diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2020-04-18 12:24:07 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-18 12:24:07 +0300 |
commit | 33d472c72a5ed6dd64e2e94ebd6858389f87d2aa (patch) | |
tree | c0345e81fbe86912caf2c7687d36648a94a6054d | |
parent | 71090ff59dd4bdb1b1dc60807d9d493ac395c194 (diff) | |
parent | db32aeb99d94504235b3ff0ffa1ebaed264588d5 (diff) |
Merge pull request #20518 from nextcloud/backport/20505/stable16
[stable16] do not advertise nulled userId for for systemwide credentials
-rw-r--r-- | lib/private/Security/CredentialsManager.php | 12 | ||||
-rw-r--r-- | lib/public/Security/ICredentialsManager.php | 6 | ||||
-rw-r--r-- | tests/lib/Security/CredentialsManagerTest.php | 3 |
3 files changed, 12 insertions, 9 deletions
diff --git a/lib/private/Security/CredentialsManager.php b/lib/private/Security/CredentialsManager.php index 0ac9b30c6ce..df1d8926568 100644 --- a/lib/private/Security/CredentialsManager.php +++ b/lib/private/Security/CredentialsManager.php @@ -53,7 +53,7 @@ class CredentialsManager implements ICredentialsManager { /** * Store a set of credentials * - * @param string|null $userId Null for system-wide credentials + * @param string $userId empty string for system-wide credentials * @param string $identifier * @param mixed $credentials */ @@ -61,7 +61,7 @@ class CredentialsManager implements ICredentialsManager { $value = $this->crypto->encrypt(json_encode($credentials)); $this->dbConnection->setValues(self::DB_TABLE, [ - 'user' => $userId, + 'user' => (string)$userId, 'identifier' => $identifier, ], [ 'credentials' => $value, @@ -71,7 +71,7 @@ class CredentialsManager implements ICredentialsManager { /** * Retrieve a set of credentials * - * @param string|null $userId Null for system-wide credentials + * @param string $userId empty string for system-wide credentials * @param string $identifier * @return mixed */ @@ -79,7 +79,7 @@ class CredentialsManager implements ICredentialsManager { $qb = $this->dbConnection->getQueryBuilder(); $qb->select('credentials') ->from(self::DB_TABLE) - ->where($qb->expr()->eq('user', $qb->createNamedParameter($userId))) + ->where($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId))) ->andWhere($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier))) ; $result = $qb->execute()->fetch(); @@ -95,14 +95,14 @@ class CredentialsManager implements ICredentialsManager { /** * Delete a set of credentials * - * @param string|null $userId Null for system-wide credentials + * @param string $userId empty string for system-wide credentials * @param string $identifier * @return int rows removed */ public function delete($userId, $identifier) { $qb = $this->dbConnection->getQueryBuilder(); $qb->delete(self::DB_TABLE) - ->where($qb->expr()->eq('user', $qb->createNamedParameter($userId))) + ->where($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId))) ->andWhere($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier))) ; return $qb->execute(); diff --git a/lib/public/Security/ICredentialsManager.php b/lib/public/Security/ICredentialsManager.php index 6c1bb67192d..17d1fa5a355 100644 --- a/lib/public/Security/ICredentialsManager.php +++ b/lib/public/Security/ICredentialsManager.php @@ -33,7 +33,7 @@ interface ICredentialsManager { /** * Store a set of credentials * - * @param string|null $userId Null for system-wide credentials + * @param string $userId empty string for system-wide credentials * @param string $identifier * @param mixed $credentials * @since 8.2.0 @@ -43,7 +43,7 @@ interface ICredentialsManager { /** * Retrieve a set of credentials * - * @param string|null $userId Null for system-wide credentials + * @param string $userId empty string for system-wide credentials * @param string $identifier * @return mixed * @since 8.2.0 @@ -53,7 +53,7 @@ interface ICredentialsManager { /** * Delete a set of credentials * - * @param string|null $userId Null for system-wide credentials + * @param string $userId empty string for system-wide credentials * @param string $identifier * @return int rows removed * @since 8.2.0 diff --git a/tests/lib/Security/CredentialsManagerTest.php b/tests/lib/Security/CredentialsManagerTest.php index 38da26a21a9..9e0ae25718f 100644 --- a/tests/lib/Security/CredentialsManagerTest.php +++ b/tests/lib/Security/CredentialsManagerTest.php @@ -27,6 +27,9 @@ use \OCP\Security\ICrypto; use \OCP\IDBConnection; use \OC\Security\CredentialsManager; +/** + * @group DB + */ class CredentialsManagerTest extends \Test\TestCase { /** @var ICrypto */ |