Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Search users shows also disabled users #40657

Open
6 of 8 tasks
fabieins opened this issue Sep 27, 2023 · 3 comments
Open
6 of 8 tasks

[Bug]: Search users shows also disabled users #40657

fabieins opened this issue Sep 27, 2023 · 3 comments
Labels
1. to develop Accepted and waiting to be taken care of 26-feedback bug design Design, UI, UX, etc. feature: sharing feature: users and groups

Comments

@fabieins
Copy link

⚠️ This issue respects the following points: ⚠️

Bug description

If you search a user, e.g. to

  • share a file/directory
  • invite to an event
  • share a poll
  • ...

there are also shown disabled users.

Since these users cannot handle the share/invitation, they should not be suggested in the search.

Steps to reproduce

  1. add User 'willbedisabled'
  2. Disable User 'willbedisabled'
  3. go to a file and select share with
  4. search e.g. 'will'
  5. see the disabled user

Expected behavior

only active useres are suggested

Installation method

Community Manual installation with Archive

Nextcloud Server version

26

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Upgraded to a MAJOR version (ex. 22 to 23)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report

{
    "system": {
        "filelocking.enabled": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***"
        ],
        "htaccess.RewriteBase": "\/",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "26.0.5.1",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "updater.release.channel": "stable",
        "maintenance": false,
        "theme": "",
        "loglevel": 0,
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "tls",
        "mail_sendmailmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "587",
        "mail_smtpauthtype": "PLAIN",
        "mail_smtpauth": 1,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "app_install_overwrite": [
            "admin_resource_booking_database",
            "occweb",
            "whiteboard",
            "fulltextsearch",
            "extract"
        ],
        "default_phone_region": "***REMOVED SENSITIVE VALUE***",
        "profile.enabled": false
    }
}

List of activated Apps

Enabled:
  - activity: 2.18.0
  - admin_resource_booking_database: 0.0.1
  - appointments: 1.15.2
  - bookmarks: 13.0.1
  - breezedark: 26.0.0
  - bruteforcesettings: 2.6.0
  - calendar: 4.4.4
  - circles: 26.0.0
  - cloud_federation_api: 1.9.0
  - comments: 1.16.0
  - contacts: 5.3.2
  - contactsinteraction: 1.7.0
  - dashboard: 7.6.0
  - dav: 1.25.0
  - deck: 1.9.2
  - drawio: 2.1.2
  - extract: 1.3.6
  - federatedfilesharing: 1.16.0
  - federation: 1.16.0
  - files: 1.21.1
  - files_fulltextsearch: 26.0.1
  - files_fulltextsearch_tesseract: 27.0.0
  - files_mindmap: 0.0.28
  - files_pdfviewer: 2.7.0
  - files_rightclick: 1.5.0
  - files_sharing: 1.18.0
  - files_trashbin: 1.16.0
  - files_versions: 1.19.1
  - firstrunwizard: 2.15.0
  - forms: 3.3.1
  - fulltextsearch: 26.0.1
  - fulltextsearch_elasticsearch: 26.0.2
  - groupfolders: 14.0.4
  - holiday_calendars: 0.3.0
  - logreader: 2.11.0
  - lookup_server_connector: 1.14.0
  - nextcloud_announcements: 1.15.0
  - notes: 4.8.1
  - notifications: 2.14.0
  - oauth2: 1.14.1
  - onlyoffice: 7.9.0
  - password_policy: 1.16.0
  - photos: 2.2.0
  - polls: 5.2.0
  - privacy: 1.10.0
  - provisioning_api: 1.16.0
  - recommendations: 1.5.0
  - related_resources: 1.1.0
  - serverinfo: 1.16.0
  - settings: 1.8.0
  - sharebymail: 1.16.0
  - side_menu: 3.10.3
  - spreed: 16.0.5
  - support: 1.9.0
  - survey_client: 1.14.0
  - suspicious_login: 4.4.0
  - systemtags: 1.16.0
  - tasks: 0.15.0
  - text: 3.7.2
  - theming: 2.1.1
  - twofactor_backupcodes: 1.15.0
  - twofactor_totp: 8.0.0
  - updatenotification: 1.16.0
  - user_oidc: 1.3.3
  - viewer: 1.10.0
  - weather_status: 1.6.0
  - workflowengine: 2.8.0
Disabled:
  - admin_audit: 1.16.0
  - encryption: 2.14.0
  - files_external: 1.18.0
  - user_ldap: 1.16.0
  - user_status: 1.6.0 (installed 1.4.0)

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

used user backend: OIDC connect user backend for Nextcloud
@fabieins fabieins added 0. Needs triage Pending check for reproducibility or if it fits our roadmap bug labels Sep 27, 2023
@joshtrichards
Copy link
Member

joshtrichards commented Aug 18, 2024
edited
Loading

I believe this is intentional, since internal shares continue for disabled users (https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_configuration.html#disable-and-enable-users). Also see #39699

If hide_disabled_user_shares is activated though I'd expect them to disappear. If that's not happening (which appears to be the case in my limited testing), that would be a bug I guess.

Probably should get some design input before adjusting this.

@joshtrichards joshtrichards added feature: sharing feature: users and groups 1. to develop Accepted and waiting to be taken care of design Design, UI, UX, etc. and removed 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Aug 18, 2024
@fabieins
Copy link
Author

I am talking from the other site.

I'm fine with seeing shares of disabled users if hide_disabled_user_shares is not activated, but...

As a disabled user can't login to the nextcloud ("The user will not longer be able to access their Nextcloud until you enable them again" source: https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_configuration.html#disable-and-enable-users) why should I be able to share a file with this user or invite him to an appointment? He will never get notified about that and won't have access.

@joshtrichards
Copy link
Member

Related: #9948

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop Accepted and waiting to be taken care of 26-feedback bug design Design, UI, UX, etc. feature: sharing feature: users and groups
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joshtrichards @szaimen @fabieins