RepairShareOwnership.php 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace OC\Core\Command\Maintenance;
  8. use OCP\DB\QueryBuilder\IQueryBuilder;
  9. use OCP\IDBConnection;
  10. use OCP\IUser;
  11. use OCP\IUserManager;
  12. use Symfony\Component\Console\Command\Command;
  13. use Symfony\Component\Console\Input\InputArgument;
  14. use Symfony\Component\Console\Input\InputInterface;
  15. use Symfony\Component\Console\Input\InputOption;
  16. use Symfony\Component\Console\Output\OutputInterface;
  17. use Symfony\Component\Console\Question\ConfirmationQuestion;
  18. class RepairShareOwnership extends Command {
  19. public function __construct(
  20. private IDBConnection $dbConnection,
  21. private IUserManager $userManager,
  22. ) {
  23. parent::__construct();
  24. }
  25. protected function configure() {
  26. $this
  27. ->setName('maintenance:repair-share-owner')
  28. ->setDescription('repair invalid share-owner entries in the database')
  29. ->addOption('no-confirm', 'y', InputOption::VALUE_NONE, "Don't ask for confirmation before repairing the shares")
  30. ->addArgument('user', InputArgument::OPTIONAL, 'User to fix incoming shares for, if omitted all users will be fixed');
  31. }
  32. protected function execute(InputInterface $input, OutputInterface $output): int {
  33. $noConfirm = $input->getOption('no-confirm');
  34. $userId = $input->getArgument('user');
  35. if ($userId) {
  36. $user = $this->userManager->get($userId);
  37. if (!$user) {
  38. $output->writeln("<error>user $userId not found</error>");
  39. return 1;
  40. }
  41. $shares = $this->getWrongShareOwnershipForUser($user);
  42. } else {
  43. $shares = $this->getWrongShareOwnership();
  44. }
  45. if ($shares) {
  46. $output->writeln('');
  47. $output->writeln('Found ' . count($shares) . ' shares with invalid share owner');
  48. foreach ($shares as $share) {
  49. /** @var array{shareId: int, fileTarget: string, initiator: string, receiver: string, owner: string, mountOwner: string} $share */
  50. $output->writeln(" - share {$share['shareId']} from \"{$share['initiator']}\" to \"{$share['receiver']}\" at \"{$share['fileTarget']}\", owned by \"{$share['owner']}\", that should be owned by \"{$share['mountOwner']}\"");
  51. }
  52. $output->writeln('');
  53. if (!$noConfirm) {
  54. $helper = $this->getHelper('question');
  55. $question = new ConfirmationQuestion('Repair these shares? [y/N]', false);
  56. if (!$helper->ask($input, $output, $question)) {
  57. return 0;
  58. }
  59. }
  60. $output->writeln('Repairing ' . count($shares) . ' shares');
  61. $this->repairShares($shares);
  62. } else {
  63. $output->writeln('Found no shares with invalid share owner');
  64. }
  65. return 0;
  66. }
  67. /**
  68. * @return array{shareId: int, fileTarget: string, initiator: string, receiver: string, owner: string, mountOwner: string}[]
  69. * @throws \OCP\DB\Exception
  70. */
  71. protected function getWrongShareOwnership(): array {
  72. $qb = $this->dbConnection->getQueryBuilder();
  73. $brokenShares = $qb
  74. ->select('s.id', 'm.user_id', 's.uid_owner', 's.uid_initiator', 's.share_with', 's.file_target')
  75. ->from('share', 's')
  76. ->join('s', 'filecache', 'f', $qb->expr()->eq($qb->expr()->castColumn('s.item_source', IQueryBuilder::PARAM_INT), 'f.fileid'))
  77. ->join('s', 'mounts', 'm', $qb->expr()->eq('f.storage', 'm.storage_id'))
