allow admin to enforce password on mail shares

[schiessle]

Allow the admin to enforce passwords on share by mails.

That's my conclusion out if this discussion for now: #2357 (comment)

Possible scenarios and the corresponding workflow

Scenario 1:

Admin checks the "enforce password" in the mail share settings, everything else stays the default:

• The user creates a share
• We create a random password on the server and set it for the share
• We send out the share
• We send out a separate mail with the random password to the recipient

Users can change the password at any time but they can't disable it. Changing the password will trigger a new mail to the recipient with the new password.

Scenario 2

Admin checks "enforce password" in the mail share settings and disables the password mail:

• The user creates a share
• We create a random password on the server and set it for the share
• We send out the share
• We send a mail to the user who just created the share. Tell him that according to the security policy on his server all shares needs to be password protected and tell him the auto-generated password. Now it is the job of the user to get the password to the recipient.

Users can change the password at any time but they can't disable it, no additional mail will be send.

Scenario 3

Admin checks "enforce password" in the mail share settings, disables the password mail and the user who creates the share has no email address (really unlikely combination but it can still happen):

• The user creates a share
• operation fails, and the user gets a warning that according to the security policy on the server he needs a valid email address to create a mail share. He should set one in the personal settings and try again.

I like the workflow, especially in scenario 1 which is probably ~70% or all use cases, maybe 29% will have a setup as in scenario 2 which I think works still quite well and probably around 1% will be confronted with scenario 3. In this rare case you could even argue that it is good to remember people to set a valid email address because they will also need it in case they lose their password or for other tasks.

Reviews? Opinions?

Note: that I don't have a lot of extra time I can put into this feature. Complete re-designs are out-of-scope for now. Either we take this one with small adjustments or nothing for Nc12 (at least nothing I implement 😉 )

cc @rullzer @MorrisJobke @jancborchardt

[mention-bot]

@schiessle, thanks for your PR! By analyzing the history of the files in this pull request, we identified @rullzer, @blizzz and @ChristophWurst to be potential reviewers.

[ChristophWurst]

I would prefer to let the DI container build the object if possible and use it like OC::$server->query(SettingsManager::class).

[schiessle]

done

[ChristophWurst]

conflicting

[schiessle]

I just did a rebase and resolved the merge conflicts but couldn't test it afterwards. Hope that nothing breaks... Will test tomorrow.

...Tested everything still works 😃

[codecov-io]

Codecov Report

❗ No coverage uploaded for pull request base (master@140580f). Click here to learn what that means.
The diff coverage is 31.25%.

@@            Coverage Diff            @@
##             master    #4303   +/-   ##
=========================================
  Coverage          ?   54.15%           
  Complexity        ?    21629           
=========================================
  Files             ?     1327           
  Lines             ?    82710           
  Branches          ?     1305           
=========================================
  Hits              ?    44790           
  Misses            ?    37920           
  Partials          ?        0

Impacted Files	Coverage Δ	Complexity Δ
core/js/sharedialogshareelistview.js	43.92% <ø> (ø)	0 <0> (?)
core/js/shareconfigmodel.js	69.56% <ø> (ø)	0 <0> (?)
apps/sharebymail/lib/Settings/SettingsManager.php	25% <0%> (ø)	3 <1> (?)
apps/sharebymail/lib/AppInfo/Application.php	0% <0%> (ø)	1 <0> (?)
apps/sharebymail/lib/Activity.php	0% <0%> (ø)	31 <0> (?)
apps/sharebymail/lib/Settings/Admin.php	0% <0%> (ø)	4 <0> (?)
apps/sharebymail/templates/settings-admin.php	0% <0%> (ø)	0 <0> (?)
lib/private/Share20/ProviderFactory.php	84.61% <100%> (ø)	29 <0> (?)
apps/sharebymail/lib/Settings.php	100% <100%> (ø)	3 <2> (?)
apps/sharebymail/tests/ShareByMailProviderTest.php	93.08% <100%> (ø)	27 <0> (?)
... and 2 more

[MorrisJobke]

@schiessle Could you please fix the emails, thanks :)

[schiessle]

changed to new mail template... please review. Thanks!

[supremesyntax]

I have checked out the branch and tested it a minute ago. Looks good to me great work!
Is it possible to create a activity for the password mail? (Just a nice to have)

Though i can't see anything in admin>Security section - just a blank page. Does anyone else have this problem for this branch?

EDIT: seems to be related to master...

[MorrisJobke]

Though i can't see anything in admin>Security section - just a blank page. Does anyone else have this problem for this branch?

You need the bruteforcesettings app cloned in you apps folder. It is shipped in the release tar ball and automatically enabled. ;)

[supremesyntax]

@MorrisJobke Thanks for the hint :D I can't find the password policy settings, thought they might have been shifted from additional settings to security but i was wrong... do i need some other apps enabled? Have these settings been removed for NC12?
Right now the auto-generated password is 8 chars upper-/lower-case but i have advanced requirements.

[schiessle]

You need the bruteforcesettings app cloned in you apps folder. It is shipped in the release tar ball and automatically enabled. ;)

But of course we shouldn't show a empty security section, even if the app is shipped and enabled by default. Admins can disable it at any time. @supremesyntax can you create a separate issue for it? Thank.

[schiessle]

@rullzer @MorrisJobke @nickvergessen @ChristophWurst can we please do a final review and get this in? I don't want to rebase, adjust the code and test it over and over again (which will happen again once #4384 is merged)

Thanks a lot! 😃

[MorrisJobke]

@rullzer @MorrisJobke @nickvergessen @ChristophWurst can we please do a final review and get this in? I don't want to rebase, adjust the code and test it over and over again (which will happen again once #4384 is merged)

Don't worry - I fixed it for you 😉 Let me test it now.

[MorrisJobke]

Rebased, fixed a typo, and tested 👍 Works

[supremesyntax]

Could somebody please answer my question? Maybe y'all overlooked it 😄
I want to test if the auto-generated password respects the password policy...

I can't find the password policy settings, thought they might have been shifted from additional settings to security but i was wrong... do i need some other apps enabled? Have these settings been removed for NC12?

[rullzer]

@supremesyntax if you have the password policy app enabled they should show up (in 12 they will be moved to the security settings btw).

[rullzer]

Ok lets do this!

[schiessle]

@supremesyntax it will, but only with the password policy app we will release together with Nextcloud 12, the current version in Nextcloud 11 doesn't expose the policy to other apps.