Add api to register setup checks

Signed-off-by: Carl Schwan <[email protected]>
nextcloud · come-nc · Oct 19, 2023 · May 23, 2022 · May 30, 2022 · Sep 28, 2023
commit eb1d612d961b562e744b8c6d8d361075b6daad55
@@ -65,6 +65,7 @@
 		['name' => 'LogSettings#setLogLevel', 'url' => '/settings/admin/log/level', 'verb' => 'POST' , 'root' => ''],
 		['name' => 'LogSettings#getEntries', 'url' => '/settings/admin/log/entries', 'verb' => 'GET' , 'root' => ''],
 		['name' => 'LogSettings#download', 'url' => '/settings/admin/log/download', 'verb' => 'GET' , 'root' => ''],
+		['name' => 'CheckSetup#setupCheckManager', 'url' => '/settings/setupcheck', 'verb' => 'GET' , 'root' => ''],
 		['name' => 'CheckSetup#check', 'url' => '/settings/ajax/checksetup', 'verb' => 'GET' , 'root' => ''],
 		['name' => 'CheckSetup#getFailedIntegrityCheckFiles', 'url' => '/settings/integrity/failed', 'verb' => 'GET' , 'root' => ''],
 		['name' => 'CheckSetup#rescanFailedIntegrityCheck', 'url' => '/settings/integrity/rescan', 'verb' => 'GET' , 'root' => ''],

@@ -48,6 +48,7 @@
 use OCA\Settings\Search\AppSearch;
 use OCA\Settings\Search\SectionSearch;
 use OCA\Settings\Search\UserSearch;
+use OCA\Settings\SetupChecks\CheckUserCertificates;
 use OCA\Settings\UserMigration\AccountMigrator;
 use OCA\Settings\WellKnown\ChangePasswordHandler;
 use OCA\Settings\WellKnown\SecurityTxtHandler;
@@ -137,6 +138,7 @@ public function register(IRegistrationContext $context): void {
 				Util::getDefaultEmailAddress('no-reply')
 			);
 		});
+		$context->registerSetupCheck(CheckUserCertificates::class);
 
 		$context->registerUserMigrator(AccountMigrator::class);
 	}

@@ -135,6 +135,7 @@ class CheckSetupController extends Controller {
 	private $appManager;
 	/** @var IServerContainer */
 	private $serverContainer;
+	private OC\SetupCheck\SetupCheckManager $setupCheckManager;
 
 	public function __construct($AppName,
 								IRequest $request,
@@ -156,7 +157,8 @@ public function __construct($AppName,
 								ITempManager $tempManager,
 								IManager $manager,
 								IAppManager $appManager,
-								IServerContainer $serverContainer
+								IServerContainer $serverContainer,
+								OC\SetupCheck\SetupCheckManager $setupCheckManager
 	) {
 		parent::__construct($AppName, $request);
 		$this->config = $config;
@@ -178,6 +180,16 @@ public function __construct($AppName,
 		$this->manager = $manager;
 		$this->appManager = $appManager;
 		$this->serverContainer = $serverContainer;
+		$this->setupCheckManager = $setupCheckManager;
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @return DataResponse
+	 */
+	public function setupCheckManager(): DataResponse {
+		return new DataResponse($this->setupCheckManager->runAll());
 	}
 
