summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorRalph Krimmel <rkrimme1@gwdg.de>2015-12-18 10:54:36 +0100
committerMorris Jobke <hey@morrisjobke.de>2016-01-08 15:32:31 +0100
commit26d0f42dac7c4d38d91cd7c8cf589808dcd40b03 (patch)
treeaf0da68c55b8b6fcc81ed24ec1c0061493baafc6 /apps
parent427dbdabbac4c2f476c991acddcfd56c2f47cce8 (diff)
downloadnextcloud-server-26d0f42dac7c4d38d91cd7c8cf589808dcd40b03.tar.gz
nextcloud-server-26d0f42dac7c4d38d91cd7c8cf589808dcd40b03.zip
Respect user enumeration
Respect shareapi_allow_share_dialog_user_enumeration in user_ldap filter generation function to increase search performance in sharing dialog.
Diffstat (limited to 'apps')
-rw-r--r--apps/user_ldap/lib/access.php21
1 files changed, 19 insertions, 2 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 693a420a74d..7d2d355f9b4 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -1193,7 +1193,7 @@ class Access extends LDAPUtility implements user\IUserTools {
$searchWords = explode(' ', trim($search));
$wordFilters = array();
foreach($searchWords as $word) {
- $word .= '*';
+ $word = $this->prepareSearchTerm($word);
//every word needs to appear at least once
$wordMatchOneAttrFilters = array();
foreach($searchAttributes as $attr) {
@@ -1226,7 +1226,8 @@ class Access extends LDAPUtility implements user\IUserTools {
);
}
}
- $search = empty($search) ? '*' : $search.'*';
+
+ $search = $this->prepareSearchTerm($search);
if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
if(empty($fallbackAttribute)) {
return '';
@@ -1244,6 +1245,22 @@ class Access extends LDAPUtility implements user\IUserTools {
}
/**
+ * returns the search term depending on whether we are allowed
+ * list users found by ldap with the current input appended by
+ * a *
+ * @return string
+ */
+ private function prepareSearchTerm($term) {
+ $config = \OC::$server->getConfig();
+
+ $allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
+
+ $result = empty($term) ? '*' :
+ $allowEnum !== 'no' ? $term . '*' : $term;
+ return $result;
+ }
+
+ /**
* returns the filter used for counting users
* @return string
*/