We don't have user objects in the code everywhere Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>tags/v14.0.0beta1
@@ -33,7 +33,6 @@ use OCP\AppFramework\Db\DoesNotExistException; | |||
use OCP\AppFramework\Db\QBMapper; | |||
use OCP\DB\QueryBuilder\IQueryBuilder; | |||
use OCP\IDBConnection; | |||
use OCP\IUser; | |||
class DefaultTokenMapper extends QBMapper { | |||
@@ -124,15 +123,15 @@ class DefaultTokenMapper extends QBMapper { | |||
* The provider may limit the number of result rows in case of an abuse | |||
* where a high number of (session) tokens is generated | |||
* | |||
* @param IUser $user | |||
* @param string $uid | |||
* @return DefaultToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user): array { | |||
public function getTokenByUser(string $uid): array { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->select('id', 'uid', 'login_name', 'password', 'name', 'token', 'type', 'remember', 'last_activity', 'last_check', 'scope', 'expires', 'version') | |||
->from('authtoken') | |||
->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) | |||
->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid))) | |||
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(1, IQueryBuilder::PARAM_INT))) | |||
->setMaxResults(1000); | |||
$result = $qb->execute(); | |||
@@ -146,16 +145,12 @@ class DefaultTokenMapper extends QBMapper { | |||
return $entities; | |||
} | |||
/** | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function deleteById(IUser $user, int $id) { | |||
public function deleteById(string $uid, int $id) { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->delete('authtoken') | |||
->where($qb->expr()->eq('id', $qb->createNamedParameter($id))) | |||
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) | |||
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid))) | |||
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(1, IQueryBuilder::PARAM_INT))); | |||
$qb->execute(); | |||
} |
@@ -143,17 +143,8 @@ class DefaultTokenProvider implements IProvider { | |||
} | |||
} | |||
/** | |||
* Get all tokens of a user | |||
* | |||
* The provider may limit the number of result rows in case of an abuse | |||
* where a high number of (session) tokens is generated | |||
* | |||
* @param IUser $user | |||
* @return IToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user): array { | |||
return $this->mapper->getTokenByUser($user); | |||
public function getTokenByUser(string $uid): array { | |||
return $this->mapper->getTokenByUser($uid); | |||
} | |||
/** | |||
@@ -265,14 +256,8 @@ class DefaultTokenProvider implements IProvider { | |||
$this->mapper->invalidate($this->hashToken($token)); | |||
} | |||
/** | |||
* Invalidate (delete) the given token | |||
* | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function invalidateTokenById(IUser $user, int $id) { | |||
$this->mapper->deleteById($user, $id); | |||
public function invalidateTokenById(string $uid, int $id) { | |||
$this->mapper->deleteById($uid, $id); | |||
} | |||
/** |
@@ -28,7 +28,6 @@ namespace OC\Authentication\Token; | |||
use OC\Authentication\Exceptions\InvalidTokenException; | |||
use OC\Authentication\Exceptions\PasswordlessTokenException; | |||
use OCP\IUser; | |||
interface IProvider { | |||
@@ -92,10 +91,10 @@ interface IProvider { | |||
/** | |||
* Invalidate (delete) the given token | |||
* | |||
* @param IUser $user | |||
* @param string $uid | |||
* @param int $id | |||
*/ | |||
public function invalidateTokenById(IUser $user, int $id); | |||
public function invalidateTokenById(string $uid, int $id); | |||
/** | |||
* Invalidate (delete) old session tokens | |||
@@ -122,10 +121,10 @@ interface IProvider { | |||
* The provider may limit the number of result rows in case of an abuse | |||
* where a high number of (session) tokens is generated | |||
* | |||
* @param IUser $user | |||
* @param string $uid | |||
* @return IToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user): array; | |||
public function getTokenByUser(string $uid): array; | |||
/** | |||
* Get the (unencrypted) password of the given token |
@@ -104,8 +104,8 @@ class Manager implements IProvider { | |||
* @param IUser $user | |||
* @return IToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user): array { | |||
return $this->defaultTokenProvider->getTokenByUser($user); | |||
public function getTokenByUser(string $uid): array { | |||
return $this->defaultTokenProvider->getTokenByUser($uid); | |||
} | |||
/** | |||
@@ -188,9 +188,9 @@ class Manager implements IProvider { | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function invalidateTokenById(IUser $user, int $id) { | |||
public function invalidateTokenById(string $uid, int $id) { | |||
//TODO find way to distinguis between tokens | |||
$this->defaultTokenProvider->invalidateTokenById($user, $id); | |||
$this->defaultTokenProvider->invalidateTokenById($uid, $id); | |||
} | |||
/** |
@@ -28,7 +28,6 @@ use OCP\AppFramework\Db\DoesNotExistException; | |||
use OCP\AppFramework\Db\QBMapper; | |||
use OCP\DB\QueryBuilder\IQueryBuilder; | |||
use OCP\IDBConnection; | |||
use OCP\IUser; | |||
class PublicKeyTokenMapper extends QBMapper { | |||
@@ -115,15 +114,15 @@ class PublicKeyTokenMapper extends QBMapper { | |||
* The provider may limit the number of result rows in case of an abuse | |||
* where a high number of (session) tokens is generated | |||
* | |||
* @param IUser $user | |||
* @param string $uid | |||
* @return DefaultToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user): array { | |||
public function getTokenByUser(string $uid): array { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->select('*') | |||
