mail icon indicating copy to clipboard operation
mail copied to clipboard
verified publisher icon nextcloud

Restrict autocomplete to group

Open hrenard opened this issue 3 years ago • 3 comments

Fix #6017.

hrenard avatar Aug 25 '22 15:08 hrenard

Thanks for opening your first pull request in this repository! :v:

welcome[bot] avatar Aug 25 '22 15:08 welcome[bot]

I want to add a test, but I'm no php developer.

$this->groupManager->expects($this->once())
	->method('isInGroup')
	->will($this->returnValue(false));
$this->groupManager->expects($this->once())
	->method('isInGroup')
	->with('auser', 'agroup')
	->will($this->returnValue(true));

Does this work ?

hrenard avatar Aug 25 '22 20:08 hrenard

Hey, sorry to make noise. But it's a privacy issue, I think we should try to merge this soon.

hrenard avatar Sep 22 '22 12:09 hrenard

I want to add a test, but I'm no php developer.

$this->groupManager->expects($this->once())
	->method('isInGroup')
	->will($this->returnValue(false));
$this->groupManager->expects($this->once())
	->method('isInGroup')
	->with('auser', 'agroup')
	->will($this->returnValue(true));

Does this work ?

You need to specify that the same method is called twice in this way:

		$this->config->expects(self::exactly(2))
			->method('getAppValue')
			->withConsecutive(['core', 'shareapi_allow_share_dialog_user_enumeration', 'no'], ['core', 'shareapi_restrict_user_enumeration_to_group', 'no'])
			->willReturnOnConsecutiveCalls(['yes', 'no']);

miaulalala avatar Oct 17 '22 11:10 miaulalala

Thanks for the feedback ! I added testGetMatchingRecipientOnlyGroupUsers for this use case, but I've not tried it.

hrenard avatar Oct 17 '22 12:10 hrenard

Thanks for the feedback ! I added testGetMatchingRecipientOnlyGroupUsers for this use case, but I've not tried it.

You can run a singular unit test with composer run test:unit:dev ./tests/Unit/Service/ContactsIntegrationTest.php

You need composer2 :)

miaulalala avatar Oct 17 '22 13:10 miaulalala

You can run a singular unit test with composer run test:unit:dev ./tests/Unit/Service/ContactsIntegrationTest.php

You need composer2 :)

And a configured Nextcloud :sweat_smile:. I havn't quite took the time to setup a proper dev env... You need me to ?

hrenard avatar Oct 17 '22 13:10 hrenard

Okay. The tests are working.

hrenard avatar Oct 17 '22 17:10 hrenard

And the coding standards... Sorry for that.

hrenard avatar Oct 17 '22 19:10 hrenard

Postgres tests are failing because of an incompatibility. Can you rebase your brach onto the latest mail main? The fix for this has been merged :)

miaulalala avatar Oct 18 '22 08:10 miaulalala

Postgres tests are failing because of an incompatibility. Can you rebase your brach onto the latest mail main? The fix for this has been merged :)

Done.

hrenard avatar Oct 18 '22 09:10 hrenard

Hi @hrenard , thanks for your hard work so far!

After some feedback I found out there are more conditions to be checked for:

https://github.com/nextcloud/server/blob/88b0aea2b0f7cc30ab0de7d13914474d0711e5cd/lib/private/Collaboration/Collaborators/MailPlugin.php#L88-L93

Would you be up for implementing these too?

If that's too overwhelming, I can take over and build upon your excellent work.

Thanks again!

Yep, will do.

Only shareapi_restrict_user_enumeration_full_match & shareapi_restrict_user_enumeration_full_match_email are missing, right ?

hrenard avatar Oct 20 '22 10:10 hrenard

Hi @hrenard , thanks for your hard work so far! After some feedback I found out there are more conditions to be checked for: https://github.com/nextcloud/server/blob/88b0aea2b0f7cc30ab0de7d13914474d0711e5cd/lib/private/Collaboration/Collaborators/MailPlugin.php#L88-L93 Would you be up for implementing these too? If that's too overwhelming, I can take over and build upon your excellent work. Thanks again!

Yep, will do.

Only shareapi_restrict_user_enumeration_full_match & shareapi_restrict_user_enumeration_full_match_email are missing, right ?

And the shareapi_restrict_user_enumeration_to_phone I think. Thanks so much!

miaulalala avatar Oct 20 '22 10:10 miaulalala

As we only search by FN or EMAIL, can we omit the phone ?

shareapi_restrict_user_enumeration_full_match is supposed to match the username. Do we consider the search result's UID to be the username or do we just skip system users if shareapi_restrict_user_enumeration_full_match_email is not set ?

Maybe we should also hide group recipients according to shareapi_allow_group_sharing and when other restrictions are set ? If I'm to be in the same group or to know the full email of someone to send an email, it's weird that I can send emails to random groups thus random peoples. And if someone replies, I get the list of this group members.

Or should we introduce config specific to this app ?

hrenard avatar Oct 20 '22 12:10 hrenard

shareapi_restrict_user_enumeration_full_match is supposed to match the username. Do we consider the search result's UID to be the username or do we just skip system users if shareapi_restrict_user_enumeration_full_match_email is not set ?

You could pass the fullmatch option to the search if the shareapi_restrict_user_enumeration_full_match_email is set and let the IManager handle it if that does what I think you want to get done? Have a look at this method:

https://github.com/nextcloud/server/blob/master/lib/private/ContactsManager.php#L52

So you could do something like:

$shareapi_restrict_user_enumeration_full_match_email = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_full_match_email', 'no') === 'yes';

$result = ($shareapi_restrict_user_enumeration_full_match_email 
                             ? $this->contactsManager->search($term, ['FN', 'EMAIL'], ['fullmatch' => true])
                             : $this->contactsManager->search($term, ['FN', 'EMAIL']));

I think the phone match is fine to leave out, who searches for a users phone no when they want to send an email anyway :sweat_smile:

miaulalala avatar Oct 21 '22 09:10 miaulalala

Interesting, I'll look into it.

What behavior is intended when both shareapi_restrict_user_enumeration_to_group and shareapi_restrict_user_enumeration_full_match_email are true ?

  1. Only match system user with full email.
  2. Only match system user in the same group.
  3. Match system user with full email or in the same group.

I found the 3 more logical, but I'm not sure of the initial design.

hrenard avatar Oct 21 '22 10:10 hrenard

I think shareapi_restrict_user_enumeration_full_match_email is not used anymore.

@miaulalala I pushed a proposal for option 3 (previous comment). Tell me what you think. I'll update tests when we agree on the behavior.

hrenard avatar Oct 21 '22 16:10 hrenard

I think shareapi_restrict_user_enumeration_full_match_email is not used anymore.

As far as I can see it is still used in the \OC\Collaboration\Collaborators\UserPlugin::search

If I'm not mistaken, it is done in the way you suggested in 3:

$lowerSearch = strtolower($search);
if (
    $this->shareeEnumerationFullMatch && $lowerSearch !== '' && (strtolower($uid) === $lowerSearch ||
    strtolower($userDisplayName) === $lowerSearch ||
    ($this->shareeEnumerationFullMatchIgnoreSecondDisplayName && trim(strtolower(preg_replace('/ \(.*\)$/', '', $userDisplayName))) === $lowerSearch) ||
    ($this->shareeEnumerationFullMatchEmail && strtolower($userEmail ?? '') === $lowerSearch))
) {}

If I have my ANDs and ORs right, we can proceed with your suggestion :)

miaulalala avatar Oct 24 '22 11:10 miaulalala

I can't find the shareapi_restrict_user_enumeration_full_match_email setting in the UI of the latest NC which led me to assume it's deprecated. But, I haven't searched that much, so I'm probably wrong.

(I'll try to finish this next week.)

hrenard avatar Oct 24 '22 16:10 hrenard

@miaulalala is this good enough ?

hrenard avatar Nov 01 '22 15:11 hrenard