Only wildcard search if enumeration is allowed

Signed-off-by: Joas Schilling <[email protected]>
nextcloud · artonge · Dec 13, 2021 · Dec 8, 2021 · Dec 8, 2021 · Dec 8, 2021
commit 631b5fc64b3c61a683b2b595f2237b5dcd6adb59
diff --git a/apps/dav/lib/CardDAV/AddressBookImpl.php b/apps/dav/lib/CardDAV/AddressBookImpl.php
@@ -107,6 +107,7 @@ public function getDisplayName() {
 	 * 	- 'escape_like_param' - If set to false wildcards _ and % are not escaped
 	 * 	- 'limit' - Set a numeric limit for the search results
 	 * 	- 'offset' - Set the offset for the limited search results
+	 * 	- 'wildcard' - Whether the search should use wildcards
 	 * @return array an array of contacts which are arrays of key-value-pairs
 	 *  example result:
 	 *  [

diff --git a/apps/dav/lib/CardDAV/CardDavBackend.php b/apps/dav/lib/CardDAV/CardDavBackend.php
@@ -1024,6 +1024,7 @@ public function updateShares(IShareable $shareable, $add, $remove) {
 	 *    - 'escape_like_param' - If set to false wildcards _ and % are not escaped, otherwise they are
 	 *    - 'limit' - Set a numeric limit for the search results
 	 *    - 'offset' - Set the offset for the limited search results
+	 *    - 'wildcard' - Whether the search should use wildcards
 	 * @return array an array of contacts which are arrays of key-value-pairs
 	 */
 	public function search($addressBookId, $pattern, $searchProperties, $options = []): array {
@@ -1062,6 +1063,7 @@ private function searchByAddressBookIds(array $addressBookIds,
 											array $searchProperties,
 											array $options = []): array {
 		$escapePattern = !\array_key_exists('escape_like_param', $options) || $options['escape_like_param'] !== false;
+		$useWildcards = !\array_key_exists('wildcard', $options) || $options['wildcard'] !== false;
 
 		$query2 = $this->db->getQueryBuilder();
 
@@ -1103,7 +1105,9 @@ private function searchByAddressBookIds(array $addressBookIds,
 
 		// No need for like when the pattern is empty
 		if ('' !== $pattern) {
-			if (!$escapePattern) {
+			if (!$useWildcards) {
+				$query2->andWhere($query2->expr()->eq('cp.value', $query2->createNamedParameter($pattern)));
+			} elseif (!$escapePattern) {
 				$query2->andWhere($query2->expr()->ilike('cp.value', $query2->createNamedParameter($pattern)));
 			} else {
 				$query2->andWhere($query2->expr()->ilike('cp.value', $query2->createNamedParameter('%' . $this->db->escapeLikeParameter($pattern) . '%')));

diff --git a/lib/private/Collaboration/Collaborators/MailPlugin.php b/lib/private/Collaboration/Collaborators/MailPlugin.php
@@ -101,7 +101,15 @@ public function search($search, $limit, $offset, ISearchResult $searchResult) {
 		$emailType = new SearchResultType('emails');
 
 		// Search in contacts
-		$addressBookContacts = $this->contactsManager->search($search, ['EMAIL', 'FN'], ['limit' => $limit, 'offset' => $offset]);
+		$addressBookContacts = $this->contactsManager->search(
+			$search,
+			['EMAIL', 'FN'],
+			[
+				'limit' => $limit,
+				'offset' => $offset,
+				'wildcard' => $this->shareeEnumeration,
+			]
+		);
 		$lowerSearch = strtolower($search);
 		foreach ($addressBookContacts as $contact) {
 			if (isset($contact['EMAIL'])) {

diff --git a/lib/private/ContactsManager.php b/lib/private/ContactsManager.php
@@ -42,6 +42,7 @@ class ContactsManager implements IManager {
 	 * 	- 'escape_like_param' - If set to false wildcards _ and % are not escaped
 	 * 	- 'limit' - Set a numeric limit for the search results
 	 * 	- 'offset' - Set the offset for the limited search results
+	 * 	- 'wildcard' - Whether the search should use wildcards
 	 * @return array an array of contacts which are arrays of key-value-pairs
 	 */
 	public function search($pattern, $searchProperties = [], $options = []) {

diff --git a/lib/public/Contacts/IManager.php b/lib/public/Contacts/IManager.php
@@ -93,6 +93,7 @@ interface IManager {
 	 * 	- 'escape_like_param' - If set to false wildcards _ and % are not escaped
 	 * 	- 'limit' - Set a numeric limit for the search results
 	 * 	- 'offset' - Set the offset for the limited search results
+	 * 	- 'wildcard' - Whether the search should use wildcards
 	 * @return array an array of contacts which are arrays of key-value-pairs
 	 * @since 6.0.0
 	 */

diff --git a/lib/public/IAddressBook.php b/lib/public/IAddressBook.php
@@ -67,6 +67,7 @@ public function getDisplayName();
 		 * 	- 'escape_like_param' - If set to false wildcards _ and % are not escaped
 		 * 	- 'limit' - Set a numeric limit for the search results
 		 * 	- 'offset' - Set the offset for the limited search results
+		 * 	- 'wildcard' - Whether the search should use wildcards
 		 * @return array an array of contacts which are arrays of key-value-pairs
 		 *  example result:
 		 *  [