upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-21 17:45:40 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 18

Merge pull request #46089 from nextcloud/backport/46073/stable27

Browse source
This commit is contained in:
John Molakvoæ 2024-07-28 11:46:38 +02:00 committed by GitHub
commit a6db0d33a8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
apps/files_external/lib/Controller/AjaxController.php
View file

@ -106,15 +106,21 @@ class AjaxController extends Controller {
*/
public function saveGlobalCredentials($uid, $user, $password) {
$currentUser = $this->userSession->getUser();
if ($currentUser === null) {
return false;
}
// Non-admins can only edit their own credentials
$allowedToEdit = ($currentUser->getUID() === $uid);
// Admin can edit global credentials
$allowedToEdit = $uid === ''
? $this->groupManager->isAdmin($currentUser->getUID())
: $currentUser->getUID() === $uid;
if ($allowedToEdit) {
$this->globalAuth->saveAuth($uid, $user, $password);
return true;
} else {
return false;
}
return false;
}
}