From c7082d5fb825e913fff9441cfbc4e1380ee8249d Mon Sep 17 00:00:00 2001
From: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
Date: Mon, 24 Jun 2024 14:49:09 +0200
Subject: [PATCH] fix: allows admin to edit global credentials

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
---
 .../files_external/lib/Controller/AjaxController.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php
index a03243020e491..0e43ea38eecd7 100644
--- a/apps/files_external/lib/Controller/AjaxController.php
+++ b/apps/files_external/lib/Controller/AjaxController.php
@@ -106,15 +106,21 @@ public function getSshKeys($keyLength = 1024) {
 	 */
 	public function saveGlobalCredentials($uid, $user, $password) {
 		$currentUser = $this->userSession->getUser();
+		if ($currentUser === null) {
+			return false;
+		}
 
 		// Non-admins can only edit their own credentials
-		$allowedToEdit = ($currentUser->getUID() === $uid);
+		// Admin can edit global credentials
+		$allowedToEdit = $uid === ''
+			? $this->groupManager->isAdmin($currentUser->getUID())
+			: $currentUser->getUID() === $uid;
 
 		if ($allowedToEdit) {
 			$this->globalAuth->saveAuth($uid, $user, $password);
 			return true;
-		} else {
-			return false;
 		}
+
+		return false;
 	}
 }