Inspection of "Merge pull request #57511 from nextcloud/fix/userp..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e2eb3b...677d42 )

unknown

created 2026-01-21 14:14 UTC

Status

Indentation +16 added lines, -16 removed lines patch added patch discarded remove patch

@@ -15,21 +15,21 @@
 block discarded – undo
  * Features context.
  */
 class ShareesContext implements Context, SnippetAcceptingContext {
-	use Sharing;
-	use AppConfiguration;
+    use Sharing;
+    use AppConfiguration;
 
-	protected function resetAppConfigs() {
-		$this->deleteServerConfig('core', 'shareapi_allow_group_sharing');
-		$this->deleteServerConfig('core', 'shareapi_allow_share_dialog_user_enumeration');
-		$this->deleteServerConfig('core', 'shareapi_exclude_groups');
-		$this->deleteServerConfig('core', 'shareapi_exclude_groups_list');
-		$this->deleteServerConfig('core', 'shareapi_only_share_with_group_members');
-		$this->deleteServerConfig('core', 'shareapi_only_share_with_group_members_exclude_group_list');
-		$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match');
-		$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_email');
-		$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn');
-		$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_userid');
-		$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_group');
-		$this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_phone');
-	}
+    protected function resetAppConfigs() {
+        $this->deleteServerConfig('core', 'shareapi_allow_group_sharing');
+        $this->deleteServerConfig('core', 'shareapi_allow_share_dialog_user_enumeration');
+        $this->deleteServerConfig('core', 'shareapi_exclude_groups');
+        $this->deleteServerConfig('core', 'shareapi_exclude_groups_list');
+        $this->deleteServerConfig('core', 'shareapi_only_share_with_group_members');
+        $this->deleteServerConfig('core', 'shareapi_only_share_with_group_members_exclude_group_list');
+        $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match');
+        $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_email');
+        $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn');
+        $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_userid');
+        $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_group');
+        $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_phone');
+    }
 }

Please login to merge, or discard this patch.

lib/private/Collaboration/Collaborators/UserPlugin.php 2 patches

Indentation +156 added lines, -156 removed lines patch added patch discarded remove patch

@@ -22,160 +22,160 @@
 block discarded – undo
 use OCP\UserStatus\IUserStatus;
 
 readonly class UserPlugin implements ISearchPlugin {
-	public function __construct(
-		private IAppConfig $appConfig,
-		private IUserManager $userManager,
-		private IGroupManager $groupManager,
-		private IUserSession $userSession,
-		private IUserStatusManager $userStatusManager,
-		private IDBConnection $connection,
-	) {
-	}
-
-	public function search($search, $limit, $offset, ISearchResult $searchResult): bool {
-		/** @var IUser $currentUser */
-		$currentUser = $this->userSession->getUser();
-
-		$shareWithGroupOnlyExcludeGroupsList = json_decode($this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members_exclude_group_list', '[]'), true, 512, JSON_THROW_ON_ERROR) ?? [];
-		$allowedGroups = array_diff($this->groupManager->getUserGroupIds($currentUser), $shareWithGroupOnlyExcludeGroupsList);
-
-		/** @var array<string, array{0: 'wide'|'exact', 1: IUser}> $users */
-		$users = [];
-
-		$shareeEnumeration = $this->appConfig->getValueString('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
-		if ($shareeEnumeration) {
-			$shareeEnumerationRestrictToGroup = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
-			$shareeEnumerationRestrictToPhone = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
-
-			if (!$shareeEnumerationRestrictToGroup && !$shareeEnumerationRestrictToPhone) {
-				// No restrictions, search everything.
-				$usersByDisplayName = $this->userManager->searchDisplayName($search, $limit, $offset);
-				foreach ($usersByDisplayName as $user) {
-					if ($user->isEnabled()) {
-						$users[$user->getUID()] = ['wide', $user];
-					}
-				}
-			} else {
-				if ($shareeEnumerationRestrictToGroup) {
-					foreach ($allowedGroups as $groupId) {
-						$usersInGroup = $this->groupManager->displayNamesInGroup($groupId, $search, $limit, $offset);
-						foreach ($usersInGroup as $userId => $displayName) {
-							$userId = (string)$userId;
-							$user = $this->userManager->get($userId);
-							if ($user !== null && $user->isEnabled()) {
-								$users[$userId] = ['wide', $user];
-							}
-						}
-					}
-				}
-
-				if ($shareeEnumerationRestrictToPhone) {
-					$usersInPhonebook = $this->userManager->searchKnownUsersByDisplayName($currentUser->getUID(), $search, $limit, $offset);
-					foreach ($usersInPhonebook as $user) {
-						if ($user->isEnabled()) {
-							$users[$user->getUID()] = ['wide', $user];
-						}
-					}
-				}
-			}
-		}
-
-		// Even if normal sharee enumeration is not allowed, full matches are still allowed.
-		$shareeEnumerationFullMatch = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
-		if ($shareeEnumerationFullMatch && $search !== '') {
-			$shareeEnumerationFullMatchUserId = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_userid', 'yes') === 'yes';
-			$shareeEnumerationFullMatchEmail = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_email', 'yes') === 'yes';
-			$shareeEnumerationFullMatchIgnoreSecondDisplayName = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn', 'no') === 'yes';
-
-			$lowerSearch = mb_strtolower($search);
-
-			// Re-use the results from earlier if possible
-			$usersByDisplayName ??= $this->userManager->searchDisplayName($search, $limit, $offset);
-			foreach ($usersByDisplayName as $user) {
-				if ($user->isEnabled() && (mb_strtolower($user->getDisplayName()) === $lowerSearch || ($shareeEnumerationFullMatchIgnoreSecondDisplayName && trim(mb_strtolower(preg_replace('/ \(.*\)$/', '', $user->getDisplayName()))) === $lowerSearch))) {
-					$users[$user->getUID()] = ['exact', $user];
-				}
-			}
-
-			if ($shareeEnumerationFullMatchUserId) {
-				$user = $this->userManager->get($search);
-				if ($user !== null) {
-					$users[$user->getUID()] = ['exact', $user];
-				}
-			}
-
-			if ($shareeEnumerationFullMatchEmail) {
-				$qb = $this->connection->getQueryBuilder();
-				$qb
-					->select('uid', 'value', 'name')
-					->from('accounts_data')
-					->where($qb->expr()->eq($qb->func()->lower('value'), $qb->createNamedParameter($lowerSearch)))
-					->andWhere($qb->expr()->in('name', $qb->createNamedParameter(['email', 'additional_mail'], IQueryBuilder::PARAM_STR_ARRAY)));
-				$result = $qb->executeQuery();
-				while ($row = $result->fetch()) {
-					$uid = $row['uid'];
-					$email = $row['value'];
-					$isAdditional = $row['name'] === 'additional_mail';
-					$users[$uid] = ['exact', $this->userManager->get($uid), $isAdditional ? $email : null];
-				}
-				$result->closeCursor();
-			}
-		}
-
-		uasort($users, static fn (array $a, array $b): int => strcasecmp($a[1]->getDisplayName(), $b[1]->getDisplayName()));
-
-		if (isset($users[$currentUser->getUID()])) {
-			unset($users[$currentUser->getUID()]);
-		}
-
-		$shareWithGroupOnly = $this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
-		if ($shareWithGroupOnly) {
-			$users = array_filter($users, fn (array $match) => array_intersect($allowedGroups, $this->groupManager->getUserGroupIds($match[1])) !== []);
-		}
-
-		$userStatuses = array_map(
-			static fn (IUserStatus $userStatus) => [
-				'status' => $userStatus->getStatus(),
-				'message' => $userStatus->getMessage(),
-				'icon' => $userStatus->getIcon(),
-				'clearAt' => $userStatus->getClearAt()
-					? (int)$userStatus->getClearAt()->format('U')
-					: null,
-			],
-			$this->userStatusManager->getUserStatuses(array_keys($users)),
-		);
-
-		$result = ['wide' => [], 'exact' => []];
-		foreach ($users as $match) {
-			$match[2] ??= null;
-			[$type, $user, $uniqueDisplayName] = $match;
-
-			$displayName = $user->getDisplayName();
-			if ($uniqueDisplayName !== null) {
-				$displayName .= ' (' . $uniqueDisplayName . ')';
-			}
-
-			$status = $userStatuses[$user->getUID()] ?? [];
-
-			$result[$type][] = [
-				'label' => $displayName,
-				'subline' => $status['message'] ?? '',
-				'icon' => 'icon-user',
-				'value' => [
-					'shareType' => IShare::TYPE_USER,
-					'shareWith' => $user->getUID(),
-				],
-				'shareWithDisplayNameUnique' => $uniqueDisplayName ?? $user->getSystemEMailAddress() ?: $user->getUID(),
-				'status' => $status,
-			];
-		}
-
-		$type = new SearchResultType('users');
-		$searchResult->addResultSet($type, $result['wide'], $result['exact']);
-		if ($result['exact'] !== []) {
-			$searchResult->markExactIdMatch($type);
-		}
-
-		return count($users) < $limit;
-	}
+    public function __construct(
+        private IAppConfig $appConfig,
+        private IUserManager $userManager,
+        private IGroupManager $groupManager,
+        private IUserSession $userSession,
+        private IUserStatusManager $userStatusManager,
+        private IDBConnection $connection,
+    ) {
+    }
+
+    public function search($search, $limit, $offset, ISearchResult $searchResult): bool {
+        /** @var IUser $currentUser */
+        $currentUser = $this->userSession->getUser();
+
+        $shareWithGroupOnlyExcludeGroupsList = json_decode($this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members_exclude_group_list', '[]'), true, 512, JSON_THROW_ON_ERROR) ?? [];
