diff options
| author | Andy Scherzinger <info@andy-scherzinger.de> | 2023-09-06 17:17:35 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-06 17:17:35 +0200 |
| commit | 0be524db6dc49f1c35997f02263be2948f81f8f9 (patch) | |
| tree | b1c2b3bd759df6501b26553f26c3e6e94adc7131 | |
| parent | dc73199e2f17871e32f2e8d71af16aace72c94c0 (diff) | |
| parent | 82e269c521c612a6a86a4fbf013e33eaeaf586fe (diff) | |
| download | nextcloud-server-0be524db6dc49f1c35997f02263be2948f81f8f9.tar.gz nextcloud-server-0be524db6dc49f1c35997f02263be2948f81f8f9.zip | |
Merge pull request #40291 from nextcloud/backport/39895/stable26
[stable26] admin have no special rights on users' entries
| -rw-r--r-- | apps/files_external/lib/Controller/AjaxController.php | 2 | ||||
| -rw-r--r-- | apps/files_external/tests/Controller/AjaxControllerTest.php | 35 |
2 files changed, 7 insertions, 30 deletions
diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php index db23ecd709d..e41a75a62bc 100644 --- a/apps/files_external/lib/Controller/AjaxController.php +++ b/apps/files_external/lib/Controller/AjaxController.php @@ -108,7 +108,7 @@ class AjaxController extends Controller { $currentUser = $this->userSession->getUser(); // Non-admins can only edit their own credentials - $allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid); + $allowedToEdit = ($currentUser->getUID() === $uid); if ($allowedToEdit) { $this->globalAuth->saveAuth($uid, $user, $password); diff --git a/apps/files_external/tests/Controller/AjaxControllerTest.php b/apps/files_external/tests/Controller/AjaxControllerTest.php index 2ddd64f0e07..304a1807931 100644 --- a/apps/files_external/tests/Controller/AjaxControllerTest.php +++ b/apps/files_external/tests/Controller/AjaxControllerTest.php @@ -102,17 +102,11 @@ class AjaxControllerTest extends TestCase { ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyAdminUid') - ->willReturn(true); $this->globalAuth - ->expects($this->once()) - ->method('saveAuth') - ->with('UidOfTestUser', 'test', 'password'); + ->expects($this->never()) + ->method('saveAuth'); - $this->assertSame(true, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password')); + $this->assertSame(false, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password')); } public function testSaveGlobalCredentialsAsAdminForSelf() { @@ -125,11 +119,6 @@ class AjaxControllerTest extends TestCase { ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyAdminUid') - ->willReturn(true); $this->globalAuth ->expects($this->once()) ->method('saveAuth') @@ -141,20 +130,12 @@ class AjaxControllerTest extends TestCase { public function testSaveGlobalCredentialsAsNormalUserForSelf() { $user = $this->createMock(IUser::class); $user - ->expects($this->exactly(2)) ->method('getUID') ->willReturn('MyUserUid'); $this->userSession - ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyUserUid') - ->willReturn(false); $this->globalAuth - ->expects($this->once()) ->method('saveAuth') ->with('MyUserUid', 'test', 'password'); @@ -164,18 +145,14 @@ class AjaxControllerTest extends TestCase { public function testSaveGlobalCredentialsAsNormalUserForAnotherUser() { $user = $this->createMock(IUser::class); $user - ->expects($this->exactly(2)) ->method('getUID') ->willReturn('MyUserUid'); $this->userSession - ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyUserUid') - ->willReturn(false); + $this->globalAuth + ->expects($this->never()) + ->method('saveAuth'); $this->assertSame(false, $this->ajaxController->saveGlobalCredentials('AnotherUserUid', 'test', 'password')); } |