fix LDAP User deletion (cleanup)

blizzz · blizzz · commit d6d98d4d5acc · 2017-09-15T16:01:54.000+02:00
discovered a bug in the integration test which lead to following a
different code path and giving a false-positive  success feedback.

Also listens now to the evendispatcher instead of old hook system

Signed-off-by: Arthur Schiwon &lt;blizzz@arthur-schiwon.de&gt;
diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php
@@ -44,9 +44,10 @@
 			'name' => $l->t('LDAP user and group backend'),
 		];
 	});
+	$userSession = \OC::$server->getUserSession();
 
 	$userBackend  = new OCA\User_LDAP\User_Proxy(
-		$configPrefixes, $ldapWrapper, $ocConfig, $notificationManager
+		$configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession
 	);
 	$groupBackend  = new OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper);
 	// register user backend
diff --git a/apps/user_ldap/appinfo/register_command.php b/apps/user_ldap/appinfo/register_command.php
@@ -36,7 +36,8 @@
 	$helper->getServerConfigurationPrefixes(true),
 	new LDAP(),
 	$ocConfig,
-	\OC::$server->getNotificationManager()
+	\OC::$server->getNotificationManager(),
+	\OC::$server->getUserSession()
 );
 $deletedUsersIndex = new DeletedUsersIndex(
 	$ocConfig, $dbConnection, $userMapping
diff --git a/apps/user_ldap/lib/Command/Search.php b/apps/user_ldap/lib/Command/Search.php
@@ -120,7 +120,13 @@ protected function execute(InputInterface $input, OutputInterface $output) {
 				$limit = null;
 			}
 		} else {
-			$proxy = new User_Proxy($configPrefixes, $ldapWrapper, $this->ocConfig, \OC::$server->getNotificationManager());
+			$proxy = new User_Proxy(
+				$configPrefixes,
+				$ldapWrapper,
+				$this->ocConfig,
+				\OC::$server->getNotificationManager(),
+				\OC::$server->getUserSession()
+			);
 			$getMethod = 'getDisplayNames';
 			$printID = true;
 		}
diff --git a/apps/user_ldap/lib/Helper.php b/apps/user_ldap/lib/Helper.php
@@ -294,9 +294,10 @@ public static function loginName2UserName($param) {
 		$ldapWrapper = new LDAP();
 		$ocConfig = \OC::$server->getConfig();
 		$notificationManager = \OC::$server->getNotificationManager();
+		$userSession = \OC::$server->getUserSession();
 
 		$userBackend  = new User_Proxy(
-			$configPrefixes, $ldapWrapper, $ocConfig, $notificationManager
+			$configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession
 		);
 		$uid = $userBackend->loginName2UserName($param['uid'] );
 		if($uid !== false) {
diff --git a/apps/user_ldap/lib/Jobs/CleanUp.php b/apps/user_ldap/lib/Jobs/CleanUp.php
@@ -99,7 +99,8 @@ public function setArguments($arguments) {
 				$this->ldapHelper->getServerConfigurationPrefixes(true),
 				new LDAP(),
 				$this->ocConfig,
-				\OC::$server->getNotificationManager()
+				\OC::$server->getNotificationManager(),
+				\OC::$server->getUserSession()
 			);
 		}
 
diff --git a/apps/user_ldap/lib/Migration/UUIDFixGroup.php b/apps/user_ldap/lib/Migration/UUIDFixGroup.php
@@ -33,6 +33,6 @@ class UUIDFixGroup extends UUIDFix {
 	public function __construct(GroupMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) {
 		$this->mapper = $mapper;
 		$this->proxy = new User_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config, 
-			\OC::$server->getNotificationManager());
+			\OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 	}
 }
diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
@@ -42,6 +42,7 @@
 use OCA\User_LDAP\User\User;
 use OCP\IConfig;
 use OCP\IUser;
+use OCP\IUserSession;
 use OCP\Notification\IManager as INotificationManager;
 use OCP\Util;
 
@@ -59,24 +60,21 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
 	 * @param Access $access
 	 * @param \OCP\IConfig $ocConfig
 	 * @param \OCP\Notification\IManager $notificationManager
+	 * @param IUserSession $userSession
 	 */
-	public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager) {
+	public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession) {
 		parent::__construct($access);
 		$this->ocConfig = $ocConfig;
 		$this->notificationManager = $notificationManager;
-		$this->registerHooks();
+		$this->registerHooks($userSession);
 	}
 
