From 28ab1f2d07383eeaa05117a3132645dd55200540 Mon Sep 17 00:00:00 2001
From: fboissadier <florent.boissadier@wanadoo.fr>
Date: Tue, 21 Jan 2025 00:49:41 +0100
Subject: [PATCH] Delete duplicated in core_sys_info.py: - imports -
 users_info(), pasword_policy(), password_expiry() --> now in core_user.py
 Move password_confirm() from core_sys_info.py to core_user.py Update
 README.md Update requirements.txt --> Added cryptography module

---
 README.md                     |  26 +++++++--------
 requirements.txt              | Bin 51 -> 138 bytes
 synology_api/core_sys_info.py |  59 ----------------------------------
 synology_api/core_user.py     |  38 +++++++++++++++++++++-
 4 files changed, 49 insertions(+), 74 deletions(-)

diff --git a/README.md b/README.md
index 04ecbe5..f52d011 100644
--- a/README.md
+++ b/README.md
@@ -272,6 +272,7 @@ This wrapper cover the following APIs for now:
 | SYNO.Core.User.Group          |
 | SYNO.Core.User.PasswordPolicy |
 | SYNO.Core.User.PasswordExpiry |
+| SYNO.Core.User.PasswordConfirm|
 
 | Snapshot Replication     |
 |--------------------------|
@@ -538,10 +539,6 @@ DS info with below functions:
 | `ws_transfer_info()`              |
 | `ref_link_copy_info()`            |
 | `bonjour_service_info()`          |
-| `users_info()`                    |
-| `password_policy()`               |
-| `password_expiry()`               |
-| `password_confirm()`              |
 | `personal_photo_enable()`         |
 | `ftp_chroot_user()`               |
 | `server_pair()`                   |
@@ -594,16 +591,17 @@ DS info with below functions:
 ### core_user (DSM User Settings)
 | Functions                  | Description                                                     |
 |----------------------------|-----------------------------------------------------------------|
-| `get_users()`             | Retrieve groups information                                                  |
-| `create_user()`              | Create a new user                                               |
-| `modify_user()`        | Modify a user                                    |
-| `delete_user()`              | Delete a user                                         |
-| `affect_groups()`       | Affect or disaffect groups to a user                                 |
-| `affect_groups_status()`         | Get the status of a join task                                     |
-| `get_password_policy()`  | Get the password policy                                     |
-| `set_password_policy()`        | Set the password policy                                         |
-| `get_password_expiry()`        | Get the password expiry                                   |
-| `set_password_expiry()`              | Set the password expiry                                            |
+| `get_users()`              | Retrieve groups information                                     |
+| `create_user()`            | Create a new user                                               |
+| `modify_user()`            | Modify a user                                                   |
+| `delete_user()`            | Delete a user                                                   |
+| `affect_groups()`          | Affect or disaffect groups to a user                            |
+| `affect_groups_status()`   | Get the status of a join task                                   |
+| `get_password_policy()`    | Get the password policy                                         |
+| `set_password_policy()`    | Set the password policy                                         |
+| `get_password_expiry()`    | Get the password expiry                                         |
+| `set_password_expiry()`    | Set the password expiry                                         |
+| `password_confirm()`       | Confirm password match with current logged user                 |
 
 ### Virtualization
 | Functions                  |
diff --git a/requirements.txt b/requirements.txt
index d7af0d6eb9c469f8eebbc36e04a782a6c0cfe722..45d929f8613d73720138d8b416aee795ccfff607 100644
GIT binary patch
literal 138
zcmZvVK?;B{3<UQq_!=K1R*MRes%;N`ULB=)l7+B4B%AAu@=D5DnE{!iYE|0d8{Csq
jVHs*@mQ(Y))qX9GOCvp9iKaoz>w7wm@@>R-_z7|Y+NT>X

literal 51
wcmXR;Eh#N1$<NOz<|;}pEKMygDds9I%E`%0GKLGpgXEJ^b4s{M3R7~q01x#O!~g&Q

diff --git a/synology_api/core_sys_info.py b/synology_api/core_sys_info.py
index d6d584c..8a798f7 100644
--- a/synology_api/core_sys_info.py
+++ b/synology_api/core_sys_info.py
@@ -1,9 +1,6 @@
 from __future__ import annotations
 from typing import Optional
 from . import base_api
-from __future__ import annotations
-from typing import Optional
-from . import base_api
 
 
 class SysInfo(base_api.BaseApi):
@@ -774,62 +771,6 @@ class SysInfo(base_api.BaseApi):
 
         return self.request_data(api_name, api_path, req_param)
 
