Skip to content

fix(admin-delegation): Prevent delegation to group if delegation alre… #145

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
printminion-co wants to merge 111 commits into
base: master
Choose a base branch
from
Open

fix(admin-delegation): Prevent delegation to group if delegation alre… #145

printminion-co wants to merge 111 commits into from

Conversation

@printminion-co
Copy link

@printminion-co printminion-co commented Nov 24, 2025
edited
Loading

…ady exist

Before

Multiple delegation to same group is possible

$ php occ admin-delegation:add OCA\\Settings\\Settings\\Admin\\Overview admin
 [OK] Administration of OCA\Settings\Settings\Admin\Overview delegated to admin.                                        

$ php occ admin-delegation:add OCA\\Settings\\Settings\\Admin\\Overview admin
 [OK] Administration of OCA\Settings\Settings\Admin\Overview delegated to admin.                                        

$ php occ admin-delegation:add OCA\\Settings\\Settings\\Admin\\Overview admin
 [OK] Administration of OCA\Settings\Settings\Admin\Overview delegated to admin.                                        

$ php occ admin-delegation:show 

Current delegations
===================

Section: overview
-----------------

 ------------------------- -------------------------------------- --------------------- 
  Name                      SettingId                              Delegated to groups  
 ------------------------- -------------------------------------- --------------------- 
  Security & setup checks   OCA\Settings\Settings\Admin\Overview   admin, admin, admin  
 ------------------------- -------------------------------------- ---------------------

After fix

Fixes issue with delegation via occ and web.
No multiple entries in DB.

php occ admin-delegation:add OCA\\Settings\\Settings\\Admin\\Overview admin
 [OK] Administration of OCA\Settings\Settings\Admin\Overview delegated to admin.                                        

php occ admin-delegation:add OCA\\Settings\\Settings\\Admin\\Overview admin
 [WARNING] The OCA\Settings\Settings\Admin\Overview is already delegated to admin.

Checklist

joshtrichards and others added 11 commits August 20, 2025 14:07
@joshtrichards
chore: refactor .htaccess
a0c3dd1 
Signed-off-by: Josh <[email protected]>
@joshtrichards
fix: drop unnecessary toggles in .htaccess
182836b 
Signed-off-by: Josh <[email protected]>
@dependabot
build(deps-dev): bump symfony/event-dispatcher in /build/integration
0ab5f17 
Bumps [symfony/event-dispatcher](https://github.com/symfony/event-dispatcher) from 6.4.25 to 7.3.3.
- [Release notes](https://github.com/symfony/event-dispatcher/releases)
- [Changelog](https://github.com/symfony/event-dispatcher/blob/7.3/CHANGELOG.md)
- [Commits](symfony/event-dispatcher@v6.4.25...v7.3.3)

---
updated-dependencies:
- dependency-name: symfony/event-dispatcher
  dependency-version: 7.3.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@st3iny @SebastianKrupinski
fix(l10n): do not consider user language when getting the generic one
ccc0c3c 
Signed-off-by: Richard Steinmetz <[email protected]>
@artonge
fix(encryption): Increment lastChunkNr when size is off
30d567f 
When computing the unencrypted file size, we need the size of the last encrypted chunk as its size is usually not the regular 8192 bits.

To avoid reading the whole file, we seek directly to that last chunk based on the expected file size. When the expected file size is smaller than the actual one, we have a logic in place to continue reading until we reach the end of the file.

In that logic, we forgot to increment the `$lastChunkNr` which is important when we later check the signature of the chunk.

This commit adds that missing increment.

Signed-off-by: Louis Chmn <[email protected]>
@come-nc
fix(files_sharing): Allow deleting a share of a missing file
a60f949 
This can happen in various scenarios, we should allow the user to delete
 the share in this situation.

Signed-off-by: Côme Chilliet <[email protected]>
@come-nc @provokateurin
chore: Improve wording in debug log
cc66d20 
Co-authored-by: Kate <[email protected]>
Signed-off-by: Côme Chilliet <[email protected]>
@icewind1991
test: add test for theming config casting
ad5f23f 
Signed-off-by: Robin Appelman <[email protected]>
@icewind1991
fix: fix theming config value casting
561d3de 
Signed-off-by: Robin Appelman <[email protected]>
@dependabot
build(deps-dev): bump the vitest group across 1 directory with 2 updates
5498c1c 
Bumps the vitest group with 2 updates in the /build/frontend-legacy directory: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-v8` from 3.2.4 to 4.0.13
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.13/packages/coverage-v8)

Updates `vitest` from 3.2.4 to 4.0.13
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.13/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.0.13
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: vitest
- dependency-name: vitest
  dependency-version: 4.0.13
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: vitest
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
build(deps-dev): bump behat/behat in /build/integration
3c73af0 
Bumps [behat/behat](https://github.com/Behat/Behat) from 3.26.0 to 3.27.0.
- [Release notes](https://github.com/Behat/Behat/releases)
- [Changelog](https://github.com/Behat/Behat/blob/master/CHANGELOG.md)
- [Commits](Behat/Behat@v3.26.0...v3.27.0)

