diff options
| author | Joas Schilling <coding@schilljs.com> | 2021-07-15 17:38:55 +0300 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2021-07-15 17:38:55 +0300 |
| commit | 6d4126d4857bfd5f6c4aee12e629e6241e15599c (patch) | |
| tree | 9634dc7710be9700607107fdba867df7d867126c /lib | |
| parent | 7f93524a23fc10d9d727c071f756fd211d44a453 (diff) | |
Check circles membership when trying to add
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Controller/RoomController.php | 7 | ||||
| -rw-r--r-- | lib/Service/ParticipantService.php | 26 |
2 files changed, 28 insertions, 5 deletions
diff --git a/lib/Controller/RoomController.php b/lib/Controller/RoomController.php index 32f5e82a6..29127132a 100644 --- a/lib/Controller/RoomController.php +++ b/lib/Controller/RoomController.php @@ -28,7 +28,6 @@ declare(strict_types=1); namespace OCA\Talk\Controller; use InvalidArgumentException; -use OCA\Circles\Api\v1\Circles; use OCA\Talk\Chat\ChatManager; use OCA\Talk\Chat\MessageParser; use OCA\Talk\Config; @@ -738,9 +737,8 @@ class RoomController extends AEnvironmentAwareController { return new DataResponse([], Http::STATUS_NOT_FOUND); } - /** @var Circles $circlesApi */ try { - $circle = Circles::detailsCircle($targetCircleId); + $circle = $this->participantService->getCircle($targetCircleId, $this->userId); } catch (\Exception $e) { return new DataResponse([], Http::STATUS_NOT_FOUND); } @@ -1063,9 +1061,8 @@ class RoomController extends AEnvironmentAwareController { return new DataResponse([], Http::STATUS_BAD_REQUEST); } - /** @var Circles $circlesApi */ try { - $circle = Circles::detailsCircle($newParticipant); + $circle = $this->participantService->getCircle($newParticipant, $this->userId); } catch (\Exception $e) { return new DataResponse([], Http::STATUS_NOT_FOUND); } diff --git a/lib/Service/ParticipantService.php b/lib/Service/ParticipantService.php index 0b69ab3ae..88f1f807c 100644 --- a/lib/Service/ParticipantService.php +++ b/lib/Service/ParticipantService.php @@ -23,6 +23,7 @@ declare(strict_types=1); namespace OCA\Talk\Service; +use OCA\Circles\Api\v1\Circles; use OCA\Circles\Model\Circle; use OCA\Circles\Model\Member; use OCA\Talk\Config; @@ -397,6 +398,31 @@ class ParticipantService { } /** + * @param string $circleId + * @param string $userId + * @return Circle + * @throws ParticipantNotFoundException + */ + public function getCircle(string $circleId, string $userId): Circle { + /** @var Circles $circlesApi */ + try { + $circle = Circles::detailsCircle($circleId); + } catch (\Exception $e) { + throw new ParticipantNotFoundException('Circle not found'); + } + + // FIXME use \OCA\Circles\Manager::getLink() in the future + $membersInCircle = $circle->getInheritedMembers(); + foreach ($membersInCircle as $member) { + if ($member->getUserType() === Member::TYPE_USER && $member->getUserId() === $userId) { + return $circle; + } + } + + throw new ParticipantNotFoundException('Circle found but not a member'); + } + + /** * @param Room $room * @param Circle $circle * @param Participant[] $existingParticipants |