diff options
author | Julius Härtl <jus@bitgrid.net> | 2020-03-19 15:40:04 +0100 |
---|---|---|
committer | John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com> | 2020-04-11 08:28:15 +0200 |
commit | e7249de14568085d86c859326a55d4648209fd89 (patch) | |
tree | 2e9bdc75bf941ddc43ef12580fc415183baf3527 | |
parent | e5ac5c7f34a6551f0880f05cba7f7b9c871d0b0e (diff) | |
download | nextcloud-server-e7249de14568085d86c859326a55d4648209fd89.tar.gz nextcloud-server-e7249de14568085d86c859326a55d4648209fd89.zip |
Make the groupId url encoded
Signed-off-by: Julius Härtl <jus@bitgrid.net>
-rw-r--r-- | apps/provisioning_api/lib/Controller/GroupsController.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php index 7f2da88a097..fa72e5ad5d4 100644 --- a/apps/provisioning_api/lib/Controller/GroupsController.php +++ b/apps/provisioning_api/lib/Controller/GroupsController.php @@ -151,6 +151,8 @@ class GroupsController extends AUserData { * @throws OCSException */ public function getGroupUsers(string $groupId): DataResponse { + $groupId = urldecode($groupId); + $user = $this->userSession->getUser(); $isSubadminOfGroup = false; @@ -190,6 +192,7 @@ class GroupsController extends AUserData { * @throws OCSException */ public function getGroupUsersDetails(string $groupId, string $search = '', int $limit = null, int $offset = 0): DataResponse { + $groupId = urldecode($groupId); $currentUser = $this->userSession->getUser(); // Check the group exists @@ -262,6 +265,8 @@ class GroupsController extends AUserData { * @throws OCSException */ public function updateGroup(string $groupId, string $key, string $value): DataResponse { + $groupId = urldecode($groupId); + if ($key === 'displayname') { $group = $this->groupManager->get($groupId); if ($group->setDisplayName($value)) { @@ -282,6 +287,8 @@ class GroupsController extends AUserData { * @throws OCSException */ public function deleteGroup(string $groupId): DataResponse { + $groupId = urldecode($groupId); + // Check it exists if (!$this->groupManager->groupExists($groupId)) { throw new OCSException('', 101); |