Skip to content

fix: return null instead of false in case of invalid quota#828

Open
jvillafanez wants to merge 1 commit into
masterfrom
fix_quota_handling_multiple_servers
Open

fix: return null instead of false in case of invalid quota#828
jvillafanez wants to merge 1 commit into
masterfrom
fix_quota_handling_multiple_servers

Conversation

@jvillafanez

Copy link
Copy Markdown
Member

Prevent switching to a different server (in a multiple server setup) in case quota isn't set for a particular user.

Related to https://github.com/owncloud/enterprise/issues/7040

@sonarqubecloud

Copy link
Copy Markdown

@phil-davis

Copy link
Copy Markdown
Contributor

There are some test fails for tests that seem to be better now.
For example, a test scenario linked to issue #49
https://drone.owncloud.com/owncloud/user_ldap/5351/29/13

  Scenario: authentication works when second of multiple configurations has an unreachable host configured # /var/www/owncloud/testrunner/apps/user_ldap/tests/acceptance/features/apiUserLDAP/serverConnection.feature:54

    Given a new LDAP config with the name "wrongLdapConfig" has been created                               # UserLdapGeneralContext::createNewLdapConfig()
    And LDAP config "wrongLdapConfig" has these settings:                                                  # UserLdapGeneralContext::ldapConfigHasTheseSettings()
...

    When user "Alice" requests "/index.php/apps/files" with "GET" using basic auth                         # AuthContext::userRequestsURLWithUsingBasicAuth()
    Then the HTTP status code should be "500"                                                              # FeatureContext::thenTheHTTPStatusCodeShouldBe()
      HTTP status code 200 is not the expected value 500
      Failed asserting that 200 matches expected '500'.

The test can be adjusted to expect the now good 200 status.

@jvillafanez

Copy link
Copy Markdown
Member Author

But the "authentication works when first of multiple configurations has an unreachable host configured" responds with a 500 status. This seems inconsistent to me, and people will complain.
Right now, you need to have all the LDAP servers connected in order to log in. It might not be the best idea, but it works like that.

@phil-davis

Copy link
Copy Markdown
Contributor

My point was just that the changed code in this PR has (somehow) changed the behavior of that test so that there is a 200 status rather than the previous 500 status. If that is a useful side-effect of the changed code then great, just change the test step to expect 200

@dj4oC dj4oC left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes UserEntry::getQuota() to return null instead of false for an invalid/unset quota value.

Findings

Stability — potential backward-compat break: this changes the documented return contract from string|false to string|null. Any caller (in this app or in owncloud/core) doing a strict === false (or == false, which would still work) check on the result of getQuota()/wherever this value flows into IUser::setQuota() or similar would silently stop treating "no quota set" as the sentinel it expects. I don't have visibility into all call sites from this diff alone — please confirm no caller relies on === false specifically before merging (a plain grep -rn "getQuota()" across user_ldap + core call sites would settle it).

  • The change itself (aligning with PHP's more idiomatic null for "no value") is reasonable and the removed if ($quota === null) { $quota = false; } block is consistent with the new signature.

Test coverage: no test included for the new null-return path.

Verdict

Commenting — low risk, but non-blocking confirmation needed on caller compatibility and a regression test for the null path before merge.

🤖 Automated review by Claude Code (security · stability · performance · coverage)


Generated by Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants