Compare lowercase email when updating from ldap #33813
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
artonge
added
bug
3. to review
artonge
force-pushed
the
fix/infinite_email_change_notification
branch
from
1115490
to
b96c8fe
Compare
Merged
|
If the email already is being received lowercase it should also stay lower case. I would not know why or where this change would happen. The fix will surely work, however I am not sure this is should be necessary, when the issue might be elsewhere. Could you reproduce this behaviour? |
come-nc
reviewed
Sep 5, 2022
Merged
artonge
force-pushed
the
fix/infinite_email_change_notification
branch
from
b96c8fe
to
e184d57
Compare
|
My first analysis was wrong, I update the first comment, please review again, and thanks for the feedbacks :) |
CarlSchwan
approved these changes
Sep 6, 2022
come-nc
approved these changes
Sep 6, 2022
|
/backport to stable24 |
|
/backport to stable23 |
|
/backport to stable22 |
|
CI failure look unrelated |
|
/rebase |
|
Just to be sure ^ |
…though. - LDAP has an email address with capital letters - NC store this address in lower case - When the user logs in, we compare the [stored email with the new lower case email](https://github.com/nextcloud/server/blob/master/lib/private/AllConfig.php#L259-L261) before storing it. Here, both email will be the same, so we won't store the new email address with upper case letters. Which is what we want. - We then [compare emails as they are before triggering an event](https://github.com/nextcloud/server/blob/master/lib/private/User/User.php#L202-L204), they won't match, so the user will receive an email signaling an email change every time he logs in. The fix is to compare the old email with the new lower case email before sending the event. Signed-off-by: Louis Chemineau <louis@chmn.me>
nextcloud-command
force-pushed
the
fix/infinite_email_change_notification
branch
from
e184d57
to
6c11944
Compare
This was referenced Sep 6, 2022
CarlSchwan
added a commit
that referenced
this pull request
Oct 17, 2022
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: #33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
PVince81
pushed a commit
that referenced
this pull request
Dec 16, 2022
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: #33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
backportbot-nextcloud bot
pushed a commit
that referenced
this pull request
Dec 16, 2022
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: #33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
backportbot-nextcloud bot
pushed a commit
that referenced
this pull request
Dec 16, 2022
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: #33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
backportbot-nextcloud bot
pushed a commit
that referenced
this pull request
Dec 16, 2022
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: #33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
akhil1508
pushed a commit
to e-foundation/server
that referenced
this pull request
Dec 19, 2022
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: nextcloud#33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
The backports for 23 and 24 are still missing because they were reverted in the past: |
|
/backport to stable23 |
|
/backport to stable24 |
s8321414
pushed a commit
to MODAODF/odfweb
that referenced
this pull request
May 4, 2023
Otherwise we detect a email change all the time and since email are immutable in ldap this prevent updating other fields. Related: nextcloud/server#33813 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I dug into it again, and the issue is much simpler than I previously though.
The fix is to compare the old email with the new lower case email before sending the event.
Scenario:- Nextcloud has an email with capital letters for a user. No idea why, as it seems we are storing it in lowercases.- LDAP has the same email address.- The user log in, callingprocessAttributes, which callupdateEmail, which compare emails as they are stored ($currentEmail !== $email)- But when we are about to update the email, we once again check old and new values, but this time we lower case the new valueThis means that Nextcloud will try to update the email again and again because we compare an address email with its lower case equivalent. Remember that Nextcloud has an email with capital letter in its database.So the user will receive a continuous stream of email signaling an email change as we later compare email as they are before triggering the event.