summaryrefslogtreecommitdiffstats
path: root/apps/provisioning_api
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2017-06-02 10:09:42 +0200
committerJoas Schilling <coding@schilljs.com>2017-06-02 10:09:42 +0200
commit0e26ba4c2adec21de3b5239a646bb4dbde44b2f4 (patch)
treeaa0f6d2507ebfb31a32f9c67868f7011f5cba7a7 /apps/provisioning_api
parent8801b68d45443f9b4abd001bd6e804a32390d12f (diff)
downloadnextcloud-server-0e26ba4c2adec21de3b5239a646bb4dbde44b2f4.tar.gz
nextcloud-server-0e26ba4c2adec21de3b5239a646bb4dbde44b2f4.zip
Don't allow the user to set fields they can't see
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/provisioning_api')
-rw-r--r--apps/provisioning_api/lib/Controller/UsersController.php31
-rw-r--r--apps/provisioning_api/tests/Controller/UsersControllerTest.php11
2 files changed, 33 insertions, 9 deletions
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index 6e34fe53eb3..132727eecbd 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -32,6 +32,7 @@ namespace OCA\Provisioning_API\Controller;
use OC\Accounts\AccountManager;
use OC\Settings\Mailer\NewUserMailHelper;
use OC_Helper;
+use OCP\App\IAppManager;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\OCS\OCSForbiddenException;
@@ -52,6 +53,8 @@ class UsersController extends OCSController {
private $userManager;
/** @var IConfig */
private $config;
+ /** @var IAppManager */
+ private $appManager;
/** @var IGroupManager|\OC\Group\Manager */ // FIXME Requires a method that is not on the interface
private $groupManager;
/** @var IUserSession */
@@ -70,6 +73,7 @@ class UsersController extends OCSController {
* @param IRequest $request
* @param IUserManager $userManager
* @param IConfig $config
+ * @param IAppManager $appManager
* @param IGroupManager $groupManager
* @param IUserSession $userSession
* @param AccountManager $accountManager
@@ -81,6 +85,7 @@ class UsersController extends OCSController {
IRequest $request,
IUserManager $userManager,
IConfig $config,
+ IAppManager $appManager,
IGroupManager $groupManager,
IUserSession $userSession,
AccountManager $accountManager,
@@ -91,6 +96,7 @@ class UsersController extends OCSController {
$this->userManager = $userManager;
$this->config = $config;
+ $this->appManager = $appManager;
$this->groupManager = $groupManager;
$this->userSession = $userSession;
$this->accountManager = $accountManager;
@@ -309,14 +315,25 @@ class UsersController extends OCSController {
$permittedFields = [];
if($targetUser->getUID() === $currentLoggedInUser->getUID()) {
// Editing self (display, email)
- $permittedFields[] = 'display';
- $permittedFields[] = AccountManager::PROPERTY_DISPLAYNAME;
- $permittedFields[] = AccountManager::PROPERTY_EMAIL;
+ if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
+ $permittedFields[] = 'display';
+ $permittedFields[] = AccountManager::PROPERTY_DISPLAYNAME;
+ $permittedFields[] = AccountManager::PROPERTY_EMAIL;
+ }
+
$permittedFields[] = 'password';
- $permittedFields[] = AccountManager::PROPERTY_PHONE;
- $permittedFields[] = AccountManager::PROPERTY_ADDRESS;
- $permittedFields[] = AccountManager::PROPERTY_WEBSITE;
- $permittedFields[] = AccountManager::PROPERTY_TWITTER;
+
+ if ($this->appManager->isEnabledForUser('federatedfilesharing')) {
+ $federatedFileSharing = new \OCA\FederatedFileSharing\AppInfo\Application();
+ $shareProvider = $federatedFileSharing->getFederatedShareProvider();
+ if ($shareProvider->isLookupServerUploadEnabled()) {
+ $permittedFields[] = AccountManager::PROPERTY_PHONE;
+ $permittedFields[] = AccountManager::PROPERTY_ADDRESS;
+ $permittedFields[] = AccountManager::PROPERTY_WEBSITE;
+ $permittedFields[] = AccountManager::PROPERTY_TWITTER;
+ }
+ }
+
// If admin they can edit their own quota
if($this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
$permittedFields[] = 'quota';
diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php
index 57e1d2eac66..61205b45900 100644
--- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php
+++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php
@@ -32,6 +32,7 @@ namespace OCA\Provisioning_API\Tests\Controller;
use Exception;
use OC\Accounts\AccountManager;
use OC\Group\Manager;
+use OCP\App\IAppManager;
use OCP\Mail\IEMailTemplate;
use OC\Settings\Mailer\NewUserMailHelper;
use OC\SubAdmin;
@@ -58,6 +59,8 @@ class UsersControllerTest extends TestCase {
protected $userManager;
/** @var IConfig|PHPUnit_Framework_MockObject_MockObject */
protected $config;
+ /** @var IAppManager|PHPUnit_Framework_MockObject_MockObject */
+ protected $appManager;
/** @var Manager|PHPUnit_Framework_MockObject_MockObject */
protected $groupManager;
/** @var IUserSession|PHPUnit_Framework_MockObject_MockObject */
@@ -66,9 +69,9 @@ class UsersControllerTest extends TestCase {
protected $logger;
/** @var UsersController|PHPUnit_Framework_MockObject_MockObject */
protected $api;
- /** @var AccountManager|PHPUnit_Framework_MockObject_MockObject */
+ /** @var AccountManager|PHPUnit_Framework_MockObject_MockObject */
protected $accountManager;
- /** @var IRequest|PHPUnit_Framework_MockObject_MockObject */
+ /** @var IRequest|PHPUnit_Framework_MockObject_MockObject */
protected $request;
/** @var IFactory|PHPUnit_Framework_MockObject_MockObject */
private $l10nFactory;
@@ -80,6 +83,7 @@ class UsersControllerTest extends TestCase {
$this->userManager = $this->createMock(IUserManager::class);
$this->config = $this->createMock(IConfig::class);
+ $this->appManager = $this->createMock(IAppManager::class);
$this->groupManager = $this->createMock(Manager::class);
$this->userSession = $this->createMock(IUserSession::class);
$this->logger = $this->createMock(ILogger::class);
@@ -94,6 +98,7 @@ class UsersControllerTest extends TestCase {
$this->request,
$this->userManager,
$this->config,
+ $this->appManager,
$this->groupManager,
$this->userSession,
$this->accountManager,
@@ -2647,6 +2652,7 @@ class UsersControllerTest extends TestCase {
$this->request,
$this->userManager,
$this->config,
+ $this->appManager,
$this->groupManager,
$this->userSession,
$this->accountManager,
@@ -2707,6 +2713,7 @@ class UsersControllerTest extends TestCase {
$this->request,
$this->userManager,
$this->config,
+ $this->appManager,
$this->groupManager,
$this->userSession,
$this->accountManager,