Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

LDAP variables can be integers #35701

Closed
wants to merge 2 commits into from

Conversation

alpapan
Copy link

@alpapan alpapan commented Dec 9, 2022

Signed-off-by: Alexie Papanicolaou [email protected]

Some LDAP variables (such as cn / uids, group names) can be only integers. The is_string(int) returns false.
This commit adds an || is_numeric or !is_array() check for these use cases.
added // comments above most changes. I was not sure what UUID was and whether it could ever be just a number.

TODO

Please review.

  • Backports should be needed

Checklist

@solracsf solracsf changed the title Addresses #35642: LDAP variables can be integers LDAP variables can be integers Dec 9, 2022
@szaimen szaimen added the 3. to review Waiting for reviews label Dec 9, 2022
@szaimen szaimen added this to the Nextcloud 26 milestone Dec 9, 2022
@szaimen szaimen requested review from come-nc, CarlSchwan, ChristophWurst and blizzz and removed request for come-nc December 9, 2022 07:52
@@ -192,7 +192,8 @@
*/
protected function getDNHash(string $fdn): string {
$hash = hash('sha256', $fdn, false);
if (is_string($hash)) {
// very rare but a hash could just be numbers? is_string(int) would return false
if (is_string($hash) || is_numeric($hash)) {

Check failure

Code scanning / Psalm

TypeDoesNotContainType

Type false for $hash is never numeric
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in theory a sha256 can return just numbers. PHP will parse that as numeric and not a string AFAIK.

@@ -332,7 +332,7 @@
} else {
$finalValue = [];
foreach ($value as $key => $val) {
if (is_string($val)) {
if (is_string($val) || is_numeric($int)) {

Check failure

Code scanning / Psalm

UndefinedVariable

Cannot find referenced variable $int
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oops, that's my mistake!

@@ -703,7 +703,8 @@
if ($userMatch !== false) {
// match found so this user is in this group
$groupName = $this->access->dn2groupname($dynamicGroup['dn'][0]);
if (is_string($groupName)) {
// in case it is just an integer (is_string(int) returns false
if (is_string($groupName) || is_numeric($groupName)) {

Check notice

Code scanning / Psalm

DocblockTypeContradiction

Docblock-defined type false for $groupName is never numeric
@@ -1191,7 +1194,8 @@
if ($dn = $this->groupPluginManager->createGroup($gid)) {
//updates group mapping
$uuid = $this->access->getUUID($dn, false);
if (is_string($uuid)) {
// in case it is just an integer, not sure if this UUID could ever be an int though
if (is_string($uuid) || is_numeric($uuid)) {

Check notice

Code scanning / Psalm

DocblockTypeContradiction

Docblock-defined type false for $uuid is never numeric
@@ -304,7 +304,8 @@
* @throws \OC\ServerNotAvailableException
*/
public function userExistsOnLDAP($user, bool $ignoreCache = false): bool {
if (is_string($user)) {
// in case it is just an integer (is_string(int) returns false
if (is_string($user) || is_numeric($user)) {

Check notice

Code scanning / Psalm

DocblockTypeContradiction

Docblock-defined type OCA\User_LDAP\User\User for $user is never numeric
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why can't the username be just numbers?

@@ -645,7 +646,8 @@
if (is_string($dn)) {
// the NC user creation work flow requires a know user id up front
$uuid = $this->access->getUUID($dn, true);
if (is_string($uuid)) {
// not sure if UUID could ever be just a number
if (is_string($uuid) || is_numeric($uuid)) {

Check notice

Code scanning / Psalm

DocblockTypeContradiction

Docblock-defined type false for $uuid is never numeric
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IDK what UUID is but if it can ever be a string of integers, PHP parses that as an integer not a string (no typecasting)

@@ -730,7 +731,8 @@
$groupDNs = $this->_getGroupDNsFromMemberOf($userDN);
foreach ($groupDNs as $dn) {
$groupName = $this->access->dn2groupname($dn);
if (is_string($groupName)) {
// in case it is just an integer (is_string(int) returns false
if (is_string($groupName) || is_numeric($groupName)) {

Check notice

Code scanning / Psalm

DocblockTypeContradiction

Docblock-defined type false for $groupName is never numeric
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why can't the name of a group be just numbers?

Copy link
Contributor

@come-nc come-nc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with psalm that all these is_numeric checks are redundant. I will look into the bug and backtrace to try to understand what happens, ldap_* methods should always return values as strings to my knowledge, I need to look into where this int comes from.

@blizzz blizzz mentioned this pull request Feb 1, 2023
@skjnldsv skjnldsv mentioned this pull request Feb 23, 2023
@blizzz blizzz mentioned this pull request Mar 7, 2023
@blizzz blizzz modified the milestones: Nextcloud 26, Nextcloud 27 Mar 9, 2023
This was referenced May 3, 2023
@blizzz blizzz mentioned this pull request May 17, 2023
@blizzz blizzz modified the milestones: Nextcloud 27, Nextcloud 28 May 23, 2023
@skjnldsv skjnldsv mentioned this pull request Nov 1, 2023
This was referenced Nov 6, 2023
This was referenced Nov 14, 2023
@blizzz blizzz modified the milestones: Nextcloud 28, Nextcloud 29 Nov 23, 2023
@solracsf solracsf added 2. developing Work in progress and removed 3. to review Waiting for reviews labels Feb 7, 2024
This was referenced Mar 12, 2024
This was referenced Mar 20, 2024
@skjnldsv skjnldsv mentioned this pull request Mar 28, 2024
81 tasks
@skjnldsv skjnldsv modified the milestones: Nextcloud 29, Nextcloud 30 Mar 28, 2024
This was referenced Jul 30, 2024
This was referenced Aug 5, 2024
@skjnldsv skjnldsv mentioned this pull request Aug 13, 2024
@skjnldsv skjnldsv closed this Aug 14, 2024
@skjnldsv skjnldsv removed this from the Nextcloud 30 milestone Aug 14, 2024
@sorbaugh
Copy link
Contributor

Hello @alpapan, looks like the original issue was solved with a different approach! Wanted to still thank you for your contribution and hope to seeing more from you! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Bug]: LDAP usernames full-numeric (1234) gives Exception : Trying to access array|string on value of type int
8 participants