Clean up 2FA provider registry when a user is deleted

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

2 files changed, 16 insertions, 0 deletions

diff --git a/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php b/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php
index adf16887efa..4e8f9731d94 100644
--- a/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php
+++ b/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php
@@ -93,6 +93,15 @@ class ProviderUserAssignmentDao {
 
 	}
 
+	public function deleteByUser(string $uid) {
+		$qb = $this->conn->getQueryBuilder();
+
+		$deleteQuery = $qb->delete(self::TABLE_NAME)
+			->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)));
+
+		$deleteQuery->execute();
+	}
+
 	public function deleteAll(string $providerId) {
 		$qb = $this->conn->getQueryBuilder();
 
diff --git a/lib/private/Authentication/TwoFactorAuth/Registry.php b/lib/private/Authentication/TwoFactorAuth/Registry.php
index 151299b28e3..97df2bd5311 100644
--- a/lib/private/Authentication/TwoFactorAuth/Registry.php
+++ b/lib/private/Authentication/TwoFactorAuth/Registry.php
@@ -66,6 +66,13 @@ class Registry implements IRegistry {
 		$this->dispatcher->dispatch(self::EVENT_PROVIDER_DISABLED, $event);
 	}
 
+	/**
+	 * @todo evaluate if we should emit RegistryEvents for each of the deleted rows -> needs documentation
+	 */
+	public function deleteUserData(IUser $user): void {
+		$this->assignmentDao->deleteByUser($user->getUID());
+	}
+
 	public function cleanUp(string $providerId) {
 		$this->assignmentDao->deleteAll($providerId);
 	}