Merge pull request #606 from nextcloud/fix/wopi-session-user

chore: Switch to new API to set volatile user to prevent persisting it in any case
nextcloud · Dec 19, 2024 · f13040b · f13040b
2 parents 95ccc6c + a8812d5
commit f13040b
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 3 deletions.
diff --git a/lib/Controller/WopiController.php b/lib/Controller/WopiController.php
@@ -295,8 +295,7 @@ public function getFile($fileId,
 
 		try {
 			/** @var File $file */
-			$userFolder = $this->rootFolder->getUserFolder($wopi->getOwnerUid());
-			$file = $userFolder->getById($fileId)[0];
+			$file = $this->getFileForWopiToken($wopi);
 			\OC_User::setIncognitoMode(true);
 			if ($version !== '0') {
 				$view = new View('/' . $wopi->getOwnerUid() . '/files');

diff --git a/lib/Service/UserScopeService.php b/lib/Service/UserScopeService.php
@@ -31,7 +31,12 @@ public function setUserScope(?string $uid = null) {
 		if ($user === null) {
 			throw new \InvalidArgumentException('No user found for the uid ' . $uid);
 		}
-		$this->userSession->setUser($user);
+
+		if (method_exists($this->userSession, 'setVolatileActiveUser')) {
+			$this->userSession->setVolatileActiveUser($user);
+		} else {
+			$this->userSession->setUser($user);
+		}
 	}
 
 	/**