diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2024-01-11 13:28:25 +0100 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2024-02-19 18:57:22 +0100 |
| commit | c98b0462e33011a99aeaba582d82e52fdb14c3ae (patch) | |
| tree | fdb3717c78d8d6e3b82207b0b5cb88ff40a95313 /lib/private/legacy | |
| parent | 1bc8129623d15b369a7b6bf7ac65931b0e83455e (diff) | |
| download | nextcloud-server-c98b0462e33011a99aeaba582d82e52fdb14c3ae.tar.gz nextcloud-server-c98b0462e33011a99aeaba582d82e52fdb14c3ae.zip | |
fix(admin role): fix old and wrong way to determine whether user is admin
- fixes Settings knowing who is an admin of non-local group backend groups
- obsoletes and removes a little old, deprecated code
- double checks proper parameter type on Group\Manager::isAdmin
- also fixes legacy OC_User code to check whether user is an admin
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'lib/private/legacy')
| -rw-r--r-- | lib/private/legacy/OC_User.php | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php index cefdd0ad2ee..47890fd8dda 100644 --- a/lib/private/legacy/OC_User.php +++ b/lib/private/legacy/OC_User.php @@ -38,7 +38,10 @@ use OC\User\LoginException; use OCP\EventDispatcher\IEventDispatcher; +use OCP\IGroupManager; +use OCP\IUser; use OCP\IUserManager; +use OCP\Server; use OCP\User\Events\BeforeUserLoggedInEvent; use OCP\User\Events\UserLoggedInEvent; use Psr\Log\LoggerInterface; @@ -93,7 +96,7 @@ class OC_User { case 'database': case 'mysql': case 'sqlite': - \OCP\Server::get(LoggerInterface::class)->debug('Adding user backend ' . $backend . '.', ['app' => 'core']); + Server::get(LoggerInterface::class)->debug('Adding user backend ' . $backend . '.', ['app' => 'core']); self::$_usedBackends[$backend] = new \OC\User\Database(); \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]); break; @@ -102,7 +105,7 @@ class OC_User { \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]); break; default: - \OCP\Server::get(LoggerInterface::class)->debug('Adding default user backend ' . $backend . '.', ['app' => 'core']); + Server::get(LoggerInterface::class)->debug('Adding default user backend ' . $backend . '.', ['app' => 'core']); $className = 'OC_USER_' . strtoupper($backend); self::$_usedBackends[$backend] = new $className(); \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]); @@ -147,10 +150,10 @@ class OC_User { self::useBackend($backend); self::$_setupedBackends[] = $i; } else { - \OCP\Server::get(LoggerInterface::class)->debug('User backend ' . $class . ' already initialized.', ['app' => 'core']); + Server::get(LoggerInterface::class)->debug('User backend ' . $class . ' already initialized.', ['app' => 'core']); } } else { - \OCP\Server::get(LoggerInterface::class)->error('User backend ' . $class . ' not found.', ['app' => 'core']); + Server::get(LoggerInterface::class)->error('User backend ' . $class . ' not found.', ['app' => 'core']); } } } @@ -303,7 +306,7 @@ class OC_User { } $user = \OC::$server->getUserSession()->getUser(); - if ($user instanceof \OCP\IUser) { + if ($user instanceof IUser) { $backend = $user->getBackend(); if ($backend instanceof \OCP\User\Backend\ICustomLogout) { return $backend->getLogoutUrl(); @@ -323,12 +326,9 @@ class OC_User { * @return bool */ public static function isAdminUser($uid) { - $group = \OC::$server->getGroupManager()->get('admin'); - $user = \OC::$server->getUserManager()->get($uid); - if ($group && $user && $group->inGroup($user) && self::$incognitoMode === false) { - return true; - } - return false; + $user = Server::get(IUserManager::class)->get($uid); + $isAdmin = $user && Server::get(IGroupManager::class)->isAdmin($user->getUID()); + return $isAdmin && self::$incognitoMode === false; } |