Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed SQL Exception in UsersManager\API->getUsersPlusRole() #14900

Merged
merged 1 commit into from Sep 19, 2019
Merged

Fixed SQL Exception in UsersManager\API->getUsersPlusRole() #14900

merged 1 commit into from Sep 19, 2019

Conversation

MichaelRoosz
Copy link
Contributor

If $loginsToLimit is an empty array, because $this->model->getUsersWithAccessToSites($adminIdSites) returned no results an SQL Exception is triggered:

Uncaught exception in API: /libs/Zend/Db/Statement/Pdo.php(234): SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ') GROUP BY u.login ORDER BY u.login ASC ' at line 4

This change fixes this problem and sends an empty user list in this case.

Normally $loginsToLimit will never be empty, however it can happen if access is managed by another plugin, for example the GroupPermissions plugin (https://plugins.matomo.org/GroupPermissions).

tsteur
tsteur reviewed Sep 19, 2019
View reviewed changes
plugins/UsersManager/API.php
if ($loginsToLimit !== null && empty($loginsToLimit)) {
// if the current user is not the superuser, and getUsersWithAccessToSites() returned an empty result,
// access is managed by another plugin, and the current user cannot manage any user with UsersManager
Common::sendHeader('X-Matomo-Total-Results: 0');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@MichaelHeerklotz is the header maybe still there from debugging?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is intentional, some lines above there is another "fast" return case that sets the header, and at the bottom the header is set also for the default case. So i adjusted the new return case to work like the others. I did not work with these custom Matomo headers before however, so I am not 100% sure when exactly to set them and how.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cheers, didn't know :)

@tsteur tsteur added this to the 3.12.0 milestone Sep 19, 2019
@tsteur tsteur added the Bug For errors / faults / flaws / inconsistencies etc. label Sep 19, 2019
@tsteur
Copy link
Member

tsteur commented Sep 19, 2019

Cheers @MichaelHeerklotz

@tsteur tsteur merged commit a3a61b5 into matomo-org:3.x-dev Sep 19, 2019
@MichaelRoosz MichaelRoosz deleted the fix_usersmanager_getusersplusrole branch October 29, 2023 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tsteur tsteur tsteur left review comments

Assignees
No one assigned
Labels
Bug For errors / faults / flaws / inconsistencies etc.
Projects
None yet
Milestone
3.12.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@MichaelRoosz @tsteur