  78. ->where($qb->expr()->neq('m.user_id', 's.uid_owner'))
  79. ->andWhere($qb->expr()->eq($qb->func()->concat($qb->expr()->literal('/'), 'm.user_id', $qb->expr()->literal('/')), 'm.mount_point'))
  80. ->executeQuery()
  81. ->fetchAll();
  82. $found = [];
  83. foreach ($brokenShares as $share) {
  84. $found[] = [
  85. 'shareId' => (int)$share['id'],
  86. 'fileTarget' => $share['file_target'],
  87. 'initiator' => $share['uid_initiator'],
  88. 'receiver' => $share['share_with'],
  89. 'owner' => $share['uid_owner'],
  90. 'mountOwner' => $share['user_id'],
  91. ];
  92. }
  93. return $found;
  94. }
  95. /**
  96. * @param IUser $user
  97. * @return array{shareId: int, fileTarget: string, initiator: string, receiver: string, owner: string, mountOwner: string}[]
  98. * @throws \OCP\DB\Exception
  99. */
  100. protected function getWrongShareOwnershipForUser(IUser $user): array {
  101. $qb = $this->dbConnection->getQueryBuilder();
  102. $brokenShares = $qb
  103. ->select('s.id', 'm.user_id', 's.uid_owner', 's.uid_initiator', 's.share_with', 's.file_target')
  104. ->from('share', 's')
  105. ->join('s', 'filecache', 'f', $qb->expr()->eq('s.item_source', $qb->expr()->castColumn('f.fileid', IQueryBuilder::PARAM_STR)))
  106. ->join('s', 'mounts', 'm', $qb->expr()->eq('f.storage', 'm.storage_id'))
  107. ->where($qb->expr()->neq('m.user_id', 's.uid_owner'))
  108. ->andWhere($qb->expr()->eq($qb->func()->concat($qb->expr()->literal('/'), 'm.user_id', $qb->expr()->literal('/')), 'm.mount_point'))
  109. ->andWhere($qb->expr()->eq('s.share_with', $qb->createNamedParameter($user->getUID())))
  110. ->executeQuery()
  111. ->fetchAll();
  112. $found = [];
  113. foreach ($brokenShares as $share) {
  114. $found[] = [
  115. 'shareId' => (int)$share['id'],
  116. 'fileTarget' => $share['file_target'],
  117. 'initiator' => $share['uid_initiator'],
  118. 'receiver' => $share['share_with'],
  119. 'owner' => $share['uid_owner'],
  120. 'mountOwner' => $share['user_id'],
  121. ];
  122. }
  123. return $found;
  124. }
  125. /**
  126. * @param array{shareId: int, fileTarget: string, initiator: string, receiver: string, owner: string, mountOwner: string}[] $shares
  127. * @return void
  128. */
  129. protected function repairShares(array $shares) {
  130. $this->dbConnection->beginTransaction();
  131. $update = $this->dbConnection->getQueryBuilder();
  132. $update->update('share')
  133. ->set('uid_owner', $update->createParameter('share_owner'))
  134. ->set('uid_initiator', $update->createParameter('share_initiator'))
  135. ->where($update->expr()->eq('id', $update->createParameter('share_id')));
  136. foreach ($shares as $share) {
  137. /** @var array{shareId: int, fileTarget: string, initiator: string, receiver: string, owner: string, mountOwner: string} $share */
  138. $update->setParameter('share_id', $share['shareId'], IQueryBuilder::PARAM_INT);
  139. $update->setParameter('share_owner', $share['mountOwner']);
  140. // if the broken owner is also the initiator it's safe to update them both, otherwise we don't touch the initiator
  141. if ($share['initiator'] === $share['owner']) {
  142. $update->setParameter('share_initiator', $share['mountOwner']);
  143. } else {
  144. $update->setParameter('share_initiator', $share['initiator']);
  145. }
  146. $update->executeStatement();
  147. }
  148. $this->dbConnection->commit();
  149. }
  150. }