In OC\User\Manager::createUserFromBackend the newly created user is read
using getUserObject($uid, $backend) but that can cause causal read
issues (wrote in DB primary, not yet in secondary).
In OC\User\Database user backend the user cache is unset after the
insert, so it can't be used by getRealUID() (which is called by
getUserObject()).
To avoid that we make sure the user cache is repopulated in a
transaction.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Apps might also like to know about failed logins.
This adds that event.
The private interface changes are backwards compatible so all should be fine.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The condition of a non-existent login token can happen for concurrent
requests. Admins can not do anything about this. So this is to be
expected to happen occasionally. This event is only bad if none of the
requests is able to re-acquire a session. Luckily this happens rarely.
If a login loop persists an admin can still lower the log level to find
this info. But a default error log level will no longer write those
infos about the failed cookie login of one request.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
- LDAP has an email address with capital letters
- NC store this address in lower case
- When the user logs in, we compare the [stored email with the new lower case email](https://github.com/nextcloud/server/blob/master/lib/private/AllConfig.php#L259-L261) before storing it. Here, both email will be the same, so we won't store the new email address with upper case letters. Which is what we want.
- We then [compare emails as they are before triggering an event](https://github.com/nextcloud/server/blob/master/lib/private/User/User.php#L202-L204), they won't match, so the user will receive an email signaling an email change every time he logs in.
The fix is to compare the old email with the new lower case email before sending the event.
Signed-off-by: Louis Chemineau <louis@chmn.me>
This is an helpful helper that should be used in more place than just
server and this is already the case with groupfodlers, deck, user_oidc
and more using it, so let's make it public
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
When there is no protocol on the cloud id, we assume it's https://
But this means that when an http:// server currently sends an OCM
invite to another server, the protocol is striped and the remote
instance will try to talk back to https:// which might not be available.
Signed-off-by: Joas Schilling <coding@schilljs.com>
- Reflect the actual return value returned by the implementation in the
the interface. E.g. IUser|bool -> IUser|false
- Remove $hasLoggedIn parameter from private countUser implementation.
Replace the two call with the equivalent countSeenUser
- getBackend is nuallable, add this to the interface
- Use backend interface to make psalm happy about call to undefined
methods. Also helps with getting rid at some point of the old
implementActions
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Only getUID and getDisplayName are called on the file owner objects anyway
and we can get this information often without DB request
Signed-off-by: Robin Appelman <robin@icewind.nl>
This should saves some query in the share backend when displaying the
owner and it's not important if the display name is 10 minutes outdated
as it is very rare that this gets changed.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Julius Härtl
Arthur Schiwon
Thomas Citharel
Daniel Kesselberg
Robin Appelman
Côme Chilliet
Simon L
Côme Chilliet
Joas Schilling
Roeland Jago Douma
Christoph Wurst
Vincent Petry
Maxence Lange
Louis Chemineau
Christopher Ng
Carl Schwan
Joas Schilling