Only return display name as editable when the user backend allows it
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
97b9e8f0bc
commit
a1d746fe05
|
@ -53,6 +53,7 @@ return [
|
||||||
['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'],
|
['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'],
|
||||||
['root' => '/cloud', 'name' => 'Users#getCurrentUser', 'url' => '/user', 'verb' => 'GET'],
|
['root' => '/cloud', 'name' => 'Users#getCurrentUser', 'url' => '/user', 'verb' => 'GET'],
|
||||||
['root' => '/cloud', 'name' => 'Users#getEditableFields', 'url' => '/user/fields', 'verb' => 'GET'],
|
['root' => '/cloud', 'name' => 'Users#getEditableFields', 'url' => '/user/fields', 'verb' => 'GET'],
|
||||||
|
['root' => '/cloud', 'name' => 'Users#getEditableFields', 'url' => '/user/fields/{userId}', 'verb' => 'GET'],
|
||||||
['root' => '/cloud', 'name' => 'Users#editUser', 'url' => '/users/{userId}', 'verb' => 'PUT'],
|
['root' => '/cloud', 'name' => 'Users#editUser', 'url' => '/users/{userId}', 'verb' => 'PUT'],
|
||||||
['root' => '/cloud', 'name' => 'Users#wipeUserDevices', 'url' => '/users/{userId}/wipe', 'verb' => 'POST'],
|
['root' => '/cloud', 'name' => 'Users#wipeUserDevices', 'url' => '/users/{userId}/wipe', 'verb' => 'POST'],
|
||||||
['root' => '/cloud', 'name' => 'Users#deleteUser', 'url' => '/users/{userId}', 'verb' => 'DELETE'],
|
['root' => '/cloud', 'name' => 'Users#deleteUser', 'url' => '/users/{userId}', 'verb' => 'DELETE'],
|
||||||
|
|
|
@ -525,13 +525,38 @@ class UsersController extends AUserData {
|
||||||
/**
|
/**
|
||||||
* @NoAdminRequired
|
* @NoAdminRequired
|
||||||
* @NoSubAdminRequired
|
* @NoSubAdminRequired
|
||||||
|
*
|
||||||
|
* @return DataResponse
|
||||||
|
* @throws OCSException
|
||||||
*/
|
*/
|
||||||
public function getEditableFields(): DataResponse {
|
public function getEditableFields(?string $userId = null): DataResponse {
|
||||||
|
$currentLoggedInUser = $this->userSession->getUser();
|
||||||
|
if (!$currentLoggedInUser instanceof IUser) {
|
||||||
|
throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
$permittedFields = [];
|
$permittedFields = [];
|
||||||
|
|
||||||
|
if ($userId !== $currentLoggedInUser->getUID()) {
|
||||||
|
$targetUser = $this->userManager->get($userId);
|
||||||
|
if (!$targetUser instanceof IUser) {
|
||||||
|
throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
|
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||||
|
if (!$this->groupManager->isAdmin($currentLoggedInUser->getUID())
|
||||||
|
&& !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
|
||||||
|
throw new OCSException('', OCSController::RESPOND_NOT_FOUND);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$targetUser = $currentLoggedInUser;
|
||||||
|
}
|
||||||
|
|
||||||
// Editing self (display, email)
|
// Editing self (display, email)
|
||||||
if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
|
if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
|
||||||
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
|
if ($targetUser->getBackend() instanceof ISetDisplayNameBackend) {
|
||||||
|
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
|
||||||
|
}
|
||||||
$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
|
$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -568,8 +593,10 @@ class UsersController extends AUserData {
|
||||||
if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
|
if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
|
||||||
// Editing self (display, email)
|
// Editing self (display, email)
|
||||||
if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
|
if ($this->config->getSystemValue('allow_user_to_change_display_name', true) !== false) {
|
||||||
$permittedFields[] = 'display';
|
if ($targetUser->getBackend() instanceof ISetDisplayNameBackend) {
|
||||||
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
|
$permittedFields[] = 'display';
|
||||||
|
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
|
||||||
|
}
|
||||||
$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
|
$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -608,8 +635,10 @@ class UsersController extends AUserData {
|
||||||
if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
|
if ($this->groupManager->isAdmin($currentLoggedInUser->getUID())
|
||||||
|| $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
|
|| $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
|
||||||
// They have permissions over the user
|
// They have permissions over the user
|
||||||
$permittedFields[] = 'display';
|
if ($targetUser->getBackend() instanceof ISetDisplayNameBackend) {
|
||||||
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
|
$permittedFields[] = 'display';
|
||||||
|
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
