No "Welcome" email sent when using occ.

[hickscorp]

Using the latest version of NextCloud, we discovered a problem that might be a bug.
We're using a CSV file to import our users into the system, via a small bash script that we created.

#!/bin/bash
USERS_CSV="$HOME/nextcloud-users.csv"
OCC="$HOME/public_html/occ"
OLDIFS=$IFS
IFS=","
while read username password displayName email group
 do
    export OC_PASS=$password
    echo "Adding user ${username} (${displayName} | ${password} | ${group})..."
    $OCC user:add --password-from-env --display-name "$displayName" --group "$group" "$username"
    echo "Setting ${username}'s email to ${email}..."
    $OCC user:setting "$username" settings email "$email"
done < $USERS_CSV
 IFS=$OLDIFS

This works great, and all users from the CSV file are added. However, none of them receive the "Welcome" email inviting them to set / reset their password.

[desperateCoder]

Additionally, I'd wish that if you don't provide a password at all but an email address, the ordinary email verification flow would be triggered, just as if you had added the user via the user-administration UI in the web client. I kind of need this for a customer of mine, but I didn't find any way to get this done without a REST call to the endpoint. The endpoint then needs an authorization header, so we'd have to include the credentials somewhere in the NC-app code or store them in the DB or something, which isn't nice at all, since we're on the server side anyways...

Any chance, that we get this feature? Should I open a separate issue for this?

[hickscorp]

@desperateCoder these are good points, thanks for chipping in.

I am curious - maybe is there a way to trigger the welcome email using occ as a workaround?

[desperateCoder]

@hickscorp I feel like I searched the whole internet for an answer, I did only find these two ways:

• using occ - see here
• using the REST endpoint - see here

The first one is a complete documentation of the occ commands to manage users. Besides --password-from-env, I don't see any possibility to omit the password. And there is no command without setting a password at all.

The second one would work I guess, but as mentioned above I need to authorize against the endpoint. This would be maybe a solution for you? I just want to prevent having credentials stored just somewhere, that's unsafe.

[hickscorp]

@desperateCoder thanks a lot for the pointers.
If I understand correctly, hitting the ocs/v1.php/cloud/users endpoint would essentially void the need for us to create the user using occ, and would allow us to have that email sent without a password specified as an argument - great!

Regarding authentication, I'm guessing that I could use a bearer token from any of my web sessions?
EDIT: Looking at the endpoint, it seems that it accepts a https://user:password@hostname type of authentication - not the best thing to have laying around in automation scripts, but that will do for now :)

[desperateCoder]

Correctly. You're a lucky guy, since you can use a bash script with a little curl in it. For me, I have to support an instance on a shared hoster, I have little to no freedom here.

You could get the credentials for your script from anywhere, I bet there are good ways to solve that problem, e.g. use a credhub or something. But for me, your ticket has a very good point. Afaik there is even a similar request at the owncloud repo, but no one wants to use owncloud anyways, right? 😜

I think this is really missing and I'm glad that I'm not the only one needing this.

[hickscorp]

@desperateCoder I feel for you... For what it's worth - we're also using a hoster, and we have access to the API.

[szaimen]

I suppose this is still valid on NC21.0.2?
What happens if you check this button

and run the import script then?
does the welcome mail gets send then?

[ghost]

This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions.

[juliusknorr]

Still valid. It is not working as the script sets the email address after the user creation email would be triggered. I guess having a --email option on occ user:add would be a good enhanement, though I would not consider this to be a bug.

[szaimen]

Hi, please update to 24.0.9 or better 25.0.3 and report back if it fixes the issue. Thank you!

My goal is to add a label like e.g. 25-feedback to this ticket of an up-to-date major Nextcloud version where the bug could be reproduced. However this is not going to work without your help. So thanks for all your effort!

