Skip to content

Commit

Permalink
admin have no special rights on users' entries
Browse files Browse the repository at this point in the history
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
  • Loading branch information
ArtificialOwl authored and blizzz committed Sep 7, 2023
1 parent bb08cc1 commit d4bc489
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 30 deletions.
2 changes: 1 addition & 1 deletion apps/files_external/lib/Controller/AjaxController.php
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ public function saveGlobalCredentials($uid, $user, $password) {
$currentUser = $this->userSession->getUser();

// Non-admins can only edit their own credentials
$allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid);
$allowedToEdit = ($currentUser->getUID() === $uid);

if ($allowedToEdit) {
$this->globalAuth->saveAuth($uid, $user, $password);
Expand Down
35 changes: 6 additions & 29 deletions apps/files_external/tests/Controller/AjaxControllerTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -102,17 +102,11 @@ public function testSaveGlobalCredentialsAsAdminForAnotherUser() {
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyAdminUid')
->willReturn(true);
$this->globalAuth
->expects($this->once())
->method('saveAuth')
->with('UidOfTestUser', 'test', 'password');
->expects($this->never())
->method('saveAuth');

$this->assertSame(true, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password'));
$this->assertSame(false, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password'));
}

public function testSaveGlobalCredentialsAsAdminForSelf() {
Expand All @@ -125,11 +119,6 @@ public function testSaveGlobalCredentialsAsAdminForSelf() {
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyAdminUid')
->willReturn(true);
$this->globalAuth
->expects($this->once())
->method('saveAuth')
Expand All @@ -141,20 +130,12 @@ public function testSaveGlobalCredentialsAsAdminForSelf() {
public function testSaveGlobalCredentialsAsNormalUserForSelf() {
$user = $this->createMock(IUser::class);
$user
->expects($this->exactly(2))
->method('getUID')
->willReturn('MyUserUid');
$this->userSession
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyUserUid')
->willReturn(false);
$this->globalAuth
->expects($this->once())
->method('saveAuth')
->with('MyUserUid', 'test', 'password');

Expand All @@ -164,18 +145,14 @@ public function testSaveGlobalCredentialsAsNormalUserForSelf() {
public function testSaveGlobalCredentialsAsNormalUserForAnotherUser() {
$user = $this->createMock(IUser::class);
$user
->expects($this->exactly(2))
->method('getUID')
->willReturn('MyUserUid');
$this->userSession
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->groupManager
->expects($this->once())
->method('isAdmin')
->with('MyUserUid')
->willReturn(false);
$this->globalAuth
->expects($this->never())
->method('saveAuth');

$this->assertSame(false, $this->ajaxController->saveGlobalCredentials('AnotherUserUid', 'test', 'password'));
}
Expand Down

0 comments on commit d4bc489

Please sign in to comment.