Can't delete a shared folder if the users are members of a dynamic LDAP Group

[SSchneebeli]

How to use GitHub

• Please use the 👍 reaction to show that you are affected by the same issue.
• Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
• Subscribe to receive notifications on status change and new comments.

Steps to reproduce

1. Delete a shared folder

Expected behaviour

Shared folder should be deleted

Actual behaviour

The user get an error in the gui that the folder could not be deleted

In the nextcloud.log there is this error: "Argument 2 passed to OCA\User_LDAP\Access::searchUsers() must be of the type array or null, string given, called in /var/www/nextcloud/apps/user_ldap/lib/Group_LDAP.php on line 214" (for the full error message have a look at the "Nextcloud Log" section below)

The problem I found in line 214 is that the second Argument "dn" (DN of the LDAP Object) for the function searchUsers() is a string instead of an array: $foundMembers = $this->access->searchUsers($memberUrlFilter, 'dn');

If I change the code in Group_LDAP.php to: +$distname=array("dn"); -$foundMembers = $this->access->searchUsers($memberUrlFilter, 'dn'); +$foundMembers = $this->access->searchUsers($memberUrlFilter, $distname);

the Groupmembers are found and the shared folder can be deleted

The same happens if I try to remove a user from a share.

Server configuration

Operating system: Ubuntu 20.04

Web server: Apache 2.4.41

Database: MariaDB 10.4

PHP version: 7.4

Nextcloud version: 20.0.4

Updated from an older Nextcloud/ownCloud or fresh install: Updated from 16 to 17 to 18 to 19 to 20

Where did you install Nextcloud from:

Signing status:

Signing status

``` No errors have been found. ```

List of activated apps:

App list

``` Enabled: - accessibility: 1.6.0 - activity: 2.13.4 - admin_audit: 1.10.0 - apporder: 0.11.0 - bruteforcesettings: 2.0.1 - cloud_federation_api: 1.3.0 - comments: 1.10.0 - contactsinteraction: 1.1.0 - dav: 1.16.2 - drawio: 0.9.8 - federatedfilesharing: 1.10.2 - files: 1.15.0 - files_linkeditor: 1.1.3 - files_pdfviewer: 2.0.1 - files_rightclick: 0.17.0 - files_sharing: 1.12.1 - files_trashbin: 1.10.1 - files_versions: 1.13.0 - files_videoplayer: 1.9.0 - logreader: 2.5.0 - lookup_server_connector: 1.8.0 - notifications: 2.8.0 - oauth2: 1.8.0 - onlyoffice: 6.2.0 - password_policy: 1.10.1 - photos: 1.2.1 - privacy: 1.4.0 - provisioning_api: 1.10.0 - serverinfo: 1.10.0 - settings: 1.2.0 - sharebymail: 1.10.0 - support: 1.3.0 - systemtags: 1.10.0 - tasks: 0.13.6 - text: 3.1.0 - theming: 1.11.0 - theming_customcss: 1.8.0 - twofactor_backupcodes: 1.9.0 - updatenotification: 1.10.0 - user_ldap: 1.10.2 - user_status: 1.0.1 - video_converter: 0.1.5 - viewer: 1.4.0 - weather_status: 1.0.0 - workflowengine: 2.2.0 Disabled: - dashboard - encryption - federation - files_external - firstrunwizard - nextcloud_announcements - notes - recommendations - richdocuments - spreed - survey_client ```

Nextcloud configuration:

Config report

``` { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "10.20.1.10", "cloud.******.ch", "10.30.1.10", ], "trusted_proxies": "***REMOVED SENSITIVE VALUE***", "overwriteprotocol": "https", "datadirectory": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "20.0.4.0", "overwrite.cli.url": "https:\/\/cloud.*****.ch\/", "htaccess.RewriteBase": "\/", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "3306", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "memcache.local": "\\OC\\Memcache\\APCu", "memcache.locking": "\\OC\\Memcache\\Redis", "memcache.distributed": "\\OC\\Memcache\\Redis", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "port": 0, "dbindex": 0, "password": "***REMOVED SENSITIVE VALUE***", "timeout": 1.5 }, "maintenance": false, "theme": "", "log_type": "file", "logfile": "\/var\/opt\/nextcloud\/log\/nextcloud.log", "loglevel": 2, "ldapIgnoreNamingRules": false, "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory", "auth.bruteforce.protection.enabled": false, "updater.release.channel": "stable", "mysql.utf8mb4": true, "mail_smtpmode": "smtp", "mail_sendmailmode": "smtp", "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_smtpauthtype": "LOGIN", "mail_smtpauth": 1, "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "465", "mail_smtpname": "***REMOVED SENSITIVE VALUE***", "mail_smtppassword": "***REMOVED SENSITIVE VALUE***", "mail_smtpsecure": "ssl", "has_rebuilt_cache": true, "skeletondirectory": "\/var\/opt\/nextcloud\/skeleton", "default_locale": "de_CH" } } or Insert your config.php content here. Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …) ```

Are you using external storage, if yes which one: no

Are you using encryption: no

Are you using an external user-backend, if yes which one: LDAP

LDAP configuration (delete this part if not used)

LDAP config

