From 689a853dc6d6b2e81c24b37f71c05db28f8ae8c9 Mon Sep 17 00:00:00 2001 From: provokateurin Date: Tue, 27 May 2025 13:00:01 +0200 Subject: [PATCH] fix(dav): Initialize the FS for the user right after authenticating Signed-off-by: provokateurin --- apps/dav/appinfo/v1/caldav.php | 2 ++ apps/dav/appinfo/v1/carddav.php | 2 ++ apps/dav/appinfo/v1/webdav.php | 2 ++ apps/dav/lib/Connector/Sabre/Auth.php | 17 ++++++++++++++--- apps/dav/lib/Server.php | 4 +++- .../dav/tests/unit/Connector/Sabre/AuthTest.php | 8 ++++++-- 6 files changed, 29 insertions(+), 6 deletions(-) diff --git a/apps/dav/appinfo/v1/caldav.php b/apps/dav/appinfo/v1/caldav.php index 2cee1866a36..ddcd6db8cd3 100644 --- a/apps/dav/appinfo/v1/caldav.php +++ b/apps/dav/appinfo/v1/caldav.php @@ -6,6 +6,7 @@ * SPDX-License-Identifier: AGPL-3.0-only */ // Backends +use OC\Files\SetupManager; use OC\KnownUser\KnownUserService; use OCA\DAV\CalDAV\CalDavBackend; use OCA\DAV\CalDAV\CalendarRoot; @@ -40,6 +41,7 @@ $authBackend = new Auth( Server::get(IRequest::class), Server::get(\OC\Authentication\TwoFactorAuth\Manager::class), Server::get(IThrottler::class), + Server::get(SetupManager::class), 'principals/' ); $principalBackend = new Principal( diff --git a/apps/dav/appinfo/v1/carddav.php b/apps/dav/appinfo/v1/carddav.php index bcd66e47090..731cfd5285c 100644 --- a/apps/dav/appinfo/v1/carddav.php +++ b/apps/dav/appinfo/v1/carddav.php @@ -6,6 +6,7 @@ * SPDX-License-Identifier: AGPL-3.0-only */ // Backends +use OC\Files\SetupManager; use OC\KnownUser\KnownUserService; use OCA\DAV\AppInfo\PluginManager; use OCA\DAV\CalDAV\Proxy\ProxyMapper; @@ -41,6 +42,7 @@ $authBackend = new Auth( Server::get(IRequest::class), Server::get(\OC\Authentication\TwoFactorAuth\Manager::class), Server::get(IThrottler::class), + Server::get(SetupManager::class), 'principals/' ); $principalBackend = new Principal( diff --git a/apps/dav/appinfo/v1/webdav.php b/apps/dav/appinfo/v1/webdav.php index 92ff55c850e..59c85799d26 100644 --- a/apps/dav/appinfo/v1/webdav.php +++ b/apps/dav/appinfo/v1/webdav.php @@ -6,6 +6,7 @@ * SPDX-License-Identifier: AGPL-3.0-only */ use OC\Files\Filesystem; +use OC\Files\SetupManager; use OCA\DAV\Connector\Sabre\Auth; use OCA\DAV\Connector\Sabre\BearerAuth; use OCA\DAV\Connector\Sabre\ServerFactory; @@ -55,6 +56,7 @@ $authBackend = new Auth( Server::get(IRequest::class), Server::get(\OC\Authentication\TwoFactorAuth\Manager::class), Server::get(IThrottler::class), + Server::get(SetupManager::class), 'principals/' ); $authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend); diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php index a174920946a..aee0233760d 100644 --- a/apps/dav/lib/Connector/Sabre/Auth.php +++ b/apps/dav/lib/Connector/Sabre/Auth.php @@ -10,6 +10,7 @@ namespace OCA\DAV\Connector\Sabre; use Exception; use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\TwoFactorAuth\Manager; +use OC\Files\SetupManager; use OC\User\Session; use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden; use OCA\DAV\Connector\Sabre\Exception\TooManyRequests; @@ -37,6 +38,7 @@ class Auth extends AbstractBasic { private IRequest $request, private Manager $twoFactorManager, private IThrottler $throttler, + private SetupManager $setupManager, string $principalPrefix = 'principals/users/', ) { $this->principalPrefix = $principalPrefix; @@ -183,10 +185,13 @@ class Auth extends AbstractBasic { || ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && empty($request->getHeader('Authorization'))) || \OC_User::handleApacheAuth() ) { - $user = $this->userSession->getUser()->getUID(); - $this->currentUser = $user; + $user = $this->userSession->getUser(); + $this->setupManager->setupForUser($user); + + $uid = $user->getUID(); + $this->currentUser = $uid; $this->session->close(); - return [true, $this->principalPrefix . $user]; + return [true, $this->principalPrefix . $uid]; } } @@ -201,6 +206,12 @@ class Auth extends AbstractBasic { $response->setStatus(Http::STATUS_UNAUTHORIZED); throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls'); } + + $user = $this->userSession->getUser(); + if ($user !== null) { + $this->setupManager->setupForUser($user); + } + return $data; } } diff --git a/apps/dav/lib/Server.php b/apps/dav/lib/Server.php index f81c7fa6f29..78519bad9d8 100644 --- a/apps/dav/lib/Server.php +++ b/apps/dav/lib/Server.php @@ -8,6 +8,7 @@ namespace OCA\DAV; use OC\Files\Filesystem; +use OC\Files\SetupManager; use OCA\DAV\AppInfo\PluginManager; use OCA\DAV\BulkUpload\BulkUploadPlugin; use OCA\DAV\CalDAV\BirthdayCalendar\EnablePlugin; @@ -132,7 +133,8 @@ class Server { \OCP\Server::get(IUserSession::class), \OCP\Server::get(IRequest::class), \OCP\Server::get(\OC\Authentication\TwoFactorAuth\Manager::class), - \OCP\Server::get(IThrottler::class) + \OCP\Server::get(IThrottler::class), + \OCP\Server::get(SetupManager::class), ); // Set URL explicitly due to reverse-proxy situations diff --git a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php index 4b42a815708..c2a66a6b74f 100644 --- a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php @@ -10,6 +10,7 @@ namespace OCA\DAV\Tests\unit\Connector\Sabre; use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\TwoFactorAuth\Manager; +use OC\Files\SetupManager; use OC\User\Session; use OCA\DAV\Connector\Sabre\Auth; use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden; @@ -35,6 +36,7 @@ class AuthTest extends TestCase { private IRequest&MockObject $request; private Manager&MockObject $twoFactorManager; private IThrottler&MockObject $throttler; + private SetupManager&MockObject $setupManager; private Auth $auth; protected function setUp(): void { @@ -44,12 +46,14 @@ class AuthTest extends TestCase { $this->request = $this->createMock(IRequest::class); $this->twoFactorManager = $this->createMock(Manager::class); $this->throttler = $this->createMock(IThrottler::class); + $this->setupManager = $this->createMock(SetupManager::class); $this->auth = new Auth( $this->session, $this->userSession, $this->request, $this->twoFactorManager, - $this->throttler + $this->throttler, + $this->setupManager, ); } @@ -579,7 +583,7 @@ class AuthTest extends TestCase { ->method('getUID') ->willReturn('MyTestUser'); $this->userSession - ->expects($this->exactly(3)) + ->expects($this->exactly(4)) ->method('getUser') ->willReturn($user); $response = $this->auth->check($server->httpRequest, $server->httpResponse);