No not fail on nonexisting acl users/groups
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
@@ -16,7 +16,7 @@
|
||||
💥 This is still alpha software: it may not be stable enough for production!
|
||||
|
||||
</description>
|
||||
<version>0.1.3</version>
|
||||
<version>0.1.3.1</version>
|
||||
<licence>agpl</licence>
|
||||
<author>Julius Härtl</author>
|
||||
<namespace>Deck</namespace>
|
||||
@@ -30,4 +30,9 @@
|
||||
<dependencies>
|
||||
<nextcloud min-version="11" max-version="12" />
|
||||
</dependencies>
|
||||
<repair-steps>
|
||||
<post-migration>
|
||||
<step>OCA\Deck\Migration\UnknownUsers</step>
|
||||
</post-migration>
|
||||
</repair-steps>
|
||||
</info>
|
||||
|
||||
@@ -23,9 +23,14 @@
|
||||
|
||||
namespace OCA\Deck\AppInfo;
|
||||
|
||||
use OCA\Deck\Db\Acl;
|
||||
use OCA\Deck\Db\AclMapper;
|
||||
use OCP\AppFramework\App;
|
||||
use OCA\Deck\Middleware\SharingMiddleware;
|
||||
|
||||
use OCP\IGroup;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\IUser;
|
||||
use OCP\IUserManager;
|
||||
|
||||
class Application extends App {
|
||||
|
||||
@@ -48,6 +53,30 @@ class Application extends App {
|
||||
});
|
||||
$container->registerMiddleware('SharingMiddleware');
|
||||
|
||||
// Delete user/group acl entries when they get deleted
|
||||
/** @var IUserManager $userManager */
|
||||
$userManager = $server->getUserManager();
|
||||
$userManager->listen('\OC\User', 'postDelete', function(IUser $user) use ($container) {
|
||||
/** @var AclMapper $aclMapper */
|
||||
$aclMapper = $container->query(AclMapper::class);
|
||||
$acls = $aclMapper->findByParticipant(Acl::PERMISSION_TYPE_USER, $user->getUID());
|
||||
foreach ($acls as $acl) {
|
||||
$aclMapper->delete($acl);
|
||||
}
|
||||
});
|
||||
|
||||
/** @var IUserManager $userManager */
|
||||
$groupManager = $server->getGroupManager();
|
||||
$groupManager->listen('\OC\Group', 'postDelete', function(IGroup $group) use ($container) {
|
||||
/** @var AclMapper $aclMapper */
|
||||
$aclMapper = $container->query(AclMapper::class);
|
||||
$aclMapper->findByParticipant(Acl::PERMISSION_TYPE_GROUP, $group->getGID());
|
||||
$acls = $aclMapper->findByParticipant(Acl::PERMISSION_TYPE_GROUP, $group->getGID());
|
||||
foreach ($acls as $acl) {
|
||||
$aclMapper->delete($acl);
|
||||
}
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
public function registerNavigationEntry() {
|
||||
|
||||
@@ -48,4 +48,9 @@ class AclMapper extends DeckMapper implements IPermissionMapper {
|
||||
return $entity->getBoardId();
|
||||
}
|
||||
|
||||
public function findByParticipant($type, $participant) {
|
||||
$sql = 'SELECT * from *PREFIX*deck_board_acl WHERE type = ? AND participant = ?';
|
||||
return $this->findEntities($sql, [$type, $participant]);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -52,7 +52,6 @@ class Board extends RelationalEntity implements JsonSerializable {
|
||||
if ($this->shared === -1) {
|
||||
unset($json['shared']);
|
||||
}
|
||||
$json['owner'] = $this->resolveOwner();
|
||||
return $json;
|
||||
}
|
||||
|
||||
|
||||
@@ -130,6 +130,11 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
|
||||
return $entries;
|
||||
}
|
||||
|
||||
public function findAll() {
|
||||
$sql = 'SELECT id from *PREFIX*deck_boards;';
|
||||
return $this->findEntities($sql, []);
|
||||
}
|
||||
|
||||
