Merge pull request #20127 from nextcloud/bugfix/noid/check-user-on-remote-wipe

Check the user on remote wipe
author: Roeland Jago Douma <rullzer@users.noreply.github.com> 2020-03-24 20:26:52 +0100
committer: GitHub <noreply@github.com> 2020-03-24 20:26:52 +0100
commit: 3b26bfe879e7ebd3eeef1ef767cbacc8acd20293 (patch)
tree: 01711f01b31ea08d01372c4ef7dba97ef1623f60 /apps/settings/lib
parent: 3e338c907533dd77599b576ecfadd44b3d1a9855 (diff)
parent: 9935c71ec310b45a7cfcf0bad286eace4192ebb4 (diff)
download: nextcloud-server-3b26bfe879e7ebd3eeef1ef767cbacc8acd20293.tar.gz
nextcloud-server-3b26bfe879e7ebd3eeef1ef767cbacc8acd20293.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php
index 7248127fd6b..7f6d74e5fc7 100644
--- a/apps/settings/lib/Controller/AuthSettingsController.php
+++ b/apps/settings/lib/Controller/AuthSettingsController.php
@@ -289,7 +289,13 @@ class AuthSettingsController extends Controller {
 	 * @throws \OC\Authentication\Exceptions\ExpiredTokenException
 	 */
 	public function wipe(int $id): JSONResponse {
-		if (!$this->remoteWipe->markTokenForWipe($id)) {
+		try {
+			$token = $this->findTokenByIdAndUser($id);
+		} catch (InvalidTokenException $e) {
+			return new JSONResponse([], Http::STATUS_NOT_FOUND);
+		}
+
+		if (!$this->remoteWipe->markTokenForWipe($token)) {
 			return new JSONResponse([], Http::STATUS_BAD_REQUEST);
 		}
author	Roeland Jago Douma <rullzer@users.noreply.github.com>	2020-03-24 20:26:52 +0100
committer	GitHub <noreply@github.com>	2020-03-24 20:26:52 +0100
commit	3b26bfe879e7ebd3eeef1ef767cbacc8acd20293 (patch)
tree	01711f01b31ea08d01372c4ef7dba97ef1623f60 /apps/settings/lib
parent	3e338c907533dd77599b576ecfadd44b3d1a9855 (diff)
parent	9935c71ec310b45a7cfcf0bad286eace4192ebb4 (diff)
download	nextcloud-server-3b26bfe879e7ebd3eeef1ef767cbacc8acd20293.tar.gz nextcloud-server-3b26bfe879e7ebd3eeef1ef767cbacc8acd20293.zip