diff --git a/lib/Service/ContactsIntegration.php b/lib/Service/ContactsIntegration.php index 1ad9db44d..a8f8b0aea 100644 --- a/lib/Service/ContactsIntegration.php +++ b/lib/Service/ContactsIntegration.php @@ -26,17 +26,30 @@ namespace OCA\Mail\Service; use OCP\Contacts\IManager; use OCP\IConfig; +use OCP\IGroupManager; +use OCP\IUserSession; class ContactsIntegration { /** @var IManager */ private $contactsManager; + /** @var IGroupManager */ + private $groupManager; + /** @var IConfig */ private $config; - public function __construct(IManager $contactsManager, IConfig $config) { + /** @var IUserSession */ + private $userSession; + + public function __construct(IManager $contactsManager, + IGroupManager $groupManager, + IUserSession $userSession, + IConfig $config) { $this->contactsManager = $contactsManager; + $this->groupManager = $groupManager; + $this->userSession = $userSession; $this->config = $config; } @@ -54,12 +67,28 @@ class ContactsIntegration { // If 'Allow username autocompletion in share dialog' is disabled in the admin sharing settings, then we must not // auto-complete system users $allowSystemUsers = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'no') === 'yes'; + $allowSystemUsersInGroupOnly = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes'; $result = $this->contactsManager->search($term, ['FN', 'EMAIL']); $receivers = []; foreach ($result as $r) { - if (!$allowSystemUsers && isset($r['isLocalSystemBook']) && $r['isLocalSystemBook']) { - continue; + if (isset($r['isLocalSystemBook']) && $r['isLocalSystemBook']) { + if (!$allowSystemUsers) { + continue; + } + if ($allowSystemUsersInGroupOnly) { + $userGroups = $this->groupManager->getUserGroupIds($this->userSession->getUser()); + $found = false; + foreach ($userGroups as $userGroup) { + if ($this->groupManager->isInGroup($r['UID'], $userGroup)) { + $found = true; + break; + } + } + if (!$found) { + continue; + } + } } $id = $r['UID'];