diff options
| author | Louis <6653109+artonge@users.noreply.github.com> | 2022-05-04 13:38:03 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-04 13:38:03 +0200 |
| commit | 7ccfddbe6462840bfabed1f64e04385ed34f66fc (patch) | |
| tree | a798c3601d984744864cb1bb73d1336b5d66524f | |
| parent | 8fecf3467f778ff9e7a6ad6ab591a32e005c9546 (diff) | |
| parent | e8ab298d2c718c0b6e671c127ffa51d840654cda (diff) | |
| download | nextcloud-server-7ccfddbe6462840bfabed1f64e04385ed34f66fc.tar.gz nextcloud-server-7ccfddbe6462840bfabed1f64e04385ed34f66fc.zip | |
Merge pull request #31963 from nextcloud/feat/use_setting_in_dav_search
Use share setting in DAV search
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/Principal.php | 9 | ||||
| -rw-r--r-- | apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php | 4 | ||||
| -rw-r--r-- | lib/private/Share20/Manager.php | 8 | ||||
| -rw-r--r-- | lib/public/Share/IManager.php | 16 |
4 files changed, 34 insertions, 3 deletions
diff --git a/apps/dav/lib/Connector/Sabre/Principal.php b/apps/dav/lib/Connector/Sabre/Principal.php index c3f06f95783..94e3978e67d 100644 --- a/apps/dav/lib/Connector/Sabre/Principal.php +++ b/apps/dav/lib/Connector/Sabre/Principal.php @@ -270,6 +270,8 @@ class Principal implements BackendInterface { $limitEnumerationGroup = $this->shareManager->limitEnumerationToGroups(); $limitEnumerationPhone = $this->shareManager->limitEnumerationToPhone(); $allowEnumerationFullMatch = $this->shareManager->allowEnumerationFullMatch(); + $ignoreSecondDisplayName = $this->shareManager->ignoreSecondDisplayName(); + $matchEmail = $this->shareManager->matchEmail(); // If sharing is restricted to group members only, // return only members that have groups in common @@ -298,7 +300,7 @@ class Principal implements BackendInterface { switch ($prop) { case '{http://sabredav.org/ns}email-address': if (!$allowEnumeration) { - if ($allowEnumerationFullMatch) { + if ($allowEnumerationFullMatch && $matchEmail) { $users = $this->userManager->getByEmail($value); } else { $users = []; @@ -349,8 +351,9 @@ class Principal implements BackendInterface { if ($allowEnumerationFullMatch) { $lowerSearch = strtolower($value); $users = $this->userManager->searchDisplayName($value, $searchLimit); - $users = \array_filter($users, static function (IUser $user) use ($lowerSearch) { - return strtolower($user->getDisplayName()) === $lowerSearch; + $users = \array_filter($users, static function (IUser $user) use ($lowerSearch, $ignoreSecondDisplayName) { + $lowerDisplayName = strtolower($user->getDisplayName()); + return $lowerDisplayName === $lowerSearch || ($ignoreSecondDisplayName && trim(preg_replace('/ \(.*\)$/', '', $lowerDisplayName)) === $lowerSearch); }); } else { $users = []; diff --git a/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php b/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php index d7c074c9e3b..86413e4a366 100644 --- a/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/PrincipalTest.php @@ -662,6 +662,10 @@ class PrincipalTest extends TestCase { ->method('allowEnumerationFullMatch') ->willReturn(true); + $this->shareManager->expects($this->once()) + ->method('matchEmail') + ->willReturn(true); + $user2 = $this->createMock(IUser::class); $user2->method('getUID')->willReturn('user2'); $user2->method('getDisplayName')->willReturn('User 2'); diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index aab69eae597..eed86bb41c3 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1963,6 +1963,14 @@ class Manager implements IManager { return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes'; } + public function matchEmail(): bool { + return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_email', 'yes') === 'yes'; + } + + public function ignoreSecondDisplayName(): bool { + return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_display_name', 'no') === 'yes'; + } + public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool { if ($this->allowEnumerationFullMatch()) { return true; diff --git a/lib/public/Share/IManager.php b/lib/public/Share/IManager.php index f6b74c4de4a..f207ca87a2c 100644 --- a/lib/public/Share/IManager.php +++ b/lib/public/Share/IManager.php @@ -455,6 +455,22 @@ interface IManager { public function allowEnumerationFullMatch(): bool; /** + * Check if the search should match the email + * + * @return bool + * @since 25.0.0 + */ + public function matchEmail(): bool; + + /** + * Check if the search should ignore the second in parentheses display name if there is any + * + * @return bool + * @since 25.0.0 + */ + public function ignoreSecondDisplayName(): bool; + + /** * Check if the current user can enumerate the target user * * @param IUser|null $currentUser |