diff options
author | Carl Schwan <carl@carlschwan.eu> | 2022-02-15 19:45:09 +0300 |
---|---|---|
committer | nextcloud-command <nextcloud-command@users.noreply.github.com> | 2022-04-05 20:04:17 +0300 |
commit | a29251e02df0157741afaddbc202617e6eb1c840 (patch) | |
tree | e6f45cc8f5f69d3358cac3f0b50c058a5cfcb1a3 /lib/private | |
parent | a99fdf5600c9e4be23b4adb153c33298650e3fc1 (diff) |
Allow to disable password policy enforcement for selected groups
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Co-authored-by: Vincent Petry <vincent@nextcloud.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
Diffstat (limited to 'lib/private')
-rw-r--r-- | lib/private/Share20/Manager.php | 14 | ||||
-rw-r--r-- | lib/private/legacy/OC_Util.php | 7 |
2 files changed, 17 insertions, 4 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 2aa4d099024..b634d41a640 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1784,9 +1784,21 @@ class Manager implements IManager { /** * Is password on public link requires * + * @param bool Check group membership exclusion * @return bool */ - public function shareApiLinkEnforcePassword() { + public function shareApiLinkEnforcePassword(bool $checkGroupMembership = true) { + $excludedGroups = $this->config->getAppValue('core', 'shareapi_enforce_links_password_excluded_groups', ''); + if ($excludedGroups !== '' && $checkGroupMembership) { + $excludedGroups = json_decode($excludedGroups); + $user = $this->userSession->getUser(); + if ($user) { + $userGroups = $this->groupManager->getUserGroupIds($user); + if ((bool)array_intersect($excludedGroups, $userGroups)) { + return false; + } + } + } return $this->config->getAppValue('core', 'shareapi_enforce_links_password', 'no') === 'yes'; } diff --git a/lib/private/legacy/OC_Util.php b/lib/private/legacy/OC_Util.php index ceed79bc9d5..edee23995f1 100644 --- a/lib/private/legacy/OC_Util.php +++ b/lib/private/legacy/OC_Util.php @@ -116,15 +116,16 @@ class OC_Util { } /** - * check if a password is required for each public link + * Check if a password is required for each public link * + * @param bool $checkGroupMembership Check group membership exclusion * @return boolean * @suppress PhanDeprecatedFunction */ - public static function isPublicLinkPasswordRequired() { + public static function isPublicLinkPasswordRequired(bool $checkGroupMembership = true) { /** @var IManager $shareManager */ $shareManager = \OC::$server->get(IManager::class); - return $shareManager->shareApiLinkEnforcePassword(); + return $shareManager->shareApiLinkEnforcePassword($checkGroupMembership); } /** |