---
updated-dependencies:
- dependency-name: behat/behat
  dependency-version: 3.27.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@printminion-co printminion-co marked this pull request as ready for review November 24, 2025 20:45
@printminion-co printminion-co force-pushed the fix/no_double_admin_delegations branch 2 times, most recently from 8cd9c11 to 74a6b24 Compare November 24, 2025 21:22
nfebe and others added 16 commits November 24, 2025 23:32
@nfebe
fix(sharing): Add isTrustedServer flag to lookup results
40246d9 
When `show_federated_shares_to_trusted_servers_as_internal` is enabled,
lookup server results were being filtered out because they lacked the
`isTrustedServer` flag. This adds the flag to lookup results by:

- Injecting TrustedServers service into LookupPlugin
- Adding `server` and `isTrustedServer` fields to each lookup result
- Updating tests to reflect new structure

This ensures lookup results from trusted servers appear in internal
sharing while non-trusted servers are correctly filtered out.

Signed-off-by: nfebe <[email protected]>
@nextcloud-bot
fix(l10n): Update translations from Transifex
75d04de 
Signed-off-by: Nextcloud bot <[email protected]>
@susnux
Merge pull request nextcloud#56293 from nextcloud/dependabot/composer…
29325b4 
…/build/integration/symfony/event-dispatcher-7.3.3

build(deps-dev): bump symfony/event-dispatcher from 6.4.25 to 7.3.3 in /build/integration
@nfebe
Merge pull request nextcloud#56501 from nextcloud/fix/lookup-trusted-…
80b04bd 
…server-filter

fix(sharing): Add isTrustedServer flag to lookup results
@artonge
Merge pull request nextcloud#55981 from nextcloud/artonge/fix/encrypt…
0b30415 
…ion/increment_lastChunkNr

fix(encryption): Increment `lastChunkNr` when size is off
@susnux
Merge pull request nextcloud#56632 from nextcloud/dependabot/npm_and_…
3f083bb 
…yarn/build/frontend-legacy/vitest-05d30e5828

build(deps-dev): bump the vitest group across 1 directory with 2 updates
@dependabot
build(deps-dev): bump vite
14eb82f 
Bumps the vite group with 1 update in the /build/frontend-legacy directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `vite` from 7.2.2 to 7.2.4
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.2.4/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.2.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
...

Signed-off-by: dependabot[bot] <[email protected]>
@sorbaugh
Merge pull request nextcloud#56498 from nextcloud/fix/fix-deleting-br…
a7dd4e8 
…oken-shares

fix(files_sharing): Allow deleting a share of a missing file
@susnux
ci: update workflows from organization
66361fe 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux
chore: ignore SPDX-header-like lines in the license plugin
0e60c0a 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux
test: fix setup with coverage
930ec23 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@AndyScherzinger
Merge pull request nextcloud#56631 from nextcloud/dependabot/npm_and_…
4f25051 
…yarn/build/frontend-legacy/vite-939f50a5f3

build(deps-dev): bump vite from 7.2.2 to 7.2.4 in /build/frontend-legacy in the vite group across 1 directory
@susnux
Merge pull request nextcloud#56625 from nextcloud/chore/workflows
c4da3cc 
ci: update workflows from organization
@artonge @susnux
chore(user_ldap): Delete legacy templates
4f9efc4 
Not needed anymore after the vue migration

Signed-off-by: Louis Chmn <[email protected]>
@artonge @susnux
refactor(user_ldap): Migrate to Vue3
1e17a9f 
Signed-off-by: Louis Chmn <[email protected]>
@artonge @susnux
fix(user_ldap): Use v-model for settings inputs
d89b5e2 
Signed-off-by: Louis Chmn <[email protected]>
AndyScherzinger and others added 29 commits November 26, 2025 00:48
@AndyScherzinger
Merge pull request nextcloud#56673 from nextcloud/dependabot/npm_and_…
8679fd1 
…yarn/vitest-b8deea5be8

build(deps-dev): bump the vitest group across 2 directories with 2 updates
@nextcloud-command
chore(assets): Recompile assets
7225c09 
Signed-off-by: nextcloud-command <[email protected]>
@github-actions
Merge pull request nextcloud#56674 from nextcloud/dependabot/npm_and_…
1fd57d0 
…yarn/build/frontend-legacy/marked-17.0.1

build(deps): bump marked from 17.0.0 to 17.0.1 in /build/frontend-legacy
@nextcloud-bot
fix(l10n): Update translations from Transifex
87b3cbd 
Signed-off-by: Nextcloud bot <[email protected]>
@github-actions
Merge pull request nextcloud#56698 from nextcloud/dependabot/npm_and_…
1c116c3 
…yarn/build/frontend-legacy/camelcase-9.0.0

build(deps): bump camelcase from 8.0.0 to 9.0.0 in /build/frontend-legacy
@dependabot @susnux
build(deps): bump vue from 3.5.24 to 3.5.25
a9e3734 
Bumps [vue](https://github.com/vuejs/core) from 3.5.24 to 3.5.25.
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.24...v3.5.25)

