nextcloud · ArtificialOwl · Jan 20, 2023 · Dec 29, 2022
diff --git a/server/index.php b/server/index.php
@@ -71,6 +71,16 @@
 $app->delete('/index.php/users', $r_delete);
 
 
+$r_batchDetails = function (ServerRequestInterface $request, ResponseInterface $response, array $args) {
+	/** @var UserManager $userManager */
+	$userManager = $this->get('UserManager');
+
+	return $userManager->batchDetails($request, $response, $args);
+};
+$app->get('/gs/users', $r_batchDetails);
+$app->get('/index.php/gs/users', $r_batchDetails);
+
+
 $r_batchRegister = function (ServerRequestInterface $request, ResponseInterface $response, array $args) {
 	/** @var UserManager $userManager */
 	$userManager = $this->get('UserManager');

diff --git a/server/lib/UserManager.php b/server/lib/UserManager.php
@@ -429,6 +429,33 @@ public function register(Request $request, Response $response, array $args = [])
 		return $response;
 	}
 
+
+	/**
+	 * returns details about a list of registered users
+	 *
+	 * @param Request $request
+	 * @param Response $response
+	 * @param array $args
+	 *
+	 * @return Response
+	 */
+	public function batchDetails(Request $request, Response $response, array $args = []): Response {
+		$body = json_decode($request->getBody(), true);
+
+		if ($body === null || !isset($body['authKey']) || !isset($body['users'])) {
+			return $response->withStatus(400);
+		}
+
+		if ($body['authKey'] !== $this->authKey) {
+			return $response->withStatus(403);
+		}
+
+		$response->getBody()->write(json_encode($this->selectDetails($body['users'])));
+
+		return $response;
+	}
+
+
 	/**
 	 * let Nextcloud servers auto register users, used in the global scale scenario
 	 *
@@ -455,7 +482,6 @@ public function batchRegister(Request $request, Response $response, array $args
 		}
 
 		return $response;
-
 	}
 
 	/**
@@ -565,6 +591,33 @@ public function verify(
 		return $response;
 	}
 
+
+	private function selectDetails(array $userIds): array {
+		$stmt = $this->db->prepare('SELECT
+    `u`.`federationId`,
+    `s`.`v` AS `displayName`
+FROM
+    `store` AS `s`,
+    `users` AS `u`
+WHERE
+    `u`.`id` = `s`.`userId` AND `s`.`k` = \'name\' 
+  AND `u`.`federationId`
+          IN (' . implode(',', array_fill(0, count($userIds), '?')) . ')'
+		);
+
+		$stmt->execute($userIds);
+
+		$details = [];
+		while ($data = $stmt->fetch()) {
+			$details[$data['federationId']] = $data['displayName'];
+		}
+
+		$stmt->closeCursor();
+
+		return $details;
+	}
+
+
 	/**
 	 * increase number of max tries to verify account data
 	 *