summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoas Schilling <213943+nickvergessen@users.noreply.github.com>2022-12-11 13:29:06 +0100
committerGitHub <noreply@github.com>2022-12-11 13:29:06 +0100
commita0d780c3ab7cb704c967ef6b3388d9852cf1fe7f (patch)
tree686499efedcaaa306dd0be4cf839c4b98e04f204
parentedf04a486030b745e1bfaa8b9a9c5b7616edb032 (diff)
parent9c49de711cad4208333033369ef25c92a39953c3 (diff)
downloadnextcloud-server-a0d780c3ab7cb704c967ef6b3388d9852cf1fe7f.tar.gz
nextcloud-server-a0d780c3ab7cb704c967ef6b3388d9852cf1fe7f.zip
Merge pull request #35712 from nextcloud/backport/35097/stable25
[stable25] Improve email results for sharing
-rw-r--r--lib/private/Collaboration/Collaborators/MailPlugin.php6
-rw-r--r--lib/private/Federation/CloudIdManager.php3
-rw-r--r--lib/private/User/Manager.php70
-rw-r--r--lib/public/IUserManager.php8
4 files changed, 61 insertions, 26 deletions
diff --git a/lib/private/Collaboration/Collaborators/MailPlugin.php b/lib/private/Collaboration/Collaborators/MailPlugin.php
index d34d9fb0087..aa317ec1720 100644
--- a/lib/private/Collaboration/Collaborators/MailPlugin.php
+++ b/lib/private/Collaboration/Collaborators/MailPlugin.php
@@ -101,6 +101,12 @@ class MailPlugin implements ISearchPlugin {
return false;
}
+ // Extract the email address from "Foo Bar <foo.bar@example.tld>" and then search with "foo.bar@example.tld" instead
+ $result = preg_match('/<([^@]+@.+)>$/', $search, $matches);
+ if ($result && filter_var($matches[1], FILTER_VALIDATE_EMAIL)) {
+ return $this->search($matches[1], $limit, $offset, $searchResult);
+ }
+
$currentUserId = $this->userSession->getUser()->getUID();
$result = $userResults = ['wide' => [], 'exact' => []];
diff --git a/lib/private/Federation/CloudIdManager.php b/lib/private/Federation/CloudIdManager.php
index e4e42cb1293..85aae8e5ec5 100644
--- a/lib/private/Federation/CloudIdManager.php
+++ b/lib/private/Federation/CloudIdManager.php
@@ -125,6 +125,9 @@ class CloudIdManager implements ICloudIdManager {
if ($lastValidAtPos !== false) {
$user = substr($id, 0, $lastValidAtPos);
$remote = substr($id, $lastValidAtPos + 1);
+
+ $this->userManager->validateUserId($user);
+
if (!empty($user) && !empty($remote)) {
return new CloudId($id, $user, $remote, $this->getDisplayNameFromContact($id));
}
diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php
index dc31eece414..82fc4d818ad 100644
--- a/lib/private/User/Manager.php
+++ b/lib/private/User/Manager.php
@@ -44,6 +44,8 @@ use OCP\IGroup;
use OCP\IUser;
use OCP\IUserBackend;
use OCP\IUserManager;
+use OCP\L10N\IFactory;
+use OCP\Server;
use OCP\Support\Subscription\IAssertion;
use OCP\User\Backend\IGetRealUIDBackend;
use OCP\User\Backend\ISearchKnownUsersBackend;
@@ -427,31 +429,7 @@ class Manager extends PublicEmitter implements IUserManager {
public function createUserFromBackend($uid, $password, UserInterface $backend) {
$l = \OC::$server->getL10N('lib');
- // Check the name for bad characters
- // Allowed are: "a-z", "A-Z", "0-9" and "_.@-'"
- if (preg_match('/[^a-zA-Z0-9 _.@\-\']/', $uid)) {
- throw new \InvalidArgumentException($l->t('Only the following characters are allowed in a username:'
- . ' "a-z", "A-Z", "0-9", and "_.@-\'"'));
- }
-
- // No empty username
- if (trim($uid) === '') {
- throw new \InvalidArgumentException($l->t('A valid username must be provided'));
