diff --git a/developer_manual/app_publishing_maintenance/app_upgrade_guide/upgrade_to_31.rst b/developer_manual/app_publishing_maintenance/app_upgrade_guide/upgrade_to_31.rst index a9f62ee5ebc..839640347d8 100644 --- a/developer_manual/app_publishing_maintenance/app_upgrade_guide/upgrade_to_31.rst +++ b/developer_manual/app_publishing_maintenance/app_upgrade_guide/upgrade_to_31.rst @@ -113,6 +113,8 @@ Added APIs - New service ``OCP\RichObjectStrings\IRichTextFormatter`` to format rich text into parsed plain text using its ``richToParsed`` method. - New magic query parameter ``forceLanguage`` to force a specific language for a web request (API or frontend). See :ref:`Forcing language for a given call`. - The new WebDAV property ``nc:hide-download`` was added to indicate if download actions should be hidden for a shared file or folder. +- ``OCP\Security\PasswordContext`` was added, this allows defining a context for which a password should be used. + It is used by the ``GenerateSecurePasswordEvent`` and ``ValidatePasswordPolicyEvent`` allowing to apply different rules for different contexts. Changed APIs ^^^^^^^^^^^^ @@ -163,6 +165,8 @@ Changed APIs - ``OCP\Files\Storage::needsPartFile`` method was moved to interface ``OCP\Files\Storage\IStorage``. - The constructor was removed from interface ``OCP\Files\Storage\IStorage`` so that wrappers can use DI in their constructor. If your storage implementation is supposed to be built by calling the constructor, please implement the new interface ``OCP\Files\Storage\IConstructableStorage``. - ``OCP\IUser::getFirstLogin`` method was added to get first known login of a user. It will return a unix timestamp, or 0 if the user never logged in, or -1 if this data is not known (meaning the first login of this user was from before upgrading to 31). +- ``OCP\Security\GenerateSecurePasswordEvent`` and ``OCP\Security\ValidatePasswordPolicyEvent`` now have a ``getContext`` method returning the password context, + this allows to apply different rules for different contexts. Deprecated APIs ^^^^^^^^^^^^^^^ diff --git a/developer_manual/basics/_available_events_ocp.rst b/developer_manual/basics/_available_events_ocp.rst index e118b346075..8e7044b4653 100644 --- a/developer_manual/basics/_available_events_ocp.rst +++ b/developer_manual/basics/_available_events_ocp.rst @@ -651,7 +651,10 @@ that it is not possible to use the `disallowXYZ` functions. .. versionadded:: 18 -Event to request a secure password to be generated +Event to request a secure password to be generated. + +Since Nextcloud 31 this event also provides a ``getContext`` method +allowing to apply different rules for different password context like account passwords or share passwords. ``OCP\Security\Events\ValidatePasswordPolicyEvent`` *************************************************** @@ -662,6 +665,9 @@ This event can be emitted to request a validation of a password. If a password policy app is installed and the password is invalid, an `\OCP\HintException` will be thrown. +Since Nextcloud 31 this event also provides a ``getContext`` method +allowing to apply different rules for different password context like account passwords or share passwords. + ``OCP\Security\FeaturePolicy\AddFeaturePolicyEvent`` ****************************************************