From 869c0d47416f2a405274a9be2d54034f6e0b1fd2 Mon Sep 17 00:00:00 2001
From: Christian Richter <crichter@owncloud.com>
Date: Thu, 28 Mar 2024 11:19:44 +0100
Subject: [PATCH 1/4] add configuration for email-masking in sharee search
 results

Signed-off-by: Christian Richter <crichter@owncloud.com>
---
 services/ocs/pkg/config/reva.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/ocs/pkg/config/reva.go b/services/ocs/pkg/config/reva.go
index 8413904da..733e36255 100644
--- a/services/ocs/pkg/config/reva.go
+++ b/services/ocs/pkg/config/reva.go
@@ -2,5 +2,6 @@ package config
 
 // TokenManager is the config for using the reva token manager
 type TokenManager struct {
-	JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
+	JWTSecret              string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
+	ShowUserEmailInResults bool   `yaml:"mask_user_email" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS;OCS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
 }

From 97f7271e7d29774d8d6c5b898d299cfcf26d51d0 Mon Sep 17 00:00:00 2001
From: Christian Richter <crichter@owncloud.com>
Date: Thu, 28 Mar 2024 11:21:25 +0100
Subject: [PATCH 2/4] add changelog

Signed-off-by: Christian Richter <crichter@owncloud.com>
---
 changelog/unreleased/mask-user-email-in-output.md | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 changelog/unreleased/mask-user-email-in-output.md

diff --git a/changelog/unreleased/mask-user-email-in-output.md b/changelog/unreleased/mask-user-email-in-output.md
new file mode 100644
index 000000000..9f0b0c20a
--- /dev/null
+++ b/changelog/unreleased/mask-user-email-in-output.md
@@ -0,0 +1,7 @@
+Bugfix: Mask user email in output
+
+We have fixed a bug where the user email was not masked in the output and the user emails could be enumerated through
+the sharee search. This is the ocis side which adds an suiting config option to mask user emails in the output.
+
+https://github.com/owncloud/ocis/issues/8726
+https://github.com/cs3org/reva/pull/4603

From c752e1b58aaf7bf987bd46e289feb0259ef20f5d Mon Sep 17 00:00:00 2001
From: Christian Richter <crichter@owncloud.com>
Date: Thu, 28 Mar 2024 11:47:33 +0100
Subject: [PATCH 3/4] bump reva

Signed-off-by: Christian Richter <crichter@owncloud.com>
---
 go.mod                                          |  2 +-
 go.sum                                          |  4 ++--
 .../http/services/owncloud/ocs/config/config.go |  1 +
 .../handlers/apps/sharing/sharees/sharees.go    | 17 +++++++++++++++++
 vendor/modules.txt                              |  2 +-
 5 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/go.mod b/go.mod
index 6ebd6ea71..558750576 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/coreos/go-oidc/v3 v3.10.0
 	github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781
-	github.com/cs3org/reva/v2 v2.19.2-0.20240322140620-cbb501a7ae3a
+	github.com/cs3org/reva/v2 v2.19.2-0.20240328104440-9c04f2d8ab7e
 	github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25
 	github.com/disintegration/imaging v1.6.2
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
diff --git a/go.sum b/go.sum
index 60eafcdb4..161c1e546 100644
--- a/go.sum
+++ b/go.sum
@@ -1018,8 +1018,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
 github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 h1:BUdwkIlf8IS2FasrrPg8gGPHQPOrQ18MS1Oew2tmGtY=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
-github.com/cs3org/reva/v2 v2.19.2-0.20240322140620-cbb501a7ae3a h1:dqIqhnxiRYfmDHhlgtEAeTbOJxQ2nca4O/Gius/TnxQ=
-github.com/cs3org/reva/v2 v2.19.2-0.20240322140620-cbb501a7ae3a/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E=
+github.com/cs3org/reva/v2 v2.19.2-0.20240328104440-9c04f2d8ab7e h1:WkmwnjiTC9FBDQqJhv4IUBBXDEvqKhlgfaJ1sZ3T3N8=
+github.com/cs3org/reva/v2 v2.19.2-0.20240328104440-9c04f2d8ab7e/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E=
 github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/config/config.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/config/config.go
index 554a9eeb3..031eecf0d 100644
--- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/config/config.go
+++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/config/config.go
@@ -47,6 +47,7 @@ type Config struct {
 	ListOCMShares                         bool                              `mapstructure:"list_ocm_shares"`
 	Notifications                         map[string]interface{}            `mapstructure:"notifications"`
 	IncludeOCMSharees                     bool                              `mapstructure:"include_ocm_sharees"`
+	ShowEmailInResults                    bool                              `mapstructure:"show_email_in_results"`
 }
 
