Files not accessible after sharing LDAP user was deleted

[gema2007]

Steps to reproduce

user1 shares files with user2
user1 ist deleted from the LDAP server and appears in the remnants table (php occ ldap:show-remnants)
user2 can’t access all his files until user1 is deleted from nextcloud with “php occ user:delete user1”. The logfile says “OC\User\NoUserException: user1 is not a valid user anymore”.

Expeted behaviour

user2 can normally access his files

Actual behaviour

user2 can't access any files
The logfile says “OC\User\NoUserException: user1 is not a valid user anymore”

Server configuration

Operating system: Ubuntu 16.04

Web server: Apache 2.4.18

Database: MySQL

PHP version: 7.0

Nextcloud version: 14.01

Updated from an older Nextcloud/ownCloud or fresh install: updated

Where did you install Nextcloud from:

Signing status:

Signing status

Login as admin user into your Nextcloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results here.

List of activated apps:

App list

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your Nextcloud installation folder

Nextcloud configuration:

Config report

If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder

or 

Insert your config.php content here. 
Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)

Are you using external storage, if yes which one: local/smb/sftp/...

Are you using encryption: no

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...

LDAP configuration (delete this part if not used)

LDAP config

With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your Nextcloud installation folder

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';


Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

Client configuration

Browser:

Operating system:

Logs

Web server error log

Web server error log

Insert your webserver log here

Nextcloud log (data/nextcloud.log)

Nextcloud log

Insert your Nextcloud log here

Browser log

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log
c) ...

[nextcloud-bot]

GitMate.io thinks possibly related issues are #4017 (LDAP user not able to delete folder), #1708 (Sharing: Cannot delete files from share ), #8651 (Delete a file of a not a valid user (LDAP)), #5577 (Cannot delete User which is deleted in LDAP), and #3854 ("Resharing is not allowed" for LDAP users).

[MorrisJobke]

cc @blizzz

[Zappatron]

I am seeing this exact same issue. Re-enabling the user in the LDAP source allows the users they have shared with to see their root directory again.

If someone could advise on the best solution to this (if there is one), other than deleting the user from nextcloud that would be appreciated.

[blizzz]

@gema2007 @Zappatron can you check again with 14.0.2 (right now the RC is available)? It has a fix that deals with failed storages.

[MorrisJobke]

Let's close it for now until we know that it is still not fixed in 14.0.2

[jmallach]

I am seeing this with 14.0.5.

[MorrisJobke]

There is no 14.0.5 🤔

[jmallach]

Heh, sorry, this is a slow morning here. 😛 I meant 14.0.3.

[jmallach]

I have checked the users that were appearing in the log, and after making sure they were safe to remove, I user:delete'd them. The error log is clean now, but user2 still just gets a spinner and cannot access any of their files.

This might be an unrelated issue though as I have also checked that user1 in our case had never shared anything with user2.

[jmallach]

Might this be related?

in ldap:show-remnants

 | 336ea700-57d4-1035-8ae1-e1fde675b423 | User One                             | user1                         | uid=user1,dc=megacorp,dc=com                         | June 27, 2018      |     | Y      |

but then:

Starting scan for user 1 out of 1 (336ea700-57d4-1035-8ae1-e1fde675b423)

+---------+-------+--------------+
| Folders | Files | Elapsed time |
+---------+-------+--------------+
| 0       | 0     | 00:00:00     |
+---------+-------+--------------+

How can there be 0 files if show-remnants reports the user was a sharer?

[MorrisJobke]

cc @blizzz

[jmallach]

A bit more info. User2 reports:

All files: spinner (and nothing else shows up)
Shares - Shared with others: I see files there
Shares - Shared with you: "Nothing shared with you yet" -- not true
Shares - Shared by link: I see 1 file, that's OK
Shares - Deleted shares: "Nothing shared with you yet" probably OK, not sure

[blizzz]

@jmallach do you have a log (maybe a backtrace)?

[jmallach]

No, but I can provide if you point me at docs on how ot get the info you need.

[jmallach]

I have this in the log, for a few different users:

