New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce account modules #31547
Introduce account modules #31547
Conversation
5d10d2c
to
40c6e44
Compare
Codecov Report
@@ Coverage Diff @@
## master #31547 +/- ##
============================================
+ Coverage 63.4% 63.4% +<.01%
- Complexity 18461 18493 +32
============================================
Files 1162 1165 +3
Lines 69267 69367 +100
Branches 1264 1264
============================================
+ Hits 43920 43984 +64
- Misses 24978 25014 +36
Partials 369 369
Continue to review full report at Codecov.
|
f4c3b39
to
f752182
Compare
|
62982d0
to
5c0c189
Compare
5c0c189
to
1079de0
Compare
@SamuAlfageme see questions about clients ^ |
try { | ||
$this->accountModuleManager->check($user); | ||
} catch (AccountCheckException $ex) { | ||
throw new \Sabre\DAV\Exception\NotAuthenticated($ex->getMessage(), $ex->getCode(), $ex); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will logout all clients of the user - maybe not what we want - 503 might be a better idea
@@ -236,9 +252,17 @@ private function auth(RequestInterface $request, ResponseInterface $response) { | |||
|
|||
$data = parent::check($request, $response); | |||
if ($data[0] === true) { | |||
$user = $this->userSession->getUser(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
code duplication ...... just saying
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
extracted checkAccountModule($user)
apps/files/js/file-upload.js
Outdated
@@ -297,6 +297,7 @@ OC.FileUpload.prototype = { | |||
headers['OC-Total-Length'] = size; | |||
|
|||
} | |||
headers['OC-LazyOps'] = true; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
whot? wrong PR 😬
@@ -381,12 +383,30 @@ public function __construct($appName, $urlParams = []) { | |||
return new TwoFactorMiddleware($twoFactorManager, $userSession, $urlGenerator, $reflector, $request); | |||
}); | |||
|
|||
$this->registerService('AccountModuleManager', function ($c) use ($app) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should not be necessary - DI magic will create it
); | ||
}); | ||
|
||
$this->registerService('AccountMiddleware', function (SimpleContainer $c) use ($app) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as above - DI magic ..
try { | ||
\OC::$server->getAccountModuleManager()->check($userSession->getUser()); | ||
} catch (AccountCheckException $ex) { | ||
// Deny login if any IAuthModule check fails |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
log?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lib/private/legacy/json.php
Outdated
@@ -62,24 +63,40 @@ public static function checkAppEnabled($app) { | |||
} | |||
} | |||
|
|||
/** | |||
* FIXME this needs so much refactoring ... |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no fixing - this is legacy - kill it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know it's being used - my comment was about the need to kill this all instead of trying to fix this
@@ -0,0 +1,28 @@ | |||
<?php | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
copyright missing
* Interface IAccountModule | ||
* | ||
* @package OCP\Authentication | ||
* @since 10.0.9 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
10.0.10 - 10.0.9 is out
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dito
@@ -0,0 +1,21 @@ | |||
<?php | |||
/** | |||
* Created by PhpStorm. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
copyright
1079de0
to
2ea171e
Compare
726de89
to
7683e0a
Compare
* @param $user | ||
* @throws ServiceUnavailable | ||
*/ | ||
private function checkAccountModule($user): void { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return type will block backport - we can keep it this way but need to modify this on the backport then
* @param Controller $controller | ||
* @param string $methodName | ||
* @throws AccountCheckException | ||
* @throws \OCP\AppFramework\QueryException |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not thrown ?
* @param string $methodName | ||
* @throws AccountCheckException | ||
* @throws \OCP\AppFramework\QueryException | ||
* @throws \OC\NeedsUpdateException |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not thrown ?
@@ -281,6 +283,7 @@ public function __construct($appName, $urlParams = []) { | |||
return $this->getServer(); | |||
}); | |||
$this->registerAlias('OCP\\IServerContainer', 'ServerContainer'); | |||
$this->registerAlias(IServiceLoader::class, 'ServerContainer'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I moved this to the core server impl
lib/private/legacy/json.php
Outdated
@@ -62,24 +63,40 @@ public static function checkAppEnabled($app) { | |||
} | |||
} | |||
|
|||
/** | |||
* FIXME this needs so much refactoring ... | |||
* @param $message |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no param
fe6962f
to
010fb79
Compare
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
46abb21
to
c29a99a
Compare
@butonic please backport |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
This introduces Account Modules using password expiry as an example. Requires owncloud/password_policy#15