From c98b0462e33011a99aeaba582d82e52fdb14c3ae Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Thu, 11 Jan 2024 13:28:25 +0100 Subject: fix(admin role): fix old and wrong way to determine whether user is admin - fixes Settings knowing who is an admin of non-local group backend groups - obsoletes and removes a little old, deprecated code - double checks proper parameter type on Group\Manager::isAdmin - also fixes legacy OC_User code to check whether user is an admin Signed-off-by: Arthur Schiwon --- lib/private/legacy/OC_User.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'lib/private/legacy') diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php index cefdd0ad2ee..47890fd8dda 100644 --- a/lib/private/legacy/OC_User.php +++ b/lib/private/legacy/OC_User.php @@ -38,7 +38,10 @@ use OC\User\LoginException; use OCP\EventDispatcher\IEventDispatcher; +use OCP\IGroupManager; +use OCP\IUser; use OCP\IUserManager; +use OCP\Server; use OCP\User\Events\BeforeUserLoggedInEvent; use OCP\User\Events\UserLoggedInEvent; use Psr\Log\LoggerInterface; @@ -93,7 +96,7 @@ class OC_User { case 'database': case 'mysql': case 'sqlite': - \OCP\Server::get(LoggerInterface::class)->debug('Adding user backend ' . $backend . '.', ['app' => 'core']); + Server::get(LoggerInterface::class)->debug('Adding user backend ' . $backend . '.', ['app' => 'core']); self::$_usedBackends[$backend] = new \OC\User\Database(); \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]); break; @@ -102,7 +105,7 @@ class OC_User { \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]); break; default: - \OCP\Server::get(LoggerInterface::class)->debug('Adding default user backend ' . $backend . '.', ['app' => 'core']); + Server::get(LoggerInterface::class)->debug('Adding default user backend ' . $backend . '.', ['app' => 'core']); $className = 'OC_USER_' . strtoupper($backend); self::$_usedBackends[$backend] = new $className(); \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]); @@ -147,10 +150,10 @@ class OC_User { self::useBackend($backend); self::$_setupedBackends[] = $i; } else { - \OCP\Server::get(LoggerInterface::class)->debug('User backend ' . $class . ' already initialized.', ['app' => 'core']); + Server::get(LoggerInterface::class)->debug('User backend ' . $class . ' already initialized.', ['app' => 'core']); } } else { - \OCP\Server::get(LoggerInterface::class)->error('User backend ' . $class . ' not found.', ['app' => 'core']); + Server::get(LoggerInterface::class)->error('User backend ' . $class . ' not found.', ['app' => 'core']); } } } @@ -303,7 +306,7 @@ class OC_User { } $user = \OC::$server->getUserSession()->getUser(); - if ($user instanceof \OCP\IUser) { + if ($user instanceof IUser) { $backend = $user->getBackend(); if ($backend instanceof \OCP\User\Backend\ICustomLogout) { return $backend->getLogoutUrl(); @@ -323,12 +326,9 @@ class OC_User { * @return bool */ public static function isAdminUser($uid) { - $group = \OC::$server->getGroupManager()->get('admin'); - $user = \OC::$server->getUserManager()->get($uid); - if ($group && $user && $group->inGroup($user) && self::$incognitoMode === false) { - return true; - } - return false; + $user = Server::get(IUserManager::class)->get($uid); + $isAdmin = $user && Server::get(IGroupManager::class)->isAdmin($user->getUID()); + return $isAdmin && self::$incognitoMode === false; } -- cgit v1.2.3