mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-05-05 02:20:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

Incorporate requested changes

Browse Source 
Co-authored-by: Julian Koberg <jkoberg@owncloud.com>
Co-authored-by: Ralf Haferkamp <rhaferkamp@owncloud.com>
Co-authored-by: Michael Barz <mbarz@owncloud.com>
Signed-off-by: Christian Richter <crichter@owncloud.com>
This commit is contained in:
Christian Richter
2023-11-15 12:02:49 +01:00
parent 414cdd0b51
commit 15699f02b8
2 changed files with 8 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/graph/pkg/service/v0/users.go
+6 -24
View File
@@ -319,8 +319,6 @@ func (g Graph) PostUser(w http.ResponseWriter, r *http.Request) {
u.SetUserType("Member")
}
userLang := u.GetPreferredLanguage()
logger.Debug().Interface("user", u).Msg("calling create user on backend")
if u, err = g.identityBackend.CreateUser(r.Context(), *u); err != nil {
logger.Error().Err(err).Msg("could not create user: backend error")
@@ -343,28 +341,6 @@ func (g Graph) PostUser(w http.ResponseWriter, r *http.Request) {
}
}
if userLang != "" {
_, err = g.valueService.SaveValue(r.Context(), &settings.SaveValueRequest{
Value: &settingsmsg.Value{
BundleId: defaults.BundleUUIDProfile,
SettingId: defaults.SettingUUIDProfileLanguage,
AccountUuid: u.GetId(),
Resource: &settingsmsg.Resource{
Type: settingsmsg.Resource_TYPE_USER,
},
Value: &settingsmsg.Value_ListValue{
ListValue: &settingsmsg.ListValue{Values: []*settingsmsg.ListOptionValue{
{
Option: &settingsmsg.ListOptionValue_StringValue{
StringValue: userLang,
},
},
}},
},
},
})
}
e := events.UserCreated{UserID: *u.Id}
if currentUser, ok := revactx.ContextGetUser(r.Context()); ok {
e.Executant = currentUser.GetId()
@@ -713,6 +689,12 @@ func (g Graph) PatchUser(w http.ResponseWriter, r *http.Request) {
fmt.Sprintf("invalid request body: %s", err.Error()))
return
}
if _, ok := changes.GetPreferredLanguageOk(); ok {
logger.Info().Interface("user", changes).Msg("could not update user: user is not allowed to change other users language")
errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "user is not allowed to change other users language")
return
}
g.patchUser(w, r, nameOrID, changes)
}
services/settings/pkg/service/v0/service.go
+2 -18
View File
@@ -274,8 +274,7 @@ func (g Service) RemoveSettingFromBundle(ctx context.Context, req *settingssvc.R
// SaveValue implements the ValueServiceHandler interface
func (g Service) SaveValue(ctx context.Context, req *settingssvc.SaveValueRequest, res *settingssvc.SaveValueResponse) error {
req.Value.AccountUuid = getValidatedAccountUUID(ctx, req.Value.AccountUuid)
ctxUser, _ := metadata.Get(ctx, middleware.AccountID)
if !g.isCurrentUser(ctx, req.Value.AccountUuid) && !g.isAdmin(ctxUser) {
if !g.isCurrentUser(ctx, req.Value.AccountUuid) {
return merrors.Forbidden(g.id, "can't save value for another user")
}
@@ -296,20 +295,6 @@ func (g Service) SaveValue(ctx context.Context, req *settingssvc.SaveValueReques
return nil
}
func (g Service) isAdmin(userId string) bool {
assignedRoles, err := g.manager.ListRoleAssignments(userId)
if err != nil {
return false
}
for _, role := range assignedRoles {
if role.RoleId == defaults.BundleUUIDRoleAdmin {
return true
}
}
return false
}
// GetValue implements the ValueServiceHandler interface
func (g Service) GetValue(ctx context.Context, req *settingssvc.GetValueRequest, res *settingssvc.GetValueResponse) error {
if validationError := validateGetValue(req); validationError != nil {
@@ -330,8 +315,7 @@ func (g Service) GetValue(ctx context.Context, req *settingssvc.GetValueRequest,
// GetValueByUniqueIdentifiers implements the ValueService interface
func (g Service) GetValueByUniqueIdentifiers(ctx context.Context, req *settingssvc.GetValueByUniqueIdentifiersRequest, res *settingssvc.GetValueResponse) error {
req.AccountUuid = getValidatedAccountUUID(ctx, req.AccountUuid)
ctxUser, _ := metadata.Get(ctx, middleware.AccountID)
if !g.isCurrentUser(ctx, req.AccountUuid) && !g.isAdmin(ctxUser) {
if !g.isCurrentUser(ctx, req.AccountUuid) {
return merrors.Forbidden(g.id, "can't get value of another user")
}
if validationError := validateGetValueByUniqueIdentifiers(req); validationError != nil {