upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 54

Fix changing display names for subadmins

Browse source 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
Lukas Reschke 2016-11-18 11:55:37 +01:00 committed by Roeland Jago Douma
parent 662dff046d
commit 8bf4111368
No known key found for this signature in database
GPG key ID: F941078878347C0C
2 changed files with 50 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
settings/Controller/UsersController.php
View file

@ -681,8 +681,14 @@ class UsersController extends Controller {
$currentUser = $this->userSession->getUser();
$user = $this->userManager->get($username);
if (!$this->groupManager->isAdmin($currentUser->getUID()) &&
!$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user)
if ($user === null ||
!$user->canChangeDisplayName() ||
(
!$this->groupManager->isAdmin($currentUser->getUID()) &&
!$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) &&
$currentUser->getUID() !== $username
)
) {
return new DataResponse([
'status' => 'error',

49
tests/Core/Controller/OCSControllerTest.php
View file

@ -24,6 +24,8 @@ namespace OC\Core\Controller;
use OC\CapabilitiesManager;
use OC\Security\Bruteforce\Throttler;
use OC\Security\IdentityProof\Key;
use OC\Security\IdentityProof\Manager;
use OCP\AppFramework\Http\DataResponse;
use OCP\IRequest;
use OCP\IUser;
@ -32,22 +34,18 @@ use OCP\IUserSession;
use Test\TestCase;
class OCSControllerTest extends TestCase {
/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
private $request;
/** @var CapabilitiesManager|\PHPUnit_Framework_MockObject_MockObject */
private $capabilitiesManager;
/** @var IUserSession|\PHPUnit_Framework_MockObject_MockObject */
private $userSession;
/** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */
private $userManager;
/** @var Throttler|\PHPUnit_Framework_MockObject_MockObject */
private $throttler;
/** @var Manager|\PHPUnit_Framework_MockObject_MockObject */
private $keyManager;
/** @var OCSController */
private $controller;
@ -59,6 +57,7 @@ class OCSControllerTest extends TestCase {
$this->userSession = $this->createMock(IUserSession::class);
$this->userManager = $this->createMock(IUserManager::class);
$this->throttler = $this->createMock(Throttler::class);
$this->keyManager = $this->createMock(Manager::class);
$this->controller = new OCSController(
'core',
@ -66,7 +65,8 @@ class OCSControllerTest extends TestCase {
$this->capabilitiesManager,
$this->userSession,
$this->userManager,
$this->throttler
$this->throttler,
$this->keyManager
);
}
@ -206,4 +206,39 @@ class OCSControllerTest extends TestCase {
$this->assertEquals($expected, $this->controller->personCheck('', ''));
}
public function testGetIdentityProofWithNotExistingUser() {
$this->userManager
->expects($this->once())
->method('get')
->with('NotExistingUser')
->willReturn(null);
$expected = new DataResponse('User not found', 404);
$this->assertEquals($expected, $this->controller->getIdentityProof('NotExistingUser'));
}
public function testGetIdentityProof() {
$user = $this->createMock(IUser::class);
$key = $this->createMock(Key::class);
$this->userManager
->expects($this->once())
->method('get')
->with('ExistingUser')
->willReturn($user);
$this->keyManager
->expects($this->once())
->method('getKey')
->with($user)
->willReturn($key);
$key
->expects($this->once())
->method('getPublic')
->willReturn('Existing Users public key');
$expected = new DataResponse([
'public' => 'Existing Users public key',
]);
$this->assertEquals($expected, $this->controller->getIdentityProof('ExistingUser'));
}
}