diff options
author | Morris Jobke <hey@morrisjobke.de> | 2016-10-06 15:24:22 +0200 |
---|---|---|
committer | Morris Jobke <hey@morrisjobke.de> | 2017-04-29 00:59:09 -0300 |
commit | 74e50910134610a108e18a3807a791ef0b677468 (patch) | |
tree | 266bc260cfc19b6036784d90b8ae04194d0e3c3b /settings | |
parent | 72550377b437f801925e8573f9fe53eb5803379e (diff) | |
download | nextcloud-server-74e50910134610a108e18a3807a791ef0b677468.tar.gz nextcloud-server-74e50910134610a108e18a3807a791ef0b677468.zip |
check $user object before using it
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'settings')
-rw-r--r-- | settings/Controller/UsersController.php | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php index 293afe9e6ff..7ce4355aa0b 100644 --- a/settings/Controller/UsersController.php +++ b/settings/Controller/UsersController.php @@ -537,19 +537,19 @@ class UsersController extends Controller { ); } - if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Authentication error') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - if($user) { + if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Authentication error') + ) + ), + Http::STATUS_FORBIDDEN + ); + } + $user->setEnabled(false); return new DataResponse( array( @@ -594,19 +594,19 @@ class UsersController extends Controller { ); } - if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Authentication error') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - if($user) { + if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Authentication error') + ) + ), + Http::STATUS_FORBIDDEN + ); + } + $user->setEnabled(true); return new DataResponse( array( |