If you don't manage to reproduce the issue in time and the issue gets closed but you can reproduce the issue afterwards, feel free to create a new bug report with up-to-date information by following this link: https://github.com/nextcloud/server/issues/new?assignees=&labels=bug%2C0.+Needs+triage&template=BUG_REPORT.yml&title=%5BBug%5D%3A+

[desperateCoder]

There is currently no way I could test that for now, but I bet it works like a charm. As long as my lack of support won't prevent you from releasing it, I'd test it as soon as I can. In case something is off, I'd create another issue as you mentioned.

[juliusknorr]

Still a valid issue, there has been work started in #29368 but not continued due to lack of time.

[gonzalo]

Here you have a bash script that I've created in order to send a welcome message to a list of users stored in a CSV/Excel file (I used to create users with a batch script and communicate them a few days later after organizing the groups/circles)

As you may see the key is the curl request 'curl -s -u "$admin_user:$admin_password" -X POST "$instance_url/ocs/v2.php/cloud/users/$username/welcome" --header "OCS-APIRequest: true" -o "$temp_file"'

It used to work but I've just enabled 2FA for my admin user and I'm having troubles running that command.

#!/bin/bash

# Función para realizar la llamada a la API para cada usuario
function send_welcome_request() {
  local username=$1
  local admin_user=$2
  local admin_password=$3
  local instance_url=$4

  # Generar un nombre de archivo temporal aleatorio
  temp_file=$(mktemp -p /tmp)

  # Realizar la llamada a la API y guardar la salida en el archivo temporal
  response=$(curl -s -u "$admin_user:$admin_password" -X POST "$instance_url/ocs/v2.php/cloud/users/$username/welcome" --header "OCS-APIRequest: true" -o "$temp_file")

  # Verificar la respuesta
  message=$(grep -oP "(?<=<message>)[^<]+" "$temp_file")
  if [[ "$message" == "OK" ]]; then
    echo "Welcome email sent to user: $username"
  else
    echo "Failed to send welcome email to user: $username"
  fi

  # Eliminar el archivo temporal
  rm -f "$temp_file"
}

# Función para mostrar el mensaje de ayuda
function show_help() {
  echo "Uso: $0 <URL_instancia_Nextcloud> <archivo>"
  echo
  echo "Descripción: Este script realiza una llamada a la API de Nextcloud para enviar un correo de bienvenida a cada usuario listado en el archivo CSV o Excel."
  echo
  echo "Parámetros:"
  echo "  <URL_instancia_Nextcloud>  La URL de la instancia de Nextcloud, sin \"https://\"."
  echo "  <archivo>                  La ruta al archivo CSV o Excel que contiene la lista de usuarios."
  echo
}

# Verificar la cantidad de argumentos
if [[ "$#" != 2 ]]; then
  show_help
  exit 1
fi

# Obtener la dirección de la instancia Nextcloud y el archivo CSV o Excel
instance_url=$1
file=$2
# Solicitar el nombre de usuario y contraseña del administrador
read -p "Admin Username: " admin_user
read -s -p "Admin Password: " admin_password
echo

# Verificar la existencia del archivo
if [[ ! -f "$file" ]]; then
  echo "Error: File not found: $file"
  exit 1
fi

# Verificar si la URL proporcionada es válida
if [[ ! "$instance_url" =~ ^[a-zA-Z0-9.-]+$ ]]; then
  echo "Error: URL instance Nextcloud is invalid."
  show_help
  exit 1
fi

# Convertir el archivo Excel a CSV usando xlsx2csv si es necesario
if [[ "${file##*.}" == "xlsx" ]]; then
  csv_file=$(mktemp -p /tmp)
  # Convertir el archivo Excel a CSV usando xlsx2csv
  xlsx2csv "$file" > "$csv_file"
else
  csv_file=$file
fi

# Leer el archivo CSV y procesar los usuarios
while IFS=';' read -r username email display_name group quota; do
  # Ignorar la primera línea que contiene los nombres de columna
  if [[ "$username" != "username" ]]; then
    echo send_welcome_request "$username" "$admin_user" "$admin_password" "https://$instance_url"
  fi
done

[b3nks]

💙