Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(ProvisioningApi): only return verified additional mails per user #44341

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions apps/provisioning_api/lib/Controller/AUserData.php
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,9 @@ protected function getUserData(string $userId, bool $includeScopes = false): ?ar
$additionalEmails = $additionalEmailScopes = [];
$emailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL);
foreach ($emailCollection->getProperties() as $property) {
if ($property->getLocallyVerified() !== IAccountManager::VERIFIED) {
continue;
}
$additionalEmails[] = $property->getValue();
if ($includeScopes) {
$additionalEmailScopes[] = $property->getScope();
Expand Down
5 changes: 5 additions & 0 deletions apps/testing/appinfo/routes.php
Original file line number Diff line number Diff line change
Expand Up @@ -63,5 +63,10 @@
'type' => null
]
],
[
'name' => 'MailVerificationTest',
'url' => '/api/v1/mailverification',
'verb' => 'POST',
]
],
];
35 changes: 35 additions & 0 deletions apps/testing/lib/Controller/MailVerificationTestController.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
<?php
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs SPDX headers


Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/

namespace OCA\Testing\Controller;

use InvalidArgumentException;
use OCP\Accounts\IAccountManager;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCSController;
use OCP\IRequest;
use OCP\IUser;
use OCP\IUserManager;

class MailVerificationTestController extends OCSController {
public function __construct(
$appName,

Check notice

Code scanning / Psalm

MissingParamType Note test

Parameter $appName has no provided type
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$appName,
string $appName,

IRequest $request,
protected IAccountManager $accountManager,
protected IUserManager $userManager,
) {
parent::__construct($appName, $request);
}

public function verify(string $userId, string $email): DataResponse {
$user = $this->userManager->get($userId);
$userAccount = $this->accountManager->getAccount($user);

Check notice

Code scanning / Psalm

PossiblyNullArgument Note test

Argument 1 of OCP\Accounts\IAccountManager::getAccount cannot be null, possibly null value provided
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$userAccount = $this->accountManager->getAccount($user);
if ($user === null) {
throw new InvalidArgumentException('User not available.');
}
$userAccount = $this->accountManager->getAccount($user);

$emailProperty = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL)
->getPropertyByValue($email);
if ($emailProperty === null) {
throw new InvalidArgumentException('Email not available in account.');
}
$emailProperty->setLocallyVerified(IAccountManager::VERIFIED);
return new DataResponse();
}
}
24 changes: 24 additions & 0 deletions build/integration/features/bootstrap/Provisioning.php
Original file line number Diff line number Diff line change
Expand Up @@ -980,4 +980,28 @@ public function userHasNotSetting($user, \Behat\Gherkin\Node\TableNode $settings
}
}
}

/**
* @Then user :user verifies email :email
*/
public function userVerifiesEmail(string $userId, string $email): void {
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/testing/api/v1/mailverification";
$client = new Client();
$options = [];
if ($this->currentUser === 'admin') {
$options['auth'] = $this->adminUser;
}

$options['form_params'] = [
'userid' => $userId,
'email' => $email,
];

$options['headers'] = [
'OCS-APIREQUEST' => 'true',
];

$this->response = $client->post($fullUrl, $options);
}
}

4 changes: 4 additions & 0 deletions build/integration/features/provisioning-v1.feature
Original file line number Diff line number Diff line change
Expand Up @@ -129,11 +129,13 @@ Feature: provisioning
| value | no.reply@nextcloud.com |
And the OCS status code should be "100"
And the HTTP status code should be "200"
And user "brand-new-user" verifies email "no.reply@nextcloud.com"
And sending "PUT" to "/cloud/users/brand-new-user" with
| key | additional_mail |
| value | noreply@nextcloud.com |
And the OCS status code should be "100"
And the HTTP status code should be "200"
And user "brand-new-user" verifies email "noreply@nextcloud.com"
And sending "PUT" to "/cloud/users/brand-new-user" with
| key | phone |
| value | +49 711 / 25 24 28-90 |
Expand Down Expand Up @@ -302,11 +304,13 @@ Feature: provisioning
| value | no.reply6@nextcloud.com |
And the OCS status code should be "100"
And the HTTP status code should be "200"
And user "brand-new-user" verifies email "no.reply6@nextcloud.com"
And sending "PUT" to "/cloud/users/brand-new-user" with
| key | additional_mail |
| value | noreply7@nextcloud.com |
And the OCS status code should be "100"
And the HTTP status code should be "200"
And user "brand-new-user" verifies email "no.reply7@nextcloud.com"
When sending "PUT" to "/cloud/users/brand-new-user/additional_mail" with
| key | no.reply6@nextcloud.com |
| value | |
Expand Down
Loading