From 726d857690c33de79f090444fc120c5518a1f4ff Mon Sep 17 00:00:00 2001 From: tobiasKaminsky Date: Thu, 13 Oct 2022 09:04:27 +0200 Subject: [PATCH 1/3] Filter out backup user status (those beginning with _ as userId) --- apps/user_status/lib/Dashboard/UserStatusWidget.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/user_status/lib/Dashboard/UserStatusWidget.php b/apps/user_status/lib/Dashboard/UserStatusWidget.php index 5a89040dfa587..50cca725a55da 100644 --- a/apps/user_status/lib/Dashboard/UserStatusWidget.php +++ b/apps/user_status/lib/Dashboard/UserStatusWidget.php @@ -152,7 +152,8 @@ private function getWidgetData(string $userId, ?string $since = null, int $limit $this->service->findAllRecentStatusChanges($limit + 1, 0), static function (UserStatus $status) use ($userId, $since): bool { return $status->getUserId() !== $userId - && ($since === null || $status->getStatusTimestamp() > (int) $since); + && ($since === null || $status->getStatusTimestamp() > (int) $since) + && !str_starts_with($status->getUserId(), "_"); } ), 0, From 446bb96ba88494473ef2d08c4d489583329488a9 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 13 Oct 2022 13:44:37 +0200 Subject: [PATCH 2/3] Do the filtering on the DB instead Signed-off-by: Carl Schwan --- apps/user_status/lib/Dashboard/UserStatusWidget.php | 3 +-- apps/user_status/lib/Db/UserStatusMapper.php | 13 +++++++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/apps/user_status/lib/Dashboard/UserStatusWidget.php b/apps/user_status/lib/Dashboard/UserStatusWidget.php index 50cca725a55da..5a89040dfa587 100644 --- a/apps/user_status/lib/Dashboard/UserStatusWidget.php +++ b/apps/user_status/lib/Dashboard/UserStatusWidget.php @@ -152,8 +152,7 @@ private function getWidgetData(string $userId, ?string $since = null, int $limit $this->service->findAllRecentStatusChanges($limit + 1, 0), static function (UserStatus $status) use ($userId, $since): bool { return $status->getUserId() !== $userId - && ($since === null || $status->getStatusTimestamp() > (int) $since) - && !str_starts_with($status->getUserId(), "_"); + && ($since === null || $status->getStatusTimestamp() > (int) $since); } ), 0, diff --git a/apps/user_status/lib/Db/UserStatusMapper.php b/apps/user_status/lib/Db/UserStatusMapper.php index 4f48ea4681892..cb7ad5392db83 100644 --- a/apps/user_status/lib/Db/UserStatusMapper.php +++ b/apps/user_status/lib/Db/UserStatusMapper.php @@ -76,10 +76,15 @@ public function findAllRecent(?int $limit = null, ?int $offset = null): array { ->select('*') ->from($this->tableName) ->orderBy('status_timestamp', 'DESC') - ->where($qb->expr()->notIn('status', $qb->createNamedParameter([IUserStatus::ONLINE, IUserStatus::AWAY, IUserStatus::OFFLINE], IQueryBuilder::PARAM_STR_ARRAY))) - ->orWhere($qb->expr()->isNotNull('message_id')) - ->orWhere($qb->expr()->isNotNull('custom_icon')) - ->orWhere($qb->expr()->isNotNull('custom_message')); + ->where($qb->expr()->andX( + $qb->expr()->orX( + $qb->expr()->notIn('status', $qb->createNamedParameter([IUserStatus::ONLINE, IUserStatus::AWAY, IUserStatus::OFFLINE], IQueryBuilder::PARAM_STR_ARRAY)), + $qb->expr()->isNotNull('message_id'), + $qb->expr()->isNotNull('custom_icon'), + $qb->expr()->isNotNull('custom_message'), + ), + $qb->expr()->notLike('user_id', $qb->createNamedParameter('\_%')) + )); if ($limit !== null) { $qb->setMaxResults($limit); From 25efb43ac40c01defb1077563c3789a762f0aacd Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 13 Oct 2022 18:50:36 +0200 Subject: [PATCH 3/3] Properly escape underscore in db query Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Carl Schwan --- apps/user_status/lib/Db/UserStatusMapper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/user_status/lib/Db/UserStatusMapper.php b/apps/user_status/lib/Db/UserStatusMapper.php index cb7ad5392db83..d40c6a2986050 100644 --- a/apps/user_status/lib/Db/UserStatusMapper.php +++ b/apps/user_status/lib/Db/UserStatusMapper.php @@ -83,7 +83,7 @@ public function findAllRecent(?int $limit = null, ?int $offset = null): array { $qb->expr()->isNotNull('custom_icon'), $qb->expr()->isNotNull('custom_message'), ), - $qb->expr()->notLike('user_id', $qb->createNamedParameter('\_%')) + $qb->expr()->notLike('user_id', $qb->createNamedParameter($this->db->escapeLikeParameter('_') . '%')) )); if ($limit !== null) {