+        $allowedGroups = array_diff($this->groupManager->getUserGroupIds($currentUser), $shareWithGroupOnlyExcludeGroupsList);
+
+        /** @var array<string, array{0: 'wide'|'exact', 1: IUser}> $users */
+        $users = [];
+
+        $shareeEnumeration = $this->appConfig->getValueString('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
+        if ($shareeEnumeration) {
+            $shareeEnumerationRestrictToGroup = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
+            $shareeEnumerationRestrictToPhone = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
+
+            if (!$shareeEnumerationRestrictToGroup && !$shareeEnumerationRestrictToPhone) {
+                // No restrictions, search everything.
+                $usersByDisplayName = $this->userManager->searchDisplayName($search, $limit, $offset);
+                foreach ($usersByDisplayName as $user) {
+                    if ($user->isEnabled()) {
+                        $users[$user->getUID()] = ['wide', $user];
+                    }
+                }
+            } else {
+                if ($shareeEnumerationRestrictToGroup) {
+                    foreach ($allowedGroups as $groupId) {
+                        $usersInGroup = $this->groupManager->displayNamesInGroup($groupId, $search, $limit, $offset);
+                        foreach ($usersInGroup as $userId => $displayName) {
+                            $userId = (string)$userId;
+                            $user = $this->userManager->get($userId);
+                            if ($user !== null && $user->isEnabled()) {
+                                $users[$userId] = ['wide', $user];
+                            }
+                        }
+                    }
+                }
+
+                if ($shareeEnumerationRestrictToPhone) {
+                    $usersInPhonebook = $this->userManager->searchKnownUsersByDisplayName($currentUser->getUID(), $search, $limit, $offset);
+                    foreach ($usersInPhonebook as $user) {
+                        if ($user->isEnabled()) {
+                            $users[$user->getUID()] = ['wide', $user];
+                        }
+                    }
+                }
+            }
+        }
+
+        // Even if normal sharee enumeration is not allowed, full matches are still allowed.
+        $shareeEnumerationFullMatch = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
+        if ($shareeEnumerationFullMatch && $search !== '') {
+            $shareeEnumerationFullMatchUserId = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_userid', 'yes') === 'yes';
+            $shareeEnumerationFullMatchEmail = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_email', 'yes') === 'yes';
+            $shareeEnumerationFullMatchIgnoreSecondDisplayName = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn', 'no') === 'yes';
+
+            $lowerSearch = mb_strtolower($search);
+
+            // Re-use the results from earlier if possible
+            $usersByDisplayName ??= $this->userManager->searchDisplayName($search, $limit, $offset);
+            foreach ($usersByDisplayName as $user) {
+                if ($user->isEnabled() && (mb_strtolower($user->getDisplayName()) === $lowerSearch || ($shareeEnumerationFullMatchIgnoreSecondDisplayName && trim(mb_strtolower(preg_replace('/ \(.*\)$/', '', $user->getDisplayName()))) === $lowerSearch))) {
+                    $users[$user->getUID()] = ['exact', $user];
+                }
+            }
+
+            if ($shareeEnumerationFullMatchUserId) {
+                $user = $this->userManager->get($search);
+                if ($user !== null) {
+                    $users[$user->getUID()] = ['exact', $user];
+                }
+            }
+
+            if ($shareeEnumerationFullMatchEmail) {
+                $qb = $this->connection->getQueryBuilder();
+                $qb
+                    ->select('uid', 'value', 'name')
+                    ->from('accounts_data')
+                    ->where($qb->expr()->eq($qb->func()->lower('value'), $qb->createNamedParameter($lowerSearch)))
+                    ->andWhere($qb->expr()->in('name', $qb->createNamedParameter(['email', 'additional_mail'], IQueryBuilder::PARAM_STR_ARRAY)));
+                $result = $qb->executeQuery();
+                while ($row = $result->fetch()) {
+                    $uid = $row['uid'];
+                    $email = $row['value'];
+                    $isAdditional = $row['name'] === 'additional_mail';
+                    $users[$uid] = ['exact', $this->userManager->get($uid), $isAdditional ? $email : null];
+                }
+                $result->closeCursor();
+            }
+        }
+
+        uasort($users, static fn (array $a, array $b): int => strcasecmp($a[1]->getDisplayName(), $b[1]->getDisplayName()));
+
+        if (isset($users[$currentUser->getUID()])) {
+            unset($users[$currentUser->getUID()]);
+        }
+
+        $shareWithGroupOnly = $this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
+        if ($shareWithGroupOnly) {
+            $users = array_filter($users, fn (array $match) => array_intersect($allowedGroups, $this->groupManager->getUserGroupIds($match[1])) !== []);
+        }
+
+        $userStatuses = array_map(
+            static fn (IUserStatus $userStatus) => [
+                'status' => $userStatus->getStatus(),
+                'message' => $userStatus->getMessage(),
+                'icon' => $userStatus->getIcon(),
+                'clearAt' => $userStatus->getClearAt()
+                    ? (int)$userStatus->getClearAt()->format('U')
+                    : null,
+            ],
+            $this->userStatusManager->getUserStatuses(array_keys($users)),
+        );
+
+        $result = ['wide' => [], 'exact' => []];
+        foreach ($users as $match) {
+            $match[2] ??= null;
+            [$type, $user, $uniqueDisplayName] = $match;
+
+            $displayName = $user->getDisplayName();
+            if ($uniqueDisplayName !== null) {
+                $displayName .= ' (' . $uniqueDisplayName . ')';
+            }
+
+            $status = $userStatuses[$user->getUID()] ?? [];
+
+            $result[$type][] = [
+                'label' => $displayName,
+                'subline' => $status['message'] ?? '',
+                'icon' => 'icon-user',
+                'value' => [
+                    'shareType' => IShare::TYPE_USER,
+                    'shareWith' => $user->getUID(),
+                ],
+                'shareWithDisplayNameUnique' => $uniqueDisplayName ?? $user->getSystemEMailAddress() ?: $user->getUID(),
+                'status' => $status,
+            ];
+        }
+
+        $type = new SearchResultType('users');
+        $searchResult->addResultSet($type, $result['wide'], $result['exact']);
+        if ($result['exact'] !== []) {
+            $searchResult->markExactIdMatch($type);
+        }
+
+        return count($users) < $limit;
+    }
 }

