Skip to content

fix(dav): adjust password session check on legacy dav auth#59374

Open
skjnldsv wants to merge 1 commit into
masterfrom
fix/legacy-dav-session-check
Open

fix(dav): adjust password session check on legacy dav auth#59374
skjnldsv wants to merge 1 commit into
masterfrom
fix/legacy-dav-session-check

Conversation

@skjnldsv

@skjnldsv skjnldsv commented Apr 1, 2026

Copy link
Copy Markdown
Member

Follow-up #55955

Summary

We adjusted the session to store multiple granted public shares, so you could open a few tabs and not get logge dout the previous ones.
But I did not migrate the legacy auth middleware. It seems it's still used in older versions, maybe we plan the removal of the old dav v1 entrypoint

Checklist

AI (if applicable)

  • The content of this PR was partly or fully generated using AI
@skjnldsv skjnldsv added this to the Nextcloud 34 milestone Apr 1, 2026
@skjnldsv skjnldsv self-assigned this Apr 1, 2026
@skjnldsv skjnldsv requested a review from a team as a code owner April 1, 2026 12:05
@skjnldsv skjnldsv requested review from icewind1991, leftybournes, provokateurin and salmart-dev and removed request for a team April 1, 2026 12:05
@skjnldsv

skjnldsv commented Apr 1, 2026

Copy link
Copy Markdown
Member Author

/backport to stable32 please

@skjnldsv

skjnldsv commented Apr 1, 2026

Copy link
Copy Markdown
Member Author

/backport to stable33 please

@skjnldsv

skjnldsv commented Apr 1, 2026

Copy link
Copy Markdown
Member Author

/backport to stable31 please

@skjnldsv skjnldsv requested review from CarlSchwan and artonge April 1, 2026 12:08
@skjnldsv skjnldsv force-pushed the fix/legacy-dav-session-check branch from 62ded5b to ca7e275 Compare April 1, 2026 12:10
Follow-up #55955

Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
@skjnldsv skjnldsv force-pushed the fix/legacy-dav-session-check branch from ca7e275 to fdfa8eb Compare April 1, 2026 12:22
Comment on lines +122 to +126
if (!is_array($allowedShareIds)) {
return false;
}

return in_array($share->getId(), $allowedShareIds);

@CarlSchwan CarlSchwan Apr 1, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if (!is_array($allowedShareIds)) {
return false;
}
return in_array($share->getId(), $allowedShareIds);
if (!is_array($allowedShareIds)) {
return false;
}
return in_array($share->getId(), $allowedShareIds, true);

Strict mode :)

@szaimen

szaimen commented Apr 2, 2026

Copy link
Copy Markdown
Contributor

/backport! to stable31

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment