-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add method to query all user auth tokens #24686
Conversation
->where($qb->expr()->eq('uid', $qb->createParameter('uid'))) | ||
->setParameter('uid', $user->getUID()) | ||
->execute() | ||
->fetchAll(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please dont chain everything.
execute()
returns a different object, so please use a new variable.
also you should closeCursor()
on that new object.
What happens if a user has thousands of devices? does it make sense to limit the return? |
Are you talking about simply not showing more than X entries or pagination? As discussed with @PVince81 yesterday, we think pagination won´t be needed here assuming users won't have 20k connected clients. |
96c5094
to
e88ad56
Compare
Hard limit, this is only about an abuse case, but we want to make sure, that an abuser can still be listed and dealt with. |
@nickvergessen what kind of abuse are you talking about? Someone creating a large number of tokens? |
e88ad56
to
326683b
Compare
@@ -83,4 +84,28 @@ public function getToken($token) { | |||
return DefaultToken::fromRow($data); | |||
} | |||
|
|||
/** | |||
* Get all token of a user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does not match interface
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
which interface?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
its missing the warning
* The provider may limit the number of result rows in case of an abuse
* where a high number of (session) tokens is generated
If you don't want to repeat yourself, use
/**
* {@inheritdoc}
*/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please check again, there is no interface the mapper implements. DefaultTokenProvider
implements IProvider
and has the right doc block 😉
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I ment lib/private/Authentication/Token/DefaultTokenProvider.php
well then copy the doc lines from there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added…
ec0dd9c
to
2572192
Compare
Looks good now 👍 |
Looks really good 👍 |
2572192
to
946d330
Compare
Come on, Jenkins. 4 hours and still no results ? @ChristophWurst mind rebasing and repushing to kick his butt ? |
946d330
to
0626578
Compare
kicked |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
required for #24675 and the personal settings page PR I'm working on
@MorrisJobke @PVince81 @nickvergessen @rullzer