Skip to content

Commit

Permalink
Merge pull request #37255 from nextcloud/backport/37252/stable25
Browse files Browse the repository at this point in the history 
[stable25] fix(workflow): Check tag attribute
  • Loading branch information
@blizzz
blizzz authored Mar 16, 2023
2 parents 52a8b77 + 4776e58 commit 9aa7ed7
Showing 1 changed file with 29 additions and 8 deletions.
37 changes: 29 additions & 8 deletions apps/workflowengine/lib/Check/FileSystemTags.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,10 @@
use OCA\WorkflowEngine\Entity\File;
use OCP\Files\Cache\ICache;
use OCP\Files\IHomeStorage;
use OCP\IGroupManager;
use OCP\IL10N;
use OCP\IUser;
use OCP\IUserSession;
use OCP\SystemTag\ISystemTagManager;
use OCP\SystemTag\ISystemTagObjectMapper;
use OCP\SystemTag\TagNotFoundException;
Expand All @@ -55,16 +58,23 @@ class FileSystemTags implements ICheck, IFileCheck {

/** @var ISystemTagObjectMapper */
protected $systemTagObjectMapper;

/**
* @param IL10N $l
* @param ISystemTagManager $systemTagManager
* @param ISystemTagObjectMapper $systemTagObjectMapper
*/
public function __construct(IL10N $l, ISystemTagManager $systemTagManager, ISystemTagObjectMapper $systemTagObjectMapper) {
/** @var IUserSession */
protected $userSession;
/** @var IGroupManager */
protected $groupManager;

public function __construct(
IL10N $l,
ISystemTagManager $systemTagManager,
ISystemTagObjectMapper $systemTagObjectMapper,
IUserSession $userSession,
IGroupManager $groupManager
) {
$this->l = $l;
$this->systemTagManager = $systemTagManager;
$this->systemTagObjectMapper = $systemTagObjectMapper;
$this->userSession = $userSession;
$this->groupManager = $groupManager;
}

/**
Expand All @@ -88,7 +98,18 @@ public function validateCheck($operator, $value) {
}

try {
$this->systemTagManager->getTagsByIds($value);
$tags = $this->systemTagManager->getTagsByIds($value);

$user = $this->userSession->getUser();
$isAdmin = $user instanceof IUser && $this->groupManager->isAdmin($user->getUID());

if (!$isAdmin) {
foreach ($tags as $tag) {
if (!$tag->isUserVisible()) {
throw new \UnexpectedValueException($this->l->t('The given tag id is invalid'), 4);
}
}
}
} catch (TagNotFoundException $e) {
throw new \UnexpectedValueException($this->l->t('The given tag id is invalid'), 2);
} catch (\InvalidArgumentException $e) {
Expand Down

0 comments on commit 9aa7ed7

Please sign in to comment.