nextcloud · CarlSchwan · Mar 6, 2026 · Mar 6, 2026
@@ -47,7 +47,8 @@
 	Server::get(IRequest::class),
 	Server::get(\OCP\Share\IManager::class),
 	Server::get(ISession::class),
-	Server::get(IThrottler::class)
+	Server::get(IThrottler::class),
+	Server::get(IUserSession::class),
 );
 $authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
 

@@ -64,6 +64,7 @@
 	Server::get(IThrottler::class),
 	Server::get(LoggerInterface::class),
 	Server::get(IURLGenerator::class),
+	Server::get(IUserSession::class),
 );
 $authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
 

@@ -11,6 +11,7 @@
 use OCP\Defaults;
 use OCP\IRequest;
 use OCP\ISession;
+use OCP\IUserSession;
 use OCP\Security\Bruteforce\IThrottler;
 use OCP\Share\Exceptions\ShareNotFound;
 use OCP\Share\IManager;
@@ -28,10 +29,11 @@ class LegacyPublicAuth extends AbstractBasic {
 	private ?IShare $share = null;
 
 	public function __construct(
-		private IRequest $request,
-		private IManager $shareManager,
-		private ISession $session,
-		private IThrottler $throttler,
+		private readonly IRequest $request,
+		private readonly IManager $shareManager,
+		private readonly ISession $session,
+		private readonly IThrottler $throttler,
+		private readonly IUserSession $userSession,
 	) {
 		// setup realm
 		$defaults = new Defaults();
@@ -62,7 +64,7 @@ protected function validateUserPass($username, $password) {
 
 		$this->share = $share;
 
-		\OC_User::setIncognitoMode(true);
+		$this->userSession->setIncognitoMode(true);
 
 		// check if the share is password protected
 		if ($share->getPassword() !== null) {

@@ -15,6 +15,7 @@
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
+use OCP\IUserSession;
 use OCP\Security\Bruteforce\IThrottler;
 use OCP\Security\Bruteforce\MaxDelayReached;
 use OCP\Share\Exceptions\ShareNotFound;
@@ -42,12 +43,13 @@ class PublicAuth extends AbstractBasic {
 	private ?IShare $share = null;
 
 	public function __construct(
-		private IRequest $request,
-		private IManager $shareManager,
-		private ISession $session,
-		private IThrottler $throttler,
-		private LoggerInterface $logger,
-		private IURLGenerator $urlGenerator,
+		private readonly IRequest $request,
+		private readonly IManager $shareManager,
+		private readonly ISession $session,
+		private readonly IThrottler $throttler,
+		private readonly LoggerInterface $logger,
+		private readonly IURLGenerator $urlGenerator,
+		private readonly IUserSession $userSession,
 	) {
 		// setup realm
 		$defaults = new Defaults();
@@ -134,7 +136,7 @@ private function checkToken(): array {
 		}
 
 		$this->share = $share;
-		\OC_User::setIncognitoMode(true);
+		$this->userSession->setIncognitoMode(true);
 
 		// If already authenticated
 		if ($this->isShareInSession($share)) {
@@ -172,7 +174,7 @@ protected function validateUserPass($username, $password) {
 			return false;
 		}
 
-		\OC_User::setIncognitoMode(true);
+		$this->userSession->setIncognitoMode(true);
 
 		// check if the share is password protected
 		if ($share->getPassword() !== null) {

@@ -9,9 +9,13 @@
 namespace OCA\DAV\Tests\unit\Connector;
 
 use OCA\DAV\Connector\LegacyPublicAuth;
+use OCP\Files\ISetupManager;
 use OCP\IRequest;
 use OCP\ISession;
+use OCP\IUser;
+use OCP\IUserSession;
 use OCP\Security\Bruteforce\IThrottler;
+use OCP\Server;
 use OCP\Share\Exceptions\ShareNotFound;
 use OCP\Share\IManager;
 use OCP\Share\IShare;
@@ -26,7 +30,7 @@ class LegacyPublicAuthTest extends TestCase {
 	private IManager&MockObject $shareManager;
 	private IThrottler&MockObject $throttler;
 	private LegacyPublicAuth $auth;
-	private string|false $oldUser;
+	private ?IUser $oldUser;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -40,20 +44,21 @@ protected function setUp(): void {
 			$this->request,
 			$this->shareManager,
 			$this->session,
-			$this->throttler
+			$this->throttler,
+			$this->createMock(IUserSession::class),
 		);
 
 		// Store current user
-		$this->oldUser = \OC_User::getUser();
+		$this->oldUser = Server::get(IUserSession::class)->getUser() ?? null;
 	}
 
 	protected function tearDown(): void {
-		\OC_User::setIncognitoMode(false);
+		Server::get(IUserSession::class)->setIncognitoMode(false);
 
