summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2016-10-06 15:24:22 +0200
committerMorris Jobke <hey@morrisjobke.de>2017-04-29 00:59:09 -0300
commit74e50910134610a108e18a3807a791ef0b677468 (patch)
tree266bc260cfc19b6036784d90b8ae04194d0e3c3b /settings
parent72550377b437f801925e8573f9fe53eb5803379e (diff)
downloadnextcloud-server-74e50910134610a108e18a3807a791ef0b677468.tar.gz
nextcloud-server-74e50910134610a108e18a3807a791ef0b677468.zip
check $user object before using it
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'settings')
-rw-r--r--settings/Controller/UsersController.php48
1 files changed, 24 insertions, 24 deletions
diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php
index 293afe9e6ff..7ce4355aa0b 100644
--- a/settings/Controller/UsersController.php
+++ b/settings/Controller/UsersController.php
@@ -537,19 +537,19 @@ class UsersController extends Controller {
);
}
- if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
- return new DataResponse(
- array(
- 'status' => 'error',
- 'data' => array(
- 'message' => (string)$this->l10n->t('Authentication error')
- )
- ),
- Http::STATUS_FORBIDDEN
- );
- }
-
if($user) {
+ if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Authentication error')
+ )
+ ),
+ Http::STATUS_FORBIDDEN
+ );
+ }
+
$user->setEnabled(false);
return new DataResponse(
array(
@@ -594,19 +594,19 @@ class UsersController extends Controller {
);
}
- if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
- return new DataResponse(
- array(
- 'status' => 'error',
- 'data' => array(
- 'message' => (string)$this->l10n->t('Authentication error')
- )
- ),
- Http::STATUS_FORBIDDEN
- );
- }
-
if($user) {
+ if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Authentication error')
+ )
+ ),
+ Http::STATUS_FORBIDDEN
+ );
+ }
+
$user->setEnabled(true);
return new DataResponse(
array(