Closed doctor-beat closed 6 months ago
Hi,
what db are you using? I can't reproduce using mysql.
edit: also tested with sqlite, can't reproduce either
Can you please confirm you have this line in log files (see /2fauth/storage/logs/*.log
:
User ID #x cannot view twofaccount ID #y
Hi,
[2024-03-12 16:38:55] production.NOTICE: User isOwner of with ID #integer vs twofaccount ID #string: [2024-03-12 16:38:55] production.NOTICE: User ID #3 cannot view twofaccount ID #3 [2024-03-12 16:40:45] production.NOTICE: User isOwner of with ID #integer vs twofaccount ID #string:
I have added an extra line of logging for personal debugging
Ok, thx for the env setup. Iยดm going to make more testing, I would like to understand why types are not consistent from one setup to another ๐ค
yes, thanks. I i can be of any help let me know. I am a java//php dev as well.
Well, I cannot reproduce, even with the exact same setup. What page do you load while debugging the trait?
Could you please try this fix for me ?
Edit 2fauth_install_dir/app/Models/TwoFAccount.php
.
Line 148, set the $casts
like this:
protected $casts = [
'user_id' => 'integer',
];
Thx
That fixes the issue, triple equality is now comparing two integers
Ok thanks ๐๐ป
Version
2FAuth โ v5.0.4
Details & Steps to reproduce
app/Policies/OwnershipTrait line 16 contains a bug, i think. In my case the $item->user_id is a string with does not make it triple equal to $user->id
When i wrap the $item->user_id in a intval() the class starts working.
It appears to bethe same issue as described here: https://github.com/Bubka/2FAuth/issues/305
Expectation
no errors when clicking the sfauth key.
Error & Logs
No response
Execution environment
No response
Containerization
Additional information
No response