summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulius Härtl <jus@bitgrid.net>2021-12-21 08:11:04 +0100
committerGitHub <noreply@github.com>2021-12-21 08:11:04 +0100
commitd73fe0ccd984d8cf37c4b7b9b3d5622e1ade4ba9 (patch)
treefaf4d3b6eb056b4ff5b6603fccb614ea823e78b6
parent577fb0fcba9accd3fb43f463ef0f8fbc5980277f (diff)
parent2fe8042fff7853b57c9943748bc7dc8b820bd030 (diff)
downloadnextcloud-server-d73fe0ccd984d8cf37c4b7b9b3d5622e1ade4ba9.tar.gz
nextcloud-server-d73fe0ccd984d8cf37c4b7b9b3d5622e1ade4ba9.zip
Merge pull request #29879 from nextcloud/bugfix/noid/sharing-enumeration-addressbooks
-rw-r--r--build/integration/collaboration_features/autocomplete.feature41
-rw-r--r--build/integration/features/bootstrap/CollaborationContext.php57
-rw-r--r--build/integration/features/bootstrap/WebDav.php2
-rw-r--r--lib/private/Collaboration/Collaborators/MailPlugin.php5
-rw-r--r--tests/lib/Collaboration/Collaborators/MailPluginTest.php3
5 files changed, 102 insertions, 6 deletions
diff --git a/build/integration/collaboration_features/autocomplete.feature b/build/integration/collaboration_features/autocomplete.feature
index e20993e420e..df7b81b9148 100644
--- a/build/integration/collaboration_features/autocomplete.feature
+++ b/build/integration/collaboration_features/autocomplete.feature
@@ -38,6 +38,47 @@ Feature: autocomplete
Then get autocomplete for "autocomplete"
| id | source |
+ Scenario: getting autocomplete emails from address book with enumeration
+ Given As an "admin"
+ And sending "PUT" to "/cloud/users/autocomplete" with
+ | key | email |
+ | value | autocomplete@example.com |
+ And there is a contact in an addressbook
+ Then get email autocomplete for "example"
+ | id | source |
+ | autocomplete | users |
+ | user@example.com | emails |
+ Then get email autocomplete for "auto"
+ | id | source |
+ | autocomplete | users |
+ Then get email autocomplete for "example"
+ | id | source |
+ | autocomplete | users |
+ | user@example.com | emails |
+ Then get email autocomplete for "autocomplete@example.com"
+ | id | source |
+ | autocomplete | users |
+
+ Scenario: getting autocomplete emails from address book without enumeration
+ Given As an "admin"
+ And sending "PUT" to "/cloud/users/autocomplete" with
+ | key | email |
+ | value | autocomplete@example.com |
+ And there is a contact in an addressbook
+ And parameter "shareapi_allow_share_dialog_user_enumeration" of app "core" is set to "no"
+ When parameter "shareapi_restrict_user_enumeration_full_match" of app "core" is set to "no"
+ Then get email autocomplete for "example"
+ | id | source |
+ | user@example.com | emails |
+ When parameter "shareapi_restrict_user_enumeration_full_match" of app "core" is set to "yes"
+ Then get email autocomplete for "auto"
+ | id | source |
+ Then get email autocomplete for "example"
+ | id | source |
+ | user@example.com | emails |
+ Then get email autocomplete for "autocomplete@example.com"
+ | id | source |
+ | autocomplete | users |
Scenario: getting autocomplete with limited enumeration by group
Given As an "admin"
diff --git a/build/integration/features/bootstrap/CollaborationContext.php b/build/integration/features/bootstrap/CollaborationContext.php
index 4ac3b6e3971..de7048b70cc 100644
--- a/build/integration/features/bootstrap/CollaborationContext.php
+++ b/build/integration/features/bootstrap/CollaborationContext.php
@@ -33,15 +33,28 @@ require __DIR__ . '/../../vendor/autoload.php';
class CollaborationContext implements Context {
use Provisioning;
use AppConfiguration;
+ use WebDav;
/**
* @Then /^get autocomplete for "([^"]*)"$/
* @param TableNode|null $formData
*/
- public function getAutocomplete(string $search, TableNode $formData): void {
+ public function getAutocompleteForUser(string $search, TableNode $formData): void {
+ $this->getAutocompleteWithType(0, $search, $formData);
+ }
+
+ /**
+ * @Then /^get email autocomplete for "([^"]*)"$/
+ * @param TableNode|null $formData
+ */
+ public function getAutocompleteForEmail(string $search, TableNode $formData): void {
+ $this->getAutocompleteWithType(4, $search, $formData);
+ }
+
+ private function getAutocompleteWithType(int $type, string $search, TableNode $formData): void {
