mirror of
https://github.com/nextcloud/server.git
synced 2026-05-28 04:32:30 -04:00
invalidate user session if the user is disabled
This commit is contained in:
Christoph Wurst
parent
dec3f9ebcb
commit
c20cdc2213
2 changed files with 51 additions and 3 deletions
|
|
@ -206,7 +206,7 @@ class Session implements IUserSession, Emitter {
|
|||
return;
|
||||
}
|
||||
|
||||
// Check whether login credentials are still valid
|
||||
// Check whether login credentials are still valid and the user was not disabled
|
||||
// This check is performed each 5 minutes
|
||||
$lastCheck = $this->session->get('last_login_check') ? : 0;
|
||||
$now = $this->timeFacory->getTime();
|
||||
|
|
@ -219,8 +219,9 @@ class Session implements IUserSession, Emitter {
|
|||
return;
|
||||
}
|
||||
|
||||
if ($this->manager->checkPassword($user->getUID(), $pwd) === false) {
|
||||
// Password has changed -> log user out
|
||||
if ($this->manager->checkPassword($user->getUID(), $pwd) === false
|
||||
|| !$user->isEnabled()) {
|
||||
// Password has changed or user was disabled -> log user out
|
||||
$this->logout();
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -509,4 +509,51 @@ class SessionTest extends \Test\TestCase {
|
|||
$this->assertFalse($userSession->tryTokenLogin($request));
|
||||
}
|
||||
|
||||
public function testValidateSessionDisabledUser() {
|
||||
$userManager = $this->getMock('\OCP\IUserManager');
|
||||
$session = $this->getMock('\OCP\ISession');
|
||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory');
|
||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider');
|
||||
$userSession = $this->getMockBuilder('\OC\User\Session')
|
||||
->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider])
|
||||
->setMethods(['logout'])
|
||||
->getMock();
|
||||
|
||||
$user = $this->getMock('\OCP\IUser');
|
||||
$token = $this->getMock('\OC\Authentication\Token\IToken');
|
||||
|
||||
$session->expects($this->once())
|
||||
->method('getId')
|
||||
->will($this->returnValue('sessionid'));
|
||||
$tokenProvider->expects($this->once())
|
||||
->method('getToken')
|
||||
->with('sessionid')
|
||||
->will($this->returnValue($token));
|
||||
$session->expects($this->once())
|
||||
->method('get')
|
||||
->with('last_login_check')
|
||||
->will($this->returnValue(1000));
|
||||
$timeFactory->expects($this->once())
|
||||
->method('getTime')
|
||||
->will($this->returnValue(5000));
|
||||
$tokenProvider->expects($this->once())
|
||||
->method('getPassword')
|
||||
->with($token, 'sessionid')
|
||||
->will($this->returnValue('123456'));
|
||||
$user->expects($this->once())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('user5'));
|
||||
$userManager->expects($this->once())
|
||||
->method('checkPassword')
|
||||
->with('user5', '123456')
|
||||
->will($this->returnValue(true));
|
||||
$user->expects($this->once())
|
||||
->method('isEnabled')
|
||||
->will($this->returnValue(false));
|
||||
$userSession->expects($this->once())
|
||||
->method('logout');
|
||||
|
||||
$this->invokePrivate($userSession, 'validateSession', [$user]);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue