-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
allow configuration of one single password per circle #926
Conversation
c62dd0b
to
969e88e
Compare
/backport to stable23 |
/backport to stable22 |
969e88e
to
8bcc6e1
Compare
d0470ba
to
6531cef
Compare
lib/Model/Circle.php
Outdated
// TODO: deprecated in NC27, remove those (17) lines that was needed to finalise migration to 24 | ||
// if password is not hashed (pre-22), hash it and update new settings in DB | ||
$curr = $this->get('password_single', $this->getSettings()); | ||
if (strlen($curr) > 1 && strlen($curr) < 64) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't this be strlen($cur) >= 1 && ...
? If a password could be strlen(2)
before, I suspect it might have been strlen(1)
as well? 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
true, who will use a 1-char password ? :)
@@ -290,21 +294,34 @@ public function updateConfig(string $circleId, int $config): array { | |||
* @throws RequestBuilderException | |||
* @throws UnknownRemoteException | |||
*/ | |||
public function updateName(string $circleId, string $name): array { | |||
public function updateSetting(string $circleId, string $setting, ?string $value): array { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm still not sure whether it's a good idea to allow any string as a settings key. Why not maintain a list of allowed settings and error out if users are trying to set an unsupported settings key?
As it is currently - and with only password_single
being hashed, I expect plaintext passwords to end up in the database due to typos by the users. E.g. when you do something like occ circles:manage:setting <circle_id> password_sigle my_secret_password
(note the typo in "sigle").
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am fine with it. 99% of the people will use the front-end to set those settings (with pre-defined keys)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, accidently approved despite having comments/questions. Changed to "comment" now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
again
6531cef
to
7bddf34
Compare
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
7bddf34
to
658615f
Compare
Managing circle's settings from the command line
Allow multiple configuration to use this feature (in order):
./occ config:app:set --value '1' circles enforce_password
./occ circles:manage:setting y8JczmViR3zZraCXhbpfR8v4x8s5A8c enforce_password true
Allow the use of a single password when sharing a new file to external members of a circle,
Allow the use of a single password when adding a new external member to a circle,
confirm behavior in globalscale env.
providing API and Feature Request for Contacts
filtering some setting before sending ocs data about circle
display settings from a
circleId
Add/Edit setting from a
circleId
Note: when setting the param
password_single
the clear password will be instantly be hashedRemote a setting from a
circleId