diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-09-15 19:34:07 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-15 19:34:07 +0200 |
| commit | 8137616b4b110aaea310d7f05641ed3d013b3347 (patch) | |
| tree | e61e04064878cf6283870ecbc3bbf8b3493f654b /lib/private | |
| parent | a195c186e60da066072a060a845e0e9b6ca617ae (diff) | |
| parent | 68ef242a0a480fff0ab3ee8e03f7e0fc7c88453f (diff) | |
| download | nextcloud-server-8137616b4b110aaea310d7f05641ed3d013b3347.tar.gz nextcloud-server-8137616b4b110aaea310d7f05641ed3d013b3347.zip | |
Merge pull request #15936 from nextcloud/bugfix/15539/wronguser-apptoken-impersonation
Disable app token creation for impersonated people, ref #15539
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/User/Session.php | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 13519d97ef4..ba909c81053 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -315,6 +315,29 @@ class Session implements IUserSession, Emitter { } /** + * @return mixed + */ + public function getImpersonatingUserID(): ?string { + + return $this->session->get('oldUserId'); + + } + + public function setImpersonatingUserID(bool $useCurrentUser = true): void { + if ($useCurrentUser === false) { + $this->session->remove('oldUserId'); + return; + } + + $currentUser = $this->getUser(); + + if ($currentUser === null) { + throw new \OC\User\NoUserException(); + } + $this->session->set('oldUserId', $currentUser->getUID()); + + } + /** * set the token id * * @param int|null $token that was used to log in |