Fix get avatar authorization

Signed-off-by: Christopher Ng <chrng8@gmail.com>

diff --git a/lib/private/Avatar/AvatarManager.php b/lib/private/Avatar/AvatarManager.php
index c3afd8094c741b112c47a691a9105b73d47248a2..9e47a18cd95e9478c8a43a1788f55a87b2e46b54 100644 (file)
--- a/lib/private/Avatar/AvatarManager.php
+++ b/lib/private/Avatar/AvatarManager.php
@@ -135,20 +135,23 @@ class AvatarManager implements IAvatarManager {
                        $avatarScope = '';
                }
 
-               if (
+               switch ($avatarScope) {
                        // v2-private scope hides the avatar from public access and from unknown users
-                       $avatarScope === IAccountManager::SCOPE_PRIVATE
-                       && (
-                               // accessing from public link
-                               $requestingUser === null
-                               // logged in, but unknown to user
-                               || !$this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)
-                       )) {
-                       // use a placeholder avatar which caches the generated images
-                       return new PlaceholderAvatar($folder, $user, $this->logger);
+                       case IAccountManager::SCOPE_PRIVATE:
+                               if ($requestingUser !== null && $this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)) {
+                                       return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
+                               }
+                               break;
+                       case IAccountManager::SCOPE_LOCAL:
+                       case IAccountManager::SCOPE_FEDERATED:
+                       case IAccountManager::SCOPE_PUBLISHED:
+                               return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
+                       default:
+                               // use a placeholder avatar which caches the generated images
+                               return new PlaceholderAvatar($folder, $user, $this->logger);
                }
 
-               return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config);
+               return new PlaceholderAvatar($folder, $user, $this->logger);
        }
 
        /**

diff --git a/tests/lib/Avatar/AvatarManagerTest.php b/tests/lib/Avatar/AvatarManagerTest.php
index ce6981a2a21722184bf0c5d97bcd021fac7fd659..6dfc664abe17d1fbe814b91aed59af70478f1266 100644 (file)
--- a/tests/lib/Avatar/AvatarManagerTest.php
+++ b/tests/lib/Avatar/AvatarManagerTest.php
@@ -161,6 +161,10 @@ class AvatarManagerTest extends \Test\TestCase {
                        ->method('getUID')
                        ->willReturn('valid-user');
 
+               $this->userSession->expects($this->once())
+                       ->method('getUser')
+                       ->willReturn($user);
+
                $folder = $this->createMock(ISimpleFolder::class);
                $this->appData
                        ->expects($this->once())
@@ -168,6 +172,22 @@ class AvatarManagerTest extends \Test\TestCase {
                        ->with('valid-user')
                        ->willReturn($folder);
 
+               $account = $this->createMock(IAccount::class);
+               $this->accountManager->expects($this->once())
+                       ->method('getAccount')
+                       ->with($user)
+                       ->willReturn($account);
+
+               $property = $this->createMock(IAccountProperty::class);
+               $account->expects($this->once())
+                       ->method('getProperty')
+                       ->with(IAccountManager::PROPERTY_AVATAR)
+                       ->willReturn($property);
+
+               $property->expects($this->once())
+                       ->method('getScope')
+                       ->willReturn(IAccountManager::SCOPE_FEDERATED);
+
                $expected = new UserAvatar($folder, $this->l10n, $user, $this->logger, $this->config);
                $this->assertEquals($expected, $this->avatarManager->getAvatar('vaLid-USER'));
        }