Skip to content

Commit

Permalink
fix(groups): allows to save group names with more than 64 characters
Browse files Browse the repository at this point in the history
Mimic behaviour from LDAP users and add a hard limit to 255 characters

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
  • Loading branch information
Altahrim committed May 16, 2024
1 parent 63da606 commit a2746a6
Show file tree
Hide file tree
Showing 9 changed files with 114 additions and 22 deletions.
1 change: 1 addition & 0 deletions lib/composer/composer/autoload_classmap.php
Original file line number Diff line number Diff line change
Expand Up @@ -411,6 +411,7 @@
'OCP\\Group\\Backend\\ICountDisabledInGroup' => $baseDir . '/lib/public/Group/Backend/ICountDisabledInGroup.php',
'OCP\\Group\\Backend\\ICountUsersBackend' => $baseDir . '/lib/public/Group/Backend/ICountUsersBackend.php',
'OCP\\Group\\Backend\\ICreateGroupBackend' => $baseDir . '/lib/public/Group/Backend/ICreateGroupBackend.php',
'OCP\\Group\\Backend\\ICreateNamedGroupBackend' => $baseDir . '/lib/public/Group/Backend/ICreateNamedGroupBackend.php',
'OCP\\Group\\Backend\\IDeleteGroupBackend' => $baseDir . '/lib/public/Group/Backend/IDeleteGroupBackend.php',
'OCP\\Group\\Backend\\IGetDisplayNameBackend' => $baseDir . '/lib/public/Group/Backend/IGetDisplayNameBackend.php',
'OCP\\Group\\Backend\\IGroupDetailsBackend' => $baseDir . '/lib/public/Group/Backend/IGroupDetailsBackend.php',
Expand Down
1 change: 1 addition & 0 deletions lib/composer/composer/autoload_static.php
Original file line number Diff line number Diff line change
Expand Up @@ -444,6 +444,7 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
'OCP\\Group\\Backend\\ICountDisabledInGroup' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/ICountDisabledInGroup.php',
'OCP\\Group\\Backend\\ICountUsersBackend' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/ICountUsersBackend.php',
'OCP\\Group\\Backend\\ICreateGroupBackend' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/ICreateGroupBackend.php',
'OCP\\Group\\Backend\\ICreateNamedGroupBackend' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/ICreateNamedGroupBackend.php',
'OCP\\Group\\Backend\\IDeleteGroupBackend' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/IDeleteGroupBackend.php',
'OCP\\Group\\Backend\\IGetDisplayNameBackend' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/IGetDisplayNameBackend.php',
'OCP\\Group\\Backend\\IGroupDetailsBackend' => __DIR__ . '/../../..' . '/lib/public/Group/Backend/IGroupDetailsBackend.php',
Expand Down
32 changes: 17 additions & 15 deletions lib/private/Group/Database.php
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
use OCP\Group\Backend\IAddToGroupBackend;
use OCP\Group\Backend\ICountDisabledInGroup;
use OCP\Group\Backend\ICountUsersBackend;
use OCP\Group\Backend\ICreateGroupBackend;
use OCP\Group\Backend\ICreateNamedGroupBackend;
use OCP\Group\Backend\IDeleteGroupBackend;
use OCP\Group\Backend\IGetDisplayNameBackend;
use OCP\Group\Backend\IGroupDetailsBackend;
Expand All @@ -54,7 +54,7 @@ class Database extends ABackend implements
IAddToGroupBackend,
ICountDisabledInGroup,
ICountUsersBackend,
ICreateGroupBackend,
ICreateNamedGroupBackend,
IDeleteGroupBackend,
IGetDisplayNameBackend,
IGroupDetailsBackend,
Expand Down Expand Up @@ -86,35 +86,28 @@ private function fixDI() {
}
}

/**
* Try to create a new group
* @param string $gid The name of the group to create
* @return bool
*
* Tries to create a new group. If the group name already exists, false will
* be returned.
*/
public function createGroup(string $gid): bool {
public function createGroup(string $name): ?string {
$this->fixDI();

$gid = $this->computeGid($name);
try {
// Add group
$builder = $this->dbConn->getQueryBuilder();
$result = $builder->insert('groups')
->setValue('gid', $builder->createNamedParameter($gid))
->setValue('displayname', $builder->createNamedParameter($gid))
->setValue('displayname', $builder->createNamedParameter($name))
->execute();
} catch (UniqueConstraintViolationException $e) {
$result = 0;
return null;
}

// Add to cache
$this->groupCache[$gid] = [
'gid' => $gid,
'displayname' => $gid
'displayname' => $name
];

return $result === 1;
return $gid;
}

/**
Expand Down Expand Up @@ -517,4 +510,13 @@ public function setDisplayName(string $gid, string $displayName): bool {
public function getBackendName(): string {
return 'Database';
}

/**
* Compute group ID from display name (GIDs are limited to 64 characters in database)
*/
private function computeGid(string $displayName): string {
return mb_strlen($displayName) > 64
? hash('sha256', $displayName)
: $displayName;
}
}
14 changes: 13 additions & 1 deletion lib/private/Group/Manager.php
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
use OC\Hooks\PublicEmitter;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\GroupInterface;
use OCP\Group\Backend\ICreateNamedGroupBackend;
use OCP\ICacheFactory;
use OCP\IGroup;
use OCP\IGroupManager;
Expand Down Expand Up @@ -85,6 +86,8 @@ class Manager extends PublicEmitter implements IGroupManager {

private DisplayNameCache $displayNameCache;

private const MAX_GROUP_LENGTH = 255;

public function __construct(\OC\User\Manager $userManager,
EventDispatcherInterface $dispatcher,
LoggerInterface $logger,
Expand Down Expand Up @@ -219,11 +222,20 @@ public function createGroup($gid) {
return null;
} elseif ($group = $this->get($gid)) {
return $group;
} elseif (mb_strlen($gid) > self::MAX_GROUP_LENGTH) {
throw new \Exception('Group name is limited to '. self::MAX_GROUP_LENGTH.' characters');
} else {
$this->emit('\OC\Group', 'preCreate', [$gid]);
foreach ($this->backends as $backend) {
if ($backend->implementsActions(Backend::CREATE_GROUP)) {
if ($backend->createGroup($gid)) {
if ($backend instanceof ICreateNamedGroupBackend) {
$groupName = $gid;
if (($gid = $backend->createGroup($groupName)) !== null) {
$group = $this->getGroupObject($gid);
$this->emit('\OC\Group', 'postCreate', [$group]);
return $group;
}
} elseif ($backend->createGroup($gid)) {
$group = $this->getGroupObject($gid);
$this->emit('\OC\Group', 'postCreate', [$group]);
return $group;
Expand Down
2 changes: 1 addition & 1 deletion lib/public/Group/Backend/ABackend.php
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ public function implementsActions($actions): bool {
if ($this instanceof ICountUsersBackend) {
$implements |= GroupInterface::COUNT_USERS;
}
if ($this instanceof ICreateGroupBackend) {
if ($this instanceof ICreateGroupBackend || $this instanceof ICreateNamedGroupBackend) {
$implements |= GroupInterface::CREATE_GROUP;
}
if ($this instanceof IDeleteGroupBackend) {
Expand Down
1 change: 1 addition & 0 deletions lib/public/Group/Backend/ICreateGroupBackend.php
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@

/**
* @since 14.0.0
* @deprecated 30.0.0 Use ICreateNamedGroupBackend instead
*/
interface ICreateGroupBackend {
/**
Expand Down
43 changes: 43 additions & 0 deletions lib/public/Group/Backend/ICreateNamedGroupBackend.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
<?php

declare(strict_types=1);

/**
* @copyright Copyright (c) 2024 Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
*
* @author Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCP\Group\Backend;

/**
* @since 30.0.0
*/
interface ICreateNamedGroupBackend {
/**
* Tries to create a group from its name.
*
* If group name already exists, null is returned.
* Otherwise, new group ID is returned.
*
* @param string $name Group name
* @return ?string Group ID in case of success, null in case of failure
* @since 30.0.0
*/
public function createGroup(string $name): ?string;
}
18 changes: 13 additions & 5 deletions tests/lib/Group/DatabaseTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,8 @@ class DatabaseTest extends Backend {
/**
* get a new unique group name
* test cases can override this in order to clean up created groups
*
* @return string
*/
public function getGroupName($name = null) {
public function getGroupName($name = null): string {
$name = parent::getGroupName($name);
$this->groups[] = $name;
return $name;
Expand All @@ -57,12 +55,22 @@ protected function tearDown(): void {
parent::tearDown();
}

public function testAddDoubleNoCache() {
public function testAddDoubleNoCache(): void {
$group = $this->getGroupName();

$this->backend->createGroup($group);

$backend = new \OC\Group\Database();
$this->assertFalse($backend->createGroup($group));
$this->assertNull($backend->createGroup($group));
}

public function testAddLongGroupName(): void {
$groupName = $this->getUniqueID('test_', 100);

$gidCreated = $this->backend->createGroup($groupName);
$this->assertEquals(64, strlen($gidCreated));

$group = $this->backend->getGroupDetails($gidCreated);
$this->assertEquals(['displayName' => $groupName], $group);
}
}
24 changes: 24 additions & 0 deletions tests/lib/Group/ManagerTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,30 @@ public function testCreateFailure() {
$this->assertEquals(null, $group);
}

public function testCreateTooLong() {
/**@var \PHPUnit\Framework\MockObject\MockObject|\OC\Group\Backend $backend */
$backendGroupCreated = false;
$backend = $this->getTestBackend(
GroupInterface::ADD_TO_GROUP |
GroupInterface::REMOVE_FROM_GOUP |
GroupInterface::COUNT_USERS |
GroupInterface::CREATE_GROUP |
GroupInterface::DELETE_GROUP |
GroupInterface::GROUP_DETAILS
);
$groupName = str_repeat('x', 256);
$backend->expects($this->any())
->method('groupExists')
->with($groupName)
->willReturn(false);

$manager = new \OC\Group\Manager($this->userManager, $this->dispatcher, $this->logger, $this->cache);
$manager->addBackend($backend);

$this->expectException(\Exception::class);
$group = $manager->createGroup($groupName);
}

public function testCreateExists() {
/** @var \PHPUnit\Framework\MockObject\MockObject|\OC\Group\Backend $backend */
$backend = $this->getTestBackend();
Expand Down

0 comments on commit a2746a6

Please sign in to comment.