->from('authtoken') | |||
->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) | |||
->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid))) | |||
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(2, IQueryBuilder::PARAM_INT))) | |||
->setMaxResults(1000); | |||
$result = $qb->execute(); | |||
@@ -137,16 +136,12 @@ class PublicKeyTokenMapper extends QBMapper { | |||
return $entities; | |||
} | |||
/** | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function deleteById(IUser $user, int $id) { | |||
public function deleteById(string $uid, int $id) { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->delete('authtoken') | |||
->where($qb->expr()->eq('id', $qb->createNamedParameter($id))) | |||
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) | |||
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid))) | |||
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(2, IQueryBuilder::PARAM_INT))); | |||
$qb->execute(); | |||
} |
@@ -161,8 +161,8 @@ class PublicKeyTokenProvider implements IProvider { | |||
$this->mapper->invalidate($this->hashToken($token)); | |||
} | |||
public function invalidateTokenById(IUser $user, int $id) { | |||
$this->mapper->deleteById($user, $id); | |||
public function invalidateTokenById(string $uid, int $id) { | |||
$this->mapper->deleteById($uid, $id); | |||
} | |||
public function invalidateOldTokens() { | |||
@@ -194,8 +194,8 @@ class PublicKeyTokenProvider implements IProvider { | |||
} | |||
} | |||
public function getTokenByUser(IUser $user): array { | |||
return $this->mapper->getTokenByUser($user); | |||
public function getTokenByUser(string $uid): array { | |||
return $this->mapper->getTokenByUser($uid); | |||
} | |||
public function getPassword(IToken $token, string $tokenId): string { |
@@ -83,11 +83,7 @@ class AuthSettingsController extends Controller { | |||
* @return JSONResponse|array | |||
*/ | |||
public function index() { | |||
$user = $this->userManager->get($this->uid); | |||
if ($user === null) { | |||
return []; | |||
} | |||
$tokens = $this->tokenProvider->getTokenByUser($user); | |||
$tokens = $this->tokenProvider->getTokenByUser($this->uid); | |||
try { | |||
$sessionId = $this->session->getId(); | |||
@@ -182,12 +178,7 @@ class AuthSettingsController extends Controller { | |||
* @return array | |||
*/ | |||
public function destroy($id) { | |||
$user = $this->userManager->get($this->uid); | |||
if (is_null($user)) { | |||
return []; | |||
} | |||
$this->tokenProvider->invalidateTokenById($user, $id); | |||
$this->tokenProvider->invalidateTokenById($this->uid, $id); | |||
return []; | |||
} | |||
@@ -75,13 +75,9 @@ class AuthSettingsControllerTest extends TestCase { | |||
$sessionToken = new DefaultToken(); | |||
$sessionToken->setId(100); | |||
$this->userManager->expects($this->once()) | |||
->method('get') | |||
->with($this->uid) | |||
->will($this->returnValue($this->user)); | |||
$this->tokenProvider->expects($this->once()) | |||
->method('getTokenByUser') | |||
->with($this->user) | |||
->with($this->uid) | |||
->will($this->returnValue($tokens)); | |||
$this->session->expects($this->once()) | |||
->method('getId') | |||
@@ -192,13 +188,9 @@ class AuthSettingsControllerTest extends TestCase { | |||
$id = 123; | |||
$user = $this->createMock(IUser::class); | |||
$this->userManager->expects($this->once()) | |||
->method('get') | |||
->with($this->uid) | |||
->will($this->returnValue($user)); | |||
$this->tokenProvider->expects($this->once()) | |||
->method('invalidateTokenById') | |||
->with($user, $id); | |||
->with($this->uid, $id); | |||
$this->assertEquals([], $this->controller->destroy($id)); | |||
} |
@@ -190,23 +190,11 @@ class DefaultTokenMapperTest extends TestCase { | |||
} | |||
public function testGetTokenByUser() { | |||
/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */ | |||
$user = $this->createMock(IUser::class); | |||
$user->expects($this->once()) | |||
->method('getUID') | |||
->will($this->returnValue('user1')); | |||
$this->assertCount(2, $this->mapper->getTokenByUser($user)); | |||
$this->assertCount(2, $this->mapper->getTokenByUser('user1')); | |||
} | |||
public function testGetTokenByUserNotFound() { | |||
/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */ | |||
$user = $this->createMock(IUser::class); | |||
$user->expects($this->once()) | |||
->method('getUID') | |||
->will($this->returnValue('user1000')); | |||
$this->assertCount(0, $this->mapper->getTokenByUser($user)); | |||
$this->assertCount(0, $this->mapper->getTokenByUser('user1000')); | |||
} | |||
public function testDeleteById() { | |||
@@ -218,23 +206,15 @@ class DefaultTokenMapperTest extends TestCase { | |||
->where($qb->expr()->eq('token', $qb->createNamedParameter('9c5a2e661482b65597408a6bb6c4a3d1af36337381872ac56e445a06cdb7fea2b1039db707545c11027a4966919918b19d875a8b774840b18c6cbb7ae56fe206'))); | |||
$result = $qb->execute(); | |||
$id = $result->fetch()['id']; | |||
$user->expects($this->once()) | |||
->method('getUID') | |||
->will($this->returnValue('user1')); | |||
$this->mapper->deleteById($user, $id); | |||
$this->mapper->deleteById('user1', $id); | |||
$this->assertEquals(2, $this->getNumberOfTokens()); | |||
} | |||
public function testDeleteByIdWrongUser() { | |||
/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */ | |||
$user = $this->createMock(IUser::class); | |||
$id = 33; | |||
$user->expects($this->once()) | |||
->method('getUID') | |||
->will($this->returnValue('user10000')); | |||
$this->mapper->deleteById($user, $id); | |||
$this->mapper->deleteById('user1000', $id); | |||
$this->assertEquals(3, $this->getNumberOfTokens()); | |||
} | |||