Details
-
Improvement
-
Resolution: Unresolved
-
Major
-
None
-
14.10
-
None
-
Unknown
-
Description
Right now the code is:
#if ($hasAdmin && "$!request.userId" != "" && ($request.action == "disable" || $request.action == "enable") && $services.csrf.isTokenValid($request.csrf)) #set ($user = $xwiki.getUser($request.userId)) #set ($isCurrentUser = $user.getUser().userReference.equals($xcontext.userReference)) #if (!$isCurrentUser && $user.getUser().exists($xcontext.context)) #set ($disabled = ($request.action == "disable")) #set ($discard = $user.setDisabledStatus($disabled)) #set ($success = ($disabled && $user.isDisabled()) || (!$disabled && !$user.isDisabled())) #else #set ($success = false) #end
The problem is that User#getUser() requires PR:
/**
* Expose the wrapped