diff options
author | Thomas Citharel <tcit@tcit.fr> | 2022-03-18 20:08:07 +0100 |
---|---|---|
committer | Thomas Citharel <tcit@tcit.fr> | 2022-05-16 22:54:51 +0200 |
commit | 4d26a9afa01aaf069e29a62f4e9547c34156ea01 (patch) | |
tree | 2a770baaafd304d48ea3485ef4b9d6db6509c05d /lib | |
parent | ab0548e4edb1d2cf47718f752272d68aa6be07e2 (diff) | |
download | nextcloud-server-4d26a9afa01aaf069e29a62f4e9547c34156ea01.tar.gz nextcloud-server-4d26a9afa01aaf069e29a62f4e9547c34156ea01.zip |
Allow to tweak default scopes for accounts
Close #6582
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/Accounts/AccountManager.php | 62 | ||||
-rw-r--r-- | lib/public/Accounts/IAccountManager.php | 36 |
2 files changed, 73 insertions, 25 deletions
diff --git a/lib/private/Accounts/AccountManager.php b/lib/private/Accounts/AccountManager.php index 7f79ab46c37..b80c7887591 100644 --- a/lib/private/Accounts/AccountManager.php +++ b/lib/private/Accounts/AccountManager.php @@ -14,6 +14,7 @@ * @author Lukas Reschke <lukas@statuscode.ch> * @author Morris Jobke <hey@morrisjobke.de> * @author Roeland Jago Douma <roeland@famdouma.nl> + * @author Thomas Citharel <nextcloud@tcit.fr> * @author Vincent Petry <vincent@nextcloud.com> * * @license AGPL-3.0 @@ -119,6 +120,23 @@ class AccountManager implements IAccountManager { private $l10nfactory; private CappedMemoryCache $internalCache; + /** + * The list of default scopes for each property. + */ + public const DEFAULT_SCOPES = [ + self::PROPERTY_DISPLAYNAME => self::SCOPE_FEDERATED, + self::PROPERTY_ADDRESS => self::SCOPE_LOCAL, + self::PROPERTY_WEBSITE => self::SCOPE_LOCAL, + self::PROPERTY_EMAIL => self::SCOPE_FEDERATED, + self::PROPERTY_AVATAR => self::SCOPE_FEDERATED, + self::PROPERTY_PHONE => self::SCOPE_LOCAL, + self::PROPERTY_TWITTER => self::SCOPE_LOCAL, + self::PROPERTY_ORGANISATION => self::SCOPE_LOCAL, + self::PROPERTY_ROLE => self::SCOPE_LOCAL, + self::PROPERTY_HEADLINE => self::SCOPE_LOCAL, + self::PROPERTY_BIOGRAPHY => self::SCOPE_LOCAL, + ]; + public function __construct( IDBConnection $connection, IConfig $config, @@ -649,81 +667,84 @@ class AccountManager implements IAccountManager { /** * build default user record in case not data set exists yet - * - * @param IUser $user - * @return array */ - protected function buildDefaultUserRecord(IUser $user) { + protected function buildDefaultUserRecord(IUser $user): array { + $scopes = array_merge(self::DEFAULT_SCOPES, array_filter($this->config->getSystemValue('account_manager.default_property_scope', []), static function (string $scope, string $property) { + return in_array($property, self::ALLOWED_PROPERTIES, true) && in_array($scope, self::ALLOWED_SCOPES, true); + }, ARRAY_FILTER_USE_BOTH)); + return [ [ 'name' => self::PROPERTY_DISPLAYNAME, 'value' => $user->getDisplayName(), - 'scope' => self::SCOPE_FEDERATED, + // Display name must be at least SCOPE_LOCAL + 'scope' => $scopes[self::PROPERTY_DISPLAYNAME] === self::SCOPE_PRIVATE ? self::SCOPE_LOCAL : $scopes[self::PROPERTY_DISPLAYNAME], 'verified' => self::NOT_VERIFIED, ], [ 'name' => self::PROPERTY_ADDRESS, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_ADDRESS], 'verified' => self::NOT_VERIFIED, ], [ 'name' => self::PROPERTY_WEBSITE, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_WEBSITE], 'verified' => self::NOT_VERIFIED, ], [ 'name' => self::PROPERTY_EMAIL, 'value' => $user->getEMailAddress(), - 'scope' => self::SCOPE_FEDERATED, + // Email must be at least SCOPE_LOCAL + 'scope' => $scopes[self::PROPERTY_EMAIL] === self::SCOPE_PRIVATE ? self::SCOPE_LOCAL : $scopes[self::PROPERTY_EMAIL], 'verified' => self::NOT_VERIFIED, ], [ 'name' => self::PROPERTY_AVATAR, - 'scope' => self::SCOPE_FEDERATED + 'scope' => $scopes[self::PROPERTY_AVATAR], ], [ 'name' => self::PROPERTY_PHONE, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_PHONE], 'verified' => self::NOT_VERIFIED, ], [ 'name' => self::PROPERTY_TWITTER, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_TWITTER], 'verified' => self::NOT_VERIFIED, ], [ 'name' => self::PROPERTY_ORGANISATION, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_ORGANISATION], ], [ 'name' => self::PROPERTY_ROLE, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_ROLE], ], [ 'name' => self::PROPERTY_HEADLINE, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_HEADLINE], ], [ 'name' => self::PROPERTY_BIOGRAPHY, 'value' => '', - 'scope' => self::SCOPE_LOCAL, + 'scope' => $scopes[self::PROPERTY_BIOGRAPHY], ], [ @@ -790,17 +811,8 @@ class AccountManager implements IAccountManager { // valid case, nothing to do } - static $allowedScopes = [ - self::SCOPE_PRIVATE, - self::SCOPE_LOCAL, - self::SCOPE_FEDERATED, - self::SCOPE_PUBLISHED, - self::VISIBILITY_PRIVATE, - self::VISIBILITY_CONTACTS_ONLY, - self::VISIBILITY_PUBLIC, - ]; foreach ($account->getAllProperties() as $property) { - $this->testPropertyScope($property, $allowedScopes, true); + $this->testPropertyScope($property, self::ALLOWED_SCOPES, true); } $oldData = $this->getUser($account->getUser(), false); diff --git a/lib/public/Accounts/IAccountManager.php b/lib/public/Accounts/IAccountManager.php index ae5f6b1e542..e41327171b4 100644 --- a/lib/public/Accounts/IAccountManager.php +++ b/lib/public/Accounts/IAccountManager.php @@ -8,6 +8,7 @@ declare(strict_types=1); * @author Christoph Wurst <christoph@winzerhof-wurst.at> * @author Joas Schilling <coding@schilljs.com> * @author Julius Härtl <jus@bitgrid.net> + * @author Thomas Citharel <nextcloud@tcit.fr> * @author Vincent Petry <vincent@nextcloud.com> * * @license GNU AGPL version 3 or any later version @@ -89,6 +90,21 @@ interface IAccountManager { */ public const VISIBILITY_PUBLIC = 'public'; + /** + * The list of allowed scopes + * + * @since 25.0.0 + */ + public const ALLOWED_SCOPES = [ + self::SCOPE_PRIVATE, + self::SCOPE_LOCAL, + self::SCOPE_FEDERATED, + self::SCOPE_PUBLISHED, + self::VISIBILITY_PRIVATE, + self::VISIBILITY_CONTACTS_ONLY, + self::VISIBILITY_PUBLIC, + ]; + public const PROPERTY_AVATAR = 'avatar'; public const PROPERTY_DISPLAYNAME = 'displayname'; public const PROPERTY_PHONE = 'phone'; @@ -122,6 +138,26 @@ interface IAccountManager { */ public const PROPERTY_PROFILE_ENABLED = 'profile_enabled'; + /** + * The list of allowed properties + * + * @since 25.0.0 + */ + public const ALLOWED_PROPERTIES = [ + self::PROPERTY_AVATAR, + self::PROPERTY_DISPLAYNAME, + self::PROPERTY_PHONE, + self::PROPERTY_EMAIL, + self::PROPERTY_WEBSITE, + self::PROPERTY_ADDRESS, + self::PROPERTY_TWITTER, + self::PROPERTY_ORGANISATION, + self::PROPERTY_ROLE, + self::PROPERTY_HEADLINE, + self::PROPERTY_BIOGRAPHY, + self::PROPERTY_PROFILE_ENABLED, + ]; + public const COLLECTION_EMAIL = 'additional_mail'; public const NOT_VERIFIED = '0'; |