Home Explore Help
Sign In
LBP
/
FressRSS
mirror of https://github.com/FreshRSS/FreshRSS.git
4
0
Fork 0
Files Issues 0 Wiki
Browse Source

Better catch when a user does not exists (#3751)

#fix https://github.com/FreshRSS/FreshRSS/issues/3735
Before, we were relying on an exception during the first stages of user initalisation. Now the check is explicit and cleaner, producing a more appropriate HTTP response for the API.
Alexandre Alapetite 4 years ago
parent
92ae9c89a4
commit
7d83321286
4 changed files with 9 additions and 5 deletions
Split View Show Diff Stats
  1. 4 0
      app/Controllers/userController.php
  2. 3 2
      app/Models/Context.php
  3. 1 1
      app/install.php
  4. 1 2
      cli/_cli.php

+ 4 - 0
app/Controllers/userController.php
View File 

@@ -14,6 +14,10 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 
 		return preg_match('/^' . self::USERNAME_PATTERN . '$/', $username) === 1;
 
 	}
 
 
+	public static function userExists($username) {
 
+		return @file_exists(USERS_PATH . '/' . $username . '/config.php');
 
+	}
 
+
 
 	public static function updateUser($user, $email, $passwordPlain, $userConfigUpdated = array()) {
 
 		$userConfig = get_user_configuration($user);
 
 		if ($userConfig === null) {

+ 3 - 2
app/Models/Context.php
View File 

@@ -60,7 +60,7 @@ class FreshRSS_Context {
 
 	/**
 
 	 * Initialize the context for the current user.
 
 	 */
 
-	public static function initUser($username = '') {
 
+	public static function initUser($username = '', $userMustExist = true) {
 
 		FreshRSS_Context::$user_conf = null;
 
 		if (!isset($_SESSION)) {
 
 			Minz_Session::init('FreshRSS');
 
@@ -70,7 +70,8 @@ class FreshRSS_Context {
 
 		if ($username == '') {
 
 			$username = Minz_Session::param('currentUser', '');
 
 		}
 
-		if ($username === '_' || FreshRSS_user_Controller::checkUsername($username)) {
 
+		if (($username === '_' || FreshRSS_user_Controller::checkUsername($username)) &&
 
+			(!$userMustExist || FreshRSS_user_Controller::userExists($username))) {
 
 			try {
 
 				//TODO: Keep in session what we need instead of always reloading from disk
 
 				Minz_Configuration::register('user',

+ 1 - 1
app/install.php
View File 

@@ -71,7 +71,7 @@ function saveStep1() {
 
 
 		// First, we try to get previous configurations
 
 		FreshRSS_Context::initSystem();
 
-		FreshRSS_Context::initUser(FreshRSS_Context::$system_conf->default_user);
 
+		FreshRSS_Context::initUser(FreshRSS_Context::$system_conf->default_user, false);
 
 
 		// Then, we set $_SESSION vars
 
 		Minz_Session::_params([

+ 1 - 2
cli/_cli.php
View File 

@@ -28,8 +28,7 @@ function cliInitUser($username) {
 
 		fail('FreshRSS error: invalid username: ' . $username . "\n");
 
 	}
 
 
-	$usernames = listUsers();
 
-	if (!in_array($username, $usernames)) {
 
+	if (!FreshRSS_user_Controller::userExists($username)) {
 
 		fail('FreshRSS error: user not found: ' . $username . "\n");
 
 	}