diff options
| author | Joas Schilling <coding@schilljs.com> | 2023-02-15 13:20:20 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2023-02-23 06:13:00 +0100 |
| commit | c6700150d53423f64c7608f757d3839b84e3932a (patch) | |
| tree | 43a686bcfb2aeb9297bdbd6f476621240128798c /apps/workflowengine/lib/Manager.php | |
| parent | 1d211a4b8923ea007ec974933e590906d6d06091 (diff) | |
| download | nextcloud-server-c6700150d53423f64c7608f757d3839b84e3932a.tar.gz nextcloud-server-c6700150d53423f64c7608f757d3839b84e3932a.zip | |
Validate the scope when validating operations
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/workflowengine/lib/Manager.php')
| -rw-r--r-- | apps/workflowengine/lib/Manager.php | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php index 417e1a1eba6..7ef913bb1a5 100644 --- a/apps/workflowengine/lib/Manager.php +++ b/apps/workflowengine/lib/Manager.php @@ -323,7 +323,7 @@ class Manager implements IManager { string $entity, array $events ) { - $this->validateOperation($class, $name, $checks, $operation, $entity, $events); + $this->validateOperation($class, $name, $checks, $operation, $scope, $entity, $events); $this->connection->beginTransaction(); @@ -396,7 +396,7 @@ class Manager implements IManager { throw new \DomainException('Target operation not within scope'); }; $row = $this->getOperation($id); - $this->validateOperation($row['class'], $name, $checks, $operation, $entity, $events); + $this->validateOperation($row['class'], $name, $checks, $operation, $scopeContext, $entity, $events); $checkIds = []; try { @@ -499,9 +499,12 @@ class Manager implements IManager { * @param string $name * @param array[] $checks * @param string $operation + * @param ScopeContext $scope + * @param string $entity + * @param array $events * @throws \UnexpectedValueException */ - public function validateOperation($class, $name, array $checks, $operation, string $entity, array $events) { + public function validateOperation($class, $name, array $checks, $operation, ScopeContext $scope, string $entity, array $events) { try { /** @var IOperation $instance */ $instance = $this->container->query($class); @@ -513,6 +516,10 @@ class Manager implements IManager { throw new \UnexpectedValueException($this->l->t('Operation %s is invalid', [$class])); } + if (!$instance->isAvailableForScope($scope->getScope())) { + throw new \UnexpectedValueException($this->l->t('Operation %s is invalid', [$class])); + } + $this->validateEvents($entity, $events, $instance); if (count($checks) === 0) { |