diff options
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareController.php | 2 | ||||
| -rw-r--r-- | apps/provisioning_api/lib/Controller/GroupsController.php | 7 | ||||
| -rw-r--r-- | lib/private/Group/Group.php | 4 | ||||
| -rw-r--r-- | lib/private/Session/CryptoSessionData.php | 5 | ||||
| -rw-r--r-- | lib/private/Session/Internal.php | 33 | ||||
| -rw-r--r-- | lib/private/Session/Memory.php | 2 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 2 | ||||
| -rw-r--r-- | lib/public/ISession.php | 5 | ||||
| -rw-r--r-- | tests/lib/Group/GroupTest.php | 10 |
9 files changed, 53 insertions, 17 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php index da0da6c27a8..739031d4bc2 100644 --- a/apps/files_sharing/lib/Controller/ShareController.php +++ b/apps/files_sharing/lib/Controller/ShareController.php @@ -217,7 +217,7 @@ class ShareController extends Controller { private function linkShareAuth(\OCP\Share\IShare $share, $password = null) { if ($password !== null) { if ($this->shareManager->checkPassword($share, $password)) { - $this->session->regenerateId(); + $this->session->regenerateId(true, true); $this->session->set('public_link_authenticated', (string)$share->getId()); } else { $this->emitAccessShareHook($share, 403, 'Wrong password'); diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php index 5114c6f01d5..765a7ea48e8 100644 --- a/apps/provisioning_api/lib/Controller/GroupsController.php +++ b/apps/provisioning_api/lib/Controller/GroupsController.php @@ -177,12 +177,13 @@ class GroupsController extends AUserData { * @NoAdminRequired * * @param string $groupId + * @param string $search * @param int $limit * @param int $offset * @return DataResponse * @throws OCSException */ - public function getGroupUsersDetails(string $groupId, int $limit = null, int $offset = 0): DataResponse { + public function getGroupUsersDetails(string $groupId, string $search = '', int $limit = null, int $offset = 0): DataResponse { $user = $this->userSession->getUser(); $isSubadminOfGroup = false; @@ -197,9 +198,9 @@ class GroupsController extends AUserData { // Check subadmin has access to this group if($this->groupManager->isAdmin($user->getUID()) || $isSubadminOfGroup) { - $users = $this->groupManager->get($groupId)->getUsers(); + $users = $this->groupManager->get($groupId)->searchUsers($search, $limit, $offset); + // Extract required number - $users = array_slice($users, $offset, $limit); $users = array_keys($users); $usersDetails = []; foreach ($users as $userId) { diff --git a/lib/private/Group/Group.php b/lib/private/Group/Group.php index cc6315263d4..275b697bc3b 100644 --- a/lib/private/Group/Group.php +++ b/lib/private/Group/Group.php @@ -211,10 +211,10 @@ class Group implements IGroup { $userIds = $backend->usersInGroup($this->gid, $search, $limit, $offset); $users += $this->getVerifiedUsers($userIds); if (!is_null($limit) and $limit <= 0) { - return array_values($users); + return $users; } } - return array_values($users); + return $users; } /** diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php index b63b568875e..01cac631870 100644 --- a/lib/private/Session/CryptoSessionData.php +++ b/lib/private/Session/CryptoSessionData.php @@ -150,10 +150,11 @@ class CryptoSessionData implements \ArrayAccess, ISession { * Wrapper around session_regenerate_id * * @param bool $deleteOldSession Whether to delete the old associated session file or not. + * @param bool $updateToken Wheater to update the associated auth token * @return void */ - public function regenerateId(bool $deleteOldSession = true) { - $this->session->regenerateId($deleteOldSession); + public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) { + $this->session->regenerateId($deleteOldSession, $updateToken); } /** diff --git a/lib/private/Session/Internal.php b/lib/private/Session/Internal.php index 1d0466ec349..182754f457c 100644 --- a/lib/private/Session/Internal.php +++ b/lib/private/Session/Internal.php @@ -30,6 +30,10 @@ declare(strict_types=1); namespace OC\Session; +use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Token\IProvider; +use OC\SystemConfig; +use OCP\IConfig; use OCP\Session\Exceptions\SessionNotAvailableException; /** @@ -111,14 +115,41 @@ class Internal extends Session { * Wrapper around session_regenerate_id * * @param bool $deleteOldSession Whether to delete the old associated session file or not. + * @param bool $updateToken Wheater to update the associated auth token * @return void */ - public function regenerateId(bool $deleteOldSession = true) { + public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) { + $oldId = null; + + if ($updateToken) { + // Get the old id to update the token + try { + $oldId = $this->getId(); + } catch (SessionNotAvailableException $e) { + // We can't update a token if there is no previous id + $updateToken = false; + } + } + try { @session_regenerate_id($deleteOldSession); } catch (\Error $e) { $this->trapError($e->getCode(), $e->getMessage()); } + + if ($updateToken) { + // Get the new id to update the token + $newId = $this->getId(); + + /** @var IProvider $tokenProvider */ + $tokenProvider = \OC::$server->query(IProvider::class); + + try { + $tokenProvider->renewSessionToken($oldId, $newId); + } catch (InvalidTokenException $e) { + // Just ignore + } + } } /** diff --git a/lib/private/Session/Memory.php b/lib/private/Session/Memory.php index 79900bc8067..5a2a3039d7b 100644 --- a/lib/private/Session/Memory.php +++ b/lib/private/Session/Memory.php @@ -91,7 +91,7 @@ class Memory extends Session { * * @param bool $deleteOldSession */ - public function regenerateId(bool $deleteOldSession = true) {} + public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) {} /** * Wrapper around session_id diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 5d8455fb5f7..ee1439b9e20 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -626,6 +626,8 @@ class Session implements IUserSession, Emitter { try { $sessionId = $this->session->getId(); $pwd = $this->getPassword($password); + // Make sure the current sessionId has no leftover tokens + $this->tokenProvider->invalidateToken($sessionId); $this->tokenProvider->generateToken($sessionId, $uid, $loginName, $pwd, $name, IToken::TEMPORARY_TOKEN, $remember); return true; } catch (SessionNotAvailableException $ex) { diff --git a/lib/public/ISession.php b/lib/public/ISession.php index 411356b8dcc..bbf36c86520 100644 --- a/lib/public/ISession.php +++ b/lib/public/ISession.php @@ -96,10 +96,11 @@ interface ISession { * Wrapper around session_regenerate_id * * @param bool $deleteOldSession Whether to delete the old associated session file or not. + * @param bool $updateToken Wheater to update the associated auth token * @return void - * @since 9.0.0 + * @since 9.0.0, $updateToken added in 14.0.0 */ - public function regenerateId(bool $deleteOldSession = true); + public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false); /** * Wrapper around session_id diff --git a/tests/lib/Group/GroupTest.php b/tests/lib/Group/GroupTest.php index c7cbbc2321b..a0b77bbe4d7 100644 --- a/tests/lib/Group/GroupTest.php +++ b/tests/lib/Group/GroupTest.php @@ -303,7 +303,7 @@ class GroupTest extends \Test\TestCase { $users = $group->searchUsers('2'); $this->assertEquals(1, count($users)); - $user2 = $users[0]; + $user2 = $users['user2']; $this->assertEquals('user2', $user2->getUID()); } @@ -329,7 +329,7 @@ class GroupTest extends \Test\TestCase { $users = $group->searchUsers('2'); $this->assertEquals(1, count($users)); - $user2 = $users[0]; + $user2 = $users['user2']; $this->assertEquals('user2', $user2->getUID()); } @@ -348,7 +348,7 @@ class GroupTest extends \Test\TestCase { $users = $group->searchUsers('user', 1, 1); $this->assertEquals(1, count($users)); - $user2 = $users[0]; + $user2 = $users['user2']; $this->assertEquals('user2', $user2->getUID()); } @@ -374,8 +374,8 @@ class GroupTest extends \Test\TestCase { $users = $group->searchUsers('user', 2, 1); $this->assertEquals(2, count($users)); - $user2 = $users[0]; - $user1 = $users[1]; + $user2 = $users['user2']; + $user1 = $users['user1']; $this->assertEquals('user2', $user2->getUID()); $this->assertEquals('user1', $user1->getUID()); } |