Merge pull request #10462 from nextcloud/fix/provider-registry-duplicate-entries
Fix duplicate inserts in the 2fa provider registry DAO
This commit is contained in:
commit
eedfb0d8a4
|
@ -1,6 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
declare(strict_types = 1);
|
declare(strict_types=1);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
|
* @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
@ -59,7 +59,7 @@ class ProviderUserAssignmentDao {
|
||||||
$result = $query->execute();
|
$result = $query->execute();
|
||||||
$providers = [];
|
$providers = [];
|
||||||
foreach ($result->fetchAll() as $row) {
|
foreach ($result->fetchAll() as $row) {
|
||||||
$providers[$row['provider_id']] = 1 === (int) $row['enabled'];
|
$providers[$row['provider_id']] = 1 === (int)$row['enabled'];
|
||||||
}
|
}
|
||||||
$result->closeCursor();
|
$result->closeCursor();
|
||||||
|
|
||||||
|
@ -72,15 +72,23 @@ class ProviderUserAssignmentDao {
|
||||||
public function persist(string $providerId, string $uid, int $enabled) {
|
public function persist(string $providerId, string $uid, int $enabled) {
|
||||||
$qb = $this->conn->getQueryBuilder();
|
$qb = $this->conn->getQueryBuilder();
|
||||||
|
|
||||||
// TODO: concurrency? What if (providerId, uid) private key is inserted
|
// First, try to update an existing entry
|
||||||
// twice at the same time?
|
$updateQuery = $qb->update(self::TABLE_NAME)
|
||||||
$query = $qb->insert(self::TABLE_NAME)->values([
|
->set('enabled', $qb->createNamedParameter($enabled))
|
||||||
'provider_id' => $qb->createNamedParameter($providerId),
|
->where($qb->expr()->eq('provider_id', $qb->createNamedParameter($providerId)))
|
||||||
'uid' => $qb->createNamedParameter($uid),
|
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid)));
|
||||||
'enabled' => $qb->createNamedParameter($enabled, IQueryBuilder::PARAM_INT),
|
$updatedRows = $updateQuery->execute();
|
||||||
]);
|
|
||||||
|
|
||||||
$query->execute();
|
// If this (providerId, UID) key tuple is new, we have to insert it
|
||||||
|
if (0 === (int)$updatedRows) {
|
||||||
|
$insertQuery = $qb->insert(self::TABLE_NAME)->values([
|
||||||
|
'provider_id' => $qb->createNamedParameter($providerId),
|
||||||
|
'uid' => $qb->createNamedParameter($uid),
|
||||||
|
'enabled' => $qb->createNamedParameter($enabled, IQueryBuilder::PARAM_INT),
|
||||||
|
]);
|
||||||
|
|
||||||
|
$insertQuery->execute();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -93,4 +93,23 @@ class ProviderUserAssignmentDaoTest extends TestCase {
|
||||||
$this->assertCount(1, $data);
|
$this->assertCount(1, $data);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testPersistTwice() {
|
||||||
|
$qb = $this->dbConn->getQueryBuilder();
|
||||||
|
|
||||||
|
$this->dao->persist('twofactor_totp', 'user123', 0);
|
||||||
|
$this->dao->persist('twofactor_totp', 'user123', 1);
|
||||||
|
|
||||||
|
$q = $qb
|
||||||
|
->select('*')
|
||||||
|
->from(ProviderUserAssignmentDao::TABLE_NAME)
|
||||||
|
->where($qb->expr()->eq('provider_id', $qb->createNamedParameter('twofactor_totp')))
|
||||||
|
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter('user123')))
|
||||||
|
->andWhere($qb->expr()->eq('enabled', $qb->createNamedParameter(1)));
|
||||||
|
$res = $q->execute();
|
||||||
|
$data = $res->fetchAll();
|
||||||
|
$res->closeCursor();
|
||||||
|
|
||||||
|
$this->assertCount(1, $data);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue