Merge pull request #46678 from nextcloud/backport/44295/stable28

[stable28] Allow injecting the user temporarily for direct editing
nextcloud · Jul 25, 2024 · f02bbf8 · f02bbf8
2 parents 942a919 + be5d40e
commit f02bbf8
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 7 deletions.
diff --git a/apps/files_external/lib/Migration/DummyUserSession.php b/apps/files_external/lib/Migration/DummyUserSession.php
@@ -29,10 +29,7 @@
 
 class DummyUserSession implements IUserSession {
 
-	/**
-	 * @var IUser
-	 */
-	private $user;
+	private ?IUser $user = null;
 
 	public function login($uid, $password) {
 	}
@@ -44,6 +41,10 @@ public function setUser($user) {
 		$this->user = $user;
 	}
 
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->user = $user;
+	}
+
 	public function getUser() {
 		return $this->user;
 	}

diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php
@@ -272,13 +272,11 @@ public function accessToken(string $token): bool {
 	}
 
 	public function invokeTokenScope($userId): void {
-		\OC_User::setIncognitoMode(true);
 		\OC_User::setUserId($userId);
 	}
 
 	public function revertTokenScope(): void {
 		$this->userSession->setUser(null);
-		\OC_User::setIncognitoMode(false);
 	}
 
 	public function createToken($editorId, File $file, string $filePath, IShare $share = null): string {

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
@@ -182,6 +182,15 @@ public function setUser($user) {
 		$this->activeUser = $user;
 	}
 
+	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 */
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->activeUser = $user;
+	}
+
 	/**
 	 * get the current active user
 	 *

diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php
@@ -39,6 +39,7 @@
 use OC\User\LoginException;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\IGroupManager;
+use OCP\ISession;
 use OCP\IUser;
 use OCP\IUserManager;
 use OCP\Server;
@@ -349,7 +350,7 @@ public static function isAdminUser($uid) {
 	 * @return string|false uid or false
 	 */
 	public static function getUser() {
-		$uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
+		$uid = Server::get(ISession::class)?->get('user_id');
 		if (!is_null($uid) && self::$incognitoMode === false) {
 			return $uid;
 		} else {

diff --git a/lib/public/IUserSession.php b/lib/public/IUserSession.php
@@ -63,6 +63,14 @@ public function logout();
 	 */
 	public function setUser($user);
 
+	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 * @since 29.0.0
+	 */
+	public function setVolatileActiveUser(?IUser $user): void;
+
 	/**
 	 * get the current active user
 	 *