mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Also check implementsAction method 

Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2021-04-26 14:34:03 +02:00 committed by backportbot[bot]
parent a1d746fe05
commit 5975a68033
2 changed files with 92 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apps/provisioning_api/lib/Controller/UsersController.php
View File

@ -50,6 +50,7 @@ use OC\Accounts\AccountManager;
use OC\Authentication\Token\RemoteWipe; use OC\Authentication\Token\RemoteWipe;
use OC\HintException; use OC\HintException;
use OC\KnownUser\KnownUserService; use OC\KnownUser\KnownUserService;
use OC\User\Backend;
use OCA\Settings\Mailer\NewUserMailHelper; use OCA\Settings\Mailer\NewUserMailHelper;
use OCP\Accounts\IAccountManager; use OCP\Accounts\IAccountManager;
use OCP\App\IAppManager; use OCP\App\IAppManager;
@ -554,7 +555,8 @@ class UsersController extends AUserData {
// Editing self (display, email) // Editing self (display, email)
if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) { if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
if ($targetUser->getBackend() instanceof ISetDisplayNameBackend) { if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
|| $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME; $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
} }
$permittedFields[] = IAccountManager::PROPERTY_EMAIL; $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
@ -593,7 +595,8 @@ class UsersController extends AUserData {
if ($targetUser->getUID() === $currentLoggedInUser->getUID()) { if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
// Editing self (display, email) // Editing self (display, email)
if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) { if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
if ($targetUser->getBackend() instanceof ISetDisplayNameBackend) { if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
|| $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
$permittedFields[] = 'display'; $permittedFields[] = 'display';
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME; $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
} }
@ -635,7 +638,8 @@ class UsersController extends AUserData {
if ($this->groupManager->isAdmin($currentLoggedInUser->getUID()) if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
|| $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) { || $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
// They have permissions over the user // They have permissions over the user
if ($targetUser->getBackend() instanceof ISetDisplayNameBackend) { if ($targetUser->getBackend() instanceof ISetDisplayNameBackend
|| $targetUser->getBackend()->implementsActions(Backend::SET_DISPLAYNAME)) {
$permittedFields[] = 'display'; $permittedFields[] = 'display';
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME; $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
} }

87
apps/provisioning_api/tests/Controller/UsersControllerTest.php
View File

@ -67,7 +67,6 @@ use OCP\L10N\IFactory;
use OCP\Mail\IEMailTemplate; use OCP\Mail\IEMailTemplate;
use OCP\Security\Events\GenerateSecurePasswordEvent; use OCP\Security\Events\GenerateSecurePasswordEvent;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use OCP\User\Backend\IGetDisplayNameBackend;
use OCP\User\Backend\ISetDisplayNameBackend; use OCP\User\Backend\ISetDisplayNameBackend;
use OCP\UserInterface; use OCP\UserInterface;
use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\MockObject\MockObject;
@ -1490,6 +1489,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'email', 'demo@nextcloud.com')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'email', 'demo@nextcloud.com')->getData());
} }
@ -1523,6 +1528,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->api->editUser('UserToEdit', 'email', 'demo.org'); $this->api->editUser('UserToEdit', 'email', 'demo.org');
} }
@ -1556,6 +1567,12 @@ class UsersControllerTest extends TestCase {
->with('UserToEdit') ->with('UserToEdit')
->willReturn($loggedInUser); ->willReturn($loggedInUser);
$backend = $this->createMock(UserInterface::class);
$loggedInUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->accountManager->expects($this->once()) $this->accountManager->expects($this->once())
->method('getUser') ->method('getUser')
->with($loggedInUser) ->with($loggedInUser)
@ -1600,6 +1617,12 @@ class UsersControllerTest extends TestCase {
->with('UserToEdit') ->with('UserToEdit')
->willReturn($loggedInUser); ->willReturn($loggedInUser);
$backend = $this->createMock(UserInterface::class);
$loggedInUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->accountManager->expects($this->once()) $this->accountManager->expects($this->once())
->method('getUser') ->method('getUser')
->with($loggedInUser) ->with($loggedInUser)
@ -1644,6 +1667,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'password', 'NewPassword')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'password', 'NewPassword')->getData());
} }
@ -1677,6 +1706,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->api->editUser('UserToEdit', 'quota', 'NewQuota'); $this->api->editUser('UserToEdit', 'quota', 'NewQuota');
} }
@ -1709,6 +1744,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'quota', '3042824')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'quota', '3042824')->getData());
} }
@ -1744,6 +1785,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->api->editUser('UserToEdit', 'quota', 'ABC'); $this->api->editUser('UserToEdit', 'quota', 'ABC');
} }
@ -1783,6 +1830,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'quota', '3042824')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'quota', '3042824')->getData());
} }
@ -1825,6 +1878,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UserToEdit'); ->willReturn('UserToEdit');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'de')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'de')->getData());
} }
@ -1875,6 +1934,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UserToEdit'); ->willReturn('UserToEdit');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'de')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'de')->getData());
} }
@ -1916,6 +1981,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UserToEdit'); ->willReturn('UserToEdit');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'de')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'de')->getData());
} }
@ -1962,6 +2033,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UserToEdit'); ->willReturn('UserToEdit');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'ru')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'language', 'ru')->getData());
} }
@ -2001,6 +2078,12 @@ class UsersControllerTest extends TestCase {
->method('getUID') ->method('getUID')
->willReturn('UID'); ->willReturn('UID');
$backend = $this->createMock(UserInterface::class);
$targetUser
->expects($this->any())
->method('getBackend')
->willReturn($backend);
$this->assertEquals([], $this->api->editUser('UserToEdit', 'quota', '3042824')->getData()); $this->assertEquals([], $this->api->editUser('UserToEdit', 'quota', '3042824')->getData());
} }
@ -3736,7 +3819,7 @@ class UsersControllerTest extends TestCase {
IAccountManager::PROPERTY_WEBSITE, IAccountManager::PROPERTY_WEBSITE,
IAccountManager::PROPERTY_TWITTER, IAccountManager::PROPERTY_TWITTER,
]], ]],
[true, IGetDisplayNameBackend::class, [ [true, UserInterface::class, [
IAccountManager::PROPERTY_EMAIL, IAccountManager::PROPERTY_EMAIL,
IAccountManager::PROPERTY_PHONE, IAccountManager::PROPERTY_PHONE,
IAccountManager::PROPERTY_ADDRESS, IAccountManager::PROPERTY_ADDRESS,