fix(dav): Initialize the FS for the user right after authenticating

Signed-off-by: provokateurin <kate@provokateurin.de>
2025-05-27 13:00:01 +07:00 · 2025-05-27 13:00:01 +07:00 · 689a853dc6
parent 58e1427ce9
commit 689a853dc6
6 changed files with 29 additions and 6 deletions
--- a/apps/dav/appinfo/v1/caldav.php
+++ b/apps/dav/appinfo/v1/caldav.php
@ -6,6 +6,7 @@
 * SPDX-License-Identifier: AGPL-3.0-only
 */
 // Backends
+use OC\Files\SetupManager;
 use OC\KnownUser\KnownUserService;
 use OCA\DAV\CalDAV\CalDavBackend;
 use OCA\DAV\CalDAV\CalendarRoot;
@ -40,6 +41,7 @@ $authBackend = new Auth(
 	Server::get(IRequest::class),
 	Server::get(\OC\Authentication\TwoFactorAuth\Manager::class),
 	Server::get(IThrottler::class),
+	Server::get(SetupManager::class),
 	'principals/'
 );
 $principalBackend = new Principal(
--- a/apps/dav/appinfo/v1/carddav.php
+++ b/apps/dav/appinfo/v1/carddav.php
@ -6,6 +6,7 @@
 * SPDX-License-Identifier: AGPL-3.0-only
 */
 // Backends
+use OC\Files\SetupManager;
 use OC\KnownUser\KnownUserService;
 use OCA\DAV\AppInfo\PluginManager;
 use OCA\DAV\CalDAV\Proxy\ProxyMapper;
@ -41,6 +42,7 @@ $authBackend = new Auth(
 	Server::get(IRequest::class),
 	Server::get(\OC\Authentication\TwoFactorAuth\Manager::class),
 	Server::get(IThrottler::class),
+	Server::get(SetupManager::class),
 	'principals/'
 );
 $principalBackend = new Principal(
--- a/apps/dav/appinfo/v1/webdav.php
+++ b/apps/dav/appinfo/v1/webdav.php
@ -6,6 +6,7 @@
 * SPDX-License-Identifier: AGPL-3.0-only
 */
 use OC\Files\Filesystem;
+use OC\Files\SetupManager;
 use OCA\DAV\Connector\Sabre\Auth;
 use OCA\DAV\Connector\Sabre\BearerAuth;
 use OCA\DAV\Connector\Sabre\ServerFactory;
@ -55,6 +56,7 @@ $authBackend = new Auth(
 	Server::get(IRequest::class),
 	Server::get(\OC\Authentication\TwoFactorAuth\Manager::class),
 	Server::get(IThrottler::class),
+	Server::get(SetupManager::class),
 	'principals/'
 );
 $authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
--- a/apps/dav/lib/Connector/Sabre/Auth.php
+++ b/apps/dav/lib/Connector/Sabre/Auth.php
@ -10,6 +10,7 @@ namespace OCA\DAV\Connector\Sabre;
 use Exception;
 use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
 use OC\Authentication\TwoFactorAuth\Manager;
+use OC\Files\SetupManager;
 use OC\User\Session;
 use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden;
 use OCA\DAV\Connector\Sabre\Exception\TooManyRequests;
@ -37,6 +38,7 @@ class Auth extends AbstractBasic {
 		private IRequest $request,
 		private Manager $twoFactorManager,
 		private IThrottler $throttler,
+		private SetupManager $setupManager,
 		string $principalPrefix = 'principals/users/',
 	) {
 		$this->principalPrefix = $principalPrefix;
@ -183,10 +185,13 @@ class Auth extends AbstractBasic {
 				|| ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && empty($request->getHeader('Authorization')))
 				|| \OC_User::handleApacheAuth()
 			) {
-				$user = $this->userSession->getUser()->getUID();
-				$this->currentUser = $user;
+				$user = $this->userSession->getUser();
+				$this->setupManager->setupForUser($user);
+
+				$uid = $user->getUID();
+				$this->currentUser = $uid;
 				$this->session->close();
-				return [true, $this->principalPrefix . $user];
+				return [true, $this->principalPrefix . $uid];
 			}
 		}

@ -201,6 +206,12 @@ class Auth extends AbstractBasic {
 			$response->setStatus(Http::STATUS_UNAUTHORIZED);
 			throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
 		}
+
+		$user = $this->userSession->getUser();
+		if ($user !== null) {
+			$this->setupManager->setupForUser($user);
+		}
+
 		return $data;
 	}
 }
--- a/apps/dav/lib/Server.php
+++ b/apps/dav/lib/Server.php
@ -8,6 +8,7 @@
 namespace OCA\DAV;

 use OC\Files\Filesystem;
+use OC\Files\SetupManager;
 use OCA\DAV\AppInfo\PluginManager;
 use OCA\DAV\BulkUpload\BulkUploadPlugin;
 use OCA\DAV\CalDAV\BirthdayCalendar\EnablePlugin;
@ -132,7 +133,8 @@ class Server {
 			\OCP\Server::get(IUserSession::class),
 			\OCP\Server::get(IRequest::class),
 			\OCP\Server::get(\OC\Authentication\TwoFactorAuth\Manager::class),
-			\OCP\Server::get(IThrottler::class)
+			\OCP\Server::get(IThrottler::class),
+			\OCP\Server::get(SetupManager::class),
 		);

 		// Set URL explicitly due to reverse-proxy situations
--- a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php
+++ b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php
@ -10,6 +10,7 @@ namespace OCA\DAV\Tests\unit\Connector\Sabre;

 use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
 use OC\Authentication\TwoFactorAuth\Manager;
+use OC\Files\SetupManager;
 use OC\User\Session;
 use OCA\DAV\Connector\Sabre\Auth;
 use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden;
@ -35,6 +36,7 @@ class AuthTest extends TestCase {
 	private IRequest&MockObject $request;
 	private Manager&MockObject $twoFactorManager;
 	private IThrottler&MockObject $throttler;
+	private SetupManager&MockObject $setupManager;
 	private Auth $auth;

 	protected function setUp(): void {
@ -44,12 +46,14 @@ class AuthTest extends TestCase {
 		$this->request = $this->createMock(IRequest::class);
 		$this->twoFactorManager = $this->createMock(Manager::class);
 		$this->throttler = $this->createMock(IThrottler::class);
+		$this->setupManager = $this->createMock(SetupManager::class);
 		$this->auth = new Auth(
 			$this->session,
 			$this->userSession,
 			$this->request,
 			$this->twoFactorManager,
-			$this->throttler
+			$this->throttler,
+			$this->setupManager,
 		);
 	}

@ -579,7 +583,7 @@ class AuthTest extends TestCase {
 			->method('getUID')
 			->willReturn('MyTestUser');
 		$this->userSession
-			->expects($this->exactly(3))
+			->expects($this->exactly(4))
 			->method('getUser')
 			->willReturn($user);
 		$response = $this->auth->check($server->httpRequest, $server->httpResponse);