Skip session validation during app load (Fixes #20756)

Adds parameter to User\Session:getUser() to skip validation, and
modifies OC_App::getEnabledApps() to use this parameter to skip
session validation when loading apps.

Signed-off-by: Scott Shambarger <devel@shambarger.net>

lib/private/User/Session.php

@@ -223,9 +223,10 @@ class Session implements IUserSession, Emitter {
 	/**
 	 * get the current active user
 	 *
+	 * @param bool $validate whether to validate session
 	 * @return IUser|null Current user, otherwise null
 	 */
-	public function getUser() {
+	public function getUser($validate = true) {
 		// FIXME: This is a quick'n dirty work-around for the incognito mode as
 		// described at https://github.com/owncloud/core/pull/12912#issuecomment-67391155
 		if (OC_User::isIncognitoMode()) {
@@ -236,12 +237,17 @@ class Session implements IUserSession, Emitter {
 			if (is_null($uid)) {
 				return null;
 			}
-			$this->activeUser = $this->manager->get($uid);
+			// UserManager will cache user for later validation...
-			if (is_null($this->activeUser)) {
+			$user = $this->manager->get($uid);
+			if (is_null($user)) {
 				return null;
 			}
+			if ($validate === true) {
+				// only set activeUser when validating...
+				$this->activeUser = $user;
 				$this->validateSession();
 			}
+		}
 		return $this->activeUser;
 	}
 

lib/private/legacy/OC_App.php

@@ -348,7 +348,8 @@ class OC_App {
 		if ($all) {
 			$user = null;
 		} else {
-			$user = \OC::$server->getUserSession()->getUser();
+			// getUser but don't validate session yet
+			$user = \OC::$server->getUserSession()->getUser(false);
 		}
 
 		if (is_null($user)) {