Merge pull request #19930 from nextcloud/enh/19804/wfe-disable-user-flows

Add app config to disable user flows
This commit is contained in:
Roeland Jago Douma 2020-03-22 10:36:23 +01:00 committed by GitHub
commit a376f19a28
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 25 additions and 5 deletions

View File

@ -106,7 +106,7 @@ class UserWorkflowsController extends AWorkflowController {
protected function getScopeContext(): ScopeContext { protected function getScopeContext(): ScopeContext {
if($this->scopeContext === null) { if($this->scopeContext === null) {
$user = $this->session->getUser(); $user = $this->session->getUser();
if(!$user) { if(!$user || !$this->manager->isUserScopeEnabled()) {
throw new OCSForbiddenException('User not logged in'); throw new OCSForbiddenException('User not logged in');
} }
$this->scopeContext = new ScopeContext(IManager::SCOPE_USER, $user->getUID()); $this->scopeContext = new ScopeContext(IManager::SCOPE_USER, $user->getUID());

View File

@ -23,6 +23,7 @@ namespace OCA\WorkflowEngine;
use Doctrine\DBAL\DBALException; use Doctrine\DBAL\DBALException;
use OC\Cache\CappedMemoryCache; use OC\Cache\CappedMemoryCache;
use OCA\WorkflowEngine\AppInfo\Application;
use OCA\WorkflowEngine\Check\FileMimeType; use OCA\WorkflowEngine\Check\FileMimeType;
use OCA\WorkflowEngine\Check\FileName; use OCA\WorkflowEngine\Check\FileName;
use OCA\WorkflowEngine\Check\FileSize; use OCA\WorkflowEngine\Check\FileSize;
@ -40,6 +41,7 @@ use OCP\AppFramework\QueryException;
use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\EventDispatcher\IEventDispatcher; use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\Storage\IStorage; use OCP\Files\Storage\IStorage;
use OCP\IConfig;
use OCP\IDBConnection; use OCP\IDBConnection;
use OCP\IL10N; use OCP\IL10N;
use OCP\ILogger; use OCP\ILogger;
@ -108,6 +110,9 @@ class Manager implements IManager {
/** @var IEventDispatcher */ /** @var IEventDispatcher */
private $dispatcher; private $dispatcher;
/** @var IConfig */
private $config;
public function __construct( public function __construct(
IDBConnection $connection, IDBConnection $connection,
IServerContainer $container, IServerContainer $container,
@ -115,7 +120,8 @@ class Manager implements IManager {
LegacyDispatcher $eventDispatcher, LegacyDispatcher $eventDispatcher,
ILogger $logger, ILogger $logger,
IUserSession $session, IUserSession $session,
IEventDispatcher $dispatcher IEventDispatcher $dispatcher,
IConfig $config
) { ) {
$this->connection = $connection; $this->connection = $connection;
$this->container = $container; $this->container = $container;
@ -125,6 +131,7 @@ class Manager implements IManager {
$this->operationsByScope = new CappedMemoryCache(64); $this->operationsByScope = new CappedMemoryCache(64);
$this->session = $session; $this->session = $session;
$this->dispatcher = $dispatcher; $this->dispatcher = $dispatcher;
$this->config = $config;
} }
public function getRuleMatcher(): IRuleMatcher { public function getRuleMatcher(): IRuleMatcher {
@ -708,4 +715,8 @@ class Manager implements IManager {
return []; return [];
} }
} }
public function isUserScopeEnabled(): bool {
return $this->config->getAppValue(Application::APP_ID, 'user_scope_disabled', 'no') === 'no';
}
} }

View File

@ -117,7 +117,7 @@ class RuleMatcher implements IRuleMatcher {
public function getMatchingOperations(string $class, bool $returnFirstMatchingOperationOnly = true): array { public function getMatchingOperations(string $class, bool $returnFirstMatchingOperationOnly = true): array {
$scopes[] = new ScopeContext(IManager::SCOPE_ADMIN); $scopes[] = new ScopeContext(IManager::SCOPE_ADMIN);
$user = $this->session->getUser(); $user = $this->session->getUser();
if($user !== null) { if($user !== null && $this->manager->isUserScopeEnabled()) {
$scopes[] = new ScopeContext(IManager::SCOPE_USER, $user->getUID()); $scopes[] = new ScopeContext(IManager::SCOPE_USER, $user->getUID());
} }

View File

@ -50,7 +50,7 @@ abstract class ASettings implements ISettings {
private $eventDispatcher; private $eventDispatcher;
/** @var Manager */ /** @var Manager */
private $manager; protected $manager;
/** @var IInitialStateService */ /** @var IInitialStateService */
private $initialStateService; private $initialStateService;

View File

@ -31,4 +31,8 @@ class Personal extends ASettings {
function getScope(): int { function getScope(): int {
return IManager::SCOPE_USER; return IManager::SCOPE_USER;
} }
public function getSection() {
return $this->manager->isUserScopeEnabled() ? 'workflow' : null;
}
} }

View File

@ -28,6 +28,7 @@ use OCA\WorkflowEngine\Helper\ScopeContext;
use OCA\WorkflowEngine\Manager; use OCA\WorkflowEngine\Manager;
use OCP\EventDispatcher\IEventDispatcher; use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\IRootFolder; use OCP\Files\IRootFolder;
use OCP\IConfig;
use OCP\IDBConnection; use OCP\IDBConnection;
use OCP\IL10N; use OCP\IL10N;
use OCP\ILogger; use OCP\ILogger;
@ -67,6 +68,8 @@ class ManagerTest extends TestCase {
protected $l; protected $l;
/** @var MockObject|IEventDispatcher */ /** @var MockObject|IEventDispatcher */
protected $dispatcher; protected $dispatcher;
/** @var MockObject|IConfig */
protected $config;
protected function setUp(): void { protected function setUp(): void {
parent::setUp(); parent::setUp();
@ -84,6 +87,7 @@ class ManagerTest extends TestCase {
$this->logger = $this->createMock(ILogger::class); $this->logger = $this->createMock(ILogger::class);
$this->session = $this->createMock(IUserSession::class); $this->session = $this->createMock(IUserSession::class);
$this->dispatcher = $this->createMock(IEventDispatcher::class); $this->dispatcher = $this->createMock(IEventDispatcher::class);
$this->config = $this->createMock(IConfig::class);
$this->manager = new Manager( $this->manager = new Manager(
\OC::$server->getDatabaseConnection(), \OC::$server->getDatabaseConnection(),
@ -92,7 +96,8 @@ class ManagerTest extends TestCase {
$this->legacyDispatcher, $this->legacyDispatcher,
$this->logger, $this->logger,
$this->session, $this->session,
$this->dispatcher $this->dispatcher,
$this->config
); );
$this->clearTables(); $this->clearTables();
} }