 		// Set old user
-		\OC_User::setUserId($this->oldUser ?: null);
-		if ($this->oldUser !== false) {
-			\OC_Util::setupFS($this->oldUser);
+		self::setUserId($this->oldUser?->getUID());
+		if ($this->oldUser !== null) {
+			Server::get(ISetupManager::class)->setupForUser($this->oldUser);
 		}
 
 		parent::tearDown();

@@ -9,10 +9,14 @@
 namespace OCA\DAV\Tests\unit\Connector;
 
 use OCA\DAV\Connector\Sabre\PublicAuth;
+use OCP\Files\ISetupManager;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
+use OCP\IUser;
+use OCP\IUserSession;
 use OCP\Security\Bruteforce\IThrottler;
+use OCP\Server;
 use OCP\Share\Exceptions\ShareNotFound;
 use OCP\Share\IManager;
 use OCP\Share\IShare;
@@ -35,8 +39,7 @@ class PublicAuthTest extends \Test\TestCase {
 	private LoggerInterface&MockObject $logger;
 	private IURLGenerator&MockObject $urlGenerator;
 	private PublicAuth $auth;
-
-	private bool|string $oldUser;
+	private ?IUser $oldUser;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -55,19 +58,20 @@ protected function setUp(): void {
 			$this->throttler,
 			$this->logger,
 			$this->urlGenerator,
+			$this->createMock(IUserSession::class),
 		);
 
 		// Store current user
-		$this->oldUser = \OC_User::getUser();
+		$this->oldUser = Server::get(IUserSession::class)->getUser() ?? null;
 	}
 
 	protected function tearDown(): void {
-		\OC_User::setIncognitoMode(false);
+		Server::get(IUserSession::class)->setIncognitoMode(false);
 
 		// Set old user
-		\OC_User::setUserId($this->oldUser);
-		if ($this->oldUser !== false) {
-			\OC_Util::setupFS($this->oldUser);
+		self::setUserId($this->oldUser?->getUID());
+		if ($this->oldUser !== null) {
+			Server::get(ISetupManager::class)->setupForUser($this->oldUser);
 		}
 
 		parent::tearDown();

@@ -11,6 +11,7 @@
 use OC\Files\Filesystem;
 use OC\Group\Database;
 use OCP\Files\IRootFolder;
+use OCP\Files\ISetupManager;
 use OCP\IGroupManager;
 use OCP\IUserManager;
 use OCP\IUserSession;
@@ -56,8 +57,9 @@ public static function tearDownAfterClass(): void {
 			$user->delete();
 		}
 
-		\OC_Util::tearDownFS();
-		\OC_User::setUserId('');
+		$setupManager = Server::get(ISetupManager::class);
+		$setupManager->tearDown();
+		self::setUserId('');
 		Filesystem::tearDown();
 
 		// reset backend
@@ -69,13 +71,13 @@ public static function tearDownAfterClass(): void {
 		parent::tearDownAfterClass();
 	}
 
-	protected static function loginHelper(string $user, bool $create = false, bool $password = false) {
+	protected static function loginHelper(string $user, bool $create = false, bool $password = false): void {
 		if ($password === false) {
 			$password = $user;
 		}
 
+		$userManager = Server::get(IUserManager::class);
 		if ($create) {
-			$userManager = Server::get(IUserManager::class);
 			$groupManager = Server::get(IGroupManager::class);
 
 			$userObject = $userManager->createUser($user, $password);
@@ -84,14 +86,16 @@ protected static function loginHelper(string $user, bool $create = false, bool $
 			if ($group && $userObject) {
 				$group->addUser($userObject);
 			}
+		} else {
+			$userObject = $userManager->get($user);
 		}
 
-		\OC_Util::tearDownFS();
+		$setupManager = Server::get(ISetupManager::class);
+		$setupManager->tearDown();
 		Server::get(IUserSession::class)->setUser(null);
 		Filesystem::tearDown();
 		Server::get(IUserSession::class)->login($user, $password);
 		Server::get(IRootFolder::class)->getUserFolder($user);
-
-		\OC_Util::setupFS($user);
+		$setupManager->setupForUser($userObject);
 	}
 }
@@ -41,7 +41,7 @@ protected function setUp(): void {
 		$this->user = static::getUniqueID('user');
 		$this->activityManager = $this->createMock(IManager::class);
 		Server::get(IUserManager::class)->createUser($this->user, 'test');
-		\OC_User::setUserId($this->user);
+		self::setUserId($this->user);
 		\OC_Util::setupFS($this->user);
 		$user = $this->createMock(IUser::class);
 		$this->userSession = $this->createMock(IUserSession::class);
@@ -69,7 +69,7 @@ protected function getTagService(array $methods = []): TagService&MockObject {
 	}
 
 	protected function tearDown(): void {
-		\OC_User::setUserId('');
+		self::setUserId('');
 		$user = Server::get(IUserManager::class)->get($this->user);
 		if ($user !== null) {
 			$user->delete();

