From e55087b6b18ec7a8f09d02265060d7b018ad4135 Mon Sep 17 00:00:00 2001 From: Maxence Lange Date: Thu, 31 Aug 2023 16:00:21 -0100 Subject: [PATCH] admin have no special rights on users' entries Signed-off-by: Maxence Lange --- .../lib/Controller/AjaxController.php | 2 +- .../tests/Controller/AjaxControllerTest.php | 35 ++++--------------- 2 files changed, 7 insertions(+), 30 deletions(-) diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php index db23ecd709d63..e41a75a62bc09 100644 --- a/apps/files_external/lib/Controller/AjaxController.php +++ b/apps/files_external/lib/Controller/AjaxController.php @@ -108,7 +108,7 @@ public function saveGlobalCredentials($uid, $user, $password) { $currentUser = $this->userSession->getUser(); // Non-admins can only edit their own credentials - $allowedToEdit = ($this->groupManager->isAdmin($currentUser->getUID()) || $currentUser->getUID() === $uid); + $allowedToEdit = ($currentUser->getUID() === $uid); if ($allowedToEdit) { $this->globalAuth->saveAuth($uid, $user, $password); diff --git a/apps/files_external/tests/Controller/AjaxControllerTest.php b/apps/files_external/tests/Controller/AjaxControllerTest.php index 2ddd64f0e073a..304a180793110 100644 --- a/apps/files_external/tests/Controller/AjaxControllerTest.php +++ b/apps/files_external/tests/Controller/AjaxControllerTest.php @@ -102,17 +102,11 @@ public function testSaveGlobalCredentialsAsAdminForAnotherUser() { ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyAdminUid') - ->willReturn(true); $this->globalAuth - ->expects($this->once()) - ->method('saveAuth') - ->with('UidOfTestUser', 'test', 'password'); + ->expects($this->never()) + ->method('saveAuth'); - $this->assertSame(true, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password')); + $this->assertSame(false, $this->ajaxController->saveGlobalCredentials('UidOfTestUser', 'test', 'password')); } public function testSaveGlobalCredentialsAsAdminForSelf() { @@ -125,11 +119,6 @@ public function testSaveGlobalCredentialsAsAdminForSelf() { ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyAdminUid') - ->willReturn(true); $this->globalAuth ->expects($this->once()) ->method('saveAuth') @@ -141,20 +130,12 @@ public function testSaveGlobalCredentialsAsAdminForSelf() { public function testSaveGlobalCredentialsAsNormalUserForSelf() { $user = $this->createMock(IUser::class); $user - ->expects($this->exactly(2)) ->method('getUID') ->willReturn('MyUserUid'); $this->userSession - ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyUserUid') - ->willReturn(false); $this->globalAuth - ->expects($this->once()) ->method('saveAuth') ->with('MyUserUid', 'test', 'password'); @@ -164,18 +145,14 @@ public function testSaveGlobalCredentialsAsNormalUserForSelf() { public function testSaveGlobalCredentialsAsNormalUserForAnotherUser() { $user = $this->createMock(IUser::class); $user - ->expects($this->exactly(2)) ->method('getUID') ->willReturn('MyUserUid'); $this->userSession - ->expects($this->once()) ->method('getUser') ->willReturn($user); - $this->groupManager - ->expects($this->once()) - ->method('isAdmin') - ->with('MyUserUid') - ->willReturn(false); + $this->globalAuth + ->expects($this->never()) + ->method('saveAuth'); $this->assertSame(false, $this->ajaxController->saveGlobalCredentials('AnotherUserUid', 'test', 'password')); }