diff options
author | Maxence Lange <maxence@artificial-owl.com> | 2023-08-31 16:00:21 -0100 |
---|---|---|
committer | backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com> | 2023-09-06 12:40:46 +0000 |
commit | 82e269c521c612a6a86a4fbf013e33eaeaf586fe (patch) | |
tree | b1c2b3bd759df6501b26553f26c3e6e94adc7131 | |
parent | dc73199e2f17871e32f2e8d71af16aace72c94c0 (diff) | |
download | nextcloud-server-82e269c521c612a6a86a4fbf013e33eaeaf586fe.tar.gz nextcloud-server-82e269c521c612a6a86a4fbf013e33eaeaf586fe.zip |
admin have no special rights on users' entries
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-rw-r--r-- | apps/files_external/lib/Controller/AjaxController.php | 2 | ||||
-rw-r--r-- | apps/files_external/tests/Controller/AjaxControllerTest.php | 35 |
2 files changed, 7 insertions, 30 deletions
diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php index db23ecd709d..e41a75a62bc 100644 --- a/apps/files_external/lib/Controller/AjaxController.php +++ b/apps/files_external/lib/Controller/AjaxController.php @@ -108,7 +108,7 @@ class AjaxController extends Controller { $currentUser = $this->userSession->getUser(); // Non-admins can only edit their own credentials - $allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid); + $allowedToEdit = ($currentUser->getUID() === $uid); if ($allowedToEdit) { $this->globalAuth->saveAuth($uid, $user, $password); diff --git a/apps/files_external/tests/Controller/AjaxControllerTest.php b/apps/files_external/tests/Controller/AjaxControllerTest.php index 2ddd64f0e07..304a1807931 100644 --- a/apps/files_external/tests/Controller/AjaxControllerTest.php +++ b/apps/files_external/tests/Controller/AjaxControllerTest.php @@ -102,17 +102,11 @@ class AjaxControllerTest extends TestCase { ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyAdminUid') - ->willReturn(true); $this->globalAuth - ->expects($this->once()) - ->method('saveAuth') - ->with('UidOfTestUser', 'test', 'password'); + ->expects($this->never()) + ->method('saveAuth'); - $this->assertSame(true, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password')); + $this->assertSame(false, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password')); } public function testSaveGlobalCredentialsAsAdminForSelf() { @@ -125,11 +119,6 @@ class AjaxControllerTest extends TestCase { ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyAdminUid') - ->willReturn(true); $this->globalAuth ->expects($this->once()) ->method('saveAuth') @@ -141,20 +130,12 @@ class AjaxControllerTest extends TestCase { public function testSaveGlobalCredentialsAsNormalUserForSelf() { $user = $this->createMock(IUser::class); $user - ->expects($this->exactly(2)) ->method('getUID') ->willReturn('MyUserUid'); $this->userSession - ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyUserUid') - ->willReturn(false); $this->globalAuth - ->expects($this->once()) ->method('saveAuth') ->with('MyUserUid', 'test', 'password'); @@ -164,18 +145,14 @@ class AjaxControllerTest extends TestCase { public function testSaveGlobalCredentialsAsNormalUserForAnotherUser() { $user = $this->createMock(IUser::class); $user - ->expects($this->exactly(2)) ->method('getUID') ->willReturn('MyUserUid'); $this->userSession - ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyUserUid') - ->willReturn(false); + $this->globalAuth + ->expects($this->never()) + ->method('saveAuth'); $this->assertSame(false, $this->ajaxController->saveGlobalCredentials('AnotherUserUid', 'test', 'password')); } |