mirror of
https://github.com/nextcloud/server.git
synced 2026-06-10 09:13:19 -04:00
Add password input from env variable for occ user:{add, resetpassword}
This commit adds the --password-from-env switch to the `occ user:add` and `occ user:resetpassword` commands. When this parameter is given, Owncloud will use the password specified in environment variable OC_PASS. This is safer than using command line parameters, as those can be read by any process.
This commit is contained in:
Laurens Post
parent
691c353eed
commit
d9323ca1be
2 changed files with 54 additions and 22 deletions
|
|
@ -58,10 +58,10 @@ class Add extends Command {
|
|||
'User ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @)'
|
||||
)
|
||||
->addOption(
|
||||
'password',
|
||||
'p',
|
||||
InputOption::VALUE_OPTIONAL,
|
||||
''
|
||||
'password-from-env',
|
||||
null,
|
||||
InputOption::VALUE_NONE,
|
||||
'read password from environment variable OC_PASS'
|
||||
)
|
||||
->addOption(
|
||||
'display-name',
|
||||
|
|
@ -84,14 +84,33 @@ class Add extends Command {
|
|||
return;
|
||||
}
|
||||
|
||||
$password = $input->getOption('password');
|
||||
while (!$password) {
|
||||
$question = new Question('Please enter a non-empty password:');
|
||||
$question->setHidden(true);
|
||||
$question->setHiddenFallback(false);
|
||||
if ($input->getOption('password-from-env')) {
|
||||
$password = getenv('OC_PASS');
|
||||
if (!$password) {
|
||||
$output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>');
|
||||
return 1;
|
||||
}
|
||||
} elseif ($input->isInteractive()) {
|
||||
/** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */
|
||||
$dialog = $this->getHelperSet()->get('dialog');
|
||||
$password = $dialog->askHiddenResponse(
|
||||
$output,
|
||||
'<question>Enter password: </question>',
|
||||
false
|
||||
);
|
||||
$confirm = $dialog->askHiddenResponse(
|
||||
$output,
|
||||
'<question>Confirm password: </question>',
|
||||
false
|
||||
);
|
||||
|
||||
$helper = $this->getHelper('question');
|
||||
$password = $helper->ask($input, $output, $question);
|
||||
if ($password !== $confirm) {
|
||||
$output->writeln("<error>Passwords did not match!</error>");
|
||||
return 1;
|
||||
}
|
||||
} else {
|
||||
$output->writeln("<error>Interactive input or --password-from-env is needed for entering a password!</error>");
|
||||
return 1;
|
||||
}
|
||||
|
||||
$user = $this->userManager->createUser(
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ namespace OC\Core\Command\User;
|
|||
use Symfony\Component\Console\Command\Command;
|
||||
use Symfony\Component\Console\Input\InputInterface;
|
||||
use Symfony\Component\Console\Input\InputArgument;
|
||||
use Symfony\Component\Console\Input\InputOption;
|
||||
use Symfony\Component\Console\Output\OutputInterface;
|
||||
|
||||
class ResetPassword extends Command {
|
||||
|
|
@ -47,6 +48,12 @@ class ResetPassword extends Command {
|
|||
InputArgument::REQUIRED,
|
||||
'Username to reset password'
|
||||
)
|
||||
->addOption(
|
||||
'password-from-env',
|
||||
null,
|
||||
InputOption::VALUE_NONE,
|
||||
'read password from environment variable OC_PASS'
|
||||
)
|
||||
;
|
||||
}
|
||||
|
||||
|
|
@ -60,7 +67,13 @@ class ResetPassword extends Command {
|
|||
return 1;
|
||||
}
|
||||
|
||||
if ($input->isInteractive()) {
|
||||
if ($input->getOption('password-from-env')) {
|
||||
$password = getenv('OC_PASS');
|
||||
if (!$password) {
|
||||
$output->writeln('<error>--password-from-env given, but OC_PASS is empty!</error>');
|
||||
return 1;
|
||||
}
|
||||
} elseif ($input->isInteractive()) {
|
||||
/** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */
|
||||
$dialog = $this->getHelperSet()->get('dialog');
|
||||
|
||||
|
|
@ -84,20 +97,20 @@ class ResetPassword extends Command {
|
|||
false
|
||||
);
|
||||
|
||||
if ($password === $confirm) {
|
||||
$success = $user->setPassword($password);
|
||||
if ($success) {
|
||||
$output->writeln("<info>Successfully reset password for " . $username . "</info>");
|
||||
} else {
|
||||
$output->writeln("<error>Error while resetting password!</error>");
|
||||
return 1;
|
||||
}
|
||||
} else {
|
||||
if ($password !== $confirm) {
|
||||
$output->writeln("<error>Passwords did not match!</error>");
|
||||
return 1;
|
||||
}
|
||||
} else {
|
||||
$output->writeln("<error>Interactive input is needed for entering a new password!</error>");
|
||||
$output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>");
|
||||
return 1;
|
||||
}
|
||||
|
||||
$success = $user->setPassword($password);
|
||||
if ($success) {
|
||||
$output->writeln("<info>Successfully reset password for " . $username . "</info>");
|
||||
} else {
|
||||
$output->writeln("<error>Error while resetting password!</error>");
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue