fix: make canManageACL work with circles

Signed-off-by: Robin Appelman <[email protected]>

Author: icewind1991

lib/ACL/UserMapping/IUserMapping.php

@@ -30,4 +30,6 @@ public function getType(): string;
 	public function getId(): string;
 
 	public function getDisplayName(): string;
+
+	public function getKey(): string;
 }

lib/ACL/UserMapping/IUserMappingManager.php

@@ -39,4 +39,13 @@ public function getMappingsForUser(IUser $user, bool $userAssignable = true): ar
 	 * @return IUserMapping|null
 	 */
 	public function mappingFromId(string $type, string $id): ?IUserMapping;
+
+	/**
+	 * Check if a user is a member of one of the provided user mappings
+	 *
+	 * @param IUser $user
+	 * @param IUserMapping[] $mappings
+	 * @return bool
+	 */
+	public function userInMappings(IUser $user, array $mappings): bool;
 }

lib/ACL/UserMapping/UserMapping.php

@@ -49,4 +49,8 @@ public function getId(): string {
 	public function getDisplayName(): string {
 		return $this->displayName;
 	}
+
+	public function getKey(): string {
+		return $this->getType() . ':' . $this->getId();
+	}
 }

lib/ACL/UserMapping/UserMappingManager.php

@@ -131,4 +131,22 @@ public function getCirclesManager(): ?CirclesManager {
 			return null;
 		}
 	}
+
+	public function userInMappings(IUser $user, array $mappings): bool {
+		foreach ($mappings as $mapping) {
+			if ($mapping->getType() === 'user' && $mapping->getId() === $user->getUID()) {
+				return true;
+			}
+		}
+
+		$mappingKeys = array_map(fn (IUserMapping $mapping) => $mapping->getKey(), $mappings);
+
+		$userMappings = $this->getMappingsForUser($user);
+		foreach ($userMappings as $userMapping) {
+			if (in_array($userMapping->getKey(), $mappingKeys, true)) {
+				return true;
+			}
+		}
+		return false;
+	}
 }

lib/Folder/FolderManager.php

@@ -29,6 +29,9 @@
 use OCA\Circles\Model\Circle;
 use OCA\Circles\Model\Member;
 use OCA\Circles\Model\Probes\CircleProbe;
+use OCA\GroupFolders\ACL\UserMapping\IUserMapping;
+use OCA\GroupFolders\ACL\UserMapping\IUserMappingManager;
+use OCA\GroupFolders\ACL\UserMapping\UserMapping;
 use OCA\GroupFolders\Mount\GroupMountPoint;
 use OCA\GroupFolders\ResponseDefinitions;
 use OCP\AutoloadNotAllowedException;
@@ -58,6 +61,8 @@ public function __construct(
 		private IMimeTypeLoader $mimeTypeLoader,
 		private LoggerInterface $logger,
 		private IEventDispatcher $eventDispatcher,
+		private IConfig $config,
+		private IUserMappingManager $userMappingManager,
 	) {
 	}
 
@@ -464,28 +469,26 @@ public function canManageACL(int $folderId, IUser $user): bool {
 			}
 		}
 
-		$query = $this->connection->getQueryBuilder();
-		$query->select('*')
-			->from('group_folders_manage')
-			->where($query->expr()->eq('folder_id', $query->createNamedParameter($folderId, IQueryBuilder::PARAM_INT)))
-			->andWhere($query->expr()->eq('mapping_type', $query->createNamedParameter('user')))
-			->andWhere($query->expr()->eq('mapping_id', $query->createNamedParameter($userId)));
-		if ($query->executeQuery()->rowCount() === 1) {
-			return true;
-		}
+		$managerMappings = $this->getManagerMappings($folderId);
+		return $this->userMappingManager->userInMappings($user, $managerMappings);
+	}
 
+	/**
+	 * @param int $folderId
+	 * @return IUserMapping[]
+	 */
+	private function getManagerMappings(int $folderId): array {
 		$query = $this->connection->getQueryBuilder();
-		$query->select('*')
+		$query->select('mapping_type', 'mapping_id')
 			->from('group_folders_manage')
-			->where($query->expr()->eq('folder_id', $query->createNamedParameter($folderId)))
-			->andWhere($query->expr()->eq('mapping_type', $query->createNamedParameter('group')));
-		$groups = $query->executeQuery()->fetchAll();
-		foreach ($groups as $manageRule) {
-			if ($this->groupManager->isInGroup($userId, $manageRule['mapping_id'])) {
-				return true;
-			}
+			->where($query->expr()->eq('folder_id', $query->createNamedParameter($folderId, IQueryBuilder::PARAM_INT)));
+		$managerMappings = [];
+
+		$rows = $query->executeQuery()->fetchAll();
+		foreach ($rows as $manageRule) {
+			$managerMappings[] = new UserMapping($manageRule['mapping_type'], $manageRule['mapping_id']);
 		}
-		return false;
+		return $managerMappings;
 	}
 
 	/**

tests/Folder/FolderManagerTest.php

@@ -21,6 +21,7 @@
 
 namespace OCA\GroupFolders\Tests\Folder;
 
+use OCA\GroupFolders\ACL\UserMapping\IUserMappingManager;
 use OCA\GroupFolders\Folder\FolderManager;
 use OCP\Constants;
 use OCP\EventDispatcher\IEventDispatcher;
@@ -40,6 +41,8 @@ class FolderManagerTest extends TestCase {
 	private IMimeTypeLoader $mimeLoader;
 	private LoggerInterface $logger;
 	private IEventDispatcher $eventDispatcher;
+	private IConfig $config;
+	private IUserMappingManager $userMappingManager;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -48,12 +51,16 @@ protected function setUp(): void {
 		$this->mimeLoader = $this->createMock(IMimeTypeLoader::class);
 		$this->logger = $this->createMock(LoggerInterface::class);
 		$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
+		$this->config = $this->createMock(IConfig::class);
+		$this->userMappingManager = $this->createMock(IUserMappingManager::class);
 		$this->manager = new FolderManager(
 			\OC::$server->getDatabaseConnection(),
 			$this->groupManager,
 			$this->mimeLoader,
 			$this->logger,
 			$this->eventDispatcher,
+			$this->config,
+			$this->userMappingManager,
 		);
 		$this->clean();
 	}
@@ -323,7 +330,7 @@ public function testGetFoldersForUserSimple() {
 		$db = $this->createMock(IDBConnection::class);
 		/** @var FolderManager|\PHPUnit_Framework_MockObject_MockObject $manager */
 		$manager = $this->getMockBuilder(FolderManager::class)
-			->setConstructorArgs([$db, $this->groupManager, $this->mimeLoader, $this->logger, $this->eventDispatcher])
+			->setConstructorArgs([$db, $this->groupManager, $this->mimeLoader, $this->logger, $this->eventDispatcher, $this->config, $this->userMappingManager])
 			->setMethods(['getFoldersForGroups'])
 			->getMock();
 
@@ -346,7 +353,7 @@ public function testGetFoldersForUserMerge() {
 		$db = $this->createMock(IDBConnection::class);
 		/** @var FolderManager|\PHPUnit_Framework_MockObject_MockObject $manager */
 		$manager = $this->getMockBuilder(FolderManager::class)
-			->setConstructorArgs([$db, $this->groupManager, $this->mimeLoader, $this->logger, $this->eventDispatcher])
+			->setConstructorArgs([$db, $this->groupManager, $this->mimeLoader, $this->logger, $this->eventDispatcher, $this->config, $this->userMappingManager])
 			->setMethods(['getFoldersForGroups'])
 			->getMock();
 
@@ -382,7 +389,7 @@ public function testGetFolderPermissionsForUserMerge() {
 		$db = $this->createMock(IDBConnection::class);
 		/** @var FolderManager|\PHPUnit_Framework_MockObject_MockObject $manager */
 		$manager = $this->getMockBuilder(FolderManager::class)
-			->setConstructorArgs([$db, $this->groupManager, $this->mimeLoader, $this->logger, $this->eventDispatcher])
+			->setConstructorArgs([$db, $this->groupManager, $this->mimeLoader, $this->logger, $this->eventDispatcher, $this->config, $this->userMappingManager])
 			->setMethods(['getFoldersForGroups'])
 			->getMock();