{"reqId":"LoPyzB8U7eW8mfx1YhNI","level":3,"time":"2018-10-24T03:40:25+00:00","remoteAddr":"90.255.160.55","user":"23f543d6-761d-1034-8e5d-33fd28127336","app":"no app in context","method":"PROPFIND","url":"\/remote.php\/dav\/files\/23f543d6-761d-1034-8e5d-33fd28127336\/","message":{"Exception":"OC\\User\\NoUserException","Message":"06adca8e-b428-1034-8008-4130d8a2ae91 is not a valid user anymore","Code":0,"Trace":[{"function":"getHome","class":"OCA\\User_LDAP\\User_LDAP","type":"->","args":["06adca8e-b428-1034-8008-4130d8a2ae91"]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/user_ldap\/lib\/User_Proxy.php","line":108,"function":"call_user_func_array","args":[[{"__class__":"OCA\\User_LDAP\\User_LDAP"},"getHome"],["06adca8e-b428-1034-8008-4130d8a2ae91"]]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/user_ldap\/lib\/Proxy.php","line":150,"function":"callOnLastSeenOn","class":"OCA\\User_LDAP\\User_Proxy","type":"->","args":["06adca8e-b428-1034-8008-4130d8a2ae91","getHome",["06adca8e-b428-1034-8008-4130d8a2ae91"],false]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/user_ldap\/lib\/User_Proxy.php","line":227,"function":"handleRequest","class":"OCA\\User_LDAP\\Proxy","type":"->","args":["06adca8e-b428-1034-8008-4130d8a2ae91","getHome",["06adca8e-b428-1034-8008-4130d8a2ae91"]]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/User\/User.php","line":282,"function":"getHome","class":"OCA\\User_LDAP\\User_Proxy","type":"->","args":["06adca8e-b428-1034-8008-4130d8a2ae91"]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Storage\/Home.php","line":53,"function":"getHome","class":"OC\\User\\User","type":"->","args":[]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Mount\/MountPoint.php","line":147,"function":"__construct","class":"OC\\Files\\Storage\\Home","type":"->","args":[{"user":{"__class__":"OC\\User\\User"}}]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Mount\/MountPoint.php","line":172,"function":"createStorage","class":"OC\\Files\\Mount\\MountPoint","type":"->","args":[]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Filesystem.php","line":320,"function":"getStorage","class":"OC\\Files\\Mount\\MountPoint","type":"->","args":[]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Filesystem.php","line":442,"function":"getStorage","class":"OC\\Files\\Filesystem","type":"::","args":["06adca8e-b428-1034-8008-4130d8a2ae91"]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/SharedStorage.php","line":126,"function":"initMountPoints","class":"OC\\Files\\Filesystem","type":"::","args":["06adca8e-b428-1034-8008-4130d8a2ae91"]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/SharedStorage.php","line":479,"function":"init","class":"OCA\\Files_Sharing\\SharedStorage","type":"->","args":[]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Storage\/Wrapper\/Jail.php","line":219,"function":"getWrapperStorage","class":"OCA\\Files_Sharing\\SharedStorage","type":"->","args":[]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/SharedStorage.php","line":198,"function":"getPermissions","class":"OC\\Files\\Storage\\Wrapper\\Jail","type":"->","args":[""]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/Storage\/Wrapper\/Wrapper.php","line":214,"function":"getPermissions","class":"OCA\\Files_Sharing\\SharedStorage","type":"->","args":[""]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/Cache.php","line":148,"function":"getPermissions","class":"OC\\Files\\Storage\\Wrapper\\Wrapper","type":"->","args":[""]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/Cache.php","line":114,"function":"formatCacheEntry","class":"OCA\\Files_Sharing\\Cache","type":"->","args":[{"__class__":"OC\\Files\\Cache\\CacheEntry"},""]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/FileInfo.php","line":359,"function":"get","class":"OCA\\Files_Sharing\\Cache","type":"->","args":[""]},{"file":"\/srv\/nextcloud.megacorp.com\/www\/lib\/private\/Files\/

[jmallach]

I have also spotted this, probably related:

{"reqId":"2aysHsZa4rbyKDT8tCeK","level":3,"time":"2018-10-24T08:46:35+00:00","remoteAddr":"145.236.62.91","user":"242d706c-761d-1034-8e99-33fd28127336","app":"PHP","method":"GET","url":"\/ocs\/v1.php\/apps\/files_sharing\/api\/v1\/shares?format=json&shared_with_me=true&include_tags=true","message":"Undefined offset: 0 at \/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/Controller\/ShareAPIController.php#178","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.67 Safari\/537.36","version":"14.0.3.0"}
{"reqId":"2aysHsZa4rbyKDT8tCeK","level":3,"time":"2018-10-24T08:46:35+00:00","remoteAddr":"145.236.62.91","user":"242d706c-761d-1034-8e99-33fd28127336","app":"PHP","method":"GET","url":"\/ocs\/v1.php\/apps\/files_sharing\/api\/v1\/shares?format=json&shared_with_me=true&include_tags=true","message":"Error: Call to a member function getPath() on null at \/srv\/nextcloud.megacorp.com\/www\/apps\/files_sharing\/lib\/Controller\/ShareAPIController.php#182","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.67 Safari\/537.36","version":"14.0.3.0"}

[sergiomb2]

In 15.0.7 it is present

[sergiomb2]

how I delete the share of non-existing user ?

[sergiomb2]

how I delete the share of non-existing user ?

#4117 (comment)

[blizzz]

also cf. https://docs.nextcloud.com/server/16/admin_manual/configuration_user/user_auth_ldap_cleanup.html

[bluikko]

Same thing in 16.0.5 and it is so annoying.

The link from @blizzz explains the process I've been using but in a busy environment this really needs to be automated and run often or users are complaining all the time that their Desktop sync does not work.

And of course the occ output for ldap:show-remnants is in a "fancy" table format. I can of course write a parser for it, but I should not have to. What should be a simple task (deleting a user) is made a huge mountain of work due to #15536, this #11551, and others. In addition to "--no-ansi" parameter there should be a "--brief" or similar option that skips the "fancy" table output and outputs something similar to CSV, hopefully without headers also.

[blizzz]

you can try out #17717, but if it goes in, it won't be backported

[skjnldsv]

I guess this is fixed with 17717.
If this is still happening after an upgrade to the latest version, feel free to reopen