-    def users_info(self, offset: int = 0, limit: int = -1) -> dict[str, object] | str:
-        api_name = 'SYNO.Core.User'
-        info = self.core_list[api_name]
-        api_path = info['path']
-        req_param = {'version': info['maxVersion'], 'method': 'list', 'type': 'local', 'offset': offset, 'limit': limit}
-
-        return self.request_data(api_name, api_path, req_param)
-
-    def password_policy(self) -> dict[str, object] | str:
-        api_name = 'SYNO.Core.User.PasswordPolicy'
-        info = self.core_list[api_name]
-        api_path = info['path']
-        req_param = {'version': info['maxVersion'], 'method': 'get'}
-
-        return self.request_data(api_name, api_path, req_param)
-
-    def password_expiry(self) -> dict[str, object] | str:
-        api_name = 'SYNO.Core.User.PasswordExpiry'
-        info = self.core_list[api_name]
-        api_path = info['path']
-        req_param = {'version': info['maxVersion'], 'method': 'get'}
-
-        return self.request_data(api_name, api_path, req_param)
-    
-    def password_confirm(self, password: str) -> dict[str, object] | str:
-        """Issues a passowrd/session comparison to ensure the given password matches the auth of the current session.
-
-        This is needed by some APIs as a confirmation method, for example, when creating/modifying a scheduled task with root permissions. 
-        Please note that the password will be sent in plain text, just like in the base auth method.
-
-        Args:
-            password (str):
-                The password with which the session was initiated.
-
-        Returns:
-            dict|str:
-                A dictionary containing a `SynoConfirmPWToken`, or an error message.
-
-            Example return:
-            {
-                "data": {
-                    "SynoConfirmPWToken": "xxxxx"
-                },
-                "success": true
-            }
-        """
-        # There is a way to send the password encrypted, but could not figure out how the NAS wants the data to be encrypted.
-        # It wants an AES and RSA key sent to it under the field "__cIpHeRtExT", tried some ways of implementing it, 
-        # but kept getting decryption errors in /var/log/synoscgi.log, so just went through with the plain text password. 
-        api_name = 'SYNO.Core.User.PasswordConfirm'
-        info = self.core_list[api_name]
-        api_path = info['path']
-        req_param = {'version': 2, 'method': 'auth', 'password': password}
-
-        return self.request_data(api_name, api_path, req_param)
-
     def personal_photo_enable(self) -> dict[str, object] | str:
         api_name = 'SYNO.Core.User.Home'
         info = self.core_list[api_name]
diff --git a/synology_api/core_user.py b/synology_api/core_user.py
index 99c3727..19fbaa2 100644
--- a/synology_api/core_user.py
+++ b/synology_api/core_user.py
@@ -558,4 +558,40 @@ class User(base_api.BaseApi):
             "enable_mail_notification": enable_mail_notification,
             "never_expired_list": json.dumps(never_expired_list)
         }
-        return self.request_data(api_name, api_path, req_param)
\ No newline at end of file
+        return self.request_data(api_name, api_path, req_param)
+    
+        
+    def password_confirm(self, password: str) -> dict[str, object] | str:
+        """Issues a passowrd/session comparison to ensure the given password matches the auth of the current session.
+
+        This is needed by some APIs as a confirmation method, for example, when creating/modifying a scheduled task with root permissions. 
+        Please note that the password will be sent in plain text, just like in the base auth method.
+
+        Args:
+            password (str):
+                The password with which the session was initiated.
+
+        Returns:
+            dict|str:
+                A dictionary containing a `SynoConfirmPWToken`, or an error message.
+
+            Example return:
+            {
+                "data": {
+                    "SynoConfirmPWToken": "xxxxx"
+                },
+                "success": true
+            }
+        """
+        api_name = 'SYNO.Core.User.PasswordConfirm'
+        info = self.core_list[api_name]
+        api_path = info['path']
+        req_param = {'version': info['maxVersion'], 'method': 'auth'}
+        # Using https
+        if self.session._secure:
+            req_param.update({"password": password})
+        # Using http and self encrypted
+        else:
+            req_param.update(self.session.encrypt_params({"password": password}))
+            
+        return self.request_data(api_name, api_path, req_param, method="post")
\ No newline at end of file