Skip to content

Use share setting in DAV search #31963

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
artonge merged 2 commits into from
May 4, 2022
Merged

Use share setting in DAV search #31963

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
70c56b4
Use share setting in DAV search
artonge Apr 13, 2022
e8ab298
Use email settings in DAV search
artonge Apr 19, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Use share setting in DAV search 
shareapi_restrict_user_enumeration_full_match_ignore_second_display_name was introduced to ignore second display name during search from the share panel. But this setting was not respected by search from the calendar application. This fix it.

Signed-off-by: Louis Chemineau <[email protected]>
  • Loading branch information
@artonge
artonge committed Apr 19, 2022
commit 70c56b411ee3eb20ebc206aa5cbf04254343f03f
6 changes: 4 additions & 2 deletions apps/dav/lib/Connector/Sabre/Principal.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,7 @@ protected function searchUserPrincipals(array $searchProperties, $test = 'allof'
$limitEnumerationGroup = $this->shareManager->limitEnumerationToGroups();
$limitEnumerationPhone = $this->shareManager->limitEnumerationToPhone();
$allowEnumerationFullMatch = $this->shareManager->allowEnumerationFullMatch();
$ignoreSecondDisplayName = $this->shareManager->ignoreSecondDisplayName();

// If sharing is restricted to group members only,
// return only members that have groups in common
Expand Down Expand Up @@ -349,8 +350,9 @@ protected function searchUserPrincipals(array $searchProperties, $test = 'allof'
if ($allowEnumerationFullMatch) {
$lowerSearch = strtolower($value);
$users = $this->userManager->searchDisplayName($value, $searchLimit);
$users = \array_filter($users, static function (IUser $user) use ($lowerSearch) {
return strtolower($user->getDisplayName()) === $lowerSearch;
$users = \array_filter($users, static function (IUser $user) use ($lowerSearch, $ignoreSecondDisplayName) {
$lowerDisplayName = strtolower($user->getDisplayName());
return $lowerDisplayName === $lowerSearch || ($ignoreSecondDisplayName && trim(preg_replace('/ \(.*\)$/', '', $lowerDisplayName)) === $lowerSearch);
});
} else {
$users = [];
Expand Down
4 changes: 4 additions & 0 deletions lib/private/Share20/Manager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1963,6 +1963,10 @@ public function allowEnumerationFullMatch(): bool {
return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes';
}

public function ignoreSecondDisplayName(): bool {
return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_display_name', 'no') === 'yes';
}

public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool {
if ($this->allowEnumerationFullMatch()) {
return true;
Expand Down
8 changes: 8 additions & 0 deletions lib/public/Share/IManager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -454,6 +454,14 @@ public function limitEnumerationToPhone(): bool;
*/
public function allowEnumerationFullMatch(): bool;

/**
* Check if the search should ignore the second in parentheses display name if there is any
*
* @return bool
* @since 24.0.0
*/
public function ignoreSecondDisplayName(): bool;

/**
* Check if the current user can enumerate the target user
*
Expand Down