Skip to content

feat(occ): allow admins to clear account passwords#58042

Merged
leftybournes merged 1 commit intomasterfrom
feat/clear_password
Feb 26, 2026
Merged

feat(occ): allow admins to clear account passwords#58042
leftybournes merged 1 commit intomasterfrom
feat/clear_password

Conversation

@leftybournes
Copy link
Member

@leftybournes leftybournes commented Feb 4, 2026
edited
Loading

Summary

This adds the --no-password option to occ user:resetpassword to allow admins to clear users' passwords through the command line.

Checklist

@leftybournes leftybournes added 3. to review Waiting for reviews feature: occ pending documentation This pull request needs an associated documentation update labels Feb 19, 2026
@leftybournes leftybournes added this to the Nextcloud 34 milestone Feb 19, 2026
@leftybournes leftybournes marked this pull request as ready for review February 19, 2026 06:01
@leftybournes leftybournes requested a review from a team as a code owner February 19, 2026 06:01
@leftybournes leftybournes requested review from Altahrim, ArtificialOwl, come-nc and salmart-dev and removed request for a team February 19, 2026 06:01
provokateurin
provokateurin reviewed Feb 19, 2026
View reviewed changes
Copy link
Member

@provokateurin provokateurin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but what happens if a user has no password set?

@leftybournes
Copy link
Member Author

leftybournes commented Feb 19, 2026
edited
Loading

LGTM, but what happens if a user has no password set?

Good point. I should add a check for that.

Edit: Answer: It unconditionally sets it to a blank string, and the password field gets a hash.

@leftybournes
Copy link
Member Author

leftybournes commented Feb 20, 2026

LGTM, but what happens if a user has no password set?

So it seems like server is designed to generate a random password anyway if only an e-mail address is given when creating a user. I wonder if it's better to add a confirmation question and just empty the password regardless when confirmed.

@leftybournes
feat(occ): allow admins to clear account passwords
711bd2b 
Signed-off-by: Kent Delante <kent.delante@proton.me>
@leftybournes leftybournes merged commit 09c9241 into master Feb 26, 2026
192 of 201 checks passed
@leftybournes leftybournes deleted the feat/clear_password branch February 26, 2026 12:29
@leftybournes leftybournes mentioned this pull request Feb 27, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@susnux susnux susnux approved these changes

@sorbaugh sorbaugh sorbaugh approved these changes

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl is a code owner automatically assigned from nextcloud/server-backend

@Altahrim Altahrim Awaiting requested review from Altahrim Altahrim is a code owner automatically assigned from nextcloud/server-backend

@salmart-dev salmart-dev Awaiting requested review from salmart-dev salmart-dev is a code owner automatically assigned from nextcloud/server-backend

@come-nc come-nc Awaiting requested review from come-nc come-nc is a code owner automatically assigned from nextcloud/server-backend

@provokateurin provokateurin Awaiting requested review from provokateurin

Assignees

No one assigned

Labels

3. to review Waiting for reviews feature: occ pending documentation This pull request needs an associated documentation update

Projects

None yet

Milestone

Nextcloud 34

Development

Successfully merging this pull request may close these issues.

4 participants

@leftybournes @susnux @provokateurin @sorbaugh