|
||||||
|
}
|
||||||
$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
|
$permittedFields[] = IAccountManager::PROPERTY_EMAIL;
|
||||||
$permittedFields[] = 'password';
|
$permittedFields[] = 'password';
|
||||||
$permittedFields[] = 'language';
|
$permittedFields[] = 'language';
|
||||||
|
|
|
@ -67,6 +67,8 @@ use OCP\L10N\IFactory;
|
||||||
use OCP\Mail\IEMailTemplate;
|
use OCP\Mail\IEMailTemplate;
|
||||||
use OCP\Security\Events\GenerateSecurePasswordEvent;
|
use OCP\Security\Events\GenerateSecurePasswordEvent;
|
||||||
use OCP\Security\ISecureRandom;
|
use OCP\Security\ISecureRandom;
|
||||||
|
use OCP\User\Backend\IGetDisplayNameBackend;
|
||||||
|
use OCP\User\Backend\ISetDisplayNameBackend;
|
||||||
use OCP\UserInterface;
|
use OCP\UserInterface;
|
||||||
use PHPUnit\Framework\MockObject\MockObject;
|
use PHPUnit\Framework\MockObject\MockObject;
|
||||||
use Test\TestCase;
|
use Test\TestCase;
|
||||||
|
@ -1443,6 +1445,10 @@ class UsersControllerTest extends TestCase {
|
||||||
->method('get')
|
->method('get')
|
||||||
->with('UserToEdit')
|
->with('UserToEdit')
|
||||||
->willReturn($targetUser);
|
->willReturn($targetUser);
|
||||||
|
$targetUser
|
||||||
|
->expects($this->once())
|
||||||
|
->method('getBackend')
|
||||||
|
->willReturn($this->createMock(ISetDisplayNameBackend::class));
|
||||||
$targetUser
|
$targetUser
|
||||||
->expects($this->once())
|
->expects($this->once())
|
||||||
->method('setDisplayName')
|
->method('setDisplayName')
|
||||||
|
@ -3716,20 +3722,27 @@ class UsersControllerTest extends TestCase {
|
||||||
|
|
||||||
public function dataGetEditableFields() {
|
public function dataGetEditableFields() {
|
||||||
return [
|
return [
|
||||||
[false, [
|
[false, ISetDisplayNameBackend::class, [
|
||||||
IAccountManager::PROPERTY_PHONE,
|
IAccountManager::PROPERTY_PHONE,
|
||||||
IAccountManager::PROPERTY_ADDRESS,
|
IAccountManager::PROPERTY_ADDRESS,
|
||||||
IAccountManager::PROPERTY_WEBSITE,
|
IAccountManager::PROPERTY_WEBSITE,
|
||||||
IAccountManager::PROPERTY_TWITTER,
|
IAccountManager::PROPERTY_TWITTER,
|
||||||
]],
|
]],
|
||||||
[ true, [
|
[true, ISetDisplayNameBackend::class, [
|
||||||
IAccountManager::PROPERTY_DISPLAYNAME,
|
IAccountManager::PROPERTY_DISPLAYNAME,
|
||||||
IAccountManager::PROPERTY_EMAIL,
|
IAccountManager::PROPERTY_EMAIL,
|
||||||
IAccountManager::PROPERTY_PHONE,
|
IAccountManager::PROPERTY_PHONE,
|
||||||
IAccountManager::PROPERTY_ADDRESS,
|
IAccountManager::PROPERTY_ADDRESS,
|
||||||
IAccountManager::PROPERTY_WEBSITE,
|
IAccountManager::PROPERTY_WEBSITE,
|
||||||
IAccountManager::PROPERTY_TWITTER,
|
IAccountManager::PROPERTY_TWITTER,
|
||||||
]]
|
]],
|
||||||
|
[true, IGetDisplayNameBackend::class, [
|
||||||
|
IAccountManager::PROPERTY_EMAIL,
|
||||||
|
IAccountManager::PROPERTY_PHONE,
|
||||||
|
IAccountManager::PROPERTY_ADDRESS,
|
||||||
|
IAccountManager::PROPERTY_WEBSITE,
|
||||||
|
IAccountManager::PROPERTY_TWITTER,
|
||||||
|
]],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -3737,9 +3750,10 @@ class UsersControllerTest extends TestCase {
|
||||||
* @dataProvider dataGetEditableFields
|
* @dataProvider dataGetEditableFields
|
||||||
*
|
*
|
||||||
* @param bool $allowedToChangeDisplayName
|
* @param bool $allowedToChangeDisplayName
|
||||||
|
* @param string $userBackend
|
||||||
* @param array $expected
|
* @param array $expected
|
||||||
*/
|
*/
|
||||||
public function testGetEditableFields(bool $allowedToChangeDisplayName, array $expected) {
|
public function testGetEditableFields(bool $allowedToChangeDisplayName, string $userBackend, array $expected) {
|
||||||
$this->config
|
$this->config
|
||||||
->method('getSystemValue')
|
->method('getSystemValue')
|
||||||
->with(
|
->with(
|
||||||
|
@ -3747,8 +3761,19 @@ class UsersControllerTest extends TestCase {
|
||||||
$this->anything()
|
$this->anything()
|
||||||
)->willReturn($allowedToChangeDisplayName);
|
)->willReturn($allowedToChangeDisplayName);
|
||||||
|
|
||||||
|
$user = $this->createMock(IUser::class);
|
||||||
|
$this->userSession->method('getUser')
|
||||||
|
->willReturn($user);
|
||||||
|
|
||||||
|
$backend = $this->createMock($userBackend);
|
||||||
|
|
||||||
|
$user->method('getUID')
|
||||||
|
->willReturn('userId');
|
||||||
|
$user->method('getBackend')
|
||||||
|
->willReturn($backend);
|
||||||
|
|
||||||
$expectedResp = new DataResponse($expected);
|
$expectedResp = new DataResponse($expected);
|
||||||
$this->assertEquals($expectedResp, $this->api->getEditableFields());
|
$this->assertEquals($expectedResp, $this->api->getEditableFields('userId'));
|
||||||
}
|
}
|
||||||
|
|
||||||
private function mockAccount($targetUser, $accountProperties) {
|
private function mockAccount($targetUser, $accountProperties) {
|
||||||
|
|
Loading…
Reference in New Issue