diff options
author | Carl Schwan <carl@carlschwan.eu> | 2022-02-15 19:45:09 +0300 |
---|---|---|
committer | Carl Schwan <carl@carlschwan.eu> | 2022-07-07 10:27:34 +0300 |
commit | b141d399445ebc2df2079673f3f3435fa3d51679 (patch) | |
tree | 100f9d49c4a4a1658b6c3f8b469f607aa071cd13 /lib/private | |
parent | 3736cbd96b0143e75a978989e5efd6c451061c15 (diff) |
Allow to disable password policy enforcement for selected groups
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Co-authored-by: Vincent Petry <vincent@nextcloud.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
Diffstat (limited to 'lib/private')
-rw-r--r-- | lib/private/Share20/Manager.php | 14 | ||||
-rw-r--r-- | lib/private/legacy/OC_Util.php | 7 |
2 files changed, 17 insertions, 4 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 84d23e1b087..e17bb7ee79d 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1763,9 +1763,21 @@ class Manager implements IManager { /** * Is password on public link requires * + * @param bool Check group membership exclusion * @return bool */ - public function shareApiLinkEnforcePassword() { + public function shareApiLinkEnforcePassword(bool $checkGroupMembership = true) { + $excludedGroups = $this->config->getAppValue('core', 'shareapi_enforce_links_password_excluded_groups', ''); + if ($excludedGroups !== '' && $checkGroupMembership) { + $excludedGroups = json_decode($excludedGroups); + $user = $this->userSession->getUser(); + if ($user) { + $userGroups = $this->groupManager->getUserGroupIds($user); + if ((bool)array_intersect($excludedGroups, $userGroups)) { + return false; + } + } + } return $this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes'; } diff --git a/lib/private/legacy/OC_Util.php b/lib/private/legacy/OC_Util.php index 9892faf6032..7e0fd45e054 100644 --- a/lib/private/legacy/OC_Util.php +++ b/lib/private/legacy/OC_Util.php @@ -347,15 +347,16 @@ class OC_Util { } /** - * check if a password is required for each public link + * Check if a password is required for each public link * + * @param bool $checkGroupMembership Check group membership exclusion * @return boolean * @suppress PhanDeprecatedFunction */ - public static function isPublicLinkPasswordRequired() { + public static function isPublicLinkPasswordRequired(bool $checkGroupMembership = true) { /** @var IManager $shareManager */ $shareManager = \OC::$server->get(IManager::class); - return $shareManager->shareApiLinkEnforcePassword(); + return $shareManager->shareApiLinkEnforcePassword($checkGroupMembership); } /** |