Skip to content

Commit

Permalink
Remove obsolete user credentials feature (#2709)
Browse files Browse the repository at this point in the history 
User credentials are no longer used for anything but matching email
addresses to themselves through convoluted code paths. This PR removes
all references to user credentials in the UI and deletes the underlying
`user2repository` table.
  • Loading branch information
@williamjallen
williamjallen authored Feb 15, 2025
1 parent 5f0a637 commit e55bed2
Show file tree
Hide file tree
Showing 20 changed files with 59 additions and 790 deletions.
24 changes: 1 addition & 23 deletions app/Http/Controllers/BuildController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -634,29 +634,7 @@ public function viewUpdatePageContent(): JsonResponse
$file['filename'] = $update_file->Filename;
$file['author'] = $update_file->Author;
$file['status'] = $update_file->Status;

// Only display email if the user is logged in.
if (Auth::check()) {
if ($update_file->Email == '') {
// Try to find author email from repository credentials.
$stmt = $db->prepare('
SELECT email FROM user WHERE id IN (
SELECT up.userid FROM user2project AS up, user2repository AS ur
WHERE ur.userid=up.userid
AND up.projectid=:projectid
AND ur.credential=:author
AND (ur.projectid=0 OR ur.projectid=:projectid) )
LIMIT 1');
$stmt->bindParam(':projectid', $this->project->Id);
$stmt->bindParam(':author', $file['author']);
$db->execute($stmt);
$file['email'] = $stmt ? $stmt->fetchColumn() : '';
} else {
$file['email'] = $update_file->Email;
}
} else {
$file['email'] = '';
}
$file['email'] = '';

$file['log'] = $update_file->Log;
$file['revision'] = $update_file->Revision;
Expand Down
69 changes: 2 additions & 67 deletions app/Http/Controllers/ManageProjectRolesController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,11 +66,8 @@ public function viewPage(): View|RedirectResponse
$emailtype = (int) $emailtype;
}

@$credentials = $_POST['credentials'];
@$repositoryCredential = $_POST['repositoryCredential'];
@$updateuser = $_POST['updateuser'];
@$importUsers = $_POST['importUsers'];
@$registerUsers = $_POST['registerUsers'];

@$registerUser = $_POST['registerUser'];

Expand Down Expand Up @@ -111,36 +108,12 @@ public function viewPage(): View|RedirectResponse
if ($lastName != null) {
$lastName = htmlspecialchars(pdo_real_escape_string($lastName));
}
@$repositoryCredential = $_POST['registeruserrepositorycredential'];

if (strlen($email) < 3 || strlen($firstName) < 2 || strlen($lastName) < 2) {
$xml .= '<error>Email, first name and last name should be filled out.</error>';
} else {
// Call the register_user function
$xml .= $this->register_user($projectid, $email, $firstName, $lastName, $repositoryCredential);
}
}

// Register CVS users
if ($registerUsers) {
$cvslogins = $_POST['cvslogin'];
$emails = $_POST['email'];
$firstnames = $_POST['firstname'];
$lastnames = $_POST['lastname'];
$cvsuser = $_POST['cvsuser'];

for ($logini = 0; $logini < count($cvslogins); $logini++) {
if (!isset($cvsuser[$logini])) {
continue;
}

$cvslogin = $cvslogins[$logini];
$email = $emails[$logini];
$firstName = $firstnames[$logini];
$lastName = $lastnames[$logini];

// Call the register_user function
$xml .= $this->register_user($projectid, $email, $firstName, $lastName, $cvslogin);
$xml .= $this->register_user($projectid, $email, $firstName, $lastName);
}
}

Expand All @@ -153,7 +126,6 @@ public function viewPage(): View|RedirectResponse
$UserProject->Role = $role;
$UserProject->EmailType = 1;
$UserProject->Save();
$UserProject->AddCredential($repositoryCredential);
}
}

Expand All @@ -162,19 +134,14 @@ public function viewPage(): View|RedirectResponse
// Remove the user
if ($removeuser) {
DB::delete('DELETE FROM user2project WHERE userid=? AND projectid=?', [$userid, $projectid]);
DB::delete('DELETE FROM user2repository WHERE userid=? AND projectid=?', [$userid, $projectid]);
}

// Update the user
if ($updateuser) {
// Update the credentials
$UserProject = new UserProject();
$UserProject->ProjectId = $projectid;
$UserProject->UserId = $userid;

$credentials_array = explode(';', $credentials);
$UserProject->UpdateCredentials($credentials_array);

$UserProject->Role = $role;
$UserProject->EmailType = $emailtype;
$UserProject->Save();
Expand Down Expand Up @@ -308,22 +275,6 @@ public function viewPage(): View|RedirectResponse
$xml .= add_XML_value('lastname', $user_array['lastname']);
$xml .= add_XML_value('email', $user_array['email']);

