mirror of
https://github.com/nextcloud/server.git
synced 2026-04-22 14:50:17 -04:00
Merge pull request #31857 from nextcloud/feat/dont_match_userid
Add settings to not match userID during full match
This commit is contained in:
Vincent Petry
GitHub
commit
cde260577e
7 changed files with 23 additions and 5 deletions
|
|
@ -89,6 +89,7 @@ class Sharing implements IDelegatedSettings {
|
|||
'restrictUserEnumerationToGroup' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no'),
|
||||
'restrictUserEnumerationToPhone' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no'),
|
||||
'restrictUserEnumerationFullMatch' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes'),
|
||||
'restrictUserEnumerationFullMatchUserId' => $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_userid', 'yes'),
|
||||
'enforceLinkPassword' => Util::isPublicLinkPasswordRequired(false),
|
||||
'passwordExcludedGroups' => $excludedPasswordGroupsList,
|
||||
'passwordExcludedGroupsFeatureEnabled' => $this->config->getSystemValueBool('sharing.allow_disabled_password_enforcement_groups', false),
|
||||
|
|
|
|||
|
|
@ -155,6 +155,10 @@ window.addEventListener('DOMContentLoaded', () => {
|
|||
$('#shareapi_restrict_user_enumeration_combinewarning_setting').toggleClass('hidden', !this.checked)
|
||||
})
|
||||
|
||||
$('#shareapi_restrict_user_enumeration_full_match').on('change', function() {
|
||||
$('#shareapi_restrict_user_enumeration_full_match_userid_setting').toggleClass('hidden', !this.checked)
|
||||
})
|
||||
|
||||
$('#allowLinks').change(function() {
|
||||
$('#publicLinkSettings').toggleClass('hidden', !this.checked)
|
||||
$('#setDefaultExpireDate').toggleClass('hidden', !(this.checked && $('#shareapiDefaultExpireDate')[0].checked))
|
||||
|
|
|
|||
|
|
@ -245,7 +245,16 @@
|
|||
<?php if ($_['restrictUserEnumerationFullMatch'] === 'yes') {
|
||||
print_unescaped('checked="checked"');
|
||||
} ?> />
|
||||
<label for="shareapi_restrict_user_enumeration_full_match"><?php p($l->t('Allow username autocompletion when entering the full name or email address (ignoring missing phonebook match and being in the same group)'));?></label><br />
|
||||
<label for="shareapi_restrict_user_enumeration_full_match"><?php p($l->t('Allow autocompletion when entering the full name or email address (ignoring missing phonebook match and being in the same group)'));?></label><br />
|
||||
</p>
|
||||
<p id="shareapi_restrict_user_enumeration_full_match_userid_setting" class="double-indent <?php if ($_['shareAPIEnabled'] === 'no' || $_['restrictUserEnumerationFullMatchUserId'] === 'no') {
|
||||
p('hidden');
|
||||
}?>">
|
||||
<input type="checkbox" name="shareapi_restrict_user_enumeration_full_match_userid" value="1" id="shareapi_restrict_user_enumeration_full_match_userid" class="checkbox"
|
||||
<?php if ($_['shareeEnumerationFullMatchUserId'] === 'yes') {
|
||||
print_unescaped('checked="checked"');
|
||||
} ?> />
|
||||
<label for="shareapi_restrict_user_enumeration_full_match_userid"><?php p($l->t('Match username when restricting to full match'));?></label><br />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
|
|
|
|||
|
|
@ -122,6 +122,7 @@ EOF;
|
|||
$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_group');
|
||||
$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_phone');
|
||||
$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match');
|
||||
$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_userid');
|
||||
$this->deleteServerConfig('core', 'shareapi_only_share_with_group_members');
|
||||
}
|
||||
|
||||
|
|
|
|||
4
dist/settings-legacy-admin.js
vendored
4
dist/settings-legacy-admin.js
vendored
File diff suppressed because one or more lines are too long
2
dist/settings-legacy-admin.js.map
vendored
2
dist/settings-legacy-admin.js.map
vendored
File diff suppressed because one or more lines are too long
|
|
@ -54,6 +54,8 @@ class UserPlugin implements ISearchPlugin {
|
|||
protected $shareeEnumerationPhone;
|
||||
/* @var bool */
|
||||
protected $shareeEnumerationFullMatch;
|
||||
/* @var bool */
|
||||
protected $shareeEnumerationFullMatchUserId;
|
||||
|
||||
/** @var IConfig */
|
||||
private $config;
|
||||
|
|
@ -87,6 +89,7 @@ class UserPlugin implements ISearchPlugin {
|
|||
$this->shareeEnumerationInGroupOnly = $this->shareeEnumeration && $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
|
||||
$this->shareeEnumerationPhone = $this->shareeEnumeration && $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
|
||||
$this->shareeEnumerationFullMatch = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
|
||||
$this->shareeEnumerationFullMatchUserId = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_userid', 'yes') === 'yes';
|
||||
}
|
||||
|
||||
public function search($search, $limit, $offset, ISearchResult $searchResult) {
|
||||
|
|
@ -228,7 +231,7 @@ class UserPlugin implements ISearchPlugin {
|
|||
}
|
||||
}
|
||||
|
||||
if ($this->shareeEnumerationFullMatch && $offset === 0 && !$foundUserById) {
|
||||
if ($this->shareeEnumerationFullMatch && $this->shareeEnumerationFullMatchUserId && $offset === 0 && !$foundUserById) {
|
||||
// On page one we try if the search result has a direct hit on the
|
||||
// user id and if so, we add that to the exact match list
|
||||
$user = $this->userManager->get($search);
|
||||
|
|
|
|||
Loading…
Reference in a new issue