 // Init sets sane defaults
diff --git a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/sharees/sharees.go b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/sharees/sharees.go
index e3e3bbbec..978f3d966 100644
--- a/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/sharees/sharees.go
+++ b/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocs/handlers/apps/sharing/sharees/sharees.go
@@ -40,6 +40,7 @@ type Handler struct {
 	gatewayAddr             string
 	additionalInfoAttribute string
 	includeOCMSharees       bool
+	showUserEmailInResults  bool
 }
 
 // Init initializes this and any contained handlers
@@ -47,6 +48,7 @@ func (h *Handler) Init(c *config.Config) {
 	h.gatewayAddr = c.GatewaySvc
 	h.additionalInfoAttribute = c.AdditionalInfoAttribute
 	h.includeOCMSharees = c.IncludeOCMSharees
+	h.showUserEmailInResults = c.ShowEmailInResults
 }
 
 // FindSharees implements the /apps/files_sharing/api/v1/sharees endpoint
@@ -123,6 +125,21 @@ func (h *Handler) FindSharees(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
+	if !h.showUserEmailInResults {
+		for _, m := range userMatches {
+			m.Value.ShareWithAdditionalInfo = m.Value.ShareWith
+		}
+		for _, m := range exactUserMatches {
+			m.Value.ShareWithAdditionalInfo = m.Value.ShareWith
+		}
+		for _, m := range groupMatches {
+			m.Value.ShareWithAdditionalInfo = m.Value.ShareWith
+		}
+		for _, m := range exactGroupMatches {
+			m.Value.ShareWithAdditionalInfo = m.Value.ShareWith
+		}
+	}
+
 	response.WriteOCSSuccess(w, r, &conversions.ShareeData{
 		Exact: &conversions.ExactMatchesData{
 			Users:   exactUserMatches,
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 732350a7d..a28f6bc36 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -359,7 +359,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1
 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1
 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1
 github.com/cs3org/go-cs3apis/cs3/types/v1beta1
-# github.com/cs3org/reva/v2 v2.19.2-0.20240322140620-cbb501a7ae3a
+# github.com/cs3org/reva/v2 v2.19.2-0.20240328104440-9c04f2d8ab7e
 ## explicit; go 1.21
 github.com/cs3org/reva/v2/cmd/revad/internal/grace
 github.com/cs3org/reva/v2/cmd/revad/runtime

From cce62d20b58997a768c281c2a9a55a2143a737e8 Mon Sep 17 00:00:00 2001
From: Christian Richter <crichter@owncloud.com>
Date: Thu, 28 Mar 2024 12:07:28 +0100
Subject: [PATCH 4/4] remove global env var

Signed-off-by: Christian Richter <crichter@owncloud.com>
---
 services/ocs/pkg/config/reva.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/ocs/pkg/config/reva.go b/services/ocs/pkg/config/reva.go
index 733e36255..4192044b9 100644
--- a/services/ocs/pkg/config/reva.go
+++ b/services/ocs/pkg/config/reva.go
@@ -3,5 +3,5 @@ package config
 // TokenManager is the config for using the reva token manager
 type TokenManager struct {
 	JWTSecret              string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"`
-	ShowUserEmailInResults bool   `yaml:"mask_user_email" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS;OCS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
+	ShowUserEmailInResults bool   `yaml:"mask_user_email" env:"OCS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Mask user email addresses in responses." introductionVersion:"5.1"`
 }