Please login to merge, or discard this patch.

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

@@ -60,7 +60,7 @@  discard block
 block discarded – undo
 					foreach ($allowedGroups as $groupId) {
 						$usersInGroup = $this->groupManager->displayNamesInGroup($groupId, $search, $limit, $offset);
 						foreach ($usersInGroup as $userId => $displayName) {
-							$userId = (string)$userId;
+							$userId = (string) $userId;
 							$user = $this->userManager->get($userId);
 							if ($user !== null && $user->isEnabled()) {
 								$users[$userId] = ['wide', $user];
@@ -139,7 +139,7 @@  discard block
 block discarded – undo
 				'message' => $userStatus->getMessage(),
 				'icon' => $userStatus->getIcon(),
 				'clearAt' => $userStatus->getClearAt()
-					? (int)$userStatus->getClearAt()->format('U')
+					? (int) $userStatus->getClearAt()->format('U')
 					: null,
 			],
 			$this->userStatusManager->getUserStatuses(array_keys($users)),
@@ -152,7 +152,7 @@  discard block
 block discarded – undo
 
 			$displayName = $user->getDisplayName();
 			if ($uniqueDisplayName !== null) {
-				$displayName .= ' (' . $uniqueDisplayName . ')';
+				$displayName .= ' ('.$uniqueDisplayName.')';
 			}
 
 			$status = $userStatuses[$user->getUID()] ?? [];

Please login to merge, or discard this patch.

		@@ -15,21 +15,21 @@
		block discarded – undo
15	15	* Features context.
16	16	*/
17	17	class ShareesContext implements Context, SnippetAcceptingContext {
18		- use Sharing;
19		- use AppConfiguration;
	18	+ use Sharing;
	19	+ use AppConfiguration;
20	20
21		- protected function resetAppConfigs() {
22		- $this->deleteServerConfig('core', 'shareapi_allow_group_sharing');
23		- $this->deleteServerConfig('core', 'shareapi_allow_share_dialog_user_enumeration');
24		- $this->deleteServerConfig('core', 'shareapi_exclude_groups');
25		- $this->deleteServerConfig('core', 'shareapi_exclude_groups_list');
26		- $this->deleteServerConfig('core', 'shareapi_only_share_with_group_members');
27		- $this->deleteServerConfig('core', 'shareapi_only_share_with_group_members_exclude_group_list');
28		- $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match');
29		- $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_email');
30		- $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn');
31		- $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_userid');
32		- $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_group');
33		- $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_phone');
34		- }
	21	+ protected function resetAppConfigs() {
	22	+ $this->deleteServerConfig('core', 'shareapi_allow_group_sharing');
	23	+ $this->deleteServerConfig('core', 'shareapi_allow_share_dialog_user_enumeration');
	24	+ $this->deleteServerConfig('core', 'shareapi_exclude_groups');
	25	+ $this->deleteServerConfig('core', 'shareapi_exclude_groups_list');
	26	+ $this->deleteServerConfig('core', 'shareapi_only_share_with_group_members');
	27	+ $this->deleteServerConfig('core', 'shareapi_only_share_with_group_members_exclude_group_list');
	28	+ $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match');
	29	+ $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_email');
	30	+ $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn');
	31	+ $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_full_match_userid');
	32	+ $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_group');
	33	+ $this->deleteServerConfig('core', 'shareapi_restrict_user_enumeration_to_phone');
	34	+ }
35	35	}

