diff options
| author | Joas Schilling <coding@schilljs.com> | 2023-02-15 15:36:32 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2023-02-23 06:13:00 +0100 |
| commit | 15fc42966c7788aaf372514b3e0a9a8b1847d26a (patch) | |
| tree | 5e9c5e805b62297800e2133031a2e5fed6b8ba89 /apps/workflowengine | |
| parent | c6700150d53423f64c7608f757d3839b84e3932a (diff) | |
| download | nextcloud-server-15fc42966c7788aaf372514b3e0a9a8b1847d26a.tar.gz nextcloud-server-15fc42966c7788aaf372514b3e0a9a8b1847d26a.zip | |
Also check the scope when reading operations from the database
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/workflowengine')
| -rw-r--r-- | apps/workflowengine/lib/Manager.php | 23 | ||||
| -rw-r--r-- | apps/workflowengine/tests/ManagerTest.php | 53 |
2 files changed, 76 insertions, 0 deletions
diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php index 7ef913bb1a5..674cfc65313 100644 --- a/apps/workflowengine/lib/Manager.php +++ b/apps/workflowengine/lib/Manager.php @@ -200,6 +200,13 @@ class Manager implements IManager { return $scopesByOperation[$operationClass]; } + try { + /** @var IOperation $operation */ + $operation = $this->container->query($operationClass); + } catch (QueryException $e) { + return []; + } + $query = $this->connection->getQueryBuilder(); $query->selectDistinct('s.type') @@ -214,6 +221,11 @@ class Manager implements IManager { $scopesByOperation[$operationClass] = []; while ($row = $result->fetch()) { $scope = new ScopeContext($row['type'], $row['value']); + + if (!$operation->isAvailableForScope((int) $row['type'])) { + continue; + } + $scopesByOperation[$operationClass][$scope->getHash()] = $scope; } @@ -243,6 +255,17 @@ class Manager implements IManager { $this->operations[$scopeContext->getHash()] = []; while ($row = $result->fetch()) { + try { + /** @var IOperation $operation */ + $operation = $this->container->query($row['class']); + } catch (QueryException $e) { + continue; + } + + if (!$operation->isAvailableForScope((int) $row['scope_type'])) { + continue; + } + if (!isset($this->operations[$scopeContext->getHash()][$row['class']])) { $this->operations[$scopeContext->getHash()][$row['class']] = []; } diff --git a/apps/workflowengine/tests/ManagerTest.php b/apps/workflowengine/tests/ManagerTest.php index bb77377210e..543b4550ca6 100644 --- a/apps/workflowengine/tests/ManagerTest.php +++ b/apps/workflowengine/tests/ManagerTest.php @@ -30,6 +30,7 @@ use OC\L10N\L10N; use OCA\WorkflowEngine\Entity\File; use OCA\WorkflowEngine\Helper\ScopeContext; use OCA\WorkflowEngine\Manager; +use OCP\AppFramework\QueryException; use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\Events\Node\NodeCreatedEvent; use OCP\Files\IRootFolder; @@ -205,6 +206,32 @@ class ManagerTest extends TestCase { $userScope = $this->buildScope('jackie'); $entity = File::class; + $adminOperation = $this->createMock(IOperation::class); + $adminOperation->expects($this->any()) + ->method('isAvailableForScope') + ->willReturnMap([ + [IManager::SCOPE_ADMIN, true], + [IManager::SCOPE_USER, false], + ]); + $userOperation = $this->createMock(IOperation::class); + $userOperation->expects($this->any()) + ->method('isAvailableForScope') + ->willReturnMap([ + [IManager::SCOPE_ADMIN, false], + [IManager::SCOPE_USER, true], + ]); + + $this->container->expects($this->any()) + ->method('query') + ->willReturnCallback(function ($className) use ($adminOperation, $userOperation) { + switch ($className) { + case 'OCA\WFE\TestAdminOp': + return $adminOperation; + case 'OCA\WFE\TestUserOp': + return $userOperation; + } + }); + $opId1 = $this->invokePrivate( $this->manager, 'insertOperation', @@ -225,6 +252,13 @@ class ManagerTest extends TestCase { ); $this->invokePrivate($this->manager, 'addScope', [$opId3, $userScope]); + $opId4 = $this->invokePrivate( + $this->manager, + 'insertOperation', + ['OCA\WFE\TestAdminOp', 'Test04', [41, 10, 4], 'NoBar', $entity, []] + ); + $this->invokePrivate($this->manager, 'addScope', [$opId4, $userScope]); + $adminOps = $this->manager->getAllOperations($adminScope); $userOps = $this->manager->getAllOperations($userScope); @@ -275,6 +309,25 @@ class ManagerTest extends TestCase { ); $this->invokePrivate($this->manager, 'addScope', [$opId5, $userScope]); + $operation = $this->createMock(IOperation::class); + $operation->expects($this->any()) + ->method('isAvailableForScope') + ->willReturnMap([ + [IManager::SCOPE_ADMIN, true], + [IManager::SCOPE_USER, true], + ]); + + $this->container->expects($this->any()) + ->method('query') + ->willReturnCallback(function ($className) use ($operation) { + switch ($className) { + case 'OCA\WFE\TestOp': + return $operation; + case 'OCA\WFE\OtherTestOp': + throw new QueryException(); + } + }); + $adminOps = $this->manager->getOperations('OCA\WFE\TestOp', $adminScope); $userOps = $this->manager->getOperations('OCA\WFE\TestOp', $userScope); |