$credentials = $db->executePrepared('
SELECT credential
FROM user2repository as ur
WHERE
ur.userid=?
AND (
ur.projectid=?
OR ur.projectid=0
)
', [$userid, intval($projectid)]);
add_last_sql_error('ManageProjectRole');

foreach ($credentials as $credentials_array) {
$xml .= add_XML_value('repositorycredential', $credentials_array['credential']);
}

$xml .= add_XML_value('role', $user_array['role']);
$xml .= add_XML_value('emailtype', $user_array['emailtype']);

Expand Down Expand Up @@ -374,7 +325,7 @@ private static function find_site_maintainers(int $projectid): array
return array_unique($userids);
}

private function register_user($projectid, $email, $firstName, $lastName, $repositoryCredential)
private function register_user($projectid, $email, $firstName, $lastName)
{
if (config('auth.project_admin_registration_form_enabled') === false) {
return '<error>Users cannot be registered via this form at the current time.</error>';
Expand All @@ -397,11 +348,6 @@ private function register_user($projectid, $email, $firstName, $lastName, $repos
$UserProject->EmailType = 1;
$UserProject->Save();

// We add the credentials if not already added
$UserProject->AddCredential($repositoryCredential);
$UserProject->ProjectId = 0;
$UserProject->AddCredential($email); // Add the email by default

if (strlen(pdo_error()) > 0) {
throw new RuntimeException(pdo_error());
}
Expand All @@ -411,12 +357,6 @@ private function register_user($projectid, $email, $firstName, $lastName, $repos
return '<error>User ' . $email . ' already registered.</error>';
} // already registered

// Check if the repositoryCredential exists for this project
$UserProject->RepositoryCredential = $repositoryCredential;
if ($UserProject->FillFromRepositoryCredential() === true) {
return '<error>' . $repositoryCredential . ' was already registered for this project under a different email address</error>';
}

// Register the user
// Create a new password
$pass = Str::password(10);
Expand All @@ -437,11 +377,6 @@ private function register_user($projectid, $email, $firstName, $lastName, $repos
$UserProject->EmailType = 1;
$UserProject->Save();

// We add the credentials if not already added
$UserProject->AddCredential($repositoryCredential);
$UserProject->ProjectId = 0;
$UserProject->AddCredential($email); // Add the email by default

$prefix = '';
if (strlen($firstName) > 0) {
$prefix = ' ';
Expand Down
43 changes: 0 additions & 43 deletions app/Http/Controllers/SubscribeProjectController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
use CDash\Model\Label;
use CDash\Model\LabelEmail;
use CDash\Model\Project;
use CDash\Model\UserProject;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
Expand Down Expand Up @@ -95,7 +94,6 @@ public function subscribeProject(): View|RedirectResponse

if ($Unsubscribe) {
DB::delete('DELETE FROM user2project WHERE userid=? AND projectid=?', [$user->id, $this->project->Id]);
DB::delete('DELETE FROM user2repository WHERE userid=? AND projectid=?', [$user->id, $this->project->Id]);

// Remove the claim sites for this project if they are only part of this project
DB::delete('
Expand Down Expand Up @@ -144,12 +142,6 @@ public function subscribeProject(): View|RedirectResponse
$this->project->Id,
]);

// Update the repository credential
$UserProject = new UserProject();
$UserProject->ProjectId = $this->project->Id;
$UserProject->UserId = $user->id;
$UserProject->UpdateCredentials($Credentials);

if ($Role == 0) {
// Remove the claim sites for this project if they are only part of this project
DB::delete('
Expand Down Expand Up @@ -207,12 +199,6 @@ public function subscribeProject(): View|RedirectResponse
$this->project->Id,
]);

// Update the repository credential
$UserProject = new UserProject();
$UserProject->ProjectId = $this->project->Id;
$UserProject->UserId = $user->id;
$UserProject->UpdateCredentials($Credentials);

if ($Role == 0) {
// Remove the claim sites for this project if they are only part of this project
DB::delete('
Expand Down Expand Up @@ -251,39 +237,10 @@ public function subscribeProject(): View|RedirectResponse
$EmailSuccess,
$EmailMissingSites,
]);

$UserProject = new UserProject();
$UserProject->ProjectId = $this->project->Id;
$UserProject->UserId = $user->id;
foreach ($Credentials as $credential) {
$UserProject->AddCredential($credential);
}
}
return redirect('/user?note=subscribedtoproject');
}

// XML
// Show the current credentials for the user
$query = $db->executePrepared('
SELECT credential, projectid
FROM user2repository
WHERE
userid=?
AND (
projectid=?
OR projectid=0
)
', [$user->id, $this->project->Id]);

$credential_num = 0;
foreach ($query as $credential_array) {
if (intval($credential_array['projectid']) === 0) {
$xml .= add_XML_value('global_credential', $credential_array['credential']);
} else {
$xml .= add_XML_value('credential_' . $credential_num++, $credential_array['credential']);
}
}

