Skip to content

Commit 11bb942

Browse files
rullzerrullzer
authored
Merge pull request #16837 from nextcloud/backport/16820/16
[stable16] Change access handling of projects
2 parents c4bac01 + 4cbeb68 commit 11bb942

6 files changed

Lines changed: 78 additions & 4 deletions

File tree

lib/composer/composer/autoload_classmap.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1022,6 +1022,7 @@
10221022
'OC\\Repair\\NC15\\SetVcardDatabaseUID' => $baseDir . '/lib/private/Repair/NC15/SetVcardDatabaseUID.php',
10231023
'OC\\Repair\\NC16\\AddClenupLoginFlowV2BackgroundJob' => $baseDir . '/lib/private/Repair/NC16/AddClenupLoginFlowV2BackgroundJob.php',
10241024
'OC\\Repair\\NC16\\CleanupCardDAVPhotoCache' => $baseDir . '/lib/private/Repair/NC16/CleanupCardDAVPhotoCache.php',
1025+
'OC\\Repair\\NC16\\ClearCollectionsAccessCache' => $baseDir . '/lib/private/Repair/NC16/ClearCollectionsAccessCache.php',
10251026
'OC\\Repair\\NC16\\RemoveCypressFiles' => $baseDir . '/lib/private/Repair/NC16/RemoveCypressFiles.php',
10261027
'OC\\Repair\\OldGroupMembershipShares' => $baseDir . '/lib/private/Repair/OldGroupMembershipShares.php',
10271028
'OC\\Repair\\Owncloud\\DropAccountTermsTable' => $baseDir . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php',

lib/composer/composer/autoload_static.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1052,6 +1052,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
10521052
'OC\\Repair\\NC15\\SetVcardDatabaseUID' => __DIR__ . '/../../..' . '/lib/private/Repair/NC15/SetVcardDatabaseUID.php',
10531053
'OC\\Repair\\NC16\\AddClenupLoginFlowV2BackgroundJob' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/AddClenupLoginFlowV2BackgroundJob.php',
10541054
'OC\\Repair\\NC16\\CleanupCardDAVPhotoCache' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/CleanupCardDAVPhotoCache.php',
1055+
'OC\\Repair\\NC16\\ClearCollectionsAccessCache' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/ClearCollectionsAccessCache.php',
10551056
'OC\\Repair\\NC16\\RemoveCypressFiles' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/RemoveCypressFiles.php',
10561057
'OC\\Repair\\OldGroupMembershipShares' => __DIR__ . '/../../..' . '/lib/private/Repair/OldGroupMembershipShares.php',
10571058
'OC\\Repair\\Owncloud\\DropAccountTermsTable' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php',

lib/private/Collaboration/Resources/Manager.php

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -353,12 +353,15 @@ public function canAccessCollection(ICollection $collection, ?IUser $user): bool
353353
return $access;
354354
}
355355

356-
$access = false;
356+
$access = null;
357+
// Access is granted when a user can access all resources
357358
foreach ($collection->getResources() as $resource) {
358-
if ($resource->canAccess($user)) {
359-
$access = true;
359+
if (!$resource->canAccess($user)) {
360+
$access = false;
360361
break;
361362
}
363+
364+
$access = true;
362365
}
363366

364367
$this->cacheAccessForCollection($collection, $user, $access);
@@ -461,6 +464,14 @@ public function invalidateAccessCacheForResource(IResource $resource): void {
461464
}
462465
}
463466

