aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulius Härtl <jus@bitgrid.net>2020-03-19 15:40:04 +0100
committerJohn Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>2020-04-11 08:28:15 +0200
commite7249de14568085d86c859326a55d4648209fd89 (patch)
tree2e9bdc75bf941ddc43ef12580fc415183baf3527
parente5ac5c7f34a6551f0880f05cba7f7b9c871d0b0e (diff)
downloadnextcloud-server-e7249de14568085d86c859326a55d4648209fd89.tar.gz
nextcloud-server-e7249de14568085d86c859326a55d4648209fd89.zip
Make the groupId url encoded
Signed-off-by: Julius Härtl <jus@bitgrid.net>
-rw-r--r--apps/provisioning_api/lib/Controller/GroupsController.php7
1 files changed, 7 insertions, 0 deletions
diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php
index 7f2da88a097..fa72e5ad5d4 100644
--- a/apps/provisioning_api/lib/Controller/GroupsController.php
+++ b/apps/provisioning_api/lib/Controller/GroupsController.php
@@ -151,6 +151,8 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function getGroupUsers(string $groupId): DataResponse {
+ $groupId = urldecode($groupId);
+
$user = $this->userSession->getUser();
$isSubadminOfGroup = false;
@@ -190,6 +192,7 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function getGroupUsersDetails(string $groupId, string $search = '', int $limit = null, int $offset = 0): DataResponse {
+ $groupId = urldecode($groupId);
$currentUser = $this->userSession->getUser();
// Check the group exists
@@ -262,6 +265,8 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function updateGroup(string $groupId, string $key, string $value): DataResponse {
+ $groupId = urldecode($groupId);
+
if ($key === 'displayname') {
$group = $this->groupManager->get($groupId);
if ($group->setDisplayName($value)) {
@@ -282,6 +287,8 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function deleteGroup(string $groupId): DataResponse {
+ $groupId = urldecode($groupId);
+
// Check it exists
if (!$this->groupManager->groupExists($groupId)) {
throw new OCSException('', 101);