always execute fs checks for users not logged in after an update

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-22 07:30:25 +00:00 · 2022-03-03 19:31:54 +01:00 · 2022-03-03 19:31:54 +01:00 · 056daaddfc
commit 056daaddfc
parent 5c2fd8d52a
6 changed files with 47 additions and 9 deletions
--- a/common/protocol_test.go
+++ b/common/protocol_test.go
@ -271,6 +271,44 @@ func TestBaseConnection(t *testing.T) {
 	assert.NoError(t, err)
 }

+func TestCheckFsAfterUpdate(t *testing.T) {
+	u := getTestUser()
+	user, _, err := httpdtest.AddUser(u, http.StatusCreated)
+	assert.NoError(t, err)
+	conn, client, err := getSftpClient(user)
+	if assert.NoError(t, err) {
+		defer conn.Close()
+		defer client.Close()
+		err = checkBasicSFTP(client)
+		assert.NoError(t, err)
+	}
+	// remove the home dir, it will not be re-created
+	err = os.RemoveAll(user.GetHomeDir())
+	assert.NoError(t, err)
+	conn, client, err = getSftpClient(user)
+	if assert.NoError(t, err) {
+		defer conn.Close()
+		defer client.Close()
+		err = checkBasicSFTP(client)
+		assert.Error(t, err)
+	}
+	// update the user and login again, this time the home dir will be created
+	_, _, err = httpdtest.UpdateUser(user, http.StatusOK, "")
+	assert.NoError(t, err)
+	conn, client, err = getSftpClient(user)
+	if assert.NoError(t, err) {
+		defer conn.Close()
+		defer client.Close()
+		err = checkBasicSFTP(client)
+		assert.NoError(t, err)
+	}
+
+	_, err = httpdtest.RemoveUser(user, http.StatusOK)
+	assert.NoError(t, err)
+	err = os.RemoveAll(user.GetHomeDir())
+	assert.NoError(t, err)
+}
+
 func TestSetStat(t *testing.T) {
 	u := getTestUser()
 	user, _, err := httpdtest.AddUser(u, http.StatusCreated)
--- a/dataprovider/dataprovider.go
+++ b/dataprovider/dataprovider.go
@ -1131,7 +1131,7 @@ func UpdateLastLogin(user *User) {
 	if user.Filters.ExternalAuthCacheTime > 0 {
 		delay = time.Duration(user.Filters.ExternalAuthCacheTime) * time.Second
 	}
-	if !isLastActivityRecent(user.LastLogin, delay) {
+	if user.LastLogin <= user.UpdatedAt || !isLastActivityRecent(user.LastLogin, delay) {
 		err := provider.updateLastLogin(user.Username)
 		if err == nil {
 			webDAVUsersCache.updateLastLogin(user.Username)
--- a/dataprovider/user.go
+++ b/dataprovider/user.go
@ -211,8 +211,10 @@ func (u *User) CheckFsRoot(connectionID string) error {
 		}
 	}
 	if isLastActivityRecent(u.LastLogin, delay) {
+		if u.LastLogin > u.UpdatedAt {
 			return nil
 		}
+	}
 	fs, err := u.GetFilesystemForPath("/", connectionID)
 	if err != nil {
 		logger.Warn(logSender, connectionID, "could not create main filesystem for user %#v err: %v", u.Username, err)
@ -258,7 +260,7 @@ func (u *User) GetCleanedPath(rawVirtualPath string) string {
 	return util.CleanPath(rawVirtualPath)
 }

-// isFsEqual returns true if the fs has the same configuration
+// isFsEqual returns true if the filesystem configurations are the same
 func (u *User) isFsEqual(other *User) bool {
 	if u.FsConfig.Provider == sdk.LocalFilesystemProvider && u.GetHomeDir() != other.GetHomeDir() {
 		return false
--- a/go.mod
+++ b/go.mod
@ -130,7 +130,7 @@ require (
 	golang.org/x/tools v0.1.9 // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20220302033224-9aa15565e42a // indirect
+	google.golang.org/genproto v0.0.0-20220303160752-862486edd9cc // indirect
 	google.golang.org/grpc v1.44.0 // indirect
 	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/ini.v1 v1.66.4 // indirect
--- a/go.sum
+++ b/go.sum
@ -1190,8 +1190,8 @@ google.golang.org/genproto v0.0.0-20220211171837-173942840c17/go.mod h1:kGP+zUP2
 google.golang.org/genproto v0.0.0-20220216160803-4663080d8bc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
 google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
 google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
-google.golang.org/genproto v0.0.0-20220302033224-9aa15565e42a h1:uqouglH745GoGeZ1YFZbPBiu961tgi/9Qm5jaorajjQ=
-google.golang.org/genproto v0.0.0-20220302033224-9aa15565e42a/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
+google.golang.org/genproto v0.0.0-20220303160752-862486edd9cc h1:fb/ViRpv3ln/LvbqZtTpoOd1YQDNH12gaGZreoSFovE=
+google.golang.org/genproto v0.0.0-20220303160752-862486edd9cc/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
 google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
--- a/sftpd/sftpd_test.go
+++ b/sftpd/sftpd_test.go
@ -1477,11 +1477,9 @@ func TestSFTPFsLoginWrongFingerprint(t *testing.T) {
 	_, _, err = httpdtest.UpdateUser(sftpUser, http.StatusOK, "")
 	assert.NoError(t, err)
 	conn, client, err = getSftpClient(sftpUser, usePubKey)
-	if assert.NoError(t, err) {
+	if !assert.Error(t, err) {
 		defer conn.Close()
 		defer client.Close()
-		err = checkBasicSFTP(client)
-		assert.Error(t, err)
 	}

 	_, err = httpdtest.RemoveUser(sftpUser, http.StatusOK)