From 7944293836d912286a3dbd192e66dd8d3cb251ca Mon Sep 17 00:00:00 2001
From: Artur Neumann <artur@jankaritech.com>
Date: Tue, 21 Aug 2018 13:30:52 +0545
Subject: [PATCH] compare UIDs instead of objects when changing email address

---
 settings/Controller/UsersController.php         |  2 +-
 .../Settings/Controller/UsersControllerTest.php | 17 ++++++++++++++---
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php
index 414f729c497d..43aed6a621ca 100644
--- a/settings/Controller/UsersController.php
+++ b/settings/Controller/UsersController.php
@@ -823,7 +823,7 @@ public function changeMail($token, $userId) {
 		$user = $this->userManager->get($userId);
 		$sessionUser = $this->userSession->getUser();
 
-		if ($user !== $sessionUser) {
+		if ($user->getUID() !== $sessionUser->getUID()) {
 			$this->log->error("The logged in user is different than expected.", ['app' => 'settings']);
 			return new RedirectResponse($this->urlGenerator->linkToRoute('settings.SettingsPage.getPersonal', ['changestatus' => 'error']));
 		}
diff --git a/tests/Settings/Controller/UsersControllerTest.php b/tests/Settings/Controller/UsersControllerTest.php
index fcb62ad40adf..87b7274bc993 100644
--- a/tests/Settings/Controller/UsersControllerTest.php
+++ b/tests/Settings/Controller/UsersControllerTest.php
@@ -2306,14 +2306,25 @@ public function testSetDisplayNameFails() {
 	public function testDifferentLoggedUserAndRequestUser() {
 		$token = 'AVerySecretToken';
 		$userId = 'ExistingUser';
+		$differentUserId = 'ExistingUser2';
 		$mailAddress = 'sample@email.com';
-		$userObject = $this->getMockBuilder('OCP\IUser')
+		$userObject = $this->getMockBuilder(IUser::class)
 			->disableOriginalConstructor()->getMock();
-		$diffUserObject = $this->getMockBuilder('OCP\IUser')
+		$userObject
+			->expects($this->atLeastOnce())
+			->method('getUID')
+			->willReturn($userId);
+
+		$diffUserObject = $this->getMockBuilder(IUser::class)
 			->disableOriginalConstructor()->getMock();
 
+		$diffUserObject
+			->expects($this->atLeastOnce())
+			->method('getUID')
+			->willReturn($differentUserId);
+			
 		$this->container['UserManager']
-			->expects($this->once())
+			->expects($this->atLeastOnce())
 			->method('get')
 			->with($userId)
 			->will($this->returnValue($userObject));