Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow injecting the user temporarily for direct editing #44295

Merged
merged 2 commits into from
Mar 21, 2024
Merged

Allow injecting the user temporarily for direct editing #44295

merged 2 commits into from
Mar 21, 2024

Conversation

juliusknorr
Copy link
Member

@juliusknorr juliusknorr commented Mar 19, 2024
edited
Loading

  • Drop usage of incognito mode
  • Allow to inject the current user into the session without writing it to the php session itself for direct editing

Groupfolders

Fix ONLYOFFICE/onlyoffice-nextcloud#900 with ONLYOFFICE/onlyoffice-nextcloud#967

  • Setup a groupfolder that has read only ACL set on a child folder (without share permission)
  • Try to open a file with a mobile app
  • The mobile app uses a webview without user session
  • Now the onlyoffice codebase uses getUserFolder()->getById() which is fine as they handle authentication internally, however the getById will fail as groupfolders is not aware of the current user the mountpoint is setup with and assumes that the file is a share (requiring share acls)

@juliusknorr juliusknorr force-pushed the fix/direct-edit-incognito branch from 7a6ee18 to e6331a7 Compare March 19, 2024 10:30
@juliusknorr juliusknorr mentioned this pull request Mar 19, 2024
Merged
@juliusknorr juliusknorr force-pushed the fix/direct-edit-incognito branch from e6331a7 to 7d65d93 Compare March 19, 2024 10:35
@juliusknorr juliusknorr requested review from ChristophWurst, blizzz, mejo-, a team, ArtificialOwl, artonge and nfebe and removed request for a team March 19, 2024 10:36
@juliusknorr juliusknorr added bug 3. to review Waiting for reviews labels Mar 19, 2024
@juliusknorr juliusknorr changed the title fix: Do not use incognito mode for direct editing Allow injecting the user temporarily for direct editing Mar 19, 2024
@juliusknorr juliusknorr mentioned this pull request Mar 19, 2024
Merged
nfebe
nfebe approved these changes Mar 19, 2024
View reviewed changes
lib/private/User/Session.php Outdated Show resolved Hide resolved
@juliusknorr juliusknorr self-assigned this Mar 19, 2024
@juliusknorr juliusknorr force-pushed the fix/direct-edit-incognito branch 2 times, most recently from 4131f98 to 07691d3 Compare March 19, 2024 12:41
@juliusknorr juliusknorr force-pushed the fix/direct-edit-incognito branch from 07691d3 to e330efe Compare March 19, 2024 12:48
@blizzz blizzz merged commit 42180a2 into master Mar 21, 2024
170 checks passed
@blizzz blizzz deleted the fix/direct-edit-incognito branch March 21, 2024 12:54
@Altahrim Altahrim mentioned this pull request Mar 21, 2024
Merged
@nickvergessen nickvergessen mentioned this pull request Mar 22, 2024
Merged
4 tasks
nickvergessen
nickvergessen reviewed Mar 22, 2024
View reviewed changes
lib/private/legacy/OC_User.php
@@ -338,7 +339,7 @@ public static function isAdminUser($uid) {
* @return string|false uid or false
*/
public static function getUser() {
$uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
$uid = Server::get(IUserSession::class)->getUser()?->getUID();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This breaks logging with debug when ldap is enabled:
#44400

@joshtrichards joshtrichards mentioned this pull request Mar 26, 2024
Closed
@juliusknorr
Copy link
Member Author

/backport to stable29

@juliusknorr
Copy link
Member Author

/backport to stable28

@juliusknorr
Copy link
Member Author

/backport to stable27

@backportbot backportbot bot mentioned this pull request Jul 22, 2024
Closed
3 tasks
This was referenced Jul 22, 2024
Merged
Merged
@juliusknorr juliusknorr mentioned this pull request Jul 29, 2024
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickvergessen nickvergessen nickvergessen left review comments

@nfebe nfebe nfebe approved these changes

@blizzz blizzz blizzz approved these changes

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst

@mejo- mejo- Awaiting requested review from mejo-

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl was automatically assigned from nextcloud/server-backend

@artonge artonge Awaiting requested review from artonge artonge was automatically assigned from nextcloud/server-backend

Assignees

@juliusknorr juliusknorr

Labels
3. to review Waiting for reviews bug
Projects
📝 Office team
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Error with opening documents in Nextcloud Mobile App with Groupfolders Advanced Permissions
4 participants
@juliusknorr @nickvergessen @blizzz @nfebe