- }
-
- // No whitespace at the beginning or at the end
- if (trim($uid) !== $uid) {
- throw new \InvalidArgumentException($l->t('Username contains whitespace at the beginning or at the end'));
- }
-
- // Username only consists of 1 or 2 dots (directory traversal)
- if ($uid === '.' || $uid === '..') {
- throw new \InvalidArgumentException($l->t('Username must not consist of dots only'));
- }
-
- if (!$this->verifyUid($uid)) {
- throw new \InvalidArgumentException($l->t('Username is invalid because files already exist for this user'));
- }
+ $this->validateUserId($uid, true);
// No empty password
if (trim($password) === '') {
@@ -726,7 +704,43 @@ class Manager extends PublicEmitter implements IUserManager {
}));
}
- private function verifyUid(string $uid): bool {
+ /**
+ * @param string $uid
+ * @param bool $checkDataDirectory
+ * @throws \InvalidArgumentException Message is an already translated string with a reason why the id is not valid
+ * @since 26.0.0
+ */
+ public function validateUserId(string $uid, bool $checkDataDirectory = false): void {
+ $l = Server::get(IFactory::class)->get('lib');
+
+ // Check the name for bad characters
+ // Allowed are: "a-z", "A-Z", "0-9" and "_.@-'"
+ if (preg_match('/[^a-zA-Z0-9 _.@\-\']/', $uid)) {
+ throw new \InvalidArgumentException($l->t('Only the following characters are allowed in a username:'
+ . ' "a-z", "A-Z", "0-9", and "_.@-\'"'));
+ }
+
+ // No empty username
+ if (trim($uid) === '') {
+ throw new \InvalidArgumentException($l->t('A valid username must be provided'));
+ }
+
+ // No whitespace at the beginning or at the end
+ if (trim($uid) !== $uid) {
+ throw new \InvalidArgumentException($l->t('Username contains whitespace at the beginning or at the end'));
+ }
+
+ // Username only consists of 1 or 2 dots (directory traversal)
+ if ($uid === '.' || $uid === '..') {
+ throw new \InvalidArgumentException($l->t('Username must not consist of dots only'));
+ }
+
+ if (!$this->verifyUid($uid, $checkDataDirectory)) {
+ throw new \InvalidArgumentException($l->t('Username is invalid because files already exist for this user'));
+ }
+ }
+
+ private function verifyUid(string $uid, bool $checkDataDirectory = false): bool {
$appdata = 'appdata_' . $this->config->getSystemValueString('instanceid');
if (\in_array($uid, [
@@ -740,6 +754,10 @@ class Manager extends PublicEmitter implements IUserManager {
return false;
}
+ if (!$checkDataDirectory) {
+ return true;
+ }
+
$dataDirectory = $this->config->getSystemValueString('datadirectory', \OC::$SERVERROOT . '/data');
return !file_exists(rtrim($dataDirectory, '/') . '/' . $uid);
diff --git a/lib/public/IUserManager.php b/lib/public/IUserManager.php
index af0d5f08809..8caa027468b 100644
--- a/lib/public/IUserManager.php
+++ b/lib/public/IUserManager.php
@@ -212,4 +212,12 @@ interface IUserManager {
* @since 9.1.0
*/
public function getByEmail($email);
+
+ /**
+ * @param string $uid The user ID to validate
+ * @param bool $checkDataDirectory Whether it should be checked if files for the ID exist inside the data directory
+ * @throws \InvalidArgumentException Message is an already translated string with a reason why the ID is not valid
+ * @since 26.0.0
+ */
+ public function validateUserId(string $uid, bool $checkDataDirectory = false): void;
}