From 94584ee7884cc595590231866d732bbddf496aad Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 27 May 2021 14:23:04 +0200 Subject: [PATCH] Fix the get editable fields endpoint without a user id Signed-off-by: Joas Schilling --- apps/provisioning_api/appinfo/routes.php | 2 +- .../lib/Controller/UsersController.php | 19 ++++++++++++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php index 6982a8ba28..2375e70a57 100644 --- a/apps/provisioning_api/appinfo/routes.php +++ b/apps/provisioning_api/appinfo/routes.php @@ -53,7 +53,7 @@ return [ ['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#getCurrentUser', 'url' => '/user', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#getEditableFields', 'url' => '/user/fields', 'verb' => 'GET'], - ['root' => '/cloud', 'name' => 'Users#getEditableFields', 'url' => '/user/fields/{userId}', 'verb' => 'GET'], + ['root' => '/cloud', 'name' => 'Users#getEditableFieldsForUser', 'url' => '/user/fields/{userId}', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#editUser', 'url' => '/users/{userId}', 'verb' => 'PUT'], ['root' => '/cloud', 'name' => 'Users#wipeUserDevices', 'url' => '/users/{userId}/wipe', 'verb' => 'POST'], ['root' => '/cloud', 'name' => 'Users#deleteUser', 'url' => '/users/{userId}', 'verb' => 'DELETE'], diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index eeed61f670..6237ca04a9 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -543,7 +543,24 @@ class UsersController extends AUserData { * @return DataResponse * @throws OCSException */ - public function getEditableFields(?string $userId = null): DataResponse { + public function getEditableFields(): DataResponse { + $currentLoggedInUser = $this->userSession->getUser(); + if (!$currentLoggedInUser instanceof IUser) { + throw new OCSException('', OCSController::RESPOND_NOT_FOUND); + } + + return $this->getEditableFieldsForUser($currentLoggedInUser->getUID()); + } + + /** + * @NoAdminRequired + * @NoSubAdminRequired + * + * @param string $userId + * @return DataResponse + * @throws OCSException + */ + public function getEditableFieldsForUser(string $userId): DataResponse { $currentLoggedInUser = $this->userSession->getUser(); if (!$currentLoggedInUser instanceof IUser) { throw new OCSException('', OCSController::RESPOND_NOT_FOUND);