fix: automatically disable sab #50605
Conversation
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
4950879 to
f81af1e
Compare
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
f81af1e to
a288ada
Compare
|
@st3iny thank you |
|
Temporarily converted to draft to adjust logic. |
What is the problem? The sync being run despite the exposed config being set to |
The code is only executed when running the sync command via occ or when installing nextcloud (but then you don't have a 5k user directory connected). It should be a migration / repair step to automatically disable sab. Not as side effection when calling the sync command. |
No... at the moment the logic disables the system address book automatically even if the admin forces the "system_addressbook_exposed" to yes, if the limit is reached. And during our 1 on 1 today, we thought that is might cause confusion. So the solution is to only automatically disable the address book if the "system_addressbook_exposed" has not been set yet, I just have not made the adjustment yet. |
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
a288ada to
0ee3572
Compare
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
0ee3572 to
5d5e11b
Compare
|
@SebastianKrupinski have the change requests been addressed in the last push? |
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
4 times, most recently
from
f4e0035 to
5077b81
Compare
yes, new code is up |
| * @inheritDoc | ||
| */ | ||
| public function getName(): string { | ||
| return $this->name; |
There was a problem hiding this comment.
| return $this->name; | |
| return $this->l10nFactory->get(Application::APP_ID)->t('Contacts'); |
Copied from Calendar. I'm not sure if a changing name is a good idea. Especially given that the cached name will depend on the last notification to be prepared which is a bit arbitrary.
| private string $name = 'CardDAV'; | ||
|
|
There was a problem hiding this comment.
| private string $name = 'CardDAV'; |
Not required anymore. See my other comment above.
| $limit = $this->appConfig->getValueInt(Application::APP_ID, 'system_addressbook_limit', 5000); | ||
|
|
||
| if ($count > $limit) { | ||
| return SetupResult::warning($this->l10n->t('The system address book is enabled, but has more than the configured limit of %s users', (string)$limit)); |
There was a problem hiding this comment.
Can you derive something from the problem description at #49431?
Contacts rendering and mobile client syncing are the big issues I can think of
Does not seem to be addressed, as far as I can see.
(I don't care too much about the message. Just noticed this when I checked open conversations.)
Proposed additional text: This can cause performance issues in the Contacts app and when syncing with external CardDAV clients.
| ->setUser($user->getUID()) | ||
| ->setDateTime(new \DateTime()) | ||
| ->setSubject('SystemSystemAddressBookDisabled', []); | ||
| $this->notificationManager->notify($notification); |
There was a problem hiding this comment.
This is really dangerous as it will call the newly created INotifier implementation.
I'd recommend to move this logic in a repair step. Let me know in case you need to know more.
There was a problem hiding this comment.
(This is the only point of feedback I would like to see addressed hence the changes requested state.)
There was a problem hiding this comment.
Done. Changed it to a repair step that only runs on 32
There was a problem hiding this comment.
@st3iny what is the dangerous aspect? That the notifier executes during schema migration?
This has to be a one-time thing. A regular repair step will execute again and again.
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
1ab1b60 to
b39ccb4
Compare
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
a38c00e to
5e40b3b
Compare
| */ | ||
| public function run(IOutput $output) { | ||
| $output->info('Running repair step to disable system address book'); | ||
| if ($this->serverVersion->getMajorVersion() !== 32) { |
There was a problem hiding this comment.
Please remove the version check. Repair steps should be idempotent, i.e., be run over and over again.
| public function run(IOutput $output) { | ||
| $output->info('Running repair step to disable system address book'); | ||
| if ($this->serverVersion->getMajorVersion() !== 32) { | ||
| $output->info('Skipping repair step system address book this only applies to Nextcloud 32'); | ||
| return; | ||
| } | ||
| // If the system address book is not exposed there is nothing to do | ||
| if ($this->appConfig->getAppValueBool('system_addressbook_exposed', true) === false) { | ||
| $output->info('Skipping repair step system address book is already disabled'); | ||
| return; | ||
| } | ||
| // We use count seen because getting a user count from the backend can be very slow | ||
| $limit = $this->appConfig->getAppValueInt('system_addressbook_limit', 5000); | ||
| if ($this->userManager->countSeenUsers() <= $limit) { | ||
| $output->info("Skipping repair step system address book has less then the threshold $limit of contacts no need to disable"); | ||
| return; | ||
| } | ||
| $this->appConfig->setAppValueBool('system_addressbook_exposed', false); | ||
| $output->warning("System address book disabled because it has more then the threshold of $limit contacts this can be re-enabled later"); | ||
| // Notify all admin users about the system address book being disabled | ||
| foreach ($this->groupManager->get('admin')->getUsers() as $user) { | ||
| $notification = $this->notificationManager->createNotification(); | ||
| $notification->setApp(Application::APP_ID) | ||
| ->setUser($user->getUID()) | ||
| ->setDateTime(new \DateTime()) | ||
| ->setSubject('SystemSystemAddressBookDisabled', []); | ||
| $this->notificationManager->notify($notification); | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
The whole step is not really idempotent. If an admin re-enables the system address book (system_addressbook_exposed => true), it will be disabled again and again.
I think you need to check if the config has been set manually by admins and then skip this repair step. Just checking for false is not sufficient.
There was a problem hiding this comment.
It will only run if the setting has not been set before now
|
We will leave this as repair step and only take action when they config key is not set. So this is only executed once. |
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
5e40b3b to
3712caa
Compare
Done. |
|
I think reuse is drunk today lol |
|
|
||
| /** | ||
| * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors | ||
| * SPDX-License-Identifier: AGPL-3.0-later |
There was a problem hiding this comment.
| * SPDX-License-Identifier: AGPL-3.0-later | |
| * SPDX-License-Identifier: AGPL-3.0-or-later |
the SPDX check is right. This license identifier is invalid
There was a problem hiding this comment.
Done. If that was the issue the error message was very misleading
There was a problem hiding this comment.
# BAD LICENSES
'AGPL-3.0-later' found in:
* apps/dav/lib/Migration/DisableSystemAddressBook.php
# MISSING LICENSES
'AGPL-3.0-later' found in:
* apps/dav/lib/Migration/DisableSystemAddressBook.php
There was a problem hiding this comment.
Exactly misleading
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
SebastianKrupinski
force-pushed
the
fix/49431-automatically-disable-sab
branch
from
e636b0e to
cab9a5d
Compare
7 participants
Summary
Automatically disables system address book when a configured limit is reached.
Checklist