Allow users to choose a different email for notifications#28422
Merged
Allow users to choose a different email for notifications#28422
Conversation
6ede3a0 to
2e49000
Compare
4ae2959 to
51aefa3
Compare
Member
LukasReschke
left a comment
There was a problem hiding this comment.
Cool stuff and nice work 🎉
| throw new InvalidArgumentException('Logged in user is not mail address owner'); | ||
| } | ||
| $email = $this->crypto->decrypt($key); | ||
| $ref = \substr(hash('sha256', $email), 0, 8); |
Member
There was a problem hiding this comment.
Any specific reason we limit it to the first 8 chars here? :)
Member
Author
There was a problem hiding this comment.
I consider it sufficient to avoid collisions – this is just part of the configkey stored in the db and used to avoid collisions only. If you manage to craft a collision – mind it applies per user – you manage to overwrite a previously stored token. It could have a security implication, if you manage to create a token for a different user that fits the collision, and yet the payload still needs to be valid and pass the checks.
38a7645 to
c05a302
Compare
Member
|
/backport to stable22 |
This was referenced Sep 1, 2021
c05a302 to
1b7519f
Compare
1b7519f to
0c4dcdd
Compare
artonge
previously requested changes
Sep 7, 2021
apps/provisioning_api/lib/Controller/VerificationController.php
Outdated
Show resolved
Hide resolved
- to make it reusable - needed for local email verification Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
- mails added by (sub)admins are automatically verified - provisioning_api controller as verification endpoint - IAccountProperty gets a locallyVerified property - IPropertyCollection gets a method to fetch an IAccountProperty by value - an remove equivalent was already present - AccountManager always initiates mail verification on update if necessary - add core success template for arbitrary title and message Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
beb22ea to
8c3553f
Compare
8c3553f to
d378fc7
Compare
Pytal
reviewed
Sep 9, 2021
apps/provisioning_api/lib/Controller/VerificationController.php
Outdated
Show resolved
Hide resolved
d378fc7 to
763136a
Compare
- this is to avoid automatic confirmation by certain softwares that open links Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
- specific getters and setters on IUser and implementation - new notify_email field in provisioning API Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
- there will be times when it is necessary to reset this value for sure Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
skjnldsv
approved these changes
Sep 10, 2021
This was referenced Sep 10, 2021
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Getting and setting primary mail via provisioning API
curl -u $userid -X PUT -d 'key=notify_email' -d 'value=myname%40mydomain.com' -H 'OCS-APIRequest: true' https://my.nxt.cld/ocs/v2.php/cloud/users/$userid(mind the address must be added as additional email address and also be confirmed)
curl -u $userid -X GET -H 'OCS-APIRequest: true' https://nc.zara/master/ocs/v2.php/cloud/users/$userid