467+
public function invalidateAccessCacheForAllCollections(): void {
468+
$query = $this->connection->getQueryBuilder();
469+
470+
$query->delete(self::TABLE_ACCESS_CACHE)
471+
->where($query->expr()->neq('collection_id', $query->createNamedParameter(0)));
472+
$query->execute();
473+
}
474+
464475
public function invalidateAccessCacheForCollection(ICollection $collection): void {
465476
$query = $this->connection->getQueryBuilder();
466477

lib/private/Repair.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,7 @@
4545
use OC\Repair\NC15\SetVcardDatabaseUID;
4646
use OC\Repair\NC16\AddClenupLoginFlowV2BackgroundJob;
4747
use OC\Repair\NC16\CleanupCardDAVPhotoCache;
48+
use OC\Repair\NC16\ClearCollectionsAccessCache;
4849
use OC\Repair\NC16\RemoveCypressFiles;
4950
use OC\Repair\OldGroupMembershipShares;
5051
use OC\Repair\Owncloud\DropAccountTermsTable;
@@ -58,6 +59,7 @@
5859
use OC\Template\SCSSCacher;
5960
use OCP\AppFramework\QueryException;
6061
use OCP\AppFramework\Utility\ITimeFactory;
62+
use OCP\Collaboration\Resources\IManager;
6163
use OCP\Migration\IOutput;
6264
use OCP\Migration\IRepairStep;
6365
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@@ -156,6 +158,7 @@ public static function getRepairSteps() {
156158
new CleanupCardDAVPhotoCache(\OC::$server->getConfig(), \OC::$server->getAppDataDir('dav-photocache'), \OC::$server->getLogger()),
157159
new AddClenupLoginFlowV2BackgroundJob(\OC::$server->getJobList()),
158160
new RemoveLinkShares(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getGroupManager(), \OC::$server->getNotificationManager(), \OC::$server->query(ITimeFactory::class)),
161+
new ClearCollectionsAccessCache(\OC::$server->getConfig(), \OC::$server->query(IManager::class)),
159162
\OC::$server->query(RemoveCypressFiles::class),
160163
];
161164
}

lib/private/Repair/NC16/ClearCollectionsAccessCache.php

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
<?php
2+
declare(strict_types=1);
3+
/**
4+
* @copyright Copyright (c) 2019 Joas Schilling <coding@schilljs.com>
5+
*
6+
* @license GNU AGPL version 3 or any later version
7+
*
8+
* This program is free software: you can redistribute it and/or modify
9+
* it under the terms of the GNU Affero General Public License as
10+
* published by the Free Software Foundation, either version 3 of the
11+
* License, or (at your option) any later version.
12+
*
13+
* This program is distributed in the hope that it will be useful,
14+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
15+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16+
* GNU Affero General Public License for more details.
17+
*
18+
* You should have received a copy of the GNU Affero General Public License
19+
* along with this program. If not, see <http://www.gnu.org/licenses/>.
20+
*
21+
*/
22+
23+
namespace OC\Repair\NC16;
24+
25+
use OC\Collaboration\Resources\Manager;
26+
use OCP\Collaboration\Resources\IManager;
27+
use OCP\IConfig;
28+
use OCP\Migration\IOutput;
29+
use OCP\Migration\IRepairStep;
30+
31+
class ClearCollectionsAccessCache implements IRepairStep {
32+
33+
/** @var IConfig */
34+
private $config;
35+
36+
/** @var IManager|Manager */
37+
private $manager;
38+
39+
public function __construct(IConfig $config, IManager $manager) {
40+
$this->config = $config;
41+
$this->manager = $manager;
42+
}
43+
44+
public function getName(): string {
45+
return 'Clear access cache of projects';
46+
}
47+
48+
private function shouldRun(): bool {
49+
$versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0.0');
50+
return version_compare($versionFromBeforeUpdate, '16.0.4.2', '<=');
51+
}
52+
53+
public function run(IOutput $output): void {
54+
if ($this->shouldRun()) {
55+
$this->manager->invalidateAccessCacheForAllCollections();
56+
}
57+
}
58+
}

version.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@
2929
// between betas, final and RCs. This is _not_ the public version number. Reset minor/patchlevel
3030
// when updating major/minor version number.
3131

32-
$OC_Version = array(16, 0, 4, 1);
32+
$OC_Version = array(16, 0, 4, 2);
3333

3434
// The human readable string
3535
$OC_VersionString = '16.0.4';

0 commit comments

Comments
 (0)