 	/**
@@ -909,7 +921,7 @@ public function check() {
 		$phpDefaultCharset = new PhpDefaultCharset();
 		$phpOutputBuffering = new PhpOutputBuffering();
 		$legacySSEKeyFormat = new LegacySSEKeyFormat($this->l10n, $this->config, $this->urlGenerator);
-		$checkUserCertificates = new CheckUserCertificates($this->l10n, $this->config, $this->urlGenerator);
+		//$checkUserCertificates = new CheckUserCertificates($this->l10n, $this->config, $this->urlGenerator);
 		$supportedDatabases = new SupportedDatabase($this->l10n, $this->connection);
 		$ldapInvalidUuids = new LdapInvalidUuids($this->appManager, $this->l10n, $this->serverContainer);
 		$needsSystemAddressBookSync = new NeedsSystemAddressBookSync($this->config, $this->l10n);
@@ -963,7 +975,7 @@ public function check() {
 				PhpDefaultCharset::class => ['pass' => $phpDefaultCharset->run(), 'description' => $phpDefaultCharset->description(), 'severity' => $phpDefaultCharset->severity()],
 				PhpOutputBuffering::class => ['pass' => $phpOutputBuffering->run(), 'description' => $phpOutputBuffering->description(), 'severity' => $phpOutputBuffering->severity()],
 				LegacySSEKeyFormat::class => ['pass' => $legacySSEKeyFormat->run(), 'description' => $legacySSEKeyFormat->description(), 'severity' => $legacySSEKeyFormat->severity(), 'linkToDocumentation' => $legacySSEKeyFormat->linkToDocumentation()],
-				CheckUserCertificates::class => ['pass' => $checkUserCertificates->run(), 'description' => $checkUserCertificates->description(), 'severity' => $checkUserCertificates->severity(), 'elements' => $checkUserCertificates->elements()],
+				//CheckUserCertificates::class => ['pass' => $checkUserCertificates->run(), 'description' => $checkUserCertificates->description(), 'severity' => $checkUserCertificates->severity(), 'elements' => $checkUserCertificates->elements()],
 				'isDefaultPhoneRegionSet' => $this->config->getSystemValueString('default_phone_region', '') !== '',
 				SupportedDatabase::class => ['pass' => $supportedDatabases->run(), 'description' => $supportedDatabases->description(), 'severity' => $supportedDatabases->severity()],
 				'temporaryDirectoryWritable' => $this->isTemporaryDirectoryWritable(),

@@ -4,6 +4,7 @@
 
 /**
  * @copyright Copyright (c) 2020 Morris Jobke <[email protected]>
+ * @copyright Copyright (c) 2022 Carl Schwan <[email protected]>
  *
  * @author Morris Jobke <[email protected]>
  *
@@ -27,50 +28,35 @@
 
 use OCP\IConfig;
 use OCP\IL10N;
-use OCP\IURLGenerator;
+use OCP\SetupCheck\ISetupCheck;
+use OCP\SetupCheck\SetupResult;
 
-class CheckUserCertificates {
-	/** @var IL10N */
-	private $l10n;
-	/** @var string */
-	private $configValue;
-	/** @var IURLGenerator */
-	private $urlGenerator;
+class CheckUserCertificates implements ISetupCheck {
+	private IL10N $l10n;
+	private string $configValue;
 
-	public function __construct(IL10N $l10n, IConfig $config, IURLGenerator $urlGenerator) {
+	public function __construct(IL10N $l10n, IConfig $config) {
 		$this->l10n = $l10n;
 		$configValue = $config->getAppValue('files_external', 'user_certificate_scan', '');
 		$this->configValue = $configValue;
-		$this->urlGenerator = $urlGenerator;
 	}
 
-	public function description(): string {
-		if ($this->configValue === '') {
-			return '';
-		}
-		if ($this->configValue === 'not-run-yet') {
-			return $this->l10n->t('A background job is pending that checks for user imported SSL certificates. Please check back later.');
-		}
-		return $this->l10n->t('There are some user imported SSL certificates present, that are not used anymore with Nextcloud 21. They can be imported on the command line via "occ security:certificates:import" command. Their paths inside the data directory are shown below.');
+	public function getCategory(): string {
+		return 'security';
 	}
 
-	public function severity(): string {
-		return 'warning';
+	public function getName(): string {
+		return $this->l10n->t('Checking for old user imported certificate');
 	}
 
-	public function run(): bool {
+	public function run(): SetupResult {
 		// all fine if neither "not-run-yet" nor a result
-		return $this->configValue === '';
-	}
-
-	public function elements(): array {
-		if ($this->configValue === '' || $this->configValue === 'not-run-yet') {
-			return [];
+		if ($this->configValue === '') {
+			return new SetupResult(SetupResult::SUCCESS);
 		}
-		$data = json_decode($this->configValue);
-		if (!is_array($data)) {
-			return [];
+		if ($this->configValue === 'not-run-yet') {
+			return new SetupResult(SetupResult::INFO, $this->l10n->t('A background job is pending that checks for user imported SSL certificates. Please check back later.'));
 		}
-		return $data;
+		return new SetupResult(SetupResult::ERROR, $this->l10n->t('There are some user imported SSL certificates present, that are not used anymore with Nextcloud 21. They can be imported on the command line via "occ security:certificates:import" command. Their paths inside the data directory are shown below.'));
 	}
 }
diff --git a/apps/settings/src/components/SetupCheck.vue b/apps/settings/src/components/SetupCheck.vue
@@ -0,0 +1,64 @@
+<template>
+	<SettingsSection :title="t('settings', 'Setup Checks')"
+		:description="t('settings', `It's important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the linked documentation for more information.`)">
+		<div v-for="(checks, category) in results"
+			:key="category"
+			class="card">
+			<div class="card__header">
+				<h3>{{ category }}</h3>
+			</div>
+			<div class="card__body">
+				<div v-for="(check, name) in checks" :key="name" class="check">
+					<template v-if="check.severity === 'success'">
+						<Check :size="20" :fill-color="'var(--color-success)'" />
+					</template>
+					{{ name }}
+				</div>
+			</div>
+		</div>
+	</SettingsSection>
+</template>
+
+<script>
+import SettingsSection from '@nextcloud/vue/dist/Components/SettingsSection'
+import axios from '@nextcloud/axios'
+import { generateUrl } from '@nextcloud/router'
+import Check from 'vue-material-design-icons/Check'
+
+export default {
+	name: 'SetupCheck',
+	components: {
+		SettingsSection,
+		Check,
+	},
+	data() {
+		return {
+			results: [],
+		}
+	},
+	mounted() {
+		this.loadSetupChecks()
+	},
+	methods: {
+		async loadSetupChecks() {
+			const { data } = await axios.get(generateUrl('/settings/setupcheck'))
+			console.debug(data)
+			this.results = data
+		},
+	},
+}
+</script>
+
+<style lang="scss" scoped>
+.card {
+	box-shadow: 0 4px 8px 0 rgba(var(--color-box-shadow-rgb), 0.4);
+	border-radius: var(--border-radius);
+	&__body, &__header {
+		padding: 4px 8px;
+	}
+	.check {
+		display: flex;
+		align-items: center;
+	}
+}
+</style>
diff --git a/apps/settings/src/main-admin-setup-check.js b/apps/settings/src/main-admin-setup-check.js
@@ -0,0 +1,43 @@
+/**
+ * @copyright 2022 Christopher Ng <[email protected]>
+ *
+ * @author Christopher Ng <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import Vue from 'vue'
+import { getRequestToken } from '@nextcloud/auth'
+import { translate as t } from '@nextcloud/l10n'
+
+import logger from './logger'
+
+import SetupCheck from './components/SetupCheck'
+
+__webpack_nonce__ = btoa(getRequestToken())
+
+Vue.mixin({
+	props: {
+		logger,
+	},
+	methods: {
+		t,
+	},
+})
+
+const SetupCheckView = Vue.extend(SetupCheck)
+new SetupCheckView().$mount('#vue-admin-setup-check')
diff --git a/apps/settings/templates/settings/admin/overview.php b/apps/settings/templates/settings/admin/overview.php
@@ -25,6 +25,7 @@
 /** @var array $_ */
 /** @var \OCP\Defaults $theme */
 
+\OCP\Util::addScript('settings', 'vue-settings-admin-setup-check');
 ?>
 
 <div id="security-warning" class="section">
@@ -66,6 +67,8 @@
 
 </div>
 
+<div id="vue-admin-setup-check"></div>
+
 <div id="version" class="section">
 	<!-- should be the last part, so Updater can follow if enabled (it has no heading therefore). -->
 	<h2><?php p($l->t('Version'));?></h2>

@@ -601,6 +601,8 @@
     'OCP\\Settings\\IManager' => $baseDir . '/lib/public/Settings/IManager.php',
     'OCP\\Settings\\ISettings' => $baseDir . '/lib/public/Settings/ISettings.php',
     'OCP\\Settings\\ISubAdminSettings' => $baseDir . '/lib/public/Settings/ISubAdminSettings.php',
+    'OCP\\SetupCheck\\ISetupCheck' => $baseDir . '/lib/public/SetupCheck/ISetupCheck.php',
+    'OCP\\SetupCheck\\SetupResult' => $baseDir . '/lib/public/SetupCheck/SetupResult.php',
     'OCP\\Share' => $baseDir . '/lib/public/Share.php',
     'OCP\\Share\\Events\\BeforeShareCreatedEvent' => $baseDir . '/lib/public/Share/Events/BeforeShareCreatedEvent.php',
     'OCP\\Share\\Events\\BeforeShareDeletedEvent' => $baseDir . '/lib/public/Share/Events/BeforeShareDeletedEvent.php',

@@ -634,6 +634,8 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OCP\\Settings\\IManager' => __DIR__ . '/../../..' . '/lib/public/Settings/IManager.php',
         'OCP\\Settings\\ISettings' => __DIR__ . '/../../..' . '/lib/public/Settings/ISettings.php',
         'OCP\\Settings\\ISubAdminSettings' => __DIR__ . '/../../..' . '/lib/public/Settings/ISubAdminSettings.php',
+        'OCP\\SetupCheck\\ISetupCheck' => __DIR__ . '/../../..' . '/lib/public/SetupCheck/ISetupCheck.php',
+        'OCP\\SetupCheck\\SetupResult' => __DIR__ . '/../../..' . '/lib/public/SetupCheck/SetupResult.php',
         'OCP\\Share' => __DIR__ . '/../../..' . '/lib/public/Share.php',
         'OCP\\Share\\Events\\BeforeShareCreatedEvent' => __DIR__ . '/../../..' . '/lib/public/Share/Events/BeforeShareCreatedEvent.php',
         'OCP\\Share\\Events\\BeforeShareDeletedEvent' => __DIR__ . '/../../..' . '/lib/public/Share/Events/BeforeShareDeletedEvent.php',

@@ -55,6 +55,7 @@
 use OCP\Notification\INotifier;
 use OCP\Profile\ILinkAction;
 use OCP\Search\IProvider;
+use OCP\SetupCheck\ISetupCheck;
 use OCP\Share\IPublicShareTemplateProvider;
 use OCP\Support\CrashReport\IReporter;
 use OCP\UserMigration\IMigrator as IUserMigrator;
@@ -143,11 +144,13 @@ class RegistrationContext {
 	/** @var ServiceRegistration<IPublicShareTemplateProvider>[] */
 	private $publicShareTemplateProviders = [];
 
-	/** @var LoggerInterface */
-	private $logger;
+	private LoggerInterface $logger;
+
+	/** @var ServiceRegistration<ISetupCheck>[] */
+	private array $setupChecks = [];
 
 	/** @var PreviewProviderRegistration[] */
-	private $previewProviders = [];
+	private array $previewProviders = [];
 
 	public function __construct(LoggerInterface $logger) {
 		$this->logger = $logger;
@@ -369,6 +372,13 @@ public function registerPublicShareTemplateProvider(string $class): void {
 					$class
 				);
 			}
+
+			public function registerSetupCheck(string $setupCheckClass): void {
+				$this->context->registerSetupCheck(
+					$this->appId,
+					$setupCheckClass
+				);
+			}
 		};
 	}
 
@@ -520,6 +530,13 @@ public function registerPublicShareTemplateProvider(string $appId, string $class
 		$this->publicShareTemplateProviders[] = new ServiceRegistration($appId, $class);
 	}
 
+	/**
+	 * @psalm-param class-string<ISetupCheck> $setupCheckClass
+	 */
+	public function registerSetupCheck(string $appId, string $setupCheckClass): void {
+		$this->setupChecks[] = new ServiceRegistration($appId, $setupCheckClass);
+	}
+
 	/**
 	 * @param App[] $apps
 	 */
@@ -822,4 +839,11 @@ public function getSensitiveMethods(): array {
 	public function getPublicShareTemplateProviders(): array {
 		return $this->publicShareTemplateProviders;
 	}
+
+	/**
+	 * @return ServiceRegistration<ISetupCheck>[]
+	 */
+	public function getSetupChecks(): array {
+		return $this->setupChecks;
+	}
 }
@@ -0,0 +1,31 @@
+<?php
+
+namespace OC\SetupCheck;
+
+use OC\AppFramework\Bootstrap\Coordinator;
+use OCP\Server;
+use OCP\SetupCheck\ISetupCheck;
+
+class SetupCheckManager {
+	private Coordinator $coordinator;
+
+	public function __construct(Coordinator $coordinator) {
+		$this->coordinator = $coordinator;
+	}
+
+	public function runAll(): array {
+		$results = [];
+		$setupChecks = $this->coordinator->getRegistrationContext()->getSetupChecks();
+		foreach ($setupChecks as $setupCheck) {
+			/** @var ISetupCheck $setupCheckObject */
+			$setupCheckObject = Server::get($setupCheck->getService());
+			$setupResult = $setupCheckObject->run();
+			$category = $setupCheckObject->getCategory();
+			if (!isset($results[$category])) {
+				$results[$category] = [];
+			}
+			$results[$category][$setupCheckObject->getName()] = $setupResult;
+		}
+		return $results;
+	}
+}