From 883e6b52b004133e3e504530ae69d41ff4c50ae4 Mon Sep 17 00:00:00 2001 From: Louis Chemineau Date: Wed, 13 Apr 2022 15:07:27 +0200 Subject: [PATCH] Use share setting in DAV search shareapi_restrict_user_enumeration_full_match_ignore_second_display_name was introduced to ignore second display name during search from the share panel. But this setting was not respected by search from the calendar application. This fix it. Signed-off-by: Louis Chemineau --- apps/dav/lib/Connector/Sabre/Principal.php | 6 ++++-- lib/private/Share20/Manager.php | 4 ++++ lib/public/Share/IManager.php | 8 ++++++++ 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/apps/dav/lib/Connector/Sabre/Principal.php b/apps/dav/lib/Connector/Sabre/Principal.php index c3f06f95783a0..4c7f17f492986 100644 --- a/apps/dav/lib/Connector/Sabre/Principal.php +++ b/apps/dav/lib/Connector/Sabre/Principal.php @@ -270,6 +270,7 @@ protected function searchUserPrincipals(array $searchProperties, $test = 'allof' $limitEnumerationGroup = $this->shareManager->limitEnumerationToGroups(); $limitEnumerationPhone = $this->shareManager->limitEnumerationToPhone(); $allowEnumerationFullMatch = $this->shareManager->allowEnumerationFullMatch(); + $ignoreSecondDisplayName = $this->shareManager->ignoreSecondDisplayName(); // If sharing is restricted to group members only, // return only members that have groups in common @@ -349,8 +350,9 @@ protected function searchUserPrincipals(array $searchProperties, $test = 'allof' if ($allowEnumerationFullMatch) { $lowerSearch = strtolower($value); $users = $this->userManager->searchDisplayName($value, $searchLimit); - $users = \array_filter($users, static function (IUser $user) use ($lowerSearch) { - return strtolower($user->getDisplayName()) === $lowerSearch; + $users = \array_filter($users, static function (IUser $user) use ($lowerSearch, $ignoreSecondDisplayName) { + $lowerDisplayName = strtolower($user->getDisplayName()); + return $lowerDisplayName === $lowerSearch || ($ignoreSecondDisplayName && trim(preg_replace('/ \(.*\)$/', '', $lowerDisplayName)) === $lowerSearch); }); } else { $users = []; diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 1891e3a128337..3fa359139d35d 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1915,6 +1915,10 @@ public function allowEnumerationFullMatch(): bool { return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match', 'yes') === 'yes'; } + public function ignoreSecondDisplayName(): bool { + return $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_ignore_second_display_name', 'no') === 'yes'; + } + public function currentUserCanEnumerateTargetUser(?IUser $currentUser, IUser $targetUser): bool { if ($this->allowEnumerationFullMatch()) { return true; diff --git a/lib/public/Share/IManager.php b/lib/public/Share/IManager.php index 8b1f5144b9aa3..f40d35078253c 100644 --- a/lib/public/Share/IManager.php +++ b/lib/public/Share/IManager.php @@ -448,6 +448,14 @@ public function limitEnumerationToPhone(): bool; */ public function allowEnumerationFullMatch(): bool; + /** + * Check if the search should ignore the second in parentheses display name if there is any + * + * @return bool + * @since 24.0.0 + */ + public function ignoreSecondDisplayName(): bool; + /** * Check if the current user can enumerate the target user *