Prevent SQL error message in case of error
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than permitted in the database. This is against it's PHPDocs and we should cast this to `false`, so that the regular error handling triggers in. The easiest way to reproduce is on MySQL: 1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel 2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again 3. See SQL exception as error message Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
parent
a53aa40b4d
commit
ed8a98eaa1
|
@ -92,7 +92,11 @@ class Database extends Backend implements IUserBackend {
|
||||||
$event = new GenericEvent($password);
|
$event = new GenericEvent($password);
|
||||||
$this->eventDispatcher->dispatch('OCP\PasswordPolicy::validate', $event);
|
$this->eventDispatcher->dispatch('OCP\PasswordPolicy::validate', $event);
|
||||||
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )');
|
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )');
|
||||||
$result = $query->execute(array($uid, \OC::$server->getHasher()->hash($password)));
|
try {
|
||||||
|
$result = $query->execute(array($uid, \OC::$server->getHasher()->hash($password)));
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
$result = false;
|
||||||
|
}
|
||||||
|
|
||||||
// Clear cache
|
// Clear cache
|
||||||
unset($this->cache[$uid]);
|
unset($this->cache[$uid]);
|
||||||
|
|
|
@ -349,7 +349,10 @@ class Manager extends PublicEmitter implements IUserManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->emit('\OC\User', 'preCreateUser', [$uid, $password]);
|
$this->emit('\OC\User', 'preCreateUser', [$uid, $password]);
|
||||||
$backend->createUser($uid, $password);
|
$state = $backend->createUser($uid, $password);
|
||||||
|
if($state === false) {
|
||||||
|
throw new \InvalidArgumentException($l->t('Could not create user'));
|
||||||
|
}
|
||||||
$user = $this->getUserObject($uid, $backend);
|
$user = $this->getUserObject($uid, $backend);
|
||||||
if ($user instanceof IUser) {
|
if ($user instanceof IUser) {
|
||||||
$this->emit('\OC\User', 'postCreateUser', [$user, $password]);
|
$this->emit('\OC\User', 'postCreateUser', [$user, $password]);
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
|
|
||||||
namespace Test\User;
|
namespace Test\User;
|
||||||
use OC\User\Database;
|
use OC\User\Database;
|
||||||
|
use OC\User\Manager;
|
||||||
use OCP\IConfig;
|
use OCP\IConfig;
|
||||||
use OCP\IUser;
|
use OCP\IUser;
|
||||||
use Test\TestCase;
|
use Test\TestCase;
|
||||||
|
@ -304,7 +305,6 @@ class ManagerTest extends TestCase {
|
||||||
|
|
||||||
$this->setExpectedException(\InvalidArgumentException::class, $exception);
|
$this->setExpectedException(\InvalidArgumentException::class, $exception);
|
||||||
$manager->createUser($uid, $password);
|
$manager->createUser($uid, $password);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testCreateUserSingleBackendNotExists() {
|
public function testCreateUserSingleBackendNotExists() {
|
||||||
|
@ -385,6 +385,25 @@ class ManagerTest extends TestCase {
|
||||||
$this->assertFalse($manager->createUser('foo', 'bar'));
|
$this->assertFalse($manager->createUser('foo', 'bar'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @expectedException \InvalidArgumentException
|
||||||
|
* @expectedExceptionMessage Could not create user
|
||||||
|
*/
|
||||||
|
public function testCreateUserFromBackendWithBackendError() {
|
||||||
|
/** @var IConfig|\PHPUnit_Framework_MockObject_MockObject $config */
|
||||||
|
$config = $this->createMock(IConfig::class);
|
||||||
|
/** @var \Test\Util\User\Dummy|\PHPUnit_Framework_MockObject_MockObject $backend */
|
||||||
|
$backend = $this->createMock(\Test\Util\User\Dummy::class);
|
||||||
|
$backend
|
||||||
|
->expects($this->once())
|
||||||
|
->method('createUser')
|
||||||
|
->with('MyUid', 'MyPassword')
|
||||||
|
->willReturn(false);
|
||||||
|
|
||||||
|
$manager = new Manager($config);
|
||||||
|
$manager->createUserFromBackend('MyUid', 'MyPassword', $backend);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException \Exception
|
* @expectedException \Exception
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue