From e7249de14568085d86c859326a55d4648209fd89 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Thu, 19 Mar 2020 15:40:04 +0100
Subject: [PATCH] Make the groupId url encoded
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
apps/provisioning_api/lib/Controller/GroupsController.php | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php
index 7f2da88a097..fa72e5ad5d4 100644
--- a/apps/provisioning_api/lib/Controller/GroupsController.php
+++ b/apps/provisioning_api/lib/Controller/GroupsController.php
@@ -151,6 +151,8 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function getGroupUsers(string $groupId): DataResponse {
+ $groupId = urldecode($groupId);
+
$user = $this->userSession->getUser();
$isSubadminOfGroup = false;
@@ -190,6 +192,7 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function getGroupUsersDetails(string $groupId, string $search = '', int $limit = null, int $offset = 0): DataResponse {
+ $groupId = urldecode($groupId);
$currentUser = $this->userSession->getUser();
// Check the group exists
@@ -262,6 +265,8 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function updateGroup(string $groupId, string $key, string $value): DataResponse {
+ $groupId = urldecode($groupId);
+
if ($key === 'displayname') {
$group = $this->groupManager->get($groupId);
if ($group->setDisplayName($value)) {
@@ -282,6 +287,8 @@ class GroupsController extends AUserData {
* @throws OCSException
*/
public function deleteGroup(string $groupId): DataResponse {
+ $groupId = urldecode($groupId);
+
// Check it exists
if (!$this->groupManager->groupExists($groupId)) {
throw new OCSException('', 101);
--
GitLab