summaryrefslogtreecommitdiffstats
path: root/apps/dav/lib/Connector
diff options
context:
space:
mode:
Diffstat (limited to 'apps/dav/lib/Connector')
-rw-r--r--apps/dav/lib/Connector/Sabre/Principal.php29
1 files changed, 28 insertions, 1 deletions
diff --git a/apps/dav/lib/Connector/Sabre/Principal.php b/apps/dav/lib/Connector/Sabre/Principal.php
index 449275e982f..41b85f162c8 100644
--- a/apps/dav/lib/Connector/Sabre/Principal.php
+++ b/apps/dav/lib/Connector/Sabre/Principal.php
@@ -245,7 +245,8 @@ class Principal implements BackendInterface {
return [];
}
- $allowEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
+ $allowEnumeration = $this->shareManager->allowEnumeration();
+ $limitEnumeration = $this->shareManager->limitEnumerationToGroups();
// If sharing is restricted to group members only,
// return only members that have groups in common
@@ -259,6 +260,14 @@ class Principal implements BackendInterface {
$restrictGroups = $this->groupManager->getUserGroupIds($user);
}
+ $currentUserGroups = [];
+ if ($limitEnumeration) {
+ $currentUser = $this->userSession->getUser();
+ if ($currentUser) {
+ $currentUserGroups = $this->groupManager->getUserGroupIds($currentUser);
+ }
+ }
+
foreach ($searchProperties as $prop => $value) {
switch ($prop) {
case '{http://sabredav.org/ns}email-address':
@@ -270,6 +279,15 @@ class Principal implements BackendInterface {
});
}
+ if ($limitEnumeration) {
+ $users = \array_filter($users, function (IUser $user) use ($currentUserGroups, $value) {
+ return !empty(array_intersect(
+ $this->groupManager->getUserGroupIds($user),
+ $currentUserGroups
+ )) || $user->getEMailAddress() === $value;
+ });
+ }
+
$results[] = array_reduce($users, function(array $carry, IUser $user) use ($restrictGroups) {
// is sharing restricted to groups only?
if ($restrictGroups !== false) {
@@ -293,6 +311,15 @@ class Principal implements BackendInterface {
});
}
+ if ($limitEnumeration) {
+ $users = \array_filter($users, function (IUser $user) use ($currentUserGroups, $value) {
+ return !empty(array_intersect(
+ $this->groupManager->getUserGroupIds($user),
+ $currentUserGroups
+ )) || $user->getDisplayName() === $value;
+ });
+ }
+
$results[] = array_reduce($users, function(array $carry, IUser $user) use ($restrictGroups) {
// is sharing restricted to groups only?
if ($restrictGroups !== false) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-05 12:57:03 +0000