Merge pull request #46678 from nextcloud/backport/44295/stable28

[stable28] Allow injecting the user temporarily for direct editing

4 files changed, 19 insertions, 3 deletions

diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php
index d1be1f50330..a527dcd6c9e 100644
--- a/lib/private/DirectEditing/Manager.php
+++ b/lib/private/DirectEditing/Manager.php
@@ -272,13 +272,11 @@ class Manager implements IManager {
 	}
 
 	public function invokeTokenScope($userId): void {
-		\OC_User::setIncognitoMode(true);
 		\OC_User::setUserId($userId);
 	}
 
 	public function revertTokenScope(): void {
 		$this->userSession->setUser(null);
-		\OC_User::setIncognitoMode(false);
 	}
 
 	public function createToken($editorId, File $file, string $filePath, IShare $share = null): string {
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index dff3cefd0b9..c5a00aedcc6 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -183,6 +183,15 @@ class Session implements IUserSession, Emitter {
 	}
 
 	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 */
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->activeUser = $user;
+	}
+
+	/**
 	 * get the current active user
 	 *
 	 * @return IUser|null Current user, otherwise null
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php
index 3d958814988..1174c492fef 100644
--- a/lib/private/legacy/OC_User.php
+++ b/lib/private/legacy/OC_User.php
@@ -39,6 +39,7 @@ use OC\Authentication\Token\IProvider;
 use OC\User\LoginException;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\IGroupManager;
+use OCP\ISession;
 use OCP\IUser;
 use OCP\IUserManager;
 use OCP\Server;
@@ -349,7 +350,7 @@ class OC_User {
 	 * @return string|false uid or false
 	 */
 	public static function getUser() {
-		$uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
+		$uid = Server::get(ISession::class)?->get('user_id');
 		if (!is_null($uid) && self::$incognitoMode === false) {
 			return $uid;
 		} else {
diff --git a/lib/public/IUserSession.php b/lib/public/IUserSession.php
index 7bc37cc67c6..dc6094550bc 100644
--- a/lib/public/IUserSession.php
+++ b/lib/public/IUserSession.php
@@ -64,6 +64,14 @@ interface IUserSession {
 	public function setUser($user);
 
 	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 * @since 29.0.0
+	 */
+	public function setVolatileActiveUser(?IUser $user): void;
+
+	/**
 	 * get the current active user
 	 *
 	 * @return \OCP\IUser|null Current user, otherwise null