ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

No not fail on nonexisting acl users/groups

Browse Source 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
2017-05-03 12:05:15 +02:00
parent 8b4e7ec2bf
commit a6b6842e2b
6 changed files with 143 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
appinfo/info.xml
View File

@@ -16,7 +16,7 @@
💥 This is still alpha software: it may not be stable enough for production! 💥 This is still alpha software: it may not be stable enough for production!
</description> </description>
<version>0.1.3</version> <version>0.1.3.1</version>
<licence>agpl</licence> <licence>agpl</licence>
<author>Julius Härtl</author> <author>Julius Härtl</author>
<namespace>Deck</namespace> <namespace>Deck</namespace>
@@ -30,4 +30,9 @@
<dependencies> <dependencies>
<nextcloud min-version="11" max-version="12" /> <nextcloud min-version="11" max-version="12" />
</dependencies> </dependencies>
<repair-steps>
<post-migration>
<step>OCA\Deck\Migration\UnknownUsers</step>
</post-migration>
</repair-steps>
</info> </info>

31
lib/AppInfo/Application.php
View File

@@ -23,9 +23,14 @@
namespace OCA\Deck\AppInfo; namespace OCA\Deck\AppInfo;
use OCA\Deck\Db\Acl;
use OCA\Deck\Db\AclMapper;
use OCP\AppFramework\App; use OCP\AppFramework\App;
use OCA\Deck\Middleware\SharingMiddleware; use OCA\Deck\Middleware\SharingMiddleware;
use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUser;
use OCP\IUserManager;
class Application extends App { class Application extends App {
@@ -48,6 +53,30 @@ class Application extends App {
}); });
$container->registerMiddleware('SharingMiddleware'); $container->registerMiddleware('SharingMiddleware');
// Delete user/group acl entries when they get deleted
/** @var IUserManager $userManager */
$userManager = $server->getUserManager();
$userManager->listen('\OC\User', 'postDelete', function(IUser $user) use ($container) {
/** @var AclMapper $aclMapper */
$aclMapper = $container->query(AclMapper::class);
$acls = $aclMapper->findByParticipant(Acl::PERMISSION_TYPE_USER, $user->getUID());
foreach ($acls as $acl) {
$aclMapper->delete($acl);
}
});
/** @var IUserManager $userManager */
$groupManager = $server->getGroupManager();
$groupManager->listen('\OC\Group', 'postDelete', function(IGroup $group) use ($container) {
/** @var AclMapper $aclMapper */
$aclMapper = $container->query(AclMapper::class);
$aclMapper->findByParticipant(Acl::PERMISSION_TYPE_GROUP, $group->getGID());
$acls = $aclMapper->findByParticipant(Acl::PERMISSION_TYPE_GROUP, $group->getGID());
foreach ($acls as $acl) {
$aclMapper->delete($acl);
}
});
} }
public function registerNavigationEntry() { public function registerNavigationEntry() {

5
lib/Db/AclMapper.php
View File

@@ -48,4 +48,9 @@ class AclMapper extends DeckMapper implements IPermissionMapper {
return $entity->getBoardId(); return $entity->getBoardId();
} }
public function findByParticipant($type, $participant) {
$sql = 'SELECT * from *PREFIX*deck_board_acl WHERE type = ? AND participant = ?';
return $this->findEntities($sql, [$type, $participant]);
}
} }

1
lib/Db/Board.php
View File

@@ -52,7 +52,6 @@ class Board extends RelationalEntity implements JsonSerializable {
if ($this->shared === -1) { if ($this->shared === -1) {
unset($json['shared']); unset($json['shared']);
} }
$json['owner'] = $this->resolveOwner();
return $json; return $json;
} }

21
lib/Db/BoardMapper.php
View File

@@ -130,6 +130,11 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
return $entries; return $entries;
} }
public function findAll() {
$sql = 'SELECT id from *PREFIX*deck_boards;';
return $this->findEntities($sql, []);
}
public function delete(/** @noinspection PhpUnnecessaryFullyQualifiedNameInspection */ public function delete(/** @noinspection PhpUnnecessaryFullyQualifiedNameInspection */
\OCP\AppFramework\Db\Entity $entity) { \OCP\AppFramework\Db\Entity $entity) {
// delete acl // delete acl
@@ -166,10 +171,22 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
$groupManager = $this->groupManager; $groupManager = $this->groupManager;
$acl->resolveRelation('participant', function($participant) use (&$acl, &$userManager, &$groupManager) { $acl->resolveRelation('participant', function($participant) use (&$acl, &$userManager, &$groupManager) {
if($acl->getType() === Acl::PERMISSION_TYPE_USER) { if($acl->getType() === Acl::PERMISSION_TYPE_USER) {
return new User($userManager->get($acl->getParticipant($participant))); $user = $userManager->get($participant);
if($user !== null) {
return new User($user);
} else {
\OC::$server->getLogger()->debug('User ' . $acl->getId() . ' not found when mapping acl ' . $acl->getParticipant());
return $participant;
}
} }
if($acl->getType() === Acl::PERMISSION_TYPE_GROUP) { if($acl->getType() === Acl::PERMISSION_TYPE_GROUP) {
return new Group($groupManager->get($acl->getParticipant($participant))); $group = $groupManager->get($participant);
if($group !== null) {
return new Group($group);
} else {
\OC::$server->getLogger()->debug('Group ' . $acl->getId() . ' not found when mapping acl ' . $acl->getParticipant());
return $participant;
}
} }
throw new \Exception('Unknown permission type for mapping Acl'); throw new \Exception('Unknown permission type for mapping Acl');
}); });

83
lib/Migration/UnknownUsers.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
/**
* @copyright Copyright (c) 2017 Julius Härtl <jus@bitgrid.net>
*
* @author Julius Härtl <jus@bitgrid.net>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\Deck\Migration;
use OCA\Deck\Db\Acl;
use OCA\Deck\Db\AclMapper;
use OCA\Deck\Db\Board;
use OCA\Deck\Db\BoardMapper;
use OCP\IGroupManager;
use OCP\IUserManager;
use OCP\Migration\IRepairStep;
use OCP\Migration\IOutput;
class UnknownUsers implements IRepairStep {
private $userManager;
private $groupManager;
private $aclMapper;
private $boardMapper;
public function __construct(IUserManager $userManager, IGroupManager $groupManager, AclMapper $aclMapper, BoardMapper $boardMapper) {
$this->userManager = $userManager;
$this->groupManager = $groupManager;
$this->aclMapper = $aclMapper;
$this->boardMapper = $boardMapper;
}
/*
* @inheritdoc
*/
public function getName() {
return 'Delete orphaned ACL rules';
}
/**
* @inheritdoc
*/
public function run(IOutput $output) {
$boards = $this->boardMapper->findAll();
/** @var Board $board */
foreach ($boards as $board) {
$acls = $this->aclMapper->findAll($board->getId());
/** @var Acl $acl */
foreach ($acls as $acl) {
if($acl->getType() === Acl::PERMISSION_TYPE_USER) {
$user = $this->userManager->get($acl->getParticipant());
if($user === null) {
$this->aclMapper->delete($acl);
}
}
if($acl->getType() === Acl::PERMISSION_TYPE_GROUP) {
$group = $this->groupManager->get($acl->getParticipant());
if($group === null) {
$this->aclMapper->delete($acl);
}
}
}
}
}
}