allow cron user to see more user details (#3595)

allow cron user to see more user details

lib/AppConstants.php

@@ -15,4 +15,7 @@ abstract class AppConstants {
 	public const CLIENT_ID = 'ncPollsClientId';
 	/** @var string */
 	public const CLIENT_TZ = 'ncPollsClientTimeZone';
+	/** @var string */
+	public const SESSION_KEY_CRON_JOB = 'ncPollsCronJob';
+
 }

lib/Cron/AutoReminderCron.php

@@ -8,9 +8,11 @@
 
 namespace OCA\Polls\Cron;
 
+use OCA\Polls\AppConstants;
 use OCA\Polls\Service\MailService;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\BackgroundJob\TimedJob;
+use OCP\ISession;
 
 /**
  * @psalm-api
@@ -19,6 +21,7 @@ class AutoReminderCron extends TimedJob {
 	public function __construct(
 		protected ITimeFactory $time,
 		private MailService $mailService,
+		private ISession $session,
 	) {
 		parent::__construct($time);
 		parent::setInterval(30); // run every 30 minutes
@@ -29,7 +32,9 @@ public function __construct(
 	 * @return void
 	 */
 	protected function run($argument) {
+		$this->session->set(AppConstants::SESSION_KEY_CRON_JOB, true);
 		$this->mailService->sendAutoReminder();
+		$this->session->remove(AppConstants::SESSION_KEY_CRON_JOB);
 	}
 
 	public function manuallyRun(): string {

lib/Cron/GroupDeletedJob.php

@@ -8,11 +8,12 @@
 
 namespace OCA\Polls\Cron;
 
+use OCA\Polls\AppConstants;
 use OCA\Polls\Db\Share;
 use OCA\Polls\Db\ShareMapper;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\BackgroundJob\QueuedJob;
-
+use OCP\ISession;
 use Psr\Log\LoggerInterface;
 
 class GroupDeletedJob extends QueuedJob {
@@ -23,6 +24,7 @@ public function __construct(
 		private ShareMapper $shareMapper,
 		protected ITimeFactory $time,
 		private LoggerInterface $logger,
+		private ISession $session,
 	) {
 		parent::__construct($time);
 	}
@@ -32,11 +34,13 @@ public function __construct(
 	 * @return void
 	 */
 	protected function run($argument) {
+		$this->session->set(AppConstants::SESSION_KEY_CRON_JOB, true);
 		$group = $argument['group'];
 		$this->logger->info('Removing group shares for deleted group {group}', [
 			'group' => $group
 		]);
 
 		$this->shareMapper->deleteByIdAndType($group, Share::TYPE_GROUP);
+		$this->session->remove(AppConstants::SESSION_KEY_CRON_JOB);
 	}
 }

lib/Cron/JanitorCron.php

@@ -8,6 +8,7 @@
 
 namespace OCA\Polls\Cron;
 
+use OCA\Polls\AppConstants;
 use OCA\Polls\Db\CommentMapper;
 use OCA\Polls\Db\LogMapper;
 use OCA\Polls\Db\OptionMapper;
@@ -17,6 +18,7 @@
 use OCA\Polls\Model\Settings\AppSettings;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\BackgroundJob\TimedJob;
+use OCP\ISession;
 use OCP\Server;
 
 /**
@@ -33,6 +35,7 @@ public function __construct(
 		private CommentMapper $commentMapper,
 		private OptionMapper $optionMapper,
 		private ShareMapper $shareMapper,
+		private ISession $session,
 	) {
 		parent::__construct($time);
 		parent::setInterval(86400); // run once a day
@@ -44,6 +47,7 @@ public function __construct(
 	 * @return void
 	 */
 	protected function run($argument) {
+		$this->session->set(AppConstants::SESSION_KEY_CRON_JOB, true);
 		// delete processed log entries
 		$this->logMapper->deleteProcessedEntries();
 
@@ -64,7 +68,9 @@ protected function run($argument) {
 				time() - ($this->appSettings->getAutoarchiveOffset() * 86400)
 			);
 		}
+		$this->session->remove(AppConstants::SESSION_KEY_CRON_JOB);
 	}
+
 	public function manuallyRun(): string {
 		$this->run(null);
 		return 'JanitorCron manually run.';

lib/Cron/NotificationCron.php

@@ -8,17 +8,20 @@
 
 namespace OCA\Polls\Cron;
 
+use OCA\Polls\AppConstants;
 use OCA\Polls\Service\MailService;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\BackgroundJob\TimedJob;
+use OCP\ISession;
 
 /**
  * @psalm-api
  */
 class NotificationCron extends TimedJob {
 	public function __construct(
 		protected ITimeFactory $time,
-		private MailService $mailService
+		private MailService $mailService,
+		private ISession $session,
 	) {
 		parent::__construct($time);
 		parent::setInterval(5); // run every 5 minutes
@@ -29,7 +32,9 @@ public function __construct(
 	 * @return void
 	 */
 	protected function run($argument) {
+		$this->session->set(AppConstants::SESSION_KEY_CRON_JOB, true);
 		$this->mailService->sendNotifications();
+		$this->session->remove(AppConstants::SESSION_KEY_CRON_JOB);
 	}
 
 	public function manuallyRun(): string {

lib/Cron/UserDeletedJob.php

@@ -8,6 +8,7 @@
 
 namespace OCA\Polls\Cron;
 
+use OCA\Polls\AppConstants;
 use OCA\Polls\Db\CommentMapper;
 use OCA\Polls\Db\LogMapper;
 use OCA\Polls\Db\OptionMapper;
@@ -20,6 +21,7 @@
 use OCA\Polls\Db\VoteMapper;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\BackgroundJob\QueuedJob;
+use OCP\ISession;
 use OCP\Security\ISecureRandom;
 use Psr\Log\LoggerInterface;
 
@@ -39,6 +41,7 @@ public function __construct(
 		private ShareMapper $shareMapper,
 		private SubscriptionMapper $subscriptionMapper,
 		private VoteMapper $voteMapper,
+		private ISession $session,
 	) {
 		parent::__construct($time);
 	}
@@ -48,6 +51,7 @@ public function __construct(
 	 * @return void
 	 */
 	protected function run($argument) {
+		$this->session->set(AppConstants::SESSION_KEY_CRON_JOB, true);
 		$userId = $argument['userId'];
 		$this->logger->info('Deleting polls for deleted user id {user}', [
 			'user' => $userId
@@ -68,5 +72,6 @@ protected function run($argument) {
 		$this->commentMapper->renameUserId($userId, $replacementName);
 		$this->optionMapper->renameUserId($userId, $replacementName);
 		$this->voteMapper->renameUserId($userId, $replacementName);
+		$this->session->remove(AppConstants::SESSION_KEY_CRON_JOB);
 	}
 }

lib/Model/User/Cron.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2021 Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Polls\Model\User;
+
+use OCA\Polls\Model\UserBase;
+
+class Cron extends UserBase {
+	public const TYPE = 'cron';
+
+	public function __construct() {
+		parent::__construct('SYSTEM_CRON_USER', self::TYPE);
+	}
+
+	public function getDisplayName(): string {
+		return 'Cron Job User';
+	}
+
+	public function getIsSystemUser(): bool {
+		return true;
+	}
+
+}

lib/Model/UserBase.php

@@ -18,6 +18,7 @@
 use OCA\Polls\Model\Settings\AppSettings;
 use OCA\Polls\Model\User\Admin;
 use OCA\Polls\Model\User\Contact;
+use OCA\Polls\Model\User\Cron;
 use OCA\Polls\Model\User\Email;
 use OCA\Polls\Model\User\Ghost;
 use OCA\Polls\Model\User\User;
@@ -46,6 +47,7 @@ class UserBase implements JsonSerializable {
 	public const TYPE_GROUP = Group::TYPE;
 	public const TYPE_USER = User::TYPE;
 	public const TYPE_ADMIN = Admin::TYPE;
+	public const TYPE_CRON = Cron::TYPE;
 
 	/** @var string[] */
 	protected array $categories = [];
@@ -354,6 +356,11 @@ protected function getSimpleUserArray(): array {
 	 * returns the safe id to avoid leaking the userId
 	 */
 	public function getSafeId(): string {
+		// return real userId for cron jobs
+		if ($this->userSession->getUser()->getIsSystemUser()) {
+			return $this->getId();
+		}
+
 		// always return real userId for the current user
 		if ($this->getIsCurrentUser()) {
 			return $this->getId();
@@ -386,6 +393,16 @@ public function getSafeDisplayName(): string {
 
 	// Function for obfuscating mail adresses; Default return the email address
 	public function getSafeEmailAddress(): string {
+		// return real email address for cron jobs
+		if ($this->userSession->getUser()->getIsSystemUser()) {
+			return $this->getEmailAddress();
+		}
+
+		// always return real email address for the current user
+		if ($this->getIsCurrentUser()) {
+			return $this->getEmailAddress();
+		}
+
 		if ($this->anonymizeLevel === EntityWithUser::ANON_FULL) {
 			return '';
 		}
@@ -409,19 +426,29 @@ public function getIsAdmin(): bool {
 		return $this->groupManager->isAdmin($this->getId());
 	}
 
+	public function getIsSystemUser(): bool {
+		return $this->groupManager->isAdmin($this->getId());
+	}
+
 	public function getIsInGroup(string $groupName): bool {
 		return $this->groupManager->isInGroup($this->getId(), $groupName);
 	}
 
 	/**
-	 * returns the safe id to avoid leaking thereal user type
+	 * returns the safe id to avoid leaking the real user type
 	 */
 	public function getSafeType(): string {
-		// always return real userId for the current user
+		// return real type for cron jobs
+		if ($this->userSession->getUser()->getIsSystemUser()) {
+			return $this->getType();
+		}
+
+		// always return real type for the current user
 		if ($this->getIsCurrentUser()) {
 			return $this->getType();
 		}
 
+		// return hashed userId, if fully anonimized
 		if ($this->anonymizeLevel === EntityWithUser::ANON_FULL) {
 			return self::TYPE_ANON;
 		}

lib/Service/MailService.php

@@ -267,8 +267,9 @@ private function sendAutoReminderToRecipients(Share $share, Poll $poll): void {
 
 			try {
 				$reminder->send();
+				$this->logger->info('Reminder for poll id ' . $poll->getId() . ' sent to ' . json_encode($recipient));
 			} catch (InvalidEmailAddress $e) {
-				$this->logger->warning('Invalid or no email address for reminder: ' . json_encode($share));
+				$this->logger->warning('Invalid or missing email address for sending out reminder for poll id ' . $poll->getid() . ' to share id ' . $share->getId());
 			} catch (\Exception $e) {
 				$this->logger->error('Error sending reminder to ' . json_encode($share));
 			}

lib/UserSession.php

@@ -11,11 +11,14 @@
 use OCA\Polls\Db\Share;
 use OCA\Polls\Db\ShareMapper;
 use OCA\Polls\Db\UserMapper;
+use OCA\Polls\Model\User\Cron;
 use OCA\Polls\Model\UserBase;
 use OCP\ISession;
 use OCP\IUserSession;
 
 class UserSession {
+	/** @var string */
+	public const SESSION_KEY_CRON_JOB = AppConstants::SESSION_KEY_CRON_JOB;
 	/** @var string */
 	public const SESSION_KEY_USER_ID = 'ncPollsUserId';
 	/** @var string */
@@ -57,6 +60,8 @@ public function getUser(): UserBase {
 
 			if ($this->getIsLoggedIn()) {
 				$this->currentUser = $this->userMapper->getUserFromUserBase((string) $this->userSession->getUser()?->getUID());
+			} elseif ($this->session->get(self::SESSION_KEY_CRON_JOB)) {
+				$this->currentUser = new Cron();
 			} else {
 				$this->currentUser = $this->userMapper->getUserFromShareToken($this->getShareToken());
 			}