Fix comparing the empty string for global credentials

Signed-off-by: Joas Schilling <coding@schilljs.com>

1 files changed, 15 insertions, 6 deletions

diff --git a/lib/private/Security/CredentialsManager.php b/lib/private/Security/CredentialsManager.php
index a40a7e1d88e..20af25ae10f 100644
--- a/lib/private/Security/CredentialsManager.php
+++ b/lib/private/Security/CredentialsManager.php
@@ -81,9 +81,13 @@ class CredentialsManager implements ICredentialsManager {
 		$qb = $this->dbConnection->getQueryBuilder();
 		$qb->select('credentials')
 			->from(self::DB_TABLE)
-			->where($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)))
-			->andWhere($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)))
-		;
+			->where($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)));
+
+		if ($userId === '') {
+			$qb->andWhere($qb->expr()->emptyString('user'));
+		} else {
+			$qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)));
+		}
 
 		$qResult = $qb->execute();
 		$result = $qResult->fetch();
@@ -107,9 +111,14 @@ class CredentialsManager implements ICredentialsManager {
 	public function delete($userId, $identifier) {
 		$qb = $this->dbConnection->getQueryBuilder();
 		$qb->delete(self::DB_TABLE)
-			->where($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)))
-			->andWhere($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)))
-		;
+			->where($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)));
+
+		if ($userId === '') {
+			$qb->andWhere($qb->expr()->emptyString('user'));
+		} else {
+			$qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)));
+		}
+
 		return $qb->execute();
 	}