nextcloud/passman
1
1
Fork 0
mirror of https://github.com/nextcloud/passman.git synced 2025-11-10 14:11:06 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'EdOverflow/hash_equals'

Browse source
This commit is contained in:
brantje 2017-01-06 19:38:47 +01:00
commit f0e00c5704
No known key found for this signature in database
GPG key ID: 5FF1D117F918687F
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
controller/credentialcontroller.php
View file

@ -142,7 +142,7 @@ class CredentialController extends ApiController {
); );
if ($storedCredential->getUserId() !== $this->userId) { if (!hash_equals($storedCredential->getUserId(), $this->userId)) {
$acl = $this->sharingService->getCredentialAclForUser($this->userId, $storedCredential->getGuid()); $acl = $this->sharingService->getCredentialAclForUser($this->userId, $storedCredential->getGuid());
if ($acl->hasPermission(SharingACL::WRITE)) { if ($acl->hasPermission(SharingACL::WRITE)) {
$credential['shared_key'] = $storedCredential->getSharedKey(); $credential['shared_key'] = $storedCredential->getSharedKey();
@ -219,7 +219,7 @@ class CredentialController extends ApiController {
'', array(), '', array(),
$link, $target_user, Activity::TYPE_ITEM_ACTION); $link, $target_user, Activity::TYPE_ITEM_ACTION);
} }
if ($this->userId !== $storedCredential->getUserId()) { if (!hash_equals($this->userId, $storedCredential->getUserId())) {
$this->activityService->add( $this->activityService->add(
$activity, $params, $activity, $params,
'', array(), '', array(),