mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

DAV authentication: use Owncloud's internal user instead of HTTP-supplied one 

Fixes: #14048, #14104, calendar#712
This commit is contained in:
Christian Seiler 2015-02-16 23:34:49 +01:00
parent 7f624188a7
commit 1377ebc7e9
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/private/connector/sabre/auth.php
View File

@ -60,8 +60,11 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
} else {
OC_Util::setUpFS(); //login hooks may need early access to the filesystem
if(OC_User::login($username, $password)) {
OC_Util::setUpFS(OC_User::getUser());
\OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $username);
// make sure we use owncloud's internal username here
// and not the HTTP auth supplied one, see issue #14048
$ocUser = OC_User::getUser();
OC_Util::setUpFS($ocUser);
\OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $ocUser);
\OC::$server->getSession()->close();
return true;
} else {