$query = $search === 'null' ? null : $search;
- $this->sendRequestForJSON('GET', '/core/autocomplete/get?itemType=files&itemId=123&search=' . $query, [
+ $this->sendRequestForJSON('GET', '/core/autocomplete/get?itemType=files&itemId=123&shareTypes[]=' . $type . '&search=' . $query, [
'itemType' => 'files',
'itemId' => '123',
'search' => $query,
@@ -64,6 +77,46 @@ class CollaborationContext implements Context {
}, $suggestions, $formData->getHash()));
}
+ /**
+ * @Given /^there is a contact in an addressbook$/
+ */
+ public function thereIsAContactInAnAddressbook() {
+ $this->usingNewDavPath();
+ try {
+ $destination = '/users/admin/myaddressbook';
+ $data = '<x0:mkcol xmlns:x0="DAV:"><x0:set><x0:prop><x0:resourcetype><x0:collection/><x4:addressbook xmlns:x4="urn:ietf:params:xml:ns:carddav"/></x0:resourcetype><x0:displayname>myaddressbook</x0:displayname></x0:prop></x0:set></x0:mkcol>';
+ $this->response = $this->makeDavRequest($this->currentUser, "MKCOL", $destination, ['Content-Type' => 'application/xml'], $data, "addressbooks");
+ } catch (\GuzzleHttp\Exception\ServerException $e) {
+ // 5xx responses cause a server exception
+ $this->response = $e->getResponse();
+ } catch (\GuzzleHttp\Exception\ClientException $e) {
+ // 4xx responses cause a client exception
+ $this->response = $e->getResponse();
+ }
+
+ try {
+ $destination = '/users/admin/myaddressbook/contact1.vcf';
+ $data = <<<EOF
+BEGIN:VCARD
+VERSION:4.0
+PRODID:-//Nextcloud Contacts v4.0.2
+UID:a0f4088a-4dca-4308-9b63-09a1ebcf78f3
+FN:A person
+ADR;TYPE=HOME:;;;;;;
+EMAIL;TYPE=HOME:user@example.com
+REV;VALUE=DATE-AND-OR-TIME:20211130T140111Z
+END:VCARD
+EOF;
+ $this->response = $this->makeDavRequest($this->currentUser, "PUT", $destination, [], $data, "addressbooks");
+ } catch (\GuzzleHttp\Exception\ServerException $e) {
+ // 5xx responses cause a server exception
+ $this->response = $e->getResponse();
+ } catch (\GuzzleHttp\Exception\ClientException $e) {
+ // 4xx responses cause a client exception
+ $this->response = $e->getResponse();
+ }
+ }
+
protected function resetAppConfigs(): void {
$this->deleteServerConfig('core', 'shareapi_allow_share_dialog_user_enumeration');
$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_group');
diff --git a/build/integration/features/bootstrap/WebDav.php b/build/integration/features/bootstrap/WebDav.php
index aeae6ce3ba8..2db51d8b22f 100644
--- a/build/integration/features/bootstrap/WebDav.php
+++ b/build/integration/features/bootstrap/WebDav.php
@@ -90,6 +90,8 @@ trait WebDav {
$fullUrl = substr($this->baseUrl, 0, -4) . $this->getDavFilesPath($user) . "$path";
} elseif ($type === "uploads") {
$fullUrl = substr($this->baseUrl, 0, -4) . $this->davPath . "$path";
+ } else {
+ $fullUrl = substr($this->baseUrl, 0, -4) . $this->davPath . '/' . $type . "$path";
}
$client = new GClient();
$options = [
diff --git a/lib/private/Collaboration/Collaborators/MailPlugin.php b/lib/private/Collaboration/Collaborators/MailPlugin.php
index c0d0a55a1a1..9e35aa828da 100644
--- a/lib/private/Collaboration/Collaborators/MailPlugin.php
+++ b/lib/private/Collaboration/Collaborators/MailPlugin.php
@@ -239,10 +239,7 @@ class MailPlugin implements ISearchPlugin {
}
$reachedEnd = true;
- if (!$this->shareeEnumeration) {
- $result['wide'] = [];
- $userResults['wide'] = [];
- } else {
+ if ($this->shareeEnumeration) {
$reachedEnd = (count($result['wide']) < $offset + $limit) &&
(count($userResults['wide']) < $offset + $limit);
diff --git a/tests/lib/Collaboration/Collaborators/MailPluginTest.php b/tests/lib/Collaboration/Collaborators/MailPluginTest.php
index ad18666e0ae..2b71820af52 100644
--- a/tests/lib/Collaboration/Collaborators/MailPluginTest.php
+++ b/tests/lib/Collaboration/Collaborators/MailPluginTest.php
@@ -209,6 +209,7 @@ class MailPluginTest extends TestCase {
],
],
[
+ 'isLocalSystemBook' => true,
'UID' => 'uid1',
'FN' => 'User @ Localhost',
'EMAIL' => [
@@ -263,6 +264,7 @@ class MailPluginTest extends TestCase {
],
],
[
+ 'isLocalSystemBook' => true,
'UID' => 'uid1',
'FN' => 'User @ Localhost',
'EMAIL' => [
@@ -373,6 +375,7 @@ class MailPluginTest extends TestCase {
],
],
[
+ 'isLocalSystemBook' => true,
'UID' => 'uid1',
'FN' => 'User @ Localhost',
'EMAIL' => [