Merge branch 'master' into 'feature/apps-timetracker'

# Conflicts: # base/apps/install-list

Merge branch 'master' into 'feature/apps-timetracker'
# Conflicts: # base/apps/install-list
4c1bc64b · Pierre Ozoux · 68696839 · 27796b9c · 4c1bc64b · 4c1bc64b
Commit 4c1bc64b authored 3 years ago by Pierre Ozoux
--- a/base/Dockerfile
+++ b/base/Dockerfile
@@ -6,7 +6,8 @@ COPY apps /apps
 WORKDIR /apps
 ARG MINOR_VERSION
 RUN ./install.sh
-RUN rm ./install.sh ./install-list
+RUN cd apps/mail && patch  -p1 < ../../mail-enumeration-leak.patch
+RUN rm ./install.sh ./install-list ./mail-enumeration-leak.patch

 FROM nextcloud:${MARKETTING_VERSION}-fpm-alpine
 ENV VERSION $PATCH_VERSION

--- a/base/apps/mail-enumeration-leak.patch
+++ b/base/apps/mail-enumeration-leak.patch
+diff --git a/lib/Service/ContactsIntegration.php b/lib/Service/ContactsIntegration.php
+index 1ad9db44d..a8f8b0aea 100644
+--- a/lib/Service/ContactsIntegration.php
+++ b/lib/Service/ContactsIntegration.php
+@@ -26,17 +26,30 @@ namespace OCA\Mail\Service;
+ 
+ use OCP\Contacts\IManager;
+ use OCP\IConfig;
+use OCP\IGroupManager;
+use OCP\IUserSession;
+ 
+ class ContactsIntegration {
+ 
+ 	/** @var IManager */
+ 	private $contactsManager;
+ 
+	/** @var IGroupManager */
+	private $groupManager;
+
+ 	/** @var IConfig */
+ 	private $config;
+ 
+-	public function __construct(IManager $contactsManager, IConfig $config) {
+	/** @var IUserSession */
+	private $userSession;
+
+	public function __construct(IManager $contactsManager, 
+								IGroupManager $groupManager,
+								IUserSession $userSession,
+								IConfig $config) {
+ 		$this->contactsManager = $contactsManager;
+		$this->groupManager = $groupManager;
+		$this->userSession = $userSession;
+ 		$this->config = $config;
+ 	}
+ 
+@@ -54,12 +67,28 @@ class ContactsIntegration {
+ 		// If 'Allow username autocompletion in share dialog' is disabled in the admin sharing settings, then we must not
+ 		// auto-complete system users
+ 		$allowSystemUsers = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'no') === 'yes';
+		$allowSystemUsersInGroupOnly = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
+ 
+ 		$result = $this->contactsManager->search($term, ['FN', 'EMAIL']);
+ 		$receivers = [];
+ 		foreach ($result as $r) {
+-			if (!$allowSystemUsers && isset($r['isLocalSystemBook']) && $r['isLocalSystemBook']) {
+-				continue;
+			if (isset($r['isLocalSystemBook']) && $r['isLocalSystemBook']) {
+				if (!$allowSystemUsers) {
+					continue;
+				}
+				if ($allowSystemUsersInGroupOnly) {
+					$userGroups = $this->groupManager->getUserGroupIds($this->userSession->getUser());
+					$found = false;
+					foreach ($userGroups as $userGroup) {
+						if ($this->groupManager->isInGroup($r['UID'], $userGroup)) {
+							$found = true;
+							break;
+						}
+					}
+					if (!$found) {
+						continue;
+					}
+				}
+ 			}
+ 
+ 			$id = $r['UID'];
--- a/ci/functions
+++ b/ci/functions
@@ -48,7 +48,7 @@ function build() {
  export DESTINATION_PREFIX="--destination ${DOCKER_HUB_REPO}"
  export DATE=`date "+%Y-%m-%dT%H-%M-%SZ"`
  
-  if [ "$VAR1" = "master" ]; then
+  if [ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ]; then
    export BASE_TAG=${MINOR_VERSION}
    export DESTINATION="\
      ${DESTINATION_PREFIX}:${MINOR_VERSION}\