$xml .= '<project>';
$xml .= add_XML_value('id', $this->project->Id);
$xml .= add_XML_value('name', $this->project->Name);
Expand Down
33 changes: 1 addition & 32 deletions app/Http/Controllers/UserController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,45 +435,14 @@ public function edit(): View
$error_msg = 'Password has expired';
}

// Update the credentials
if (isset($_POST['updatecredentials'])) {
$credentials = $_POST['credentials'] ?? [];
$UserProject = new UserProject();
$UserProject->ProjectId = 0;
$UserProject->UserId = $userid;
$credentials[] = $user->Email;
$UserProject->UpdateCredentials($credentials);
}

// List the credentials
$credentials_query = DB::select('
SELECT credential
FROM user2repository
WHERE
userid = ?
AND projectid = 0
', [(int) $userid]);

$credentials = [];

foreach ($credentials_query as $credential) {
if ($credential->credential === $user->Email) {
// Move the email credential (which cannot be changed) to the top of the array
array_unshift($credentials, $credential->credential);
} else {
$credentials[] = $credential->credential;
}
}

if (($_GET['reason'] ?? '') === 'expired') {
$error_msg = 'Your password has expired. Please set a new one.';
}

return $this->view('auth.profile')
->with('user', $user)
->with('error', $error_msg)
->with('message', $other_msg)
->with('credentials', $credentials);
->with('message', $other_msg);
}

public function recoverPassword(): View
Expand Down
30 changes: 5 additions & 25 deletions app/cdash/app/Controller/Api/Index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
use CDash\Model\Build;
use CDash\Model\BuildGroup;
use CDash\Model\Project;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;

Expand Down Expand Up @@ -134,22 +133,7 @@ public function getDailyBuilds(): array
{
$query_params = [];

// If the user is logged in we display if the build has some changes for them.
$userupdatesql = '';
if (Auth::check()) {
$userupdatesql = '(SELECT count(updatefile.updateid) FROM updatefile,build2update,user2project,user2repository
WHERE build2update.buildid=b.id
AND build2update.updateid=updatefile.updateid
AND user2project.projectid=b.projectid
AND user2project.userid=?
AND user2repository.userid=user2project.userid
AND (user2repository.projectid=0 OR user2repository.projectid=b.projectid)
AND user2repository.credential=updatefile.author) AS userupdates,';

$query_params[] = Auth::id();
}

$sql = $this->getIndexQuery($userupdatesql);
$sql = $this->getIndexQuery();
$sql .= " WHERE b.projectid=? AND g.type='Daily' ";
$query_params[] = (int) $this->project->Id;

Expand Down Expand Up @@ -278,10 +262,10 @@ public function getDynamicBuilds(): array

// Encapsulate this monster query so that it is not duplicated between
// index.php and get_dynamic_builds.
public function getIndexQuery(string $userupdatesql = ''): string
public function getIndexQuery(): string
{
return
"SELECT b.id,b.siteid,b.parentid,b.done,b.changeid,b.testduration,
'SELECT b.id,b.siteid,b.parentid,b.done,b.changeid,b.testduration,
bu.status AS updatestatus,
b.osname AS osname,
bu.starttime AS updatestarttime,
Expand All @@ -306,8 +290,7 @@ public function getIndexQuery(string $userupdatesql = ''): string
tstatusfailed_diff.difference_negative AS countteststimestatusfaileddiffn,
(SELECT count(buildid) FROM build2note WHERE buildid=b.id) AS countnotes,
(SELECT count(buildid) FROM comments WHERE buildid=b.id) AS countcomments,
$userupdatesql
s.name AS sitename,
s.name AS sitename,
s.outoforder AS siteoutoforder,
b.stamp,b.name,b.type,b.generator,b.starttime,b.endtime,b.submittime,
b.configureerrors AS countconfigureerrors,
Expand Down Expand Up @@ -347,7 +330,7 @@ public function getIndexQuery(string $userupdatesql = ''): string
LEFT JOIN testdiff AS tpassed_diff ON (tpassed_diff.buildid=b.id AND tpassed_diff.type=2)
LEFT JOIN testdiff AS tstatusfailed_diff ON (tstatusfailed_diff.buildid=b.id AND tstatusfailed_diff.type=3)
LEFT JOIN subproject2build AS sp2b ON (sp2b.buildid = b.id)
LEFT JOIN subproject as sp ON (sp2b.subprojectid = sp.id)";
LEFT JOIN subproject as sp ON (sp2b.subprojectid = sp.id)';
}

public function populateBuildRow(array $build_row): array
Expand Down Expand Up @@ -729,9 +712,6 @@ public function generateBuildResponseFromRow(array $build_array): array|false
}
}

if (isset($build_array['userupdates'])) {
$build_response['userupdates'] = $build_array['userupdates'];
}
$build_response['id'] = (int) $build_array['id'];
$build_response['done'] = $build_array['done'];

Expand Down
Loading

0 comments on commit e55bed2

Please sign in to comment.