``` +-------------------------------+--------------------------------------------------------------------------+ | Configuration | s01 | +-------------------------------+--------------------------------------------------------------------------+ | hasMemberOfFilterSupport | 1 | | homeFolderNamingRule | | | lastJpegPhotoLookup | 0 | | ldapAgentName | cn=nextcloud,ou=*****,o=***** | | ldapAgentPassword | *** | | ldapAttributesForGroupSearch | | | ldapAttributesForUserSearch | | | ldapBackupHost | ldaps://*******.*****.***** | | ldapBackupPort | 636 | | ldapBase | o=***** | | ldapBaseGroups | ou=Groups,o=***** | | ldapBaseUsers | ou=Users,o=***** | | ldapCacheTTL | 600 | | ldapConfigurationActive | 1 | | ldapDefaultPPolicyDN | | | ldapDynamicGroupMemberURL | memberQueryURL | | ldapEmailAttribute | mail | | ldapExperiencedAdmin | 1 | | ldapExpertUUIDGroupAttr | cn | | ldapExpertUUIDUserAttr | uid | | ldapExpertUsernameAttr | | | ldapExtStorageHomeAttribute | | | ldapGidNumber | gidNumber | | ldapGroupDisplayName | cn | | ldapGroupFilter | (objectclass=groupOfNames) | | ldapGroupFilterGroups | | | ldapGroupFilterMode | 0 | | ldapGroupFilterObjectclass | groupOfUniqueNames | | ldapGroupMemberAssocAttr | member | | ldapHost | ldaps://*******.*****.***** | | ldapIgnoreNamingRules | | | ldapLoginFilter | (&(&(|(objectclass=inetOrgPerson)))(|(uid=%uid)(|(cn=%uid)(mail=%uid)))) | | ldapLoginFilterAttributes | | | ldapLoginFilterEmail | 1 | | ldapLoginFilterMode | 0 | | ldapLoginFilterUsername | 1 | | ldapMatchingRuleInChainState | unknown | | ldapNestedGroups | 0 | | ldapOverrideMainServer | | | ldapPagingSize | 2000 | | ldapPort | 636 | | ldapQuotaAttribute | | | ldapQuotaDefault | | | ldapTLS | 0 | | ldapUserAvatarRule | default | | ldapUserDisplayName | displayname | | ldapUserDisplayName2 | | | ldapUserFilter | (objectclass=inetOrgPerson) | | ldapUserFilterGroups | | | ldapUserFilterMode | 0 | | ldapUserFilterObjectclass | inetOrgPerson | | ldapUuidGroupAttribute | auto | | ldapUuidUserAttribute | auto | | turnOffCertCheck | 0 | | turnOnPasswordChange | 1 | | useMemberOfToDetectMembership | 1 | +-------------------------------+--------------------------------------------------------------------------+ ```

Client configuration

Browser:

Operating system:

Logs

Web server error log

Web server error log

``` Insert your webserver log here ```

Nextcloud log (data/nextcloud.log)

Nextcloud log

