Merge pull request #44295 from nextcloud/fix/direct-edit-incognito

blizzz · web-flow · commit 42180a2cd094 · 2024-03-21T13:54:34.000+01:00
Allow injecting the user temporarily for direct editing
diff --git a/apps/files_external/lib/Migration/DummyUserSession.php b/apps/files_external/lib/Migration/DummyUserSession.php
@@ -29,10 +29,7 @@
 
 class DummyUserSession implements IUserSession {
 
-	/**
-	 * @var IUser
-	 */
-	private $user;
+	private ?IUser $user = null;
 
 	public function login($uid, $password) {
 	}
@@ -44,6 +41,10 @@ public function setUser($user) {
 		$this->user = $user;
 	}
 
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->user = $user;
+	}
+
 	public function getUser() {
 		return $this->user;
 	}
diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php
@@ -272,13 +272,11 @@ public function accessToken(string $token): bool {
 	}
 
 	public function invokeTokenScope($userId): void {
-		\OC_User::setIncognitoMode(true);
 		\OC_User::setUserId($userId);
 	}
 
 	public function revertTokenScope(): void {
 		$this->userSession->setUser(null);
-		\OC_User::setIncognitoMode(false);
 	}
 
 	public function createToken($editorId, File $file, string $filePath, IShare $share = null): string {
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
@@ -211,6 +211,15 @@ public function setUser($user) {
 		$this->activeUser = $user;
 	}
 
+	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 */
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->activeUser = $user;
+	}
+
 	/**
 	 * get the current active user
 	 *
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php
@@ -41,6 +41,7 @@
 use OCP\IGroupManager;
 use OCP\IUser;
 use OCP\IUserManager;
+use OCP\IUserSession;
 use OCP\Server;
 use OCP\User\Events\BeforeUserLoggedInEvent;
 use OCP\User\Events\UserLoggedInEvent;
@@ -338,7 +339,7 @@ public static function isAdminUser($uid) {
 	 * @return string|false uid or false
 	 */
 	public static function getUser() {
-		$uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
+		$uid = Server::get(IUserSession::class)->getUser()?->getUID();
 		if (!is_null($uid) && self::$incognitoMode === false) {
 			return $uid;
 		} else {
diff --git a/lib/public/IUserSession.php b/lib/public/IUserSession.php
@@ -63,6 +63,14 @@ public function logout();
 	 */
 	public function setUser($user);
 
+	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 * @since 29.0.0
+	 */
+	public function setVolatileActiveUser(?IUser $user): void;
+
 	/**
 	 * get the current active user
 	 *

Original file line number	Diff line number	Diff line change
`@@ -29,10 +29,7 @@`
`29`	`29`
`30`	`30`	`class DummyUserSession implements IUserSession {`
`31`	`31`
`32`		`- /**`
`33`		`- * @var IUser`
`34`		`- */`
`35`		`- private $user;`
	`32`	`+ private ?IUser $user = null;`
`36`	`33`
`37`	`34`	`public function login($uid, $password) {`
`38`	`35`	`}`
`@@ -44,6 +41,10 @@ public function setUser($user) {`
`44`	`41`	`$this->user = $user;`
`45`	`42`	`}`
`46`	`43`
	`44`	`+ public function setVolatileActiveUser(?IUser $user): void {`
	`45`	`+ $this->user = $user;`
	`46`	`+ }`
	`47`	`+`
`47`	`48`	`public function getUser() {`
`48`	`49`	`return $this->user;`
`49`	`50`	`}`
Original file line number	Diff line number	Diff line change
`@@ -272,13 +272,11 @@ public function accessToken(string $token): bool {`
`272`	`272`	`}`
`273`	`273`
`274`	`274`	`public function invokeTokenScope($userId): void {`
`275`		`- \OC_User::setIncognitoMode(true);`
`276`	`275`	`\OC_User::setUserId($userId);`
`277`	`276`	`}`
`278`	`277`
`279`	`278`	`public function revertTokenScope(): void {`
`280`	`279`	`$this->userSession->setUser(null);`
`281`		`- \OC_User::setIncognitoMode(false);`
`282`	`280`	`}`
`283`	`281`
`284`	`282`	`public function createToken($editorId, File $file, string $filePath, IShare $share = null): string {`