diff options
| author | Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com> | 2024-06-25 09:48:24 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-25 09:48:24 +0200 |
| commit | 369c552e41bc6e560b3dbcd29f8b0bcf7fa28f19 (patch) | |
| tree | 88fa06813529061decb1085f207a2d700fa06cee | |
| parent | ffa8b00bdd74349938cf7a1d433420d0d91adf91 (diff) | |
| parent | e93866f90496bb7e8f9a99c56f1cc583d79051fd (diff) | |
| download | nextcloud-server-369c552e41bc6e560b3dbcd29f8b0bcf7fa28f19.tar.gz nextcloud-server-369c552e41bc6e560b3dbcd29f8b0bcf7fa28f19.zip | |
Merge pull request #46073 from nextcloud/fix/save_global_credentials
| -rw-r--r-- | apps/files_external/lib/Controller/AjaxController.php | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php index 72c8b6cd25b..dcc1c1b57de 100644 --- a/apps/files_external/lib/Controller/AjaxController.php +++ b/apps/files_external/lib/Controller/AjaxController.php @@ -84,15 +84,21 @@ class AjaxController extends Controller { */ public function saveGlobalCredentials($uid, $user, $password) { $currentUser = $this->userSession->getUser(); + if ($currentUser === null) { + return false; + } // Non-admins can only edit their own credentials - $allowedToEdit = ($currentUser->getUID() === $uid); + // Admin can edit global credentials + $allowedToEdit = $uid === '' + ? $this->groupManager->isAdmin($currentUser->getUID()) + : $currentUser->getUID() === $uid; if ($allowedToEdit) { $this->globalAuth->saveAuth($uid, $user, $password); return true; - } else { - return false; } + + return false; } } |