public function delete(/** @noinspection PhpUnnecessaryFullyQualifiedNameInspection */
|
||||
\OCP\AppFramework\Db\Entity $entity) {
|
||||
// delete acl
|
||||
@@ -166,10 +171,22 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
|
||||
$groupManager = $this->groupManager;
|
||||
$acl->resolveRelation('participant', function($participant) use (&$acl, &$userManager, &$groupManager) {
|
||||
if($acl->getType() === Acl::PERMISSION_TYPE_USER) {
|
||||
return new User($userManager->get($acl->getParticipant($participant)));
|
||||
$user = $userManager->get($participant);
|
||||
if($user !== null) {
|
||||
return new User($user);
|
||||
} else {
|
||||
\OC::$server->getLogger()->debug('User ' . $acl->getId() . ' not found when mapping acl ' . $acl->getParticipant());
|
||||
return $participant;
|
||||
}
|
||||
}
|
||||
if($acl->getType() === Acl::PERMISSION_TYPE_GROUP) {
|
||||
return new Group($groupManager->get($acl->getParticipant($participant)));
|
||||
$group = $groupManager->get($participant);
|
||||
if($group !== null) {
|
||||
return new Group($group);
|
||||
} else {
|
||||
\OC::$server->getLogger()->debug('Group ' . $acl->getId() . ' not found when mapping acl ' . $acl->getParticipant());
|
||||
return $participant;
|
||||
}
|
||||
}
|
||||
throw new \Exception('Unknown permission type for mapping Acl');
|
||||
});
|
||||
|
||||
83
lib/Migration/UnknownUsers.php
Normal file
83
lib/Migration/UnknownUsers.php
Normal file
@@ -0,0 +1,83 @@
|
||||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 Julius Härtl <jus@bitgrid.net>
|
||||
*
|
||||
* @author Julius Härtl <jus@bitgrid.net>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
namespace OCA\Deck\Migration;
|
||||
|
||||
use OCA\Deck\Db\Acl;
|
||||
use OCA\Deck\Db\AclMapper;
|
||||
use OCA\Deck\Db\Board;
|
||||
use OCA\Deck\Db\BoardMapper;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\IUserManager;
|
||||
use OCP\Migration\IRepairStep;
|
||||
use OCP\Migration\IOutput;
|
||||
|
||||
class UnknownUsers implements IRepairStep {
|
||||
|
||||
private $userManager;
|
||||
private $groupManager;
|
||||
private $aclMapper;
|
||||
private $boardMapper;
|
||||
|
||||
public function __construct(IUserManager $userManager, IGroupManager $groupManager, AclMapper $aclMapper, BoardMapper $boardMapper) {
|
||||
$this->userManager = $userManager;
|
||||
$this->groupManager = $groupManager;
|
||||
$this->aclMapper = $aclMapper;
|
||||
$this->boardMapper = $boardMapper;
|
||||
}
|
||||
|
||||
/*
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getName() {
|
||||
return 'Delete orphaned ACL rules';
|
||||
}
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function run(IOutput $output) {
|
||||
$boards = $this->boardMapper->findAll();
|
||||
/** @var Board $board */
|
||||
foreach ($boards as $board) {
|
||||
$acls = $this->aclMapper->findAll($board->getId());
|
||||
/** @var Acl $acl */
|
||||
foreach ($acls as $acl) {
|
||||
if($acl->getType() === Acl::PERMISSION_TYPE_USER) {
|
||||
$user = $this->userManager->get($acl->getParticipant());
|
||||
if($user === null) {
|
||||
$this->aclMapper->delete($acl);
|
||||
}
|
||||
}
|
||||
if($acl->getType() === Acl::PERMISSION_TYPE_GROUP) {
|
||||
$group = $this->groupManager->get($acl->getParticipant());
|
||||
if($group === null) {
|
||||
$this->aclMapper->delete($acl);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user