Don't further setup disabled users when logging in with apache

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2021-09-23 11:19:02 +0200
committer: Joas Schilling <coding@schilljs.com> 2021-10-11 13:11:45 +0200
commit: e3f59fe2014df7c9027e6192b872dd8f498b4e02 (patch)
tree: 9a890525859a241a08c3f56851f0d7f7efcd7dd4
parent: 6e7ec1dd7a4c148a8dada8868383a68ea6fde026 (diff)
download: nextcloud-server-e3f59fe2014df7c9027e6192b872dd8f498b4e02.tar.gz
nextcloud-server-e3f59fe2014df7c9027e6192b872dd8f498b4e02.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php
index 3638a32589d..5d30bbc1209 100644
--- a/lib/private/legacy/OC_User.php
+++ b/lib/private/legacy/OC_User.php
@@ -36,6 +36,7 @@
  *
  */
 
+use OC\User\LoginException;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\ILogger;
 use OCP\IUserManager;
@@ -171,6 +172,10 @@ class OC_User {
 			if (self::getUser() !== $uid) {
 				self::setUserId($uid);
 				$userSession = \OC::$server->getUserSession();
+				if ($userSession->getUser() && !$userSession->getUser()->isEnabled()) {
+					$message = \OC::$server->getL10N('lib')->t('User disabled');
+					throw new LoginException($message);
+				}
 				$userSession->setLoginName($uid);
 				$request = OC::$server->getRequest();
 				$userSession->createSessionToken($request, $uid, $uid);
author	Joas Schilling <coding@schilljs.com>	2021-09-23 11:19:02 +0200
committer	Joas Schilling <coding@schilljs.com>	2021-10-11 13:11:45 +0200
commit	e3f59fe2014df7c9027e6192b872dd8f498b4e02 (patch)
tree	9a890525859a241a08c3f56851f0d7f7efcd7dd4
parent	6e7ec1dd7a4c148a8dada8868383a68ea6fde026 (diff)
download	nextcloud-server-e3f59fe2014df7c9027e6192b872dd8f498b4e02.tar.gz nextcloud-server-e3f59fe2014df7c9027e6192b872dd8f498b4e02.zip