fix(ProvisioningApi): only return verified additional mails per user #44341
Conversation
blizzz
requested review from
nickvergessen,
Pytal,
a team,
ArtificialOwl,
icewind1991 and
sorbaugh
and removed request for
a team
blizzz
added
2. developing
|
Integration tests fail, for no email verification was done there. That might be tricky. There is no way to modify it from outside, without exposing anything, so not the way to go. Maybe utilizing FakeSMTPHelper in the integration tests could help, did not have time for a closer look there yet (free time activity…). |
Can add any code directly to the |
It would not per se be bad to return all of them, however the meta data about the verified state is missing. Since the information may go out to connected clients, those may have wrong trust the returned email addresses. Email verification still works with this change. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
blizzz
force-pushed
the
fix/noid/return-verified-email
branch
from
266a79a
to
35a0ee2
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| class MailVerificationTestController extends OCSController { | ||
| public function __construct( | ||
| $appName, |
Check notice
Code scanning / Psalm
MissingParamType Note
|
|
||
| public function verify(string $userId, string $email): DataResponse { | ||
| $user = $this->userManager->get($userId); | ||
| $userAccount = $this->accountManager->getAccount($user); |
Check notice
Code scanning / Psalm
PossiblyNullArgument Note
| @@ -0,0 +1,35 @@ | |||
| <?php | |||
Summary
…it would not per se be bad to return all of them, however the meta data about the verified state is missing. Since the information may go out to connected clients, those may have wrong trust the returned email addresses.
Email verification still works with this change.
Checklist