		@@ -22,160 +22,160 @@
		block discarded – undo
22	22	use OCP\UserStatus\IUserStatus;
23	23
24	24	readonly class UserPlugin implements ISearchPlugin {
25		- public function __construct(
26		- private IAppConfig $appConfig,
27		- private IUserManager $userManager,
28		- private IGroupManager $groupManager,
29		- private IUserSession $userSession,
30		- private IUserStatusManager $userStatusManager,
31		- private IDBConnection $connection,
32		- ) {
33		- }
34		-
35		- public function search($search, $limit, $offset, ISearchResult $searchResult): bool {
36		- /** @var IUser $currentUser */
37		- $currentUser = $this->userSession->getUser();
38		-
39		- $shareWithGroupOnlyExcludeGroupsList = json_decode($this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members_exclude_group_list', '[]'), true, 512, JSON_THROW_ON_ERROR) ?? [];
40		- $allowedGroups = array_diff($this->groupManager->getUserGroupIds($currentUser), $shareWithGroupOnlyExcludeGroupsList);
41		-
42		- /** @var array<string, array{0: 'wide'\|'exact', 1: IUser}> $users */
43		- $users = [];
44		-
45		- $shareeEnumeration = $this->appConfig->getValueString('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
46		- if ($shareeEnumeration) {
47		- $shareeEnumerationRestrictToGroup = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
48		- $shareeEnumerationRestrictToPhone = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
49		-
50		- if (!$shareeEnumerationRestrictToGroup && !$shareeEnumerationRestrictToPhone) {
51		- // No restrictions, search everything.
52		- $usersByDisplayName = $this->userManager->searchDisplayName($search, $limit, $offset);
53		- foreach ($usersByDisplayName as $user) {
54		- if ($user->isEnabled()) {
55		- $users[$user->getUID()] = ['wide', $user];
56		- }
57		- }
58		- } else {
59		- if ($shareeEnumerationRestrictToGroup) {
60		- foreach ($allowedGroups as $groupId) {
61		- $usersInGroup = $this->groupManager->displayNamesInGroup($groupId, $search, $limit, $offset);
62		- foreach ($usersInGroup as $userId => $displayName) {
63		- $userId = (string)$userId;
64		- $user = $this->userManager->get($userId);
65		- if ($user !== null && $user->isEnabled()) {
66		- $users[$userId] = ['wide', $user];
67		- }
68		- }
69		- }
70		- }
71		-
72		- if ($shareeEnumerationRestrictToPhone) {
73		- $usersInPhonebook = $this->userManager->searchKnownUsersByDisplayName($currentUser->getUID(), $search, $limit, $offset);
74		- foreach ($usersInPhonebook as $user) {
75		- if ($user->isEnabled()) {
76		- $users[$user->getUID()] = ['wide', $user];
77		- }
78		- }
79		- }
80		- }
81		- }
82		-
83		- // Even if normal sharee enumeration is not allowed, full matches are still allowed.
84		- $shareeEnumerationFullMatch = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
85		- if ($shareeEnumerationFullMatch && $search !== '') {
86		- $shareeEnumerationFullMatchUserId = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_userid', 'yes') === 'yes';
87		- $shareeEnumerationFullMatchEmail = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_email', 'yes') === 'yes';
88		- $shareeEnumerationFullMatchIgnoreSecondDisplayName = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn', 'no') === 'yes';
89		-
90		- $lowerSearch = mb_strtolower($search);
91		-
92		- // Re-use the results from earlier if possible
93		- $usersByDisplayName ??= $this->userManager->searchDisplayName($search, $limit, $offset);
94		- foreach ($usersByDisplayName as $user) {
95		- if ($user->isEnabled() && (mb_strtolower($user->getDisplayName()) === $lowerSearch \|\| ($shareeEnumerationFullMatchIgnoreSecondDisplayName && trim(mb_strtolower(preg_replace('/ \(.*\)$/', '', $user->getDisplayName()))) === $lowerSearch))) {
96		- $users[$user->getUID()] = ['exact', $user];
97		- }
98		- }
99		-
100		- if ($shareeEnumerationFullMatchUserId) {
101		- $user = $this->userManager->get($search);
102		- if ($user !== null) {
103		- $users[$user->getUID()] = ['exact', $user];
104		- }
105		- }
106		-
107		- if ($shareeEnumerationFullMatchEmail) {
108		- $qb = $this->connection->getQueryBuilder();
109		- $qb
110		- ->select('uid', 'value', 'name')
111		- ->from('accounts_data')
112		- ->where($qb->expr()->eq($qb->func()->lower('value'), $qb->createNamedParameter($lowerSearch)))
113		- ->andWhere($qb->expr()->in('name', $qb->createNamedParameter(['email', 'additional_mail'], IQueryBuilder::PARAM_STR_ARRAY)));
114		- $result = $qb->executeQuery();
115		- while ($row = $result->fetch()) {
116		- $uid = $row['uid'];
117		- $email = $row['value'];
118		- $isAdditional = $row['name'] === 'additional_mail';
119		- $users[$uid] = ['exact', $this->userManager->get($uid), $isAdditional ? $email : null];
120		- }
121		- $result->closeCursor();
122		- }
123		- }
124		-
125		- uasort($users, static fn (array $a, array $b): int => strcasecmp($a[1]->getDisplayName(), $b[1]->getDisplayName()));
126		-
127		- if (isset($users[$currentUser->getUID()])) {
128		- unset($users[$currentUser->getUID()]);
129		- }
130		-
131		- $shareWithGroupOnly = $this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
132		- if ($shareWithGroupOnly) {
133		- $users = array_filter($users, fn (array $match) => array_intersect($allowedGroups, $this->groupManager->getUserGroupIds($match[1])) !== []);
134		- }
135		-
136		- $userStatuses = array_map(
137		- static fn (IUserStatus $userStatus) => [
138		- 'status' => $userStatus->getStatus(),
139		- 'message' => $userStatus->getMessage(),
140		- 'icon' => $userStatus->getIcon(),
141		- 'clearAt' => $userStatus->getClearAt()
142		- ? (int)$userStatus->getClearAt()->format('U')
143		- : null,
144		- ],
145		- $this->userStatusManager->getUserStatuses(array_keys($users)),
146		- );
147		-
148		- $result = ['wide' => [], 'exact' => []];
149		- foreach ($users as $match) {
150		- $match[2] ??= null;
151		- [$type, $user, $uniqueDisplayName] = $match;
152		-
153		- $displayName = $user->getDisplayName();
154		- if ($uniqueDisplayName !== null) {
155		- $displayName .= ' (' . $uniqueDisplayName . ')';
156		- }
157		-
158		- $status = $userStatuses[$user->getUID()] ?? [];
159		-
160		- $result[$type][] = [
161		- 'label' => $displayName,
162		- 'subline' => $status['message'] ?? '',
163		- 'icon' => 'icon-user',
164		- 'value' => [
165		- 'shareType' => IShare::TYPE_USER,
166		- 'shareWith' => $user->getUID(),
167		- ],
168		- 'shareWithDisplayNameUnique' => $uniqueDisplayName ?? $user->getSystemEMailAddress() ?: $user->getUID(),
169		- 'status' => $status,
170		- ];
171		- }
172		-
173		- $type = new SearchResultType('users');
174		- $searchResult->addResultSet($type, $result['wide'], $result['exact']);
175		- if ($result['exact'] !== []) {
176		- $searchResult->markExactIdMatch($type);
177		- }
178		-