@@ -17,6 +17,7 @@
 use OCP\Constants;
 use OCP\Files\FileInfo;
 use OCP\Files\IMimeTypeDetector;
+use OCP\IUserSession;
 use OCP\Server;
 use phpseclib\Net\SFTP\Stream;
 
@@ -182,13 +183,12 @@ private function absPath(string $path): string {
 
 	private function hostKeysPath(): string|false {
 		try {
-			$userId = \OC_User::getUser();
-			if ($userId === false) {
+			$user = Server::get(IUserSession::class)->getUser();
+			if ($user === null) {
 				return false;
 			}
 
-			$view = new View('/' . $userId . '/files_external');
-
+			$view = new View('/' . $user->getUID() . '/files_external');
 			return $view->getLocalFile('ssh_hostKeys');
 		} catch (\Exception $e) {
 		}

@@ -9,6 +9,7 @@
 
 use OCP\IUser;
 use OCP\IUserSession;
+use Override;
 
 class DummyUserSession implements IUserSession {
 
@@ -54,4 +55,13 @@ public function getImpersonatingUserID() : ?string {
 	public function setImpersonatingUserID(bool $useCurrentUser = true): void {
 		//no OP
 	}
+
+	#[Override]
+	public function setIncognitoMode(bool $incognitoMode): void {
+	}
+
+	#[Override]
+	public function isIncognitoMode(): bool {
+		return false;
+	}
 }
@@ -40,6 +40,7 @@
 use OCP\ISession;
 use OCP\IURLGenerator;
 use OCP\IUserManager;
+use OCP\IUserSession;
 use OCP\Security\Events\GenerateSecurePasswordEvent;
 use OCP\Security\ISecureRandom;
 use OCP\Security\PasswordContext;
@@ -78,6 +79,7 @@ public function __construct(
 		protected ISecureRandom $secureRandom,
 		protected Defaults $defaults,
 		private IPublicShareTemplateFactory $publicShareTemplateFactory,
+		private IUserSession $userSession,
 	) {
 		parent::__construct($appName, $request, $session, $urlGenerator);
 	}
@@ -299,7 +301,7 @@ private function validateShare(IShare $share) {
 	#[PublicPage]
 	#[NoCSRFRequired]
 	public function showShare($path = ''): TemplateResponse {
-		\OC_User::setIncognitoMode(true);
+		$this->userSession->setIncognitoMode(true);
 
 		// Check whether share exists
 		try {
@@ -353,7 +355,7 @@ public function showShare($path = ''): TemplateResponse {
 	#[NoCSRFRequired]
 	#[NoSameSiteCookieRequired]
 	public function downloadShare(string $token, ?string $files = null, string $path = ''): NotFoundResponse|RedirectResponse|DataResponse {
-		\OC_User::setIncognitoMode(true);
+		$this->userSession->setIncognitoMode(true);
 
 		$share = $this->shareManager->getShareByToken($token);
 

@@ -14,8 +14,10 @@
 use OCP\Files\Folder;
 use OCP\Files\Mount\IMountManager;
 use OCP\Files\NotFoundException;
+use OCP\IUserSession;
 use OCP\Server;
 use OCP\Share\IShare;
+use RuntimeException;
 
 class Updater {
 
@@ -139,14 +141,18 @@ private static function moveShareInOrOutOfShare($path): void {
 	 * @param string $newPath new path relative to data/user/files
 	 */
 	private static function renameChildren($oldPath, $newPath) {
-		$absNewPath = Filesystem::normalizePath('/' . \OC_User::getUser() . '/files/' . $newPath);
-		$absOldPath = Filesystem::normalizePath('/' . \OC_User::getUser() . '/files/' . $oldPath);
+		$user = Server::get(IUserSession::class)->getUser();
+		if ($user === null) {
+			throw new RuntimeException('Unable to find current user');
+		}
+		$absNewPath = Filesystem::normalizePath('/' . $user->getUID() . '/files/' . $newPath);
+		$absOldPath = Filesystem::normalizePath('/' . $user->getUID() . '/files/' . $oldPath);
 
 		$mountManager = Filesystem::getMountManager();
-		$mountedShares = $mountManager->findIn('/' . \OC_User::getUser() . '/files/' . $oldPath);
+		$mountedShares = $mountManager->findIn('/' . $user->getUID() . '/files/' . $oldPath);
 		foreach ($mountedShares as $mount) {
 			/** @var MountPoint $mount */
-			if ($mount->getStorage()->instanceOfStorage(ISharedStorage::class)) {
+			if ($mount->getStorage()->instanceOfStorage(\OCP\Files\Storage\ISharedStorage::class)) {
 				$mountPoint = $mount->getMountPoint();
 				$target = str_replace($absOldPath, $absNewPath, $mountPoint);
 				$mount->moveMount($target);