent.php',
    'OC\\Core\\Exception\\LoginFlowV2NotFoundException' => $baseDir . '/core/Exception/LoginFlowV2NotFoundException.php',
    'OC\\Core\\Exception\\ResetPasswordException' => $baseDir . '/core/Exception/ResetPasswordException.php',
    'OC\\Core\\Middleware\\TwoFactorMiddleware' => $baseDir . '/core/Middleware/TwoFactorMiddleware.php',
--- a/lib/composer/composer/autoload_static.php
+++ b/lib/composer/composer/autoload_static.php
@ -1014,6 +1014,8 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
        'OC\\Core\\Db\\LoginFlowV2Mapper' => __DIR__ . '/../../..' . '/core/Db/LoginFlowV2Mapper.php',
        'OC\\Core\\Db\\ProfileConfig' => __DIR__ . '/../../..' . '/core/Db/ProfileConfig.php',
        'OC\\Core\\Db\\ProfileConfigMapper' => __DIR__ . '/../../..' . '/core/Db/ProfileConfigMapper.php',
+        'OC\\Core\\Events\\BeforePasswordResetEvent' => __DIR__ . '/../../..' . '/core/Events/BeforePasswordResetEvent.php',
+        'OC\\Core\\Events\\PasswordResetEvent' => __DIR__ . '/../../..' . '/core/Events/PasswordResetEvent.php',
        'OC\\Core\\Exception\\LoginFlowV2NotFoundException' => __DIR__ . '/../../..' . '/core/Exception/LoginFlowV2NotFoundException.php',
        'OC\\Core\\Exception\\ResetPasswordException' => __DIR__ . '/../../..' . '/core/Exception/ResetPasswordException.php',
        'OC\\Core\\Middleware\\TwoFactorMiddleware' => __DIR__ . '/../../..' . '/core/Middleware/TwoFactorMiddleware.php',
--- a/tests/Core/Controller/LostControllerTest.php
+++ b/tests/Core/Controller/LostControllerTest.php
@ -23,12 +23,15 @@ namespace Tests\Core\Controller;

 use OC\Authentication\TwoFactorAuth\Manager;
 use OC\Core\Controller\LostController;
+use OC\Core\Events\BeforePasswordResetEvent;
+use OC\Core\Events\PasswordResetEvent;
 use OC\Mail\Message;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\Defaults;
 use OCP\Encryption\IEncryptionModule;
 use OCP\Encryption\IManager;
+use OCP\EventDispatcher\IEventDispatcher;
 use OCP\IConfig;
 use OCP\IInitialStateService;
 use OCP\IL10N;
@ -41,42 +44,46 @@ use OCP\Mail\IMailer;
 use OCP\Security\VerificationToken\InvalidTokenException;
 use OCP\Security\VerificationToken\IVerificationToken;
 use Psr\Log\LoggerInterface;
+use PHPUnit\Framework\MockObject\MockObject;
+use Test\TestCase;

 /**
 * Class LostControllerTest
 *
 * @package OC\Core\Controller
 */
-class LostControllerTest extends \Test\TestCase {
+class LostControllerTest extends TestCase {

 	/** @var LostController */
 	private $lostController;
 	/** @var IUser */
 	private $existingUser;
-	/** @var IURLGenerator | \PHPUnit\Framework\MockObject\MockObject */
+	/** @var IURLGenerator | MockObject */
 	private $urlGenerator;
 	/** @var IL10N */
 	private $l10n;
-	/** @var IUserManager | \PHPUnit\Framework\MockObject\MockObject */
+	/** @var IUserManager | MockObject */
 	private $userManager;
 	/** @var Defaults */
 	private $defaults;
-	/** @var IConfig | \PHPUnit\Framework\MockObject\MockObject */
+	/** @var IConfig | MockObject */
 	private $config;
-	/** @var IMailer | \PHPUnit\Framework\MockObject\MockObject */
+	/** @var IMailer | MockObject */
 	private $mailer;
-	/** @var IManager|\PHPUnit\Framework\MockObject\MockObject */
+	/** @var IManager|MockObject */
 	private $encryptionManager;
-	/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
+	/** @var IRequest|MockObject */
 	private $request;
 	/** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
 	private $logger;
-	/** @var Manager|\PHPUnit\Framework\MockObject\MockObject */
+	/** @var Manager|MockObject */
 	private $twofactorManager;
-	/** @var IInitialStateService|\PHPUnit\Framework\MockObject\MockObject */
+	/** @var IInitialStateService|MockObject */
 	private $initialStateService;
-	/** @var IVerificationToken|\PHPUnit\Framework\MockObject\MockObject */
+	/** @var IVerificationToken|MockObject */
 	private $verificationToken;
+	/** @var IEventDispatcher|MockObject */
+	private $eventDispatcher;

 	protected function setUp(): void {
 		parent::setUp();
@ -129,6 +136,7 @@ class LostControllerTest extends \Test\TestCase {
 		$this->twofactorManager = $this->createMock(Manager::class);
 		$this->initialStateService = $this->createMock(IInitialStateService::class);
 		$this->verificationToken = $this->createMock(IVerificationToken::class);
+		$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
 		$this->lostController = new LostController(
 			'Core',
 			$this->request,
@ -143,7 +151,8 @@ class LostControllerTest extends \Test\TestCase {
 			$this->logger,
 			$this->twofactorManager,
 			$this->initialStateService,
-			$this->verificationToken
+			$this->verificationToken,
+			$this->eventDispatcher
 		);
 	}

@ -418,6 +427,11 @@ class LostControllerTest extends \Test\TestCase {
 		$this->userManager->method('get')
 			->with('ValidTokenUser')
 			->willReturn($this->existingUser);
+		$beforePasswordResetEvent = new BeforePasswordResetEvent($this->existingUser, 'NewPassword');
+		$this->eventDispatcher
+			->expects($this->once())
+			->method('dispatchTyped')
+			->with($beforePasswordResetEvent);
 		$this->config->expects($this->never())
 			->method('deleteUserValue');

@ -439,6 +453,12 @@ class LostControllerTest extends \Test\TestCase {
 		$this->userManager->method('get')
 			->with('ValidTokenUser')
 			->willReturn($this->existingUser);
+		$beforePasswordResetEvent = new BeforePasswordResetEvent($this->existingUser, 'NewPassword');
+		$passwordResetEvent = new PasswordResetEvent($this->existingUser, 'NewPassword');
+		$this->eventDispatcher
+			->expects($this->exactly(2))
+			->method('dispatchTyped')
+			->withConsecutive([$beforePasswordResetEvent], [$passwordResetEvent]);
 		$this->config->expects($this->once())
 			->method('deleteUserValue')
 			->with('ValidTokenUser', 'core', 'lostpassword');
@ -560,7 +580,7 @@ class LostControllerTest extends \Test\TestCase {
 	}

 	public function testSetPasswordEncryptionDontProceedPerUserKey() {
-		/** @var IEncryptionModule|\PHPUnit\Framework\MockObject\MockObject $encryptionModule */
+		/** @var IEncryptionModule|MockObject $encryptionModule */
 		$encryptionModule = $this->createMock(IEncryptionModule::class);
 		$encryptionModule->expects($this->once())->method('needDetailedAccessList')->willReturn(true);
 		$this->encryptionManager->expects($this->once())->method('getEncryptionModules')