From 3fd9d0dc506120830bc1ffc1e62c92c83a6e9e53 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 17 Mar 2021 10:26:21 +0100
Subject: [PATCH] Also limit to user group in case enumeration is enabled for
 groups and phonenumbers

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 .../Collaborators/UserPlugin.php              | 21 ++++++++++++++++++-
 .../Collaborators/UserPluginTest.php          | 21 ++++++++++++++-----
 2 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/lib/private/Collaboration/Collaborators/UserPlugin.php b/lib/private/Collaboration/Collaborators/UserPlugin.php
index c2132048b2f..12ed3e98932 100644
--- a/lib/private/Collaboration/Collaborators/UserPlugin.php
+++ b/lib/private/Collaboration/Collaborators/UserPlugin.php
@@ -97,7 +97,7 @@ class UserPlugin implements ISearchPlugin {
 
 		$currentUserId = $this->userSession->getUser()->getUID();
 		$currentUserGroups = $this->groupManager->getUserGroupIds($this->userSession->getUser());
-		if ($this->shareWithGroupOnly) {
+		if ($this->shareWithGroupOnly || $this->shareeEnumerationInGroupOnly) {
 			// Search in all the groups this user is part of
 			foreach ($currentUserGroups as $userGroupId) {
 				$usersInGroup = $this->groupManager->displayNamesInGroup($userGroupId, $search, $limit, $offset);
@@ -114,6 +114,25 @@ class UserPlugin implements ISearchPlugin {
 					$hasMoreResults = true;
 				}
 			}
+
+			if (!$this->shareWithGroupOnly && $this->shareeEnumerationPhone) {
+				$usersTmp = $this->userManager->searchKnownUsersByDisplayName($currentUserId, $search, $limit, $offset);
+				if (!empty($usersTmp)) {
+					foreach ($usersTmp as $user) {
+						if ($user->isEnabled()) { // Don't keep deactivated users
+							$users[$user->getUID()] = $user;
+						}
+					}
+
+					uasort($users, function ($a, $b) {
+						/**
+						 * @var \OC\User\User $a
+						 * @var \OC\User\User $b
+						 */
+						return strcasecmp($a->getDisplayName(), $b->getDisplayName());
+					});
+				}
+			}
 		} else {
 			// Search in all users
 			if ($this->shareeEnumerationPhone) {
diff --git a/tests/lib/Collaboration/Collaborators/UserPluginTest.php b/tests/lib/Collaboration/Collaborators/UserPluginTest.php
index 43bbffc9b6a..acbcd42f04f 100644
--- a/tests/lib/Collaboration/Collaborators/UserPluginTest.php
+++ b/tests/lib/Collaboration/Collaborators/UserPluginTest.php
@@ -659,9 +659,10 @@ class UserPluginTest extends TestCase {
 	public function testSearchEnumerationLimit($search, $userGroups, $matchingUsers, $result) {
 		$this->mockConfig(false, true, true);
 
-		$userResults = array_map(function ($user) {
-			return $this->getUserMock($user['uid'], $user['uid']);
-		}, $matchingUsers);
+		$userResults = [];
+		foreach ($matchingUsers as $user) {
+			$userResults[$user['uid']] = $user['uid'];
+		}
 
 		$mappedResultExact = array_map(function ($user) {
 			return ['label' => $user, 'value' => ['shareType' => 0, 'shareWith' => $user], 'icon' => 'icon-user', 'subline' => null, 'status' => [], 'shareWithDisplayNameUnique' => $user];
@@ -670,9 +671,19 @@ class UserPluginTest extends TestCase {
 			return ['label' => $user, 'value' => ['shareType' => 0, 'shareWith' => $user], 'icon' => 'icon-user', 'subline' => null, 'status' => [], 'shareWithDisplayNameUnique' => $user];
 		}, $result['wide']);
 
-		$this->userManager->expects($this->once())
-			->method('searchDisplayName')
+		$this->userManager
+			->method('get')
+			->willReturnCallback(function ($userId) use ($userResults) {
+				if (isset($userResults[$userId])) {
+					return $this->getUserMock($userId, $userId);
+				}
+				return null;
+			});
+
+		$this->groupManager->method('displayNamesInGroup')
 			->willReturn($userResults);
+
+
 		$this->session->expects($this->any())
 			->method('getUser')
 			->willReturn($this->getUserMock('test', 'foo'));
-- 
GitLab