-	protected function registerHooks() {
-		Util::connectHook('OC_User','pre_deleteUser', $this, 'preDeleteUser');
-		Util::connectHook('OC_User','post_deleteUser', $this, 'postDeleteUser');
+	protected function registerHooks(IUserSession $userSession) {
+		$userSession->listen('\OC\User', 'preDelete', [$this, 'preDeleteUser']);
+		$userSession->listen('\OC\User', 'postDelete', [$this, 'postDeleteUser']);
 	}
 
-	public function preDeleteUser(array $param) {
-		$user = $param[0];
-		if(!$user instanceof IUser) {
-			throw new \RuntimeException('IUser expected');
-		}
+	public function preDeleteUser(IUser $user) {
 		$this->currentUserInDeletionProcess = $user->getUID();
 	}
 
@@ -376,8 +374,6 @@ public function deleteUser($uid) {
 		\OC::$server->getLogger()->info('Cleaning up after user ' . $uid,
 			array('app' => 'user_ldap'));
 
-		//Get Home Directory out of user preferences so we can return it later,
-		//necessary for removing directories as done by OC_User.
 		$this->access->getUserMapper()->unmap($uid);
 		$this->access->userManager->invalidate($uid);
 		return true;
@@ -406,7 +402,9 @@ public function getHome($uid) {
 		// early return path if it is a deleted user
 		$user = $this->access->userManager->get($uid);
 		if($user instanceof OfflineUser) {
-			if($this->currentUserInDeletionProcess === $user->getUID()) {
+			if($this->currentUserInDeletionProcess !== null
+				&& $this->currentUserInDeletionProcess === $user->getOCName()
+			) {
 				return $user->getHomePath();
 			} else {
 				throw new NoUserException($uid . ' is not a valid user anymore');
diff --git a/apps/user_ldap/lib/User_Proxy.php b/apps/user_ldap/lib/User_Proxy.php
@@ -31,6 +31,7 @@
 
 use OCA\User_LDAP\User\User;
 use OCP\IConfig;
+use OCP\IUserSession;
 use OCP\Notification\IManager as INotificationManager;
 
 class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, IUserLDAP {
@@ -39,14 +40,19 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
 
 	/**
 	 * Constructor
+	 *
 	 * @param array $serverConfigPrefixes array containing the config Prefixes
+	 * @param ILDAPWrapper $ldap
+	 * @param IConfig $ocConfig
+	 * @param INotificationManager $notificationManager
+	 * @param IUserSession $userSession
 	 */
 	public function __construct(array $serverConfigPrefixes, ILDAPWrapper $ldap, IConfig $ocConfig,
-		INotificationManager $notificationManager) {
+		INotificationManager $notificationManager, IUserSession $userSession) {
 		parent::__construct($ldap);
 		foreach($serverConfigPrefixes as $configPrefix) {
 			$this->backends[$configPrefix] =
-				new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager);
+				new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession);
 			if(is_null($this->refBackend)) {
 				$this->refBackend = &$this->backends[$configPrefix];
 			}
diff --git a/apps/user_ldap/tests/Integration/AbstractIntegrationTest.php b/apps/user_ldap/tests/Integration/AbstractIntegrationTest.php
@@ -144,11 +144,17 @@ public function run() {
 		foreach($methods as $method) {
 			if(strpos($method, 'case') === 0) {
 				print("running $method " . PHP_EOL);
-				if(!$this->$method()) {
-					print(PHP_EOL . '>>> !!! Test ' . $method . ' FAILED !!! <<<' . PHP_EOL . PHP_EOL);
+				try {
+					if(!$this->$method()) {
+						print(PHP_EOL . '>>> !!! Test ' . $method . ' FAILED !!! <<<' . PHP_EOL . PHP_EOL);
+						exit(1);
+					}
+					$atLeastOneCaseRan = true;
+				} catch(\Exception $e) {
+					print(PHP_EOL . '>>> !!! Test ' . $method . ' RAISED AN EXCEPTION !!! <<<' . PHP_EOL);
+					print($e->getMessage() . PHP_EOL . PHP_EOL);
 					exit(1);
 				}
-				$atLeastOneCaseRan = true;
 			}
 		}
 		if($atLeastOneCaseRan) {
diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestAttributeDetection.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestAttributeDetection.php
@@ -49,7 +49,7 @@ public function init() {
 		$groupMapper->clear();
 		$this->access->setGroupMapper($groupMapper);
 
-		$userBackend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$userBackend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 		$userManager = \OC::$server->getUserManager();
 		$userManager->clearBackends();
 		$userManager->registerBackend($userBackend);
diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestFetchUsersByLoginName.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestFetchUsersByLoginName.php
@@ -47,7 +47,7 @@ public function init() {
 		$this->mapping = new UserMapping(\OC::$server->getDatabaseConnection());
 		$this->mapping->clear();
 		$this->access->setUserMapper($this->mapping);
-		$this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 	}
 
 	/**
diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestPaging.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestPaging.php
@@ -44,7 +44,7 @@ public function init() {
 		require(__DIR__ . '/../setup-scripts/createExplicitUsers.php');
 		parent::init();
 
-		$this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 	}
 
 	/**
diff --git a/apps/user_ldap/tests/Integration/Lib/IntegrationTestUserHome.php b/apps/user_ldap/tests/Integration/Lib/IntegrationTestUserHome.php
@@ -51,7 +51,7 @@ public function init() {
 		$this->mapping = new UserMapping(\OC::$server->getDatabaseConnection());
 		$this->mapping->clear();
 		$this->access->setUserMapper($this->mapping);
-		$this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$this->backend = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 	}
 
 	/**
diff --git a/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserAvatar.php b/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserAvatar.php
@@ -50,7 +50,7 @@ public function init() {
 		$this->mapping = new UserMapping(\OC::$server->getDatabaseConnection());
 		$this->mapping->clear();
 		$this->access->setUserMapper($this->mapping);
-		$userBackend  = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$userBackend  = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 		\OC_User::useBackend($userBackend);
 	}
 
diff --git a/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserCleanUp.php b/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserCleanUp.php
@@ -46,7 +46,7 @@ public function init() {
 		$this->mapping->clear();
 		$this->access->setUserMapper($this->mapping);
 
-		$userBackend  = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$userBackend  = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 		\OC_User::useBackend($userBackend);
 	}
 
@@ -76,16 +76,18 @@ protected function case1() {
 		$dn = 'uid=alice,ou=Users,' . $this->base;
 		$this->prepareUser($dn, $username);
 
-		$user = \OC::$server->getUserManager()->get($username);
-		if($user === null) {
-			return false;
-		}
-
 		$this->deleteUserFromLDAP($dn);
 
 		$job = new CleanUp();
 		$job->run([]);
 
+		// user instance must not be requested from global user manager, before
+		// it is deleted from the LDAP server. The instance will be returned
+		// from cache and may false-positively confirm the correctness.
+		$user = \OC::$server->getUserManager()->get($username);
+		if($user === null) {
+			return false;
+		}
 		$user->delete();
 
 		return null === \OC::$server->getUserManager()->get($username);
diff --git a/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserDisplayName.php b/apps/user_ldap/tests/Integration/Lib/User/IntegrationTestUserDisplayName.php
@@ -43,7 +43,7 @@ public function init() {
 		$this->mapping = new UserMapping(\OC::$server->getDatabaseConnection());
 		$this->mapping->clear();
 		$this->access->setUserMapper($this->mapping);
-		$userBackend  = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager());
+		$userBackend  = new User_LDAP($this->access, \OC::$server->getConfig(), \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
 		\OC_User::useBackend($userBackend);
 	}
 
diff --git a/apps/user_ldap/tests/User_LDAPTest.php b/apps/user_ldap/tests/User_LDAPTest.php

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,8 @@ public function setArguments($arguments) {`
`99`	`99`	`$this->ldapHelper->getServerConfigurationPrefixes(true),`
`100`	`100`	`new LDAP(),`
`101`	`101`	`$this->ocConfig,`
`102`		`- \OC::$server->getNotificationManager()`
	`102`	`+ \OC::$server->getNotificationManager(),`
	`103`	`+ \OC::$server->getUserSession()`
`103`	`104`	`);`
`104`	`105`	`}`
`105`	`106`
Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,6 @@ class UUIDFixGroup extends UUIDFix {`
`33`	`33`	`public function __construct(GroupMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) {`
`34`	`34`	`$this->mapper = $mapper;`
`35`	`35`	`$this->proxy = new User_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config,`
`36`		`- \OC::$server->getNotificationManager());`
	`36`	`+ \OC::$server->getNotificationManager(), \OC::$server->getUserSession());`
`37`	`37`	`}`
`38`	`38`	`}`