]> source.dussan.org Git - nextcloud-server.git/commitdiff
Also check the scope when reading operations from the database 36814/head
authorJoas Schilling <coding@schilljs.com>
Wed, 15 Feb 2023 14:36:32 +0000 (15:36 +0100)
committerJoas Schilling <coding@schilljs.com>
Thu, 23 Feb 2023 05:13:00 +0000 (06:13 +0100)
Signed-off-by: Joas Schilling <coding@schilljs.com>
apps/workflowengine/lib/Manager.php
apps/workflowengine/tests/ManagerTest.php

index 7ef913bb1a517646f1d16e42b8b2d9ea9892186a..674cfc653136a10f025e6fdba57852b0dc69c57b 100644 (file)
@@ -200,6 +200,13 @@ class Manager implements IManager {
                        return $scopesByOperation[$operationClass];
                }
 
+               try {
+                       /** @var IOperation $operation */
+                       $operation = $this->container->query($operationClass);
+               } catch (QueryException $e) {
+                       return [];
+               }
+
                $query = $this->connection->getQueryBuilder();
 
                $query->selectDistinct('s.type')
@@ -214,6 +221,11 @@ class Manager implements IManager {
                $scopesByOperation[$operationClass] = [];
                while ($row = $result->fetch()) {
                        $scope = new ScopeContext($row['type'], $row['value']);
+
+                       if (!$operation->isAvailableForScope((int) $row['type'])) {
+                               continue;
+                       }
+
                        $scopesByOperation[$operationClass][$scope->getHash()] = $scope;
                }
 
@@ -243,6 +255,17 @@ class Manager implements IManager {
 
                $this->operations[$scopeContext->getHash()] = [];
                while ($row = $result->fetch()) {
+                       try {
+                               /** @var IOperation $operation */
+                               $operation = $this->container->query($row['class']);
+                       } catch (QueryException $e) {
+                               continue;
+                       }
+
+                       if (!$operation->isAvailableForScope((int) $row['scope_type'])) {
+                               continue;
+                       }
+
                        if (!isset($this->operations[$scopeContext->getHash()][$row['class']])) {
                                $this->operations[$scopeContext->getHash()][$row['class']] = [];
                        }
index bb77377210e888c7633cd863198a8f589d4d97d5..543b4550ca6aa2b18f4ff2a0819fbf074d670a0a 100644 (file)
@@ -30,6 +30,7 @@ use OC\L10N\L10N;
 use OCA\WorkflowEngine\Entity\File;
 use OCA\WorkflowEngine\Helper\ScopeContext;
 use OCA\WorkflowEngine\Manager;
+use OCP\AppFramework\QueryException;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\Files\Events\Node\NodeCreatedEvent;
 use OCP\Files\IRootFolder;
@@ -205,6 +206,32 @@ class ManagerTest extends TestCase {
                $userScope = $this->buildScope('jackie');
                $entity = File::class;
 
+               $adminOperation = $this->createMock(IOperation::class);
+               $adminOperation->expects($this->any())
+                       ->method('isAvailableForScope')
+                       ->willReturnMap([
+                               [IManager::SCOPE_ADMIN, true],
+                               [IManager::SCOPE_USER, false],
+                       ]);
+               $userOperation = $this->createMock(IOperation::class);
+               $userOperation->expects($this->any())
+                       ->method('isAvailableForScope')
+                       ->willReturnMap([
+                               [IManager::SCOPE_ADMIN, false],
+                               [IManager::SCOPE_USER, true],
+                       ]);
+
+               $this->container->expects($this->any())
+                       ->method('query')
+                       ->willReturnCallback(function ($className) use ($adminOperation, $userOperation) {
+                               switch ($className) {
+                                       case 'OCA\WFE\TestAdminOp':
+                                               return $adminOperation;
+                                       case 'OCA\WFE\TestUserOp':
+                                               return $userOperation;
+                               }
+                       });
+
                $opId1 = $this->invokePrivate(
                        $this->manager,
                        'insertOperation',
@@ -225,6 +252,13 @@ class ManagerTest extends TestCase {
                );
                $this->invokePrivate($this->manager, 'addScope', [$opId3, $userScope]);
 
+               $opId4 = $this->invokePrivate(
+                       $this->manager,
+                       'insertOperation',
+                       ['OCA\WFE\TestAdminOp', 'Test04', [41, 10, 4], 'NoBar', $entity, []]
+               );
+               $this->invokePrivate($this->manager, 'addScope', [$opId4, $userScope]);
+
                $adminOps = $this->manager->getAllOperations($adminScope);
                $userOps = $this->manager->getAllOperations($userScope);
 
@@ -275,6 +309,25 @@ class ManagerTest extends TestCase {
                );
                $this->invokePrivate($this->manager, 'addScope', [$opId5, $userScope]);
 
+               $operation = $this->createMock(IOperation::class);
+               $operation->expects($this->any())
+                       ->method('isAvailableForScope')
+                       ->willReturnMap([
+                               [IManager::SCOPE_ADMIN, true],
+                               [IManager::SCOPE_USER, true],
+                       ]);
+
+               $this->container->expects($this->any())
+                       ->method('query')
+                       ->willReturnCallback(function ($className) use ($operation) {
+                               switch ($className) {
+                                       case 'OCA\WFE\TestOp':
+                                               return $operation;
+                                       case 'OCA\WFE\OtherTestOp':
+                                               throw new QueryException();
+                               }
+                       });
+
                $adminOps = $this->manager->getOperations('OCA\WFE\TestOp', $adminScope);
                $userOps = $this->manager->getOperations('OCA\WFE\TestOp', $userScope);