ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Move circle checks to a unified service and improve member checks

Browse Source 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
2021-07-12 17:55:53 +02:00
committed by Julius Härtl (Rebase PR Action)
parent 5f4aa017b6
commit 958d50d9b7
4 changed files with 34 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/Service/CirclesService.php
View File

@@ -26,6 +26,8 @@ declare(strict_types=1);
namespace OCA\Deck\Service;
use OCA\Circles\CirclesManager;
use OCA\Circles\Model\Member;
use OCP\App\IAppManager;
/**
@@ -39,6 +41,10 @@ class CirclesService {
$this->circlesEnabled = $appManager->isEnabledForUser('circles');
}
public function isCirclesEnabled(): bool {
return $this->circlesEnabled;
}
public function getCircle($circleId) {
if (!$this->circlesEnabled) {
return null;
@@ -53,8 +59,13 @@ class CirclesService {
}
try {
\OCA\Circles\Api\v1\Circles::getMember($circleId, $userId, 1, true);
return true;
/** @var CirclesManager $circlesManager */
$circlesManager = \OC::$server->get(CirclesManager::class);
$federatedUser = $circlesManager->getFederatedUser($userId, Member::TYPE_USER);
$circlesManager->startSession($federatedUser);
$circle = $circlesManager->getCircle($circleId);
$member = $circle->getInitiator();
return $member !== null && $member->getLevel() >= Member::LEVEL_MEMBER;
} catch (\Exception $e) {
}
return false;

18
lib/Service/PermissionService.php
View File

@@ -24,6 +24,7 @@
namespace OCA\Deck\Service;
use OC\Cache\CappedMemoryCache;
use OCA\Circles\Model\Member;
use OCA\Deck\Db\Acl;
use OCA\Deck\Db\AclMapper;
use OCA\Deck\Db\Board;
@@ -42,6 +43,8 @@ use OCP\Share\IManager;
class PermissionService {
/** @var CirclesService */
private $circlesService;
/** @var BoardMapper */
private $boardMapper;
/** @var AclMapper */
@@ -61,11 +64,11 @@ class PermissionService {
/** @var array */
private $users = [];
private $circlesEnabled = false;
private $boardCache;
public function __construct(
ILogger $logger,
CirclesService $circlesService,
AclMapper $aclMapper,
BoardMapper $boardMapper,
IUserManager $userManager,
@@ -74,6 +77,7 @@ class PermissionService {
IConfig $config,
$userId
) {
$this->circlesService = $circlesService;
$this->aclMapper = $aclMapper;
$this->boardMapper = $boardMapper;
$this->logger = $logger;
@@ -84,9 +88,6 @@ class PermissionService {
$this->userId = $userId;
$this->boardCache = new CappedMemoryCache();
$this->circlesEnabled = \OC::$server->getAppManager()->isEnabledForUser('circles') &&
(version_compare(\OC::$server->getAppManager()->getAppVersion('circles'), '0.17.1') >= 0);
}
/**
@@ -210,10 +211,9 @@ class PermissionService {
return $acl->getPermission($permission);
}
if ($this->circlesEnabled && $acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
if ($this->circlesService->isCirclesEnabled() && $acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
try {
\OCA\Circles\Api\v1\Circles::getMember($acl->getParticipant(), $this->userId, 1, true);
return $acl->getPermission($permission);
return $this->circlesService->isUserInCircle($acl->getParticipant(), $userId) && $acl->getPermission($permission);
} catch (\Exception $e) {
$this->logger->info('Member not found in circle that was accessed. This should not happen.');
}
@@ -278,7 +278,7 @@ class PermissionService {
}
}
if ($this->circlesEnabled && $acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
if ($this->circlesService->isCirclesEnabled() && $acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
try {
$circle = \OCA\Circles\Api\v1\Circles::detailsCircle($acl->getParticipant(), true);
if ($circle === null) {
@@ -287,7 +287,7 @@ class PermissionService {
}
foreach ($circle->getInheritedMembers() as $member) {
if ($member->getUserType() !== 1) {
if ($member->getUserType() !== 1 || $member->getLevel() >= Member::LEVEL_MEMBER) {
// deck currently only supports user members in circles
continue;
}