Skip to content

Commit

Permalink
admin have no special rights on users' entries
Browse files Browse the repository at this point in the history 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
  • Loading branch information
@ArtificialOwl
ArtificialOwl committed Aug 18, 2023
1 parent c7035ee commit 40584f1
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 27 deletions.
2 changes: 1 addition & 1 deletion apps/files_external/lib/Controller/AjaxController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ public function saveGlobalCredentials($uid, $user, $password) {
$currentUser = $this->userSession->getUser();

// Non-admins can only edit their own credentials
$allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid);
$allowedToEdit = ($currentUser->getUID() === $uid);

Check notice

Code scanning / Psalm

PossiblyNullReference Note

Cannot call method getUID on possibly null value

if ($allowedToEdit) {
$this->globalAuth->saveAuth($uid, $user, $password);
Expand Down
34 changes: 8 additions & 26 deletions apps/files_external/tests/Controller/AjaxControllerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,17 +102,11 @@ public function testSaveGlobalCredentialsAsAdminForAnotherUser() {
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyAdminUid')
->willReturn(true);
$this->globalAuth
->expects($this->once())
->method('saveAuth')
->with('UidOfTestUser', 'test', 'password');
->expects($this->never())
->method('saveAuth');

$this->assertSame(true, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password'));
$this->assertSame(false, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password'));
}

public function testSaveGlobalCredentialsAsAdminForSelf() {
Expand All @@ -125,11 +119,6 @@ public function testSaveGlobalCredentialsAsAdminForSelf() {
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyAdminUid')
->willReturn(true);
$this->globalAuth
->expects($this->once())
->method('saveAuth')
Expand All @@ -141,18 +130,13 @@ public function testSaveGlobalCredentialsAsAdminForSelf() {
public function testSaveGlobalCredentialsAsNormalUserForSelf() {
$user = $this->createMock(IUser::class);
$user
->expects($this->exactly(2))
->expects($this->once())
->method('getUID')
->willReturn('MyUserUid');
$this->userSession
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyUserUid')
->willReturn(false);
$this->globalAuth
->expects($this->once())
->method('saveAuth')
Expand All @@ -164,18 +148,16 @@ public function testSaveGlobalCredentialsAsNormalUserForSelf() {
public function testSaveGlobalCredentialsAsNormalUserForAnotherUser() {
$user = $this->createMock(IUser::class);
$user
->expects($this->exactly(2))
->expects($this->once())
->method('getUID')
->willReturn('MyUserUid');
$this->userSession
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyUserUid')
->willReturn(false);
$this->globalAuth
->expects($this->never())
->method('saveAuth');

$this->assertSame(false, $this->ajaxController->saveGlobalCredentials('AnotherUserUid', 'test', 'password'));
}
Expand Down

0 comments on commit 40584f1

Please sign in to comment.