Problem/Motivation

In content_lock_timeout_user_logout() there is code part which checks if user sessions are stored in database.

/**
 * Implements hook_user_logout().
 */
function content_lock_timeout_user_logout($account): void {
....
  // Only do the database check if the original drupal session manager is used.
  // Otherwise, it's not sure if sessions table has correct data. As it would be
  // possible to extend the Class, instanceof is not used here!
  if (get_class(Drupal::service('session_manager')) == SessionManager::class) {
    $query = \Drupal::database()
      ->select('sessions');
    $query->condition('uid', $account->id());
    $query = $query->countQuery();
    $session_count = (int) $query->execute()->fetchField();
  }
....
}

https://git.drupalcode.org/project/content_lock/-/blob/3.x/modules/conte...
It is fine to do such check since 'sessions' table can be missing if other session storage (like Redis) is used - https://www.drupal.org/node/3431286.
But this checking isn't working properly if session storage is changed to some alternative. Because \Drupal::service('session_manager') is still \Drupal\Core\Session\SessionManager when session storage is (for example) \Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler.

Steps to reproduce

I tried find example of the RedisSessionHandler usage. Here is related example - https://www.drupal.org/project/redis/issues/2876099#comment-15763319

Proposed resolution

Check \Drupal::service('session_handler.storage') instead of Drupal::service('session_manager').

Remaining tasks

None.

User interface changes

None.

API changes

None.

Data model changes

None.

CommentFileSizeAuthor
#4 3514317-content_lock-content-lock-timeout-user-logout.patch1.34 KBdeimos

Issue fork content_lock-3514317

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

deimos created an issue. See original summary.

deimos’s picture

deimos commented
Assigned: Unassigned » deimos
Status: Active » Needs work

I'm going to provide solution described in description.

deimos opened merge request !70

deimos’s picture

deimos commented
Assigned: deimos » Unassigned
Status: Needs work » Needs review
StatusFileSize
new 3514317-content_lock-content-lock-timeout-user-logout.patch1.34 KB

Committed fix into fork-branch. Attaching patch-file for safer applying in projects.
Ready for review/testing.

ciprian.stavovei’s picture

ciprian.stavovei commented
Status: Needs review » Reviewed & tested by the community

The fix is working well.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Status: Reviewed & tested by the community » Fixed

This seems correct. It's all a bit messy because of the way that StackedSessionHandlerPass works. It might be nice at some point to abstract the session counting logic so a user could supply an implementation for a different backend.

  • alexpott committed 37c550e4 on 3.x 
    Issue #3514317 by deimos: content_lock_timeout_user_logout() checks user...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.