diff options
Diffstat (limited to 'lib/private/Avatar/AvatarManager.php')
| -rw-r--r-- | lib/private/Avatar/AvatarManager.php | 139 |
1 files changed, 59 insertions, 80 deletions
diff --git a/lib/private/Avatar/AvatarManager.php b/lib/private/Avatar/AvatarManager.php index 5102396224d..c68467085f0 100644 --- a/lib/private/Avatar/AvatarManager.php +++ b/lib/private/Avatar/AvatarManager.php @@ -1,131 +1,111 @@ <?php declare(strict_types=1); - /** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Arthur Schiwon <blizzz@arthur-schiwon.de> - * @author Christoph Wurst <christoph@winzerhof-wurst.at> - * @author John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com> - * @author Julius Härtl <jus@bitgrid.net> - * @author Lukas Reschke <lukas@statuscode.ch> - * @author Michael Weimann <mail@michael-weimann.eu> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <robin@icewind.nl> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2019-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ - namespace OC\Avatar; +use OC\KnownUser\KnownUserService; use OC\User\Manager; use OC\User\NoUserException; +use OCP\Accounts\IAccountManager; +use OCP\Accounts\PropertyDoesNotExistException; use OCP\Files\IAppData; use OCP\Files\NotFoundException; use OCP\Files\NotPermittedException; +use OCP\Files\StorageNotAvailableException; use OCP\IAvatar; use OCP\IAvatarManager; use OCP\IConfig; use OCP\IL10N; -use OCP\ILogger; +use OCP\IUserSession; +use Psr\Log\LoggerInterface; /** * This class implements methods to access Avatar functionality */ class AvatarManager implements IAvatarManager { - - /** @var Manager */ - private $userManager; - - /** @var IAppData */ - private $appData; - - /** @var IL10N */ - private $l; - - /** @var ILogger */ - private $logger; - - /** @var IConfig */ - private $config; - - /** - * AvatarManager constructor. - * - * @param Manager $userManager - * @param IAppData $appData - * @param IL10N $l - * @param ILogger $logger - * @param IConfig $config - */ public function __construct( - Manager $userManager, - IAppData $appData, - IL10N $l, - ILogger $logger, - IConfig $config) { - $this->userManager = $userManager; - $this->appData = $appData; - $this->l = $l; - $this->logger = $logger; - $this->config = $config; + private IUserSession $userSession, + private Manager $userManager, + private IAppData $appData, + private IL10N $l, + private LoggerInterface $logger, + private IConfig $config, + private IAccountManager $accountManager, + private KnownUserService $knownUserService, + ) { } /** * return a user specific instance of \OCP\IAvatar + * + * If the user is disabled a guest avatar will be returned + * * @see \OCP\IAvatar * @param string $userId the ownCloud user id - * @return \OCP\IAvatar * @throws \Exception In case the username is potentially dangerous * @throws NotFoundException In case there is no user folder yet */ - public function getAvatar(string $userId) : IAvatar { + public function getAvatar(string $userId): IAvatar { $user = $this->userManager->get($userId); if ($user === null) { throw new \Exception('user does not exist'); } + if (!$user->isEnabled()) { + return $this->getGuestAvatar($userId); + } + // sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below) $userId = $user->getUID(); + $requestingUser = $this->userSession->getUser(); + try { $folder = $this->appData->getFolder($userId); } catch (NotFoundException $e) { $folder = $this->appData->newFolder($userId); } - return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config); + try { + $account = $this->accountManager->getAccount($user); + $avatarProperties = $account->getProperty(IAccountManager::PROPERTY_AVATAR); + $avatarScope = $avatarProperties->getScope(); + } catch (PropertyDoesNotExistException $e) { + $avatarScope = ''; + } + + switch ($avatarScope) { + // v2-private scope hides the avatar from public access and from unknown users + case IAccountManager::SCOPE_PRIVATE: + if ($requestingUser !== null && $this->knownUserService->isKnownToUser($requestingUser->getUID(), $userId)) { + return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config); + } + break; + case IAccountManager::SCOPE_LOCAL: + case IAccountManager::SCOPE_FEDERATED: + case IAccountManager::SCOPE_PUBLISHED: + return new UserAvatar($folder, $this->l, $user, $this->logger, $this->config); + default: + // use a placeholder avatar which caches the generated images + return new PlaceholderAvatar($folder, $user, $this->config, $this->logger); + } + + return new PlaceholderAvatar($folder, $user, $this->config, $this->logger); } /** * Clear generated avatars */ - public function clearCachedAvatars() { + public function clearCachedAvatars(): void { $users = $this->config->getUsersForUserValue('avatar', 'generated', 'true'); foreach ($users as $userId) { - try { - $folder = $this->appData->getFolder($userId); - $folder->delete(); - } catch (NotFoundException $e) { - $this->logger->debug("No cache for the user $userId. Ignoring..."); - } - $this->config->setUserValue($userId, 'avatar', 'generated', 'false'); + // This also bumps the avatar version leading to cache invalidation in browsers + $this->getAvatar($userId)->remove(); } } @@ -135,10 +115,10 @@ class AvatarManager implements IAvatarManager { $folder->delete(); } catch (NotFoundException $e) { $this->logger->debug("No cache for the user $userId. Ignoring avatar deletion"); - } catch (NotPermittedException $e) { + } catch (NotPermittedException|StorageNotAvailableException $e) { $this->logger->error("Unable to delete user avatars for $userId. gnoring avatar deletion"); } catch (NoUserException $e) { - $this->logger->debug("User $userId not found. gnoring avatar deletion"); + $this->logger->debug("Account $userId not found. Ignoring avatar deletion"); } $this->config->deleteUserValue($userId, 'avatar', 'generated'); } @@ -147,9 +127,8 @@ class AvatarManager implements IAvatarManager { * Returns a GuestAvatar. * * @param string $name The guest name, e.g. "Albert". - * @return IAvatar */ public function getGuestAvatar(string $name): IAvatar { - return new GuestAvatar($name, $this->logger); + return new GuestAvatar($name, $this->config, $this->logger); } } |