refactor(settings): Replace security annotations with respective attributes

Signed-off-by: provokateurin <kate@provokateurin.de>
author: provokateurin <kate@provokateurin.de> 2024-07-25 13:14:49 +0200
committer: provokateurin <kate@provokateurin.de> 2024-07-27 22:49:43 +0200
commit: f012c996ee378fac2238d9ca7ada378d20e03723 (patch)
tree: 7ec27fda6c12e1e3f6e6bf4b7637bafe6d7527c5 /apps/settings/lib/Controller/UsersController.php
parent: 212a621697cd32b65ea78fa90015cec9d9d1dfe3 (diff)
download: nextcloud-server-f012c996ee378fac2238d9ca7ada378d20e03723.tar.gz
nextcloud-server-f012c996ee378fac2238d9ca7ada378d20e03723.zip
1 files changed, 11 insertions, 10 deletions
diff --git a/apps/settings/lib/Controller/UsersController.php b/apps/settings/lib/Controller/UsersController.php
index 823d3d4cb8b..b677147b162 100644
--- a/apps/settings/lib/Controller/UsersController.php
+++ b/apps/settings/lib/Controller/UsersController.php
@@ -27,7 +27,10 @@ use OCP\Accounts\PropertyDoesNotExistException;
 use OCP\App\IAppManager;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\TemplateResponse;
@@ -72,25 +75,23 @@ class UsersController extends Controller {
 
 
 	/**
-	 * @NoCSRFRequired
-	 * @NoAdminRequired
-	 *
 	 * Display users list template
 	 *
 	 * @return TemplateResponse
 	 */
+	#[NoAdminRequired]
+	#[NoCSRFRequired]
 	public function usersListByGroup(): TemplateResponse {
 		return $this->usersList();
 	}
 
 	/**
-	 * @NoCSRFRequired
-	 * @NoAdminRequired
-	 *
 	 * Display users list template
 	 *
 	 * @return TemplateResponse
 	 */
+	#[NoAdminRequired]
+	#[NoCSRFRequired]
 	public function usersList(): TemplateResponse {
 		$user = $this->userSession->getUser();
 		$uid = $user->getUID();
@@ -293,9 +294,7 @@ class UsersController extends Controller {
 	}
 
 	/**
-	 * @NoAdminRequired
 	 * @NoSubAdminRequired
-	 * @PasswordConfirmationRequired
 	 *
 	 * @param string|null $avatarScope
 	 * @param string|null $displayname
@@ -317,6 +316,8 @@ class UsersController extends Controller {
 	 *
 	 * @return DataResponse
 	 */
+	#[NoAdminRequired]
+	#[PasswordConfirmationRequired]
 	public function setUserSettings(?string $avatarScope = null,
 		?string $displayname = null,
 		?string $displaynameScope = null,
@@ -475,14 +476,14 @@ class UsersController extends Controller {
 	/**
 	 * Set the mail address of a user
 	 *
-	 * @NoAdminRequired
 	 * @NoSubAdminRequired
-	 * @PasswordConfirmationRequired
 	 *
 	 * @param string $account
 	 * @param bool $onlyVerificationCode only return verification code without updating the data
 	 * @return DataResponse
 	 */
+	#[NoAdminRequired]
+	#[PasswordConfirmationRequired]
 	public function getVerificationCode(string $account, bool $onlyVerificationCode): DataResponse {
 		$user = $this->userSession->getUser();
author	provokateurin <kate@provokateurin.de>	2024-07-25 13:14:49 +0200
committer	provokateurin <kate@provokateurin.de>	2024-07-27 22:49:43 +0200
commit	f012c996ee378fac2238d9ca7ada378d20e03723 (patch)
tree	7ec27fda6c12e1e3f6e6bf4b7637bafe6d7527c5 /apps/settings/lib/Controller/UsersController.php
parent	212a621697cd32b65ea78fa90015cec9d9d1dfe3 (diff)
download	nextcloud-server-f012c996ee378fac2238d9ca7ada378d20e03723.tar.gz nextcloud-server-f012c996ee378fac2238d9ca7ada378d20e03723.zip