Jonas Meurer 3fe267b772 Respect user enumeration settings in user status lists ... So far, the functions to find user statuses listed didn't respect user enumeration settings (`shareapi_allow_share_dialog_user_enumeration` and `shareapi_restrict_user_enumeration_to_group` core app settings). Fix this privacy issue by returning an empty list in case `shareapi_allow_share_dialog_user_enumeration` is unset or `shareapi_restrict_user_enumeration_to_group` is set. In the long run, we might want to return users from common groups if `shareapi_restrict_user_enumeration_to_group` is set. It's complicated to implement this in a way that scales, though. See the discussion at https://github.com/nextcloud/server/pull/27879#pullrequestreview-753655308 for details. Also, don't register the user_status dashboard widget at all if `shareapi_allow_share_dialog_user_enumeration` is unset or `shareapi_restrict_user_enumeration_to_group` is set. Fixes: #27122 Signed-off-by: Jonas Meurer <jonas@freesources.org>		2021-10-20 11:33:23 +02:00
..
appinfo	Fix missing app version increment to trigger migrations	2021-10-19 08:40:53 +02:00
composer	Add an API to set and rollback the user status	2021-10-18 20:31:37 +02:00
css	User-status: Fix icon coloring	2020-08-25 18:08:46 +02:00
img	App Icons need to be white	2020-08-27 10:05:12 +02:00
js	Profile frontend	2021-10-19 04:59:36 +00:00
l10n	[tx-robot] updated from transifex	2021-10-20 02:43:00 +00:00
lib	Respect user enumeration settings in user status lists	2021-10-20 11:33:23 +02:00
src	Profile frontend	2021-10-19 04:59:36 +00:00
tests	Respect user enumeration settings in user status lists	2021-10-20 11:33:23 +02:00
.l10nignore	Ignore bundled assets in l10n	2020-09-15 11:28:10 +02:00
webpack.js	Bump js licenses	2021-03-31 12:17:18 +02:00