diff options
author | Joas Schilling <213943+nickvergessen@users.noreply.github.com> | 2021-07-15 20:24:14 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-15 20:24:14 +0300 |
commit | d0b618e22f1971ab8253ef54460a2be2e67bdcad (patch) | |
tree | 52bdabbbfdbdd8e46944584f122263b47a659509 | |
parent | b2b6d9514b60bf3832aaaf0a4a4070e5e4208e0f (diff) | |
parent | ad08968e3958031b2af251c0923aa000bdbabbaf (diff) |
Merge pull request #6030 from nextcloud/backport/6024/stable22v12.0.1
[stable22] Check circles membership when trying to add
-rw-r--r-- | lib/Controller/RoomController.php | 7 | ||||
-rw-r--r-- | lib/Service/ParticipantService.php | 25 | ||||
-rw-r--r-- | psalm.xml | 1 |
3 files changed, 28 insertions, 5 deletions
diff --git a/lib/Controller/RoomController.php b/lib/Controller/RoomController.php index 32f5e82a6..29127132a 100644 --- a/lib/Controller/RoomController.php +++ b/lib/Controller/RoomController.php @@ -28,7 +28,6 @@ declare(strict_types=1); namespace OCA\Talk\Controller; use InvalidArgumentException; -use OCA\Circles\Api\v1\Circles; use OCA\Talk\Chat\ChatManager; use OCA\Talk\Chat\MessageParser; use OCA\Talk\Config; @@ -738,9 +737,8 @@ class RoomController extends AEnvironmentAwareController { return new DataResponse([], Http::STATUS_NOT_FOUND); } - /** @var Circles $circlesApi */ try { - $circle = Circles::detailsCircle($targetCircleId); + $circle = $this->participantService->getCircle($targetCircleId, $this->userId); } catch (\Exception $e) { return new DataResponse([], Http::STATUS_NOT_FOUND); } @@ -1063,9 +1061,8 @@ class RoomController extends AEnvironmentAwareController { return new DataResponse([], Http::STATUS_BAD_REQUEST); } - /** @var Circles $circlesApi */ try { - $circle = Circles::detailsCircle($newParticipant); + $circle = $this->participantService->getCircle($newParticipant, $this->userId); } catch (\Exception $e) { return new DataResponse([], Http::STATUS_NOT_FOUND); } diff --git a/lib/Service/ParticipantService.php b/lib/Service/ParticipantService.php index b5c18054d..fd41bbcc8 100644 --- a/lib/Service/ParticipantService.php +++ b/lib/Service/ParticipantService.php @@ -23,6 +23,7 @@ declare(strict_types=1); namespace OCA\Talk\Service; +use OCA\Circles\Api\v1\Circles; use OCA\Circles\Model\Circle; use OCA\Circles\Model\Member; use OCA\Talk\Config; @@ -397,6 +398,30 @@ class ParticipantService { } /** + * @param string $circleId + * @param string $userId + * @return Circle + * @throws ParticipantNotFoundException + */ + public function getCircle(string $circleId, string $userId): Circle { + try { + $circle = Circles::detailsCircle($circleId); + } catch (\Exception $e) { + throw new ParticipantNotFoundException('Circle not found'); + } + + // FIXME use \OCA\Circles\Manager::getLink() in the future + $membersInCircle = $circle->getInheritedMembers(); + foreach ($membersInCircle as $member) { + if ($member->isLocal() && $member->getUserType() === Member::TYPE_USER && $member->getUserId() === $userId) { + return $circle; + } + } + + throw new ParticipantNotFoundException('Circle found but not a member'); + } + + /** * @param Room $room * @param Circle $circle * @param Participant[] $existingParticipants @@ -24,6 +24,7 @@ <referencedClass name="Doctrine\DBAL\Platforms\PostgreSQL94Platform" /> <referencedClass name="Doctrine\DBAL\Types\Types" /> <referencedClass name="OC" /> + <referencedClass name="OCA\Circles\Api\v1\Circles" /> <referencedClass name="OCA\Circles\Model\Circle" /> <referencedClass name="OCA\Circles\Model\Member" /> <referencedClass name="OCA\DAV\CardDAV\PhotoCache" /> |