diff options
author | Ralph Krimmel <rkrimme1@gwdg.de> | 2015-12-18 10:54:36 +0100 |
---|---|---|
committer | Morris Jobke <hey@morrisjobke.de> | 2016-01-08 15:32:31 +0100 |
commit | 26d0f42dac7c4d38d91cd7c8cf589808dcd40b03 (patch) | |
tree | af0da68c55b8b6fcc81ed24ec1c0061493baafc6 /apps | |
parent | 427dbdabbac4c2f476c991acddcfd56c2f47cce8 (diff) | |
download | nextcloud-server-26d0f42dac7c4d38d91cd7c8cf589808dcd40b03.tar.gz nextcloud-server-26d0f42dac7c4d38d91cd7c8cf589808dcd40b03.zip |
Respect user enumeration
Respect shareapi_allow_share_dialog_user_enumeration in user_ldap filter
generation function to increase search performance in sharing dialog.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/user_ldap/lib/access.php | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 693a420a74d..7d2d355f9b4 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -1193,7 +1193,7 @@ class Access extends LDAPUtility implements user\IUserTools { $searchWords = explode(' ', trim($search)); $wordFilters = array(); foreach($searchWords as $word) { - $word .= '*'; + $word = $this->prepareSearchTerm($word); //every word needs to appear at least once $wordMatchOneAttrFilters = array(); foreach($searchAttributes as $attr) { @@ -1226,7 +1226,8 @@ class Access extends LDAPUtility implements user\IUserTools { ); } } - $search = empty($search) ? '*' : $search.'*'; + + $search = $this->prepareSearchTerm($search); if(!is_array($searchAttributes) || count($searchAttributes) === 0) { if(empty($fallbackAttribute)) { return ''; @@ -1244,6 +1245,22 @@ class Access extends LDAPUtility implements user\IUserTools { } /** + * returns the search term depending on whether we are allowed + * list users found by ldap with the current input appended by + * a * + * @return string + */ + private function prepareSearchTerm($term) { + $config = \OC::$server->getConfig(); + + $allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes'); + + $result = empty($term) ? '*' : + $allowEnum !== 'no' ? $term . '*' : $term; + return $result; + } + + /** * returns the filter used for counting users * @return string */ |