diff options
| author | Joas Schilling <coding@schilljs.com> | 2019-09-30 13:11:52 +0300 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2019-10-01 10:25:19 +0300 |
| commit | d29b91df64c4847916f6f0b9717261044bd67782 (patch) | |
| tree | 77f96805069a20211314d62a77b1ff701eb1904b /lib | |
| parent | 7314559199fe3aa51ee585317c49ae055b9da929 (diff) | |
Make sure the controller also works for guests
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Controller/FilesIntegrationController.php | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/lib/Controller/FilesIntegrationController.php b/lib/Controller/FilesIntegrationController.php index 9444cd349..491709ef2 100644 --- a/lib/Controller/FilesIntegrationController.php +++ b/lib/Controller/FilesIntegrationController.php @@ -29,6 +29,7 @@ use OCA\Talk\Manager; use OCA\Talk\TalkSession; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; use OCP\Files\FileInfo; @@ -44,8 +45,6 @@ use OCP\Share\IShare; class FilesIntegrationController extends OCSController { - /** @var string */ - private $currentUser; /** @var Manager */ private $manager; /** @var IShareManager */ @@ -64,7 +63,6 @@ class FilesIntegrationController extends OCSController { public function __construct( string $appName, IRequest $request, - string $userId, Manager $manager, IShareManager $shareManager, ISession $session, @@ -74,7 +72,6 @@ class FilesIntegrationController extends OCSController { IL10N $l10n ) { parent::__construct($appName, $request); - $this->currentUser = $userId; $this->manager = $manager; $this->shareManager = $shareManager; $this->session = $session; @@ -115,10 +112,16 @@ class FilesIntegrationController extends OCSController { * @throws OCSNotFoundException */ public function getRoomByFileId(string $fileId): DataResponse { - $share = $this->util->getAnyPublicShareOfFileOwnedByUserOrAnyDirectShareOfFileAccessibleByUser($fileId, $this->currentUser); + $currentUser = $this->userSession->getUser(); + if (!$currentUser instanceof IUser) { + throw new OCSException($this->l->t('File is not shared, or shared but not with the user'), Http::STATUS_UNAUTHORIZED); + } + + + $share = $this->util->getAnyPublicShareOfFileOwnedByUserOrAnyDirectShareOfFileAccessibleByUser($fileId, $currentUser->getUID()); $groupFolder = null; if (!$share) { - $groupFolder = $this->util->getGroupFolderNode($fileId, $this->currentUser); + $groupFolder = $this->util->getGroupFolderNode($fileId, $currentUser->getUID()); if (!$groupFolder) { throw new OCSNotFoundException($this->l->t('File is not shared, or shared but not with the user')); } |