From 6dbea9ac59a1c9f202199781bb38f1643731e481 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 11 Sep 2020 16:31:42 +0200 Subject: [PATCH] Don't leak the status when the app is disabled for the user Signed-off-by: Joas Schilling --- lib/Controller/ChatController.php | 10 +++++++++- lib/Controller/RoomController.php | 5 ++++- tests/php/Controller/ChatControllerTest.php | 5 +++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/lib/Controller/ChatController.php b/lib/Controller/ChatController.php index ab2bbd17725..fafc7a66a9e 100644 --- a/lib/Controller/ChatController.php +++ b/lib/Controller/ChatController.php @@ -33,6 +33,7 @@ use OCA\Talk\Participant; use OCA\Talk\Room; use OCA\Talk\TalkSession; +use OCP\App\IAppManager; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Utility\ITimeFactory; @@ -58,6 +59,9 @@ class ChatController extends AEnvironmentAwareController { /** @var TalkSession */ private $session; + /** @var IAppManager */ + private $appManager; + /** @var ChatManager */ private $chatManager; @@ -92,6 +96,7 @@ public function __construct(string $appName, IRequest $request, IUserManager $userManager, TalkSession $session, + IAppManager $appManager, ChatManager $chatManager, GuestManager $guestManager, MessageParser $messageParser, @@ -106,6 +111,7 @@ public function __construct(string $appName, $this->userId = $UserId; $this->userManager = $userManager; $this->session = $session; + $this->appManager = $appManager; $this->chatManager = $chatManager; $this->guestManager = $guestManager; $this->messageParser = $messageParser; @@ -428,7 +434,9 @@ public function mentions(string $search, int $limit = 20, bool $includeStatus = ]); $statuses = []; - if ($this->userId !== null && $includeStatus) { + if ($this->userId !== null + && $includeStatus + && $this->appManager->isEnabledForUser('user_status')) { $userIds = array_filter(array_map(static function (array $userResult) { return $userResult['value']['shareWith']; }, $results['users'])); diff --git a/lib/Controller/RoomController.php b/lib/Controller/RoomController.php index d261337ce72..e342e593f0f 100644 --- a/lib/Controller/RoomController.php +++ b/lib/Controller/RoomController.php @@ -842,7 +842,10 @@ public function getParticipants(bool $includeStatus = false): DataResponse { $results = []; $statuses = []; - if ($this->userId !== null && $includeStatus && count($participants['users']) < 100) { + if ($this->userId !== null + && $includeStatus + && count($participants['users']) < 100 + && $this->appManager->isEnabledForUser('user_status')) { $userIds = array_map('strval', array_keys($participants['users'])); $statuses = $this->statusManager->getUserStatuses($userIds); } diff --git a/tests/php/Controller/ChatControllerTest.php b/tests/php/Controller/ChatControllerTest.php index ac83c8156d4..9b6892c0443 100644 --- a/tests/php/Controller/ChatControllerTest.php +++ b/tests/php/Controller/ChatControllerTest.php @@ -32,6 +32,7 @@ use OCA\Talk\Participant; use OCA\Talk\Room; use OCA\Talk\TalkSession; +use OCP\App\IAppManager; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Utility\ITimeFactory; @@ -55,6 +56,8 @@ class ChatControllerTest extends TestCase { protected $userManager; /** @var TalkSession|MockObject */ private $session; + /** @var IAppManager|MockObject */ + private $appManager; /** @var ChatManager|MockObject */ protected $chatManager; /** @var GuestManager|MockObject */ @@ -89,6 +92,7 @@ public function setUp(): void { $this->userId = 'testUser'; $this->userManager = $this->createMock(IUserManager::class); $this->session = $this->createMock(TalkSession::class); + $this->appManager = $this->createMock(IAppManager::class); $this->chatManager = $this->createMock(ChatManager::class); $this->guestManager = $this->createMock(GuestManager::class); $this->messageParser = $this->createMock(MessageParser::class); @@ -118,6 +122,7 @@ private function recreateChatController() { $this->createMock(IRequest::class), $this->userManager, $this->session, + $this->appManager, $this->chatManager, $this->guestManager, $this->messageParser,