From 381decca493ffbdec9356142a02b5a3edb8284d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Tue, 18 Feb 2020 19:42:57 +0100 Subject: [PATCH] Add setting to restrict user enumeration to groups MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- apps/settings/js/admin.js | 4 ++++ apps/settings/lib/Settings/Admin/Sharing.php | 1 + apps/settings/templates/settings/admin/sharing.php | 8 ++++++++ 3 files changed, 13 insertions(+) diff --git a/apps/settings/js/admin.js b/apps/settings/js/admin.js index e798cd8d19..dfe9b8caba 100644 --- a/apps/settings/js/admin.js +++ b/apps/settings/js/admin.js @@ -142,6 +142,10 @@ $(document).ready(function(){ savePublicShareDisclaimerText(this.value); }); + $('#shareapi_allow_share_dialog_user_enumeration').on('change', function() { + $('#shareapi_restrict_user_enumeration_to_group_setting').toggleClass('hidden', !this.checked); + }) + $('#allowLinks').change(function() { $("#publicLinkSettings").toggleClass('hidden', !this.checked); $('#setDefaultExpireDate').toggleClass('hidden', !(this.checked && $('#shareapiDefaultExpireDate')[0].checked)); diff --git a/apps/settings/lib/Settings/Admin/Sharing.php b/apps/settings/lib/Settings/Admin/Sharing.php index 495af9d537..980e579d36 100644 --- a/apps/settings/lib/Settings/Admin/Sharing.php +++ b/apps/settings/lib/Settings/Admin/Sharing.php @@ -73,6 +73,7 @@ class Sharing implements ISettings { 'allowPublicUpload' => $this->config->getAppValue('core', 'shareapi_allow_public_upload', 'yes'), 'allowResharing' => $this->config->getAppValue('core', 'shareapi_allow_resharing', 'yes'), 'allowShareDialogUserEnumeration' => $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes'), + 'restrictUserEnumerationToGroup' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no'), 'enforceLinkPassword' => Util::isPublicLinkPasswordRequired(), 'onlyShareWithGroupMembers' => $this->shareManager->shareWithGroupMembersOnly(), 'shareAPIEnabled' => $this->config->getAppValue('core', 'shareapi_enabled', 'yes'), diff --git a/apps/settings/templates/settings/admin/sharing.php b/apps/settings/templates/settings/admin/sharing.php index 2bca48ce4a..c7f3ff16b7 100644 --- a/apps/settings/templates/settings/admin/sharing.php +++ b/apps/settings/templates/settings/admin/sharing.php @@ -109,11 +109,19 @@
t('These groups will still be able to receive shares, but not to initiate them.')); ?>

+

/>

+ +

+ /> +
+

+

/>