179		- return count($users) < $limit;
180		- }
	25	+ public function __construct(
	26	+ private IAppConfig $appConfig,
	27	+ private IUserManager $userManager,
	28	+ private IGroupManager $groupManager,
	29	+ private IUserSession $userSession,
	30	+ private IUserStatusManager $userStatusManager,
	31	+ private IDBConnection $connection,
	32	+ ) {
	33	+ }
	34	+
	35	+ public function search($search, $limit, $offset, ISearchResult $searchResult): bool {
	36	+ /** @var IUser $currentUser */
	37	+ $currentUser = $this->userSession->getUser();
	38	+
	39	+ $shareWithGroupOnlyExcludeGroupsList = json_decode($this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members_exclude_group_list', '[]'), true, 512, JSON_THROW_ON_ERROR) ?? [];
	40	+ $allowedGroups = array_diff($this->groupManager->getUserGroupIds($currentUser), $shareWithGroupOnlyExcludeGroupsList);
	41	+
	42	+ /** @var array<string, array{0: 'wide'\|'exact', 1: IUser}> $users */
	43	+ $users = [];
	44	+
	45	+ $shareeEnumeration = $this->appConfig->getValueString('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
	46	+ if ($shareeEnumeration) {
	47	+ $shareeEnumerationRestrictToGroup = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
	48	+ $shareeEnumerationRestrictToPhone = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
	49	+
	50	+ if (!$shareeEnumerationRestrictToGroup && !$shareeEnumerationRestrictToPhone) {
	51	+ // No restrictions, search everything.
	52	+ $usersByDisplayName = $this->userManager->searchDisplayName($search, $limit, $offset);
	53	+ foreach ($usersByDisplayName as $user) {
	54	+ if ($user->isEnabled()) {
	55	+ $users[$user->getUID()] = ['wide', $user];
	56	+ }
	57	+ }
	58	+ } else {
	59	+ if ($shareeEnumerationRestrictToGroup) {
	60	+ foreach ($allowedGroups as $groupId) {
	61	+ $usersInGroup = $this->groupManager->displayNamesInGroup($groupId, $search, $limit, $offset);
	62	+ foreach ($usersInGroup as $userId => $displayName) {
	63	+ $userId = (string)$userId;
	64	+ $user = $this->userManager->get($userId);
	65	+ if ($user !== null && $user->isEnabled()) {
	66	+ $users[$userId] = ['wide', $user];
	67	+ }
	68	+ }
	69	+ }
	70	+ }
	71	+
	72	+ if ($shareeEnumerationRestrictToPhone) {
	73	+ $usersInPhonebook = $this->userManager->searchKnownUsersByDisplayName($currentUser->getUID(), $search, $limit, $offset);
	74	+ foreach ($usersInPhonebook as $user) {
	75	+ if ($user->isEnabled()) {
	76	+ $users[$user->getUID()] = ['wide', $user];
	77	+ }
	78	+ }
	79	+ }
	80	+ }
	81	+ }
	82	+
	83	+ // Even if normal sharee enumeration is not allowed, full matches are still allowed.
	84	+ $shareeEnumerationFullMatch = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
	85	+ if ($shareeEnumerationFullMatch && $search !== '') {
	86	+ $shareeEnumerationFullMatchUserId = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_userid', 'yes') === 'yes';
	87	+ $shareeEnumerationFullMatchEmail = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_email', 'yes') === 'yes';
	88	+ $shareeEnumerationFullMatchIgnoreSecondDisplayName = $this->appConfig->getValueString('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_dn', 'no') === 'yes';
	89	+
	90	+ $lowerSearch = mb_strtolower($search);
	91	+
	92	+ // Re-use the results from earlier if possible
	93	+ $usersByDisplayName ??= $this->userManager->searchDisplayName($search, $limit, $offset);
	94	+ foreach ($usersByDisplayName as $user) {
	95	+ if ($user->isEnabled() && (mb_strtolower($user->getDisplayName()) === $lowerSearch \|\| ($shareeEnumerationFullMatchIgnoreSecondDisplayName && trim(mb_strtolower(preg_replace('/ \(.*\)$/', '', $user->getDisplayName()))) === $lowerSearch))) {
	96	+ $users[$user->getUID()] = ['exact', $user];
	97	+ }
	98	+ }
	99	+
	100	+ if ($shareeEnumerationFullMatchUserId) {
	101	+ $user = $this->userManager->get($search);
	102	+ if ($user !== null) {
	103	+ $users[$user->getUID()] = ['exact', $user];
	104	+ }
	105	+ }
	106	+
	107	+ if ($shareeEnumerationFullMatchEmail) {
	108	+ $qb = $this->connection->getQueryBuilder();
	109	+ $qb
	110	+ ->select('uid', 'value', 'name')
	111	+ ->from('accounts_data')
	112	+ ->where($qb->expr()->eq($qb->func()->lower('value'), $qb->createNamedParameter($lowerSearch)))
	113	+ ->andWhere($qb->expr()->in('name', $qb->createNamedParameter(['email', 'additional_mail'], IQueryBuilder::PARAM_STR_ARRAY)));
	114	+ $result = $qb->executeQuery();
	115	+ while ($row = $result->fetch()) {
	116	+ $uid = $row['uid'];
	117	+ $email = $row['value'];
	118	+ $isAdditional = $row['name'] === 'additional_mail';
	119	+ $users[$uid] = ['exact', $this->userManager->get($uid), $isAdditional ? $email : null];
	120	+ }
	121	+ $result->closeCursor();
	122	+ }
	123	+ }
	124	+
	125	+ uasort($users, static fn (array $a, array $b): int => strcasecmp($a[1]->getDisplayName(), $b[1]->getDisplayName()));
	126	+
	127	+ if (isset($users[$currentUser->getUID()])) {
	128	+ unset($users[$currentUser->getUID()]);
	129	+ }
	130	+
	131	+ $shareWithGroupOnly = $this->appConfig->getValueString('core', 'shareapi_only_share_with_group_members', 'no') === 'yes';
	132	+ if ($shareWithGroupOnly) {
	133	+ $users = array_filter($users, fn (array $match) => array_intersect($allowedGroups, $this->groupManager->getUserGroupIds($match[1])) !== []);
	134	+ }
	135	+
	136	+ $userStatuses = array_map(
	137	+ static fn (IUserStatus $userStatus) => [
	138	+ 'status' => $userStatus->getStatus(),
	139	+ 'message' => $userStatus->getMessage(),
	140	+ 'icon' => $userStatus->getIcon(),
	141	+ 'clearAt' => $userStatus->getClearAt()
	142	+ ? (int)$userStatus->getClearAt()->format('U')
	143	+ : null,
	144	+ ],
	145	+ $this->userStatusManager->getUserStatuses(array_keys($users)),
	146	+ );
	147	+
	148	+ $result = ['wide' => [], 'exact' => []];
	149	+ foreach ($users as $match) {
	150	+ $match[2] ??= null;
	151	+ [$type, $user, $uniqueDisplayName] = $match;
	152	+
	153	+ $displayName = $user->getDisplayName();
	154	+ if ($uniqueDisplayName !== null) {
	155	+ $displayName .= ' (' . $uniqueDisplayName . ')';
	156	+ }
	157	+
	158	+ $status = $userStatuses[$user->getUID()] ?? [];
	159	+
	160	+ $result[$type][] = [
	161	+ 'label' => $displayName,
	162	+ 'subline' => $status['message'] ?? '',
	163	+ 'icon' => 'icon-user',
	164	+ 'value' => [
	165	+ 'shareType' => IShare::TYPE_USER,
	166	+ 'shareWith' => $user->getUID(),
	167	+ ],
	168	+ 'shareWithDisplayNameUnique' => $uniqueDisplayName ?? $user->getSystemEMailAddress() ?: $user->getUID(),
	169	+ 'status' => $status,
	170	+ ];
	171	+ }
	172	+
	173	+ $type = new SearchResultType('users');
	174	+ $searchResult->addResultSet($type, $result['wide'], $result['exact']);
	175	+ if ($result['exact'] !== []) {
	176	+ $searchResult->markExactIdMatch($type);
	177	+ }
	178	+
	179	+ return count($users) < $limit;
	180	+ }
181	181	}

