summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRobin Appelman <robin@icewind.nl>2020-05-15 17:09:57 +0200
committerMorris Jobke <hey@morrisjobke.de>2020-07-30 11:43:15 +0200
commitc864e5dfc245e1de1bed6b73e11e5b3a4cdf65b7 (patch)
tree41b68d23787a4f4b3c6f61b8f5357816439936af
parent7ad0f66fc437a63d9b4deac3cd74814882acd6f0 (diff)
downloadnextcloud-server-c864e5dfc245e1de1bed6b73e11e5b3a4cdf65b7.tar.gz
nextcloud-server-c864e5dfc245e1de1bed6b73e11e5b3a4cdf65b7.zip
remove saved credentails if the user no longer has any storage configured using them
Signed-off-by: Robin Appelman <robin@icewind.nl>
-rw-r--r--apps/files_external/appinfo/info.xml4
-rw-r--r--apps/files_external/lib/BackgroundJob/CredentialsCleanup.php69
-rw-r--r--apps/files_external/lib/Service/UserGlobalStoragesService.php13
3 files changed, 82 insertions, 4 deletions
diff --git a/apps/files_external/appinfo/info.xml b/apps/files_external/appinfo/info.xml
index c2ac25bcea9..03a8845d3d6 100644
--- a/apps/files_external/appinfo/info.xml
+++ b/apps/files_external/appinfo/info.xml
@@ -31,6 +31,10 @@ External storage can be configured using the GUI or at the command line. This se
<nextcloud min-version="20" max-version="20"/>
</dependencies>
+ <background-jobs>
+ <job>OCA\Files_External\BackgroundJob\CredentialsCleanup</job>
+ </background-jobs>
+
<commands>
<command>OCA\Files_External\Command\ListCommand</command>
<command>OCA\Files_External\Command\Config</command>
diff --git a/apps/files_external/lib/BackgroundJob/CredentialsCleanup.php b/apps/files_external/lib/BackgroundJob/CredentialsCleanup.php
new file mode 100644
index 00000000000..80cb51f1573
--- /dev/null
+++ b/apps/files_external/lib/BackgroundJob/CredentialsCleanup.php
@@ -0,0 +1,69 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020 Robin Appelman <robin@icewind.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Files_External\BackgroundJob;
+
+use OCA\Files_External\Lib\Auth\Password\LoginCredentials;
+use OCA\Files_External\Lib\StorageConfig;
+use OCA\Files_External\Service\UserGlobalStoragesService;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\BackgroundJob\TimedJob;
+use OCP\Security\ICredentialsManager;
+use OCP\IUser;
+use OCP\IUserManager;
+
+class CredentialsCleanup extends TimedJob {
+ private $credentialsManager;
+ private $userGlobalStoragesService;
+ private $userManager;
+
+ public function __construct(
+ ITimeFactory $time,
+ ICredentialsManager $credentialsManager,
+ UserGlobalStoragesService $userGlobalStoragesService,
+ IUserManager $userManager
+ ) {
+ parent::__construct($time);
+
+ $this->credentialsManager = $credentialsManager;
+ $this->userGlobalStoragesService = $userGlobalStoragesService;
+ $this->userManager = $userManager;
+
+ // run every day
+ $this->setInterval(24 * 60 * 60);
+ }
+
+ protected function run($argument) {
+ $this->userManager->callForSeenUsers(function (IUser $user) {
+ $storages = $this->userGlobalStoragesService->getAllStoragesForUser($user);
+
+ $usesLoginCredentials = array_reduce($storages, function (bool $uses, StorageConfig $storage) {
+ return $uses || $storage->getAuthMechanism() instanceof LoginCredentials;
+ }, false);
+
+ if (!$usesLoginCredentials) {
+ $this->credentialsManager->delete($user->getUID(), LoginCredentials::CREDENTIALS_IDENTIFIER);
+ }
+ });
+ }
+}
diff --git a/apps/files_external/lib/Service/UserGlobalStoragesService.php b/apps/files_external/lib/Service/UserGlobalStoragesService.php
index 7b9af773233..b8ea137428f 100644
--- a/apps/files_external/lib/Service/UserGlobalStoragesService.php
+++ b/apps/files_external/lib/Service/UserGlobalStoragesService.php
@@ -27,6 +27,7 @@ namespace OCA\Files_External\Service;
use OCA\Files_External\Lib\StorageConfig;
use OCP\Files\Config\IUserMountCache;
use OCP\IGroupManager;
+use OCP\IUser;
use OCP\IUserSession;
/**
@@ -177,14 +178,18 @@ class UserGlobalStoragesService extends GlobalStoragesService {
/**
* Gets all storages for the user, admin, personal, global, etc
*
+ * @param IUser|null $user user to get the storages for, if not set the currently logged in user will be used
* @return StorageConfig[] array of storage configs
*/
- public function getAllStoragesForUser() {
- if (is_null($this->getUser())) {
+ public function getAllStoragesForUser(IUser $user = null) {
+ if (is_null($user)) {
+ $user = $this->getUser();
+ }
+ if (is_null($user)) {
return [];
}
- $groupIds = $this->groupManager->getUserGroupIds($this->getUser());
- $mounts = $this->dbConfig->getMountsForUser($this->getUser()->getUID(), $groupIds);
+ $groupIds = $this->groupManager->getUserGroupIds($user);
+ $mounts = $this->dbConfig->getMountsForUser($user->getUID(), $groupIds);
$configs = array_map([$this, 'getStorageConfigFromDBMount'], $mounts);
$configs = array_filter($configs, function ($config) {
return $config instanceof StorageConfig;