---
updated-dependencies:
- dependency-name: vue
  dependency-version: 3.5.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@nextcloud-command @susnux
chore(assets): Recompile assets
da56265 
Signed-off-by: nextcloud-command <[email protected]>
@github-actions
Merge pull request nextcloud#56697 from nextcloud/dependabot/npm_and_…
748e92e 
…yarn/build/frontend-legacy/nextcloud/webpack-vue-config-7.0.2

build(deps-dev): bump @nextcloud/webpack-vue-config from 7.0.1 to 7.0.2 in /build/frontend-legacy
@github-actions
Merge pull request nextcloud#56634 from nextcloud/dependabot/npm_and_…
0c14a54 
…yarn/vue-3.5.25

build(deps): bump vue from 3.5.24 to 3.5.25
@dependabot @nextcloud-command
build(deps): bump debounce from 2.2.0 to 3.0.0 in /build/frontend-legacy
c3ec3aa 
Bumps [debounce](https://github.com/sindresorhus/debounce) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/sindresorhus/debounce/releases)
- [Commits](sindresorhus/debounce@v2.2.0...v3.0.0)

---
updated-dependencies:
- dependency-name: debounce
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@susnux @nextcloud-command
refactor: adjust code for debounce v3
776c960 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@nextcloud-command
chore(assets): Recompile assets
f473658 
Signed-off-by: nextcloud-command <[email protected]>
@github-actions
Merge pull request nextcloud#56696 from nextcloud/dependabot/npm_and_…
c2e7b34 
…yarn/build/frontend-legacy/debounce-3.0.0

build(deps): bump debounce from 2.2.0 to 3.0.0 in /build/frontend-legacy
@dependabot @susnux
build(deps-dev): bump workbox-webpack-plugin in /build/frontend-legacy
8bd328e 
Bumps [workbox-webpack-plugin](https://github.com/googlechrome/workbox) from 7.3.0 to 7.4.0.
- [Release notes](https://github.com/googlechrome/workbox/releases)
- [Commits](GoogleChrome/workbox@v7.3.0...v7.4.0)

---
updated-dependencies:
- dependency-name: workbox-webpack-plugin
  dependency-version: 7.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@nextcloud-command
chore(assets): Recompile assets
9cc0af1 
Signed-off-by: nextcloud-command <[email protected]>
@AndyScherzinger
Merge pull request nextcloud#56701 from nextcloud/dependabot/npm_and_…
3e1ce96 
…yarn/build/frontend-legacy/workbox-webpack-plugin-7.4.0

build(deps-dev): bump workbox-webpack-plugin from 7.3.0 to 7.4.0 in /build/frontend-legacy
@skjnldsv
Merge branch 'master' into jtr-refactor-main-htaccess
30ad57b 
Signed-off-by: John Molakvoæ <[email protected]>
@susnux
chore: remove @nextcloud/calendar-availability-vue from legacy
8cb14b4 
The dependency is only used by DAV app but that is already migrated to
Vue 3.

Signed-off-by: Ferdinand Thiessen <[email protected]>
@skjnldsv
Merge pull request nextcloud#54550 from nextcloud/jtr-refactor-main-h…
68a9903 
…taccess
@susnux
chore(deps): remove unused dependencies
7615e75 
Those dependencies were used only by our Cypress config,
but now as we use `@nextcloud/e2e-test-server` we do not have any direct
dependency on any of them.

Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux
Merge pull request nextcloud#56693 from nextcloud/chore/remove-useles…
6719f5a 
…s-dependencies

chore: remove `@nextcloud/calendar-availability-vue` from legacy
@Antreesy
fix(user_status): adjust online status string
48b5c84 
Signed-off-by: Maksim Sukharev <[email protected]>
@susnux
Merge pull request nextcloud#56705 from nextcloud/chore/cleanup-deps
b3532f0 
chore(deps): remove unused dependencies
@nextcloud-command
chore(assets): Recompile assets
4dd34bd 
Signed-off-by: nextcloud-command <[email protected]>
@susnux
build(deps): add missing dependencies
9baac21 
During the initial Vue 3 migration some dependencies were forgotten to
be explicitly mentioned as dependencies.
This aligns those dependencies with the package.json
It was only working because they were peer dependencies of other
dependencies we already added.

Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux
chore: compile assets
a2a4137 
Signed-off-by: Ferdinand Thiessen <[email protected]>
@susnux
Merge pull request nextcloud#56704 from nextcloud/chore/deps-missing
b279924 
build(deps): add missing dependencies
@kesselb
Merge pull request nextcloud#56711 from nextcloud/fix/noid/user-statu…
f4753cc 
…s-busy

fix(user_status): adjust online status string
@printminion-co
fix(admin-delegation): Prevent delegation to group if delegation alre…
d6116fc 
…ady exist

Signed-off-by: Misha M.-Kupriyanov <[email protected]>
@printminion-co printminion-co force-pushed the fix/no_double_admin_delegations branch from 74a6b24 to d6116fc Compare November 26, 2025 14:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.