diff options
| author | Joas Schilling <coding@schilljs.com> | 2021-11-05 10:44:51 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2021-11-09 10:10:53 +0100 |
| commit | fa036b2001e0505006b6f9fe24d3fc56af937b06 (patch) | |
| tree | 7d102e103cf131ccf3ec8d5650b6a3de13e835e6 /lib/private/Share20 | |
| parent | f4307ef4b16ffa1ea5a9e4697b57be36660a7953 (diff) | |
| download | nextcloud-server-fa036b2001e0505006b6f9fe24d3fc56af937b06.tar.gz nextcloud-server-fa036b2001e0505006b6f9fe24d3fc56af937b06.zip | |
Move common logic to share manager
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/private/Share20')
| -rw-r--r-- | lib/private/Share20/Manager.php | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index ccc2d454a94..1891e3a1283 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -43,6 +43,7 @@ namespace OC\Share20; use OC\Cache\CappedMemoryCache; use OC\Files\Mount\MoveableMount; +use OC\KnownUser\KnownUserService; use OC\Share20\Exception\ProviderException; use OCA\Files_Sharing\AppInfo\Application; use OCA\Files_Sharing\ISharedStorage; @@ -118,7 +119,10 @@ class Manager implements IManager { private $defaults; /** @var IEventDispatcher */ private $dispatcher; + /** @var IUserSession */ private $userSession; + /** @var KnownUserService */ + private $knownUserService; public function __construct( ILogger $logger, @@ -137,7 +141,8 @@ class Manager implements IManager { IURLGenerator $urlGenerator, \OC_Defaults $defaults, IEventDispatcher $dispatcher, - IUserSession $userSession + IUserSession $userSession, + KnownUserService $knownUserService ) { $this->logger = $logger; $this->config = $config; @@ -160,6 +165,7 @@ class Manager implements IManager { $this->defaults = $defaults; $this->dispatcher = $dispatcher; $this->userSession = $userSession; + $this->knownUserService = $knownUserService; } /** @@ -1909,6 +1915,42 @@ class Manager implements IManager { return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes'; } + public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool { + if ($this->allowEnumerationFullMatch()) { + return true; + } + + if (!$this->allowEnumeration()) { + return false; + } + + if (!$this->limitEnumerationToPhone() && !$this->limitEnumerationToGroups()) { + // Enumeration is enabled and not restricted: OK + return true; + } + + if (!$currentUser instanceof IUser) { + // Enumeration restrictions require an account + return false; + } + + // Enumeration is limited to phone match + if ($this->limitEnumerationToPhone() && $this->knownUserService->isKnownToUser($currentUser->getUID(), $targetUser->getUID())) { + return true; + } + + // Enumeration is limited to groups + if ($this->limitEnumerationToGroups()) { + $currentUserGroupIds = $this->groupManager->getUserGroupIds($currentUser); + $targetUserGroupIds = $this->groupManager->getUserGroupIds($targetUser); + if (!empty(array_intersect($currentUserGroupIds, $targetUserGroupIds))) { + return true; + } + } + + return false; + } + /** * Copied from \OC_Util::isSharingDisabledForUser * |