diff options
| -rw-r--r-- | lib/private/DB/QueryBuilder/ExpressionBuilder/PgSqlExpressionBuilder.php | 12 | ||||
| -rw-r--r-- | lib/private/User/Manager.php | 14 | ||||
| -rw-r--r-- | tests/Core/Command/Apps/AppsEnableTest.php | 11 |
3 files changed, 29 insertions, 8 deletions
diff --git a/lib/private/DB/QueryBuilder/ExpressionBuilder/PgSqlExpressionBuilder.php b/lib/private/DB/QueryBuilder/ExpressionBuilder/PgSqlExpressionBuilder.php index bd18b38c52e..1b0e081024b 100644 --- a/lib/private/DB/QueryBuilder/ExpressionBuilder/PgSqlExpressionBuilder.php +++ b/lib/private/DB/QueryBuilder/ExpressionBuilder/PgSqlExpressionBuilder.php @@ -37,12 +37,14 @@ class PgSqlExpressionBuilder extends ExpressionBuilder { * @return string */ public function castColumn($column, $type) { - if ($type === IQueryBuilder::PARAM_INT) { - $column = $this->helper->quoteColumnName($column); - return new QueryFunction('CAST(' . $column . ' AS INT)'); + switch ($type) { + case IQueryBuilder::PARAM_INT: + return new QueryFunction('CAST(' . $this->helper->quoteColumnName($column) . ' AS INT)'); + case IQueryBuilder::PARAM_STR: + return new QueryFunction('CAST(' . $this->helper->quoteColumnName($column) . ' AS TEXT)'); + default: + return parent::castColumn($column, $type); } - - return parent::castColumn($column, $type); } /** diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php index 62f02915c39..4e3eea37336 100644 --- a/lib/private/User/Manager.php +++ b/lib/private/User/Manager.php @@ -279,6 +279,10 @@ class Manager extends PublicEmitter implements IUserManager { * @return bool|IUser the created user or false */ public function createUser($uid, $password) { + if (!$this->verifyUid($uid)) { + return false; + } + $localBackends = []; foreach ($this->backends as $backend) { if ($backend instanceof Database) { @@ -598,4 +602,14 @@ class Manager extends PublicEmitter implements IUserManager { return ($u instanceof IUser); })); } + + private function verifyUid(string $uid): bool { + $appdata = 'appdata_' . $this->config->getSystemValueString('instanceid'); + + if ($uid === '.htaccess' || $uid === 'files_external' || $uid === '.ocdata' || $uid === 'owncloud.log' || $uid === 'nextcloud.log' || $uid === $appdata) { + return false; + } + + return true; + } } diff --git a/tests/Core/Command/Apps/AppsEnableTest.php b/tests/Core/Command/Apps/AppsEnableTest.php index bfec710f1bc..d2bda141303 100644 --- a/tests/Core/Command/Apps/AppsEnableTest.php +++ b/tests/Core/Command/Apps/AppsEnableTest.php @@ -83,11 +83,16 @@ class AppsEnableTest extends TestCase { [['comments'], ['admin'], 1, "comments can't be enabled for groups"], [['updatenotification'], ['admin'], 0, 'updatenotification enabled for groups: admin'], - [['updatenotification', 'contacts'], ['admin'], 0, "updatenotification enabled for groups: admin\ncontacts enabled for groups: admin"], +# TODO: not reliable due to dependency to appstore +# [['updatenotification', 'contacts'], ['admin'], 0, "updatenotification enabled for groups: admin\ncontacts enabled for groups: admin"], + [['updatenotification', 'accessibility'], ['admin'], 0, "updatenotification enabled for groups: admin\naccessibility enabled for groups: admin"], [['updatenotification'], ['admin', 'invalid_group'], 0, 'updatenotification enabled for groups: admin'], - [['updatenotification', 'contacts'], ['admin', 'invalid_group'], 0, "updatenotification enabled for groups: admin\ncontacts enabled for groups: admin"], - [['updatenotification', 'contacts', 'invalid_app'], ['admin', 'invalid_group'], 1, "updatenotification enabled for groups: admin\ncontacts enabled for groups: admin\nCould not download app invalid_app"], +# TODO: not reliable due to dependency to appstore +# [['updatenotification', 'contacts'], ['admin', 'invalid_group'], 0, "updatenotification enabled for groups: admin\ncontacts enabled for groups: admin"], +# [['updatenotification', 'contacts', 'invalid_app'], ['admin', 'invalid_group'], 1, "updatenotification enabled for groups: admin\ncontacts enabled for groups: admin\nCould not download app invalid_app"], + [['updatenotification', 'accessibility'], ['admin', 'invalid_group'], 0, "updatenotification enabled for groups: admin\naccessibility enabled for groups: admin"], + [['updatenotification', 'accessibility', 'invalid_app'], ['admin', 'invalid_group'], 1, "updatenotification enabled for groups: admin\naccessibility enabled for groups: admin\nCould not download app invalid_app"], ]; } } |