search

nextcloud / server

☁️ Nextcloud server, a safe home for all your data
https://nextcloud.com
GNU Affero General Public License v3.0
26.83k stars 4.01k forks source link

[Bug]: ContactsSearchProvider not respecting share enumeration #37799

Closed miaulalala closed 1 year ago

miaulalala commented 1 year ago

⚠️ This issue respects the following points: ⚠️

Bug description

The ContactsSearchProvider indiscriminately searches in all principal address books:

$searchResults = $this->backend->searchPrincipalUri(
            $principalUri,
            $query->getTerm(),
            self::$searchProperties,
            [
                'limit' => $query->getLimit(),
                'offset' => $query->getCursor(),
            ]
        );

Unless the filtering is done somewhere else, the share enumeration that is defined in the Share API is not taken into account.

Steps to reproduce

Expected behavior

Share enumeration is taken into account.

Installation method

Other Community project

Nextcloud Server version

master

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.0

Web server

Apache (supported)

Database engine version

MySQL

Is this bug present after an update or on a fresh install?

None

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

Configuration report

No response

List of activated Apps

--

Nextcloud Signing status

No response

Nextcloud Logs

No response

Additional info

No response

miaulalala commented 1 year ago

Contacts Search provider is only searching the users own contacts, so no need to intergate the share enumeration as that only applies to the SAB. Adding the SAB would lead to duplicate contacts which is what was resolved by exposing the SAB.