		@@ -60,7 +60,7 @@ discard block
		block discarded – undo
60	60	foreach ($allowedGroups as $groupId) {
61	61	$usersInGroup = $this->groupManager->displayNamesInGroup($groupId, $search, $limit, $offset);
62	62	foreach ($usersInGroup as $userId => $displayName) {
63		- $userId = (string)$userId;
	63	+ $userId = (string) $userId;
64	64	$user = $this->userManager->get($userId);
65	65	if ($user !== null && $user->isEnabled()) {
66	66	$users[$userId] = ['wide', $user];
		@@ -139,7 +139,7 @@ discard block
		block discarded – undo
139	139	'message' => $userStatus->getMessage(),
140	140	'icon' => $userStatus->getIcon(),
141	141	'clearAt' => $userStatus->getClearAt()
142		- ? (int)$userStatus->getClearAt()->format('U')
	142	+ ? (int) $userStatus->getClearAt()->format('U')
143	143	: null,
144	144	],
145	145	$this->userStatusManager->getUserStatuses(array_keys($users)),
		@@ -152,7 +152,7 @@ discard block
		block discarded – undo
152	152
153	153	$displayName = $user->getDisplayName();
154	154	if ($uniqueDisplayName !== null) {
155		- $displayName .= ' (' . $uniqueDisplayName . ')';
	155	+ $displayName .= ' ('.$uniqueDisplayName.')';
156	156	}
157	157
158	158	$status = $userStatuses[$user->getUID()] ?? [];

nextcloud / server

Push — master ( e2eb3b...677d42 )

Status

Category

Indentation +16 added lines, -16 removed lines patch added patch discarded remove patch

Indentation +156 added lines, -156 removed lines patch added patch discarded remove patch

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch