EZP-30475: Escape user login name so domain login names works as inte…

…nded (#2606) * EZP-30475: Escape user login name so domain login names works as inteded * Add integration test coverage
ezsystems · Apr 16, 2019 · 8657ee8 · 8657ee8
1 parent 89623f0
commit 8657ee8
Show file tree

Hide file tree

Showing 8 changed files with 44 additions and 12 deletions.
diff --git a/eZ/Publish/API/Repository/Tests/UserServiceTest.php b/eZ/Publish/API/Repository/Tests/UserServiceTest.php
@@ -836,6 +836,19 @@ public function testNewUserCreateStructWithFifthParameter()
         $this->assertSame($userType, $userCreate->contentType);
     }
 
+    /**
+     * Test for creating user with Active Directory login name.
+     */
+    public function testNewUserWithDomainName()
+    {
+        $repository = $this->getRepository();
+        $userService = $repository->getUserService();
+        $createdUser = $this->createUserVersion1('ez-user-Domain\username-by-login');
+        $loadedUser = $userService->loadUserByLogin('ez-user-Domain\username-by-login');
+
+        $this->assertEquals($createdUser, $loadedUser);
+    }
+
     /**
      * Test for the createUser() method.
      *

diff --git a/eZ/Publish/Core/Persistence/Cache/AbstractHandler.php b/eZ/Publish/Core/Persistence/Cache/AbstractHandler.php
@@ -121,4 +121,13 @@ final protected function getMultipleCacheItems(
 
         return $list;
     }
+
+    final protected function escapeForCacheKey(string $identifier)
+    {
+        return \str_replace(
+            ['_', '/', ':', '(', ')', '@', '\\', '{', '}'],
+            ['__', '_S', '_C', '_BO', '_BC', '_A', '_BS', '_CBO', '_CBC'],
+            $identifier
+        );
+    }
 }
diff --git a/eZ/Publish/Core/Persistence/Cache/AbstractInMemoryHandler.php b/eZ/Publish/Core/Persistence/Cache/AbstractInMemoryHandler.php
@@ -268,4 +268,13 @@ final protected function getMultipleCacheValues(
 
         return $list;
     }
+
+    final protected function escapeForCacheKey(string $identifier)
+    {
+        return \str_replace(
+            ['_', '/', ':', '(', ')', '@', '\\', '{', '}'],
+            ['__', '_S', '_C', '_BO', '_BC', '_A', '_BS', '_CBO', '_CBC'],
+            $identifier
+        );
+    }
 }
diff --git a/eZ/Publish/Core/Persistence/Cache/ContentHandler.php b/eZ/Publish/Core/Persistence/Cache/ContentHandler.php
@@ -146,7 +146,7 @@ function (ContentInfo $info) {
      */
     public function loadContentInfoByRemoteId($remoteId)
     {
-        $cacheItem = $this->cache->getItem("ez-content-info-byRemoteId-${remoteId}");
+        $cacheItem = $this->cache->getItem('ez-content-info-byRemoteId-' . $this->escapeForCacheKey($remoteId));
         if ($cacheItem->isHit()) {
             return $cacheItem->get();
         }

diff --git a/eZ/Publish/Core/Persistence/Cache/LocationHandler.php b/eZ/Publish/Core/Persistence/Cache/LocationHandler.php
@@ -147,7 +147,8 @@ public function loadParentLocationsForDraftContent($contentId)
     public function loadByRemoteId($remoteId, array $translations = null, bool $useAlwaysAvailable = true)
     {
         $translationsKey = $this->getCacheTranslationKey($translations, $useAlwaysAvailable);
-        $cacheItem = $this->cache->getItem("ez-location-remoteid-${remoteId}-${translationsKey}");
+        $keyRemoteId = $this->escapeForCacheKey($remoteId);
+        $cacheItem = $this->cache->getItem("ez-location-remoteid-${keyRemoteId}-${translationsKey}");
         if ($cacheItem->isHit()) {
             return $cacheItem->get();
         }

diff --git a/eZ/Publish/Core/Persistence/Cache/Tests/UserHandlerTest.php b/eZ/Publish/Core/Persistence/Cache/Tests/UserHandlerTest.php
@@ -43,8 +43,8 @@ public function providerForUnCachedMethods(): array
         return [
             ['create', [$user], ['content-fields-14'], [
                 'ez-user-14',
-                'ez-user-' . str_replace('@', '§', $user->login) . '-by-login',
-                'ez-user-' . str_replace('@', '§', $user->email) . '-by-email',
+                'ez-user-' . str_replace('@', '_A', $user->login) . '-by-login',
+                'ez-user-' . str_replace('@', '_A', $user->email) . '-by-email',
             ]],
             ['update', [$user], ['content-fields-14', 'user-14']],
             ['updateUserToken', [$userToken], ['user-14-account-key'], ['ez-user-4irj8t43r-by-account-key']],
@@ -80,7 +80,7 @@ public function providerForCachedLoadMethods(): array
         return [
             ['load', [14], 'ez-user-14', $user],
             ['loadByLogin', ['admin'], 'ez-user-admin-by-login', $user],
-            ['loadByEmail', ['nospam@ez.no'], 'ez-user-nospam§ez.no-by-email', [$user]],
+            ['loadByEmail', ['nospam@ez.no'], 'ez-user-nospam_Aez.no-by-email', [$user]],
             ['loadUserByToken', ['hash'], 'ez-user-hash-by-account-key', $user],
             ['loadRole', [9], 'ez-role-9', $role],
             ['loadRoleByIdentifier', ['member'], 'ez-role-member-by-identifier', $role],

diff --git a/eZ/Publish/Core/Persistence/Cache/UrlAliasHandler.php b/eZ/Publish/Core/Persistence/Cache/UrlAliasHandler.php
@@ -179,7 +179,7 @@ public function removeURLAliases(array $urlAliases)
     public function lookup($url)
     {
         $cacheItem = $this->cache->getItem(
-            'ez-urlAlias-url-' . str_replace(['_', '/', ':', '(', ')', '@', '\\', '{', '}'], ['__', '_S', '_C', '_BO', '_BC', '_A', '_BS', '_CBO', '_CBC'], $url)
+            'ez-urlAlias-url-' . $this->escapeForCacheKey($url)
         );
         if ($cacheItem->isHit()) {
             if (($return = $cacheItem->get()) === self::NOT_FOUND) {

diff --git a/eZ/Publish/Core/Persistence/Cache/UserHandler.php b/eZ/Publish/Core/Persistence/Cache/UserHandler.php
@@ -48,10 +48,10 @@ public function init(): void
         $this->getUserTags = static function (User $user) {
             return ['content-' . $user->id, 'user-' . $user->id];
         };
-        $this->getUserKeys = static function (User $user) {
+        $this->getUserKeys = function (User $user) {
             return [
                 'ez-user-' . $user->id,
-                'ez-user-' . \str_replace('@', '§', $user->login) . '-by-login',
+                'ez-user-' . $this->escapeForCacheKey($user->login) . '-by-login',
                 //'ez-user-' . $hash . '-by-account-key',
             ];
         };
@@ -90,8 +90,8 @@ public function create(User $user)
         $this->cache->invalidateTags(['content-fields-' . $user->id]);
         $this->cache->deleteItems([
             'ez-user-' . $user->id,
-            'ez-user-' . str_replace('@', '§', $user->login) . '-by-login',
-            'ez-user-' . str_replace('@', '§', $user->email) . '-by-email',
+            'ez-user-' . $this->escapeForCacheKey($user->login) . '-by-login',
+            'ez-user-' . $this->escapeForCacheKey($user->email) . '-by-email',
         ]);
 
         return $return;
@@ -119,7 +119,7 @@ function ($userId) {
     public function loadByLogin($login)
     {
         return $this->getCacheValue(
-            str_replace('@', '§', $login),
+            $this->escapeForCacheKey($login),
             'ez-user-',
             function ($escapedLogin) use ($login) {
                 return $this->persistenceHandler->userHandler()->loadByLogin($login);
@@ -137,7 +137,7 @@ public function loadByEmail($email)
     {
         // As load by email can return several items we threat it like a list here.
         return $this->getListCacheValue(
-            'ez-user-' . str_replace('@', '§', $email) . '-by-email',
+            'ez-user-' . $this->escapeForCacheKey($email) . '-by-email',
             function () use ($email) {
                 return $this->persistenceHandler->userHandler()->loadByEmail($email);
             },