diff options
| author | Julius Härtl <jus@bitgrid.net> | 2021-07-21 15:23:49 +0300 |
|---|---|---|
| committer | Julius Härtl <jus@bitgrid.net> | 2021-07-22 13:28:00 +0300 |
| commit | 6909ce6641666c0d126a9966dc36747e21b6aa1b (patch) | |
| tree | d43d71910db6e87e7f50b6415bf40d5d1de877e7 /apps/dav/lib/Connector/Sabre | |
| parent | b6a24f87a52830a00c0e2929f4fefceda74fb9aa (diff) | |
Make sure that the dav propfind plugins always use the proper user id
For old android versions it could happen that the requests are performed
with a login name instead of the actual user id, so before this change
the property methods used the wrong value for fetching their information
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'apps/dav/lib/Connector/Sabre')
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/FilesPlugin.php | 26 | ||||
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/ServerFactory.php | 1 |
2 files changed, 24 insertions, 3 deletions
diff --git a/apps/dav/lib/Connector/Sabre/FilesPlugin.php b/apps/dav/lib/Connector/Sabre/FilesPlugin.php index 2a1412a8d97..3f2ae0f35ec 100644 --- a/apps/dav/lib/Connector/Sabre/FilesPlugin.php +++ b/apps/dav/lib/Connector/Sabre/FilesPlugin.php @@ -40,6 +40,7 @@ use OCP\Files\StorageNotAvailableException; use OCP\IConfig; use OCP\IPreview; use OCP\IRequest; +use OCP\IUserSession; use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\NotFound; use Sabre\DAV\IFile; @@ -89,6 +90,11 @@ class FilesPlugin extends ServerPlugin { private $tree; /** + * @var IUserSession + */ + private $userSession; + + /** * Whether this is public webdav. * If true, some returned information will be stripped off. * @@ -128,11 +134,13 @@ class FilesPlugin extends ServerPlugin { IConfig $config, IRequest $request, IPreview $previewManager, + IUserSession $userSession, $isPublic = false, $downloadAttachment = true) { $this->tree = $tree; $this->config = $config; $this->request = $request; + $this->userSession = $userSession; $this->isPublic = $isPublic; $this->downloadAttachment = $downloadAttachment; $this->previewManager = $previewManager; @@ -322,14 +330,22 @@ class FilesPlugin extends ServerPlugin { }); $propFind->handle(self::SHARE_PERMISSIONS_PROPERTYNAME, function () use ($node, $httpRequest) { + $user = $this->userSession->getUser(); + if ($user === null) { + return null; + } return $node->getSharePermissions( - $httpRequest->getRawServerValue('PHP_AUTH_USER') + $user->getUID() ); }); $propFind->handle(self::OCM_SHARE_PERMISSIONS_PROPERTYNAME, function () use ($node, $httpRequest) { + $user = $this->userSession->getUser(); + if ($user === null) { + return null; + } $ncPermissions = $node->getSharePermissions( - $httpRequest->getRawServerValue('PHP_AUTH_USER') + $user->getUID() ); $ocmPermissions = $this->ncPermissions2ocmPermissions($ncPermissions); return json_encode($ocmPermissions); @@ -367,8 +383,12 @@ class FilesPlugin extends ServerPlugin { }); $propFind->handle(self::SHARE_NOTE, function () use ($node, $httpRequest) { + $user = $this->userSession->getUser(); + if ($user === null) { + return null; + } return $node->getNoteFromShare( - $httpRequest->getRawServerValue('PHP_AUTH_USER') + $user->getUID() ); }); } diff --git a/apps/dav/lib/Connector/Sabre/ServerFactory.php b/apps/dav/lib/Connector/Sabre/ServerFactory.php index 5a8b109cd38..7be24014881 100644 --- a/apps/dav/lib/Connector/Sabre/ServerFactory.php +++ b/apps/dav/lib/Connector/Sabre/ServerFactory.php @@ -171,6 +171,7 @@ class ServerFactory { $this->config, $this->request, $this->previewManager, + $this->userSession, false, !$this->config->getSystemValue('debug', false) ) |