`Error: php_literal_parser::unexpected_token`

YeapGuy commented 1 year ago

⚠️ This issue respects the following points: ⚠️

[X] This is a bug, not a question or a configuration/webserver/proxy issue.
[X] This issue is not already reported on Github (I've searched it).
[X] Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
[X] Nextcloud Server is running on 64bit capable CPU, PHP and OS.
[X] I agree to follow Nextcloud's Code of Conduct.

Bug description

I am trying to configure the user profile fields' default visibility, and according to the docs, it should be possible within config.php: https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/profile_configuration.html#property-scopes So I tried that like so:

<?php
$CONFIG = array (
  // other irrelevant config
  'account_manager.default_property_scope' => 
  array (
    \OCP\Accounts\IAccountManager::PROPERTY_DISPLAYNAME => \OCP\Accounts\IAccountManager::SCOPE_LOCAL,
    \OCP\Accounts\IAccountManager::PROPERTY_EMAIL => \OCP\Accounts\IAccountManager::SCOPE_LOCAL,
    \OCP\Accounts\IAccountManager::PROPERTY_AVATAR => \OCP\Accounts\IAccountManager::SCOPE_LOCAL,
  ),
  'maintenance' => false,
);

Which, however, as I sort of expected, resulted in this error when starting Nextcloud:

Error: php_literal_parser::unexpected_token
  × Error while parsing nextcloud config.php
  ╰─▶ Error while parsing '/var/www/html/config/config.php':
      No valid token found, expected one of boolean literal, integer literal,
      float literal, string literal, 'null', ')', 'array' or '['
     ╭─[102:1]
 102 │   array (
 103 │     \OCP\Accounts\IAccountManager::PROPERTY_DISPLAYNAME => \OCP\Accounts\IAccountManager::SCOPE_LOCAL,
     ·     ┬
     ·     ╰── Expected boolean literal, integer literal, float literal, string literal, 'null', ')', 'array' or '['
 104 │     \OCP\Accounts\IAccountManager::PROPERTY_EMAIL => \OCP\Accounts\IAccountManager::SCOPE_LOCAL,
     ╰────

So I went ahead, and changed these values to strings, like so:

<?php
$CONFIG = array (
  // other irrelevant config
  'account_manager.default_property_scope' => 
  array (
    '\OCP\Accounts\IAccountManager::PROPERTY_DISPLAYNAME' => '\OCP\Accounts\IAccountManager::SCOPE_LOCAL',
    '\OCP\Accounts\IAccountManager::PROPERTY_EMAIL' => '\OCP\Accounts\IAccountManager::SCOPE_LOCAL',
    '\OCP\Accounts\IAccountManager::PROPERTY_AVATAR' => '\OCP\Accounts\IAccountManager::SCOPE_LOCAL',
  ),
  'maintenance' => false,
);

Didn't work. No errors this time, but creating a new user, the display name, email and avatar are still set to "Federated". So I tried escaping the backslashes:

<?php
$CONFIG = array (
  // other irrelevant config
  'account_manager.default_property_scope' => 
  array (
    '\\OCP\\Accounts\\IAccountManager::PROPERTY_DISPLAYNAME' => '\\OCP\\Accounts\\IAccountManager::SCOPE_LOCAL',
    '\\OCP\\Accounts\\IAccountManager::PROPERTY_EMAIL' => '\\OCP\\Accounts\\IAccountManager::SCOPE_LOCAL',
    '\\OCP\\Accounts\\IAccountManager::PROPERTY_AVATAR' => '\\OCP\\Accounts\\IAccountManager::SCOPE_LOCAL',
  ),
  'maintenance' => false,
);

Nope. Same as when not escaping them.

Steps to reproduce

Change default visibility of profile fields, as it is provided in the docs, or even in the code itself
Watch errors in the log

Expected behavior

New users should be created with the configured profile fields visibility

Installation method

Official All-in-One appliance

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.0

Web server

Apache (supported)

Database engine version

PostgreSQL

Is this bug present after an update or on a fresh install?

Fresh Nextcloud Server install

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

[X] Default user-backend (database)
[ ] LDAP/ Active Directory
[ ] SSO - SAML
[ ] Other

Configuration report

{
    "system": {
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "password": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "overwritehost": "<removed manually>",
        "overwriteprotocol": "https",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "localhost",
            "<removed manually>"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "pgsql",
        "version": "24.0.6.1",
        "overwrite.cli.url": "<removed manually>",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "loglevel": "2",
        "log_type": "file",
        "logfile": "\/var\/www\/html\/data\/nextcloud.log",
        "log_rotate_size": "10485760",
        "log.condition": {
            "apps": [
                "admin_audit"
            ]
        },
        "preview_max_x": "2048",
        "preview_max_y": "2048",
        "jpeg_quality": "60",
        "enabledPreviewProviders": {
            "1": "OC\\Preview\\Image",
            "2": "OC\\Preview\\MarkDown",
            "3": "OC\\Preview\\MP3",
            "4": "OC\\Preview\\TXT",
            "5": "OC\\Preview\\OpenDocument",
            "6": "OC\\Preview\\Movie"
        },
        "enable_previews": true,
        "upgrade.disable-web": true,
        "mail_smtpmode": "smtp",
        "trashbin_retention_obligation": "auto, 30",
        "versions_retention_obligation": "auto, 30",
        "activity_expire_days": "30",
        "simpleSignUpLink.shown": false,
        "share_folder": "\/Shared",
        "tempdirectory": "\/mnt\/ncdata\/tmp\/",
        "one-click-instance": true,
        "one-click-instance.user-limit": 100,
        "htaccess.RewriteBase": "\/",
        "files_external_allow_create_new_local": false,
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "default_phone_region": "SK",
        "mail_smtpsecure": "ssl",
        "mail_sendmailmode": "smtp",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauth": 1,
        "mail_smtpauthtype": "LOGIN",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "465",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "default_language": "sk",
        "default_locale": "sk",
        "account_manager.default_property_scope": {
            "displayname": "v2-local",
            "email": "v2-local",
            "avatar": "v2-local"
        },
        "maintenance": false
    }
}

List of activated Apps

Enabled:
  - accessibility: 1.10.0
  - activity: 2.16.0
  - admin_audit: 1.14.0
  - apporder: 0.15.0
  - calendar: 3.5.1
  - circles: 24.0.1
  - cloud_federation_api: 1.7.0
  - comments: 1.14.0
  - contacts: 4.2.2
  - contactsinteraction: 1.5.0
  - dashboard: 7.4.0
  - dav: 1.22.0
  - deck: 1.7.1
  - federatedfilesharing: 1.14.0
  - federation: 1.14.0
  - files: 1.19.0
  - files_pdfviewer: 2.5.0
  - files_rightclick: 1.3.0
  - files_sharing: 1.16.2
  - files_trashbin: 1.14.0
  - files_versions: 1.17.0
  - files_videoplayer: 1.13.0
  - firstrunwizard: 2.13.0
  - logreader: 2.9.0
  - lookup_server_connector: 1.12.0
  - nextcloud-aio: 0.2.0
  - nextcloud_announcements: 1.13.0
  - notifications: 2.12.1
  - notify_push: 0.5.0
  - oauth2: 1.12.0
  - password_policy: 1.14.0
  - photos: 1.6.0
  - privacy: 1.8.0
  - provisioning_api: 1.14.0
  - recommendations: 1.3.0
  - serverinfo: 1.14.0
  - settings: 1.6.0
  - sharebymail: 1.14.0
  - support: 1.7.0
  - survey_client: 1.12.0
  - systemtags: 1.14.0
  - tasks: 0.14.5
  - text: 3.5.1
  - theming: 1.15.0
  - twofactor_backupcodes: 1.13.0
  - twofactor_totp: 6.4.1
  - viewer: 1.8.0
  - weather_status: 1.4.0
  - workflowengine: 2.6.0
Disabled:
  - encryption
  - files_external
  - user_ldap
  - user_status: 1.4.0

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

Nothing even remotely relevant in the log. Just a failed login and errors from weeks ago.

Additional info

@tcitworld implemented this, so perhaps he can elaborate? I looked at your code, but I only have very basic knowledge of PHP, so unfortunately I cannot pin down what should be changed to make this work.

tcitworld commented 1 year ago

Which, however, as I sort of expected, resulted in this error when starting Nextcloud:

Why did you expect an issue? I've just copied the very same exact thing and it works properly. The issue is with the notify_push rust backend, which tries and fails to parse the PHP code to get configuration, not with Nextcloud itself.

I'd try to put the values directly and report the issue to the notify_push repository or directly to https://github.com/icewind1991/php-literal-parser (which is the rust library that's being used) cc @icewind1991 :

<?php
$CONFIG = array (
  // other irrelevant config
  'account_manager.default_property_scope' => 
  array (
    "displayname" => "v2-local",
    "email" => "v2-local",
    "avatar" => "v2-local"
  ),
  'maintenance' => false,
);

YeapGuy commented 1 year ago

Ah, okay. I thought it wouldn't work because the values aren't enclosed in quotes like everything else in the config. But yeah, as I mention, I don't know PHP well. Anyways, how can I then fix this? Use the snippet you sent? Would that work?

sboettcher commented 1 year ago

I had the same problem with a fresh install of Nextcloud 25 (v25.0.2.3, php v8.1.13, Ubuntu Server, nginx, MySQL), and found this issue. As per the documentation here I had this entry in my config.php:

'account_manager.default_property_scope' => [
  \OCP\Accounts\IAccountManager::PROPERTY_DISPLAYNAME => \OCP\Accounts\IAccountManager::SCOPE_LOCAL
  \OCP\Accounts\IAccountManager::PROPERTY_EMAIL => \OCP\Accounts\IAccountManager::SCOPE_LOCAL
  \OCP\Accounts\IAccountManager::PROPERTY_AVATAR => \OCP\Accounts\IAccountManager::SCOPE_LOCAL
  \OCP\Accounts\IAccountManager::PROPERTY_ADDRESS => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_WEBSITE => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_PHONE => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_TWITTER => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_FEDIVERSE => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_ORGANISATION => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_ROLE => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_HEADLINE => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
  \OCP\Accounts\IAccountManager::PROPERTY_BIOGRAPHY => \OCP\Accounts\IAccountManager::SCOPE_PRIVATE
],

and got webserver errors like this:

[error] <...> FastCGI sent in stderr: "PHP message: PHP Parse error:  syntax error, unexpected fully qualified name "\OCP\Accounts\IAccountManager", expecting "]" in /var/www/nextcloud/config/config.php on line 51" while reading response header from upstream <...>

And I also tried to quote the values but that didn't work, with the defaults not set correctly on a new account. As @tcitworld suggested I replaced the config with:

'account_manager.default_property_scope' =>
    array (
      "displayname" => "v2-local",
      "email" => "v2-local",
      "avatar" => "v2-local",
      "address" => "v2-private",
      "website" => "v2-private",
      "phone" => "v2-private",
      "twitter" => "v2-private",
      "fediverse" => "v2-private",
      "organisation" => "v2-private",
      "role" => "v2-private",
      "headline" => "v2-private",
      "biography" => "v2-private",
    ),

(See definition of scopes and properties)

This fixed the error and new accounts now seem to have the correct default scopes set. I don't know if this is the intended behaviour, but if it is maybe the documentation here (and here?) should be changed to reflect that.

tcitworld commented 1 year ago

@sboettcher The issue in your case was probably just the missing comma after each entry of the array (documentation lacked one).

master-fuggi commented 1 year ago

Unfortunately, neither of the two approaches mentioned by @sboettcher works on my Nextcloud v25.0.4 instance. Any other idea?

PS: @tcitworld, I took care of the commas. ;-)

szaimen commented 1 year ago

Hi, please update to 25.0.7 or better 26.0.2 and report back if it fixes the issue. Thank you!

My goal is to add a label like e.g. 26-feedback to this ticket of an up-to-date major Nextcloud version where the bug could be reproduced. However this is not going to work without your help. So thanks for all your effort!

If you don't manage to reproduce the issue in time and the issue gets closed but you can reproduce the issue afterwards, feel free to create a new bug report with up-to-date information by following this link: https://github.com/nextcloud/server/issues/new?assignees=&labels=bug%2C0.+Needs+triage&template=BUG_REPORT.yml&title=%5BBug%5D%3A+

nextcloud-command commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions.

David-Rodriguez-cabrera commented 1 year ago

No me funciona en la versión 27 de nextcloud

Deaddy commented 1 month ago

The issue generally exists whenever variables are used inside the config, which are, obviously, not literals.

There are multiple references in the documentation to variables being used and in some instances it can not easily be circumvented, e.g. putting the $_SERVER['HTTP_HOST'] ip into the trusted_domains array or injecting pod annotations into runtime configs such as maintenance mode.

A workaround is duplicating some of the configuration into another file which only uses literals and explicitly call the notify_push binary with this config, or invoking the notify_push binary explicit variables, but this would expose passwords to the argument string and possibly to env.

nextcloud / notify_push