Prevent user with empty uid#6
Conversation
|
@butonic, thanks for your PR! By analyzing the annotation information on this pull request, we identified @blizzz, @DeepDiver1975 and @VicDeo to be potential reviewers |
|
@owncloud/ldap quick review |
|
🚫 Assertions can be disabled, and we should assume they will disabled on production. Taking into account that the code depends on an external service (LDAP) whose configuration is completely unknown, we can't consider that the code will be "safe" to be run without assertions once it reach production. Just checking and throwing the exception seems a better option. |
5fed7d9 to
50d0b3a
Compare
|
@jvillafanez @DeepDiver1975 done, makes sense. |
|
👍 |
|
triple combo facepalm hit combo |
|
Please backport to 9.1 and 9.0 |
|
stable9.1: owncloud/core#26810 |
|
This field corresponds in the ldap app's expert tab to uuid or internal username? |
The uid might be empty if the mapped owncloud_username, eg. mail is empty. While admins should make sure the attribute is always set the ldap admins are only human. Errors happen and we need to protect against user errer. In this case we should die hard, giving everyone a hint at what might be wrong, which is why I use assert(). It will throw an exception and prevent further desaster. As in overwriting the quota for all users ...