``` { "reqId": "JFpxYBVNyfQoj4iQgJXj", "level": 4, "time": "2021-01-09T10:59:08+00:00", "remoteAddr": "xxx.xxx.xxx.xxx", "user": "User1", "app": "webdav", "method": "DELETE", "url": "/remote.php/dav/files/User1/MyShare88", "message": { "Exception": "TypeError", "Message": "Argument 2 passed to OCA\\User_LDAP\\Access::searchUsers() must be of the type array or null, string given, called in /var/www/nextcloud/apps/user_ldap/lib/Group_LDAP.php on line 214", "Code": 0, "Trace": [ { "file": "/var/www/nextcloud/apps/user_ldap/lib/Group_LDAP.php", "line": 214, "function": "searchUsers", "class": "OCA\\User_LDAP\\Access", "type": "->" }, { "file": "/var/www/nextcloud/apps/user_ldap/lib/Group_LDAP.php", "line": 291, "function": "getDynamicGroupMembers", "class": "OCA\\User_LDAP\\Group_LDAP", "type": "->" }, { "file": "/var/www/nextcloud/apps/user_ldap/lib/Group_LDAP.php", "line": 899, "function": "_groupMembers", "class": "OCA\\User_LDAP\\Group_LDAP", "type": "->" }, { "file": "/var/www/nextcloud/apps/user_ldap/lib/Group_Proxy.php", "line": 157, "function": "usersInGroup", "class": "OCA\\User_LDAP\\Group_LDAP", "type": "->" }, { "file": "/var/www/nextcloud/lib/private/Group/Group.php", "line": 134, "function": "usersInGroup", "class": "OCA\\User_LDAP\\Group_Proxy", "type": "->" }, { "file": "/var/www/nextcloud/lib/private/Share20/DefaultShareProvider.php", "line": 1316, "function": "getUsers", "class": "OC\\Group\\Group", "type": "->" }, { "file": "/var/www/nextcloud/lib/private/Share20/Manager.php", "line": 1671, "function": "getAccessList", "class": "OC\\Share20\\DefaultShareProvider", "type": "->" }, { "file": "/var/www/nextcloud/lib/private/Share20/ShareHelper.php", "line": 53, "function": "getAccessList", "class": "OC\\Share20\\Manager", "type": "->" }, { "file": "/var/www/nextcloud/apps/activity/lib/FilesHooks.php", "line": 635, "function": "getPathsForAccessList", "class": "OC\\Share20\\ShareHelper", "type": "->" }, { "file": "/var/www/nextcloud/apps/activity/lib/FilesHooks.php", "line": 225, "function": "getUserPathsFromPath", "class": "OCA\\Activity\\FilesHooks", "type": "->" }, { "file": "/var/www/nextcloud/apps/activity/lib/FilesHooks.php", "line": 177, "function": "addNotificationsForFileAction", "class": "OCA\\Activity\\FilesHooks", "type": "->" }, { "file": "/var/www/nextcloud/apps/activity/lib/FilesHooksStatic.php", "line": 63, "function": "fileDelete", "class": "OCA\\Activity\\FilesHooks", "type": "->" }, { "file": "/var/www/nextcloud/lib/private/legacy/OC_Hook.php", "line": 110, "function": "fileDelete", "class": "OCA\\Activity\\FilesHooksStatic", "type": "::" }, { "file": "/var/www/nextcloud/lib/private/Files/View.php", "line": 1280, "function": "emit", "class": "OC_Hook", "type": "::" }, { "file": "/var/www/nextcloud/lib/private/Files/View.php", "line": 1150, "function": "runHooks", "class": "OC\\Files\\View", "type": "->" }, { "file": "/var/www/nextcloud/lib/private/Files/View.php", "line": 350, "function": "basicOperation", "class": "OC\\Files\\View", "type": "->" }, { "file": "/var/www/nextcloud/apps/dav/lib/Connector/Sabre/Directory.php", "line": 309, "function": "rmdir", "class": "OC\\Files\\View", "type": "->" }, { "file": "/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Tree.php", "line": 183, "function": "delete", "class": "OCA\\DAV\\Connector\\Sabre\\Directory", "type": "->" }, { "file": "/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/CorePlugin.php", "line": 295, "function": "delete", "class": "Sabre\\DAV\\Tree", "type": "->" }, { "file": "/var/www/nextcloud/3rdparty/sabre/event/lib/WildcardEmitterTrait.php", "line": 89, "function": "httpDelete", "class": "Sabre\\DAV\\CorePlugin", "type": "->" }, { "file": "/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php", "line": 474, "function": "emit", "class": "Sabre\\DAV\\Server", "type": "->" }, { "file": "/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php", "line": 251, "function": "invokeMethod", "class": "Sabre\\DAV\\Server", "type": "->" }, { "file": "/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php", "line": 319, "function": "start", "class": "Sabre\\DAV\\Server", "type": "->" }, { "file": "/var/www/nextcloud/apps/dav/lib/Server.php", "line": 332, "function": "exec", "class": "Sabre\\DAV\\Server", "type": "->" }, { "file": "/var/www/nextcloud/apps/dav/appinfo/v2/remote.php", "line": 35, "function": "exec", "class": "OCA\\DAV\\Server", "type": "->" }, { "file": "/var/www/nextcloud/remote.php", "line": 167, "args": [ "/var/www/nextcloud/apps/dav/appinfo/v2/remote.php" ], "function": "require_once" } ], "File": "/var/www/nextcloud/apps/user_ldap/lib/Access.php", "Line": 988, "CustomMessage": "--" }, "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0", "version": "20.0.4.0" } ```

Browser log

Browser log

``` Insert your browser log here, this could for example include: a) The javascript console log b) The network log c) ... ```

[hho]

Same in 20.0.5, the line number is now 225: https://github.com/nextcloud/server/blob/v20.0.5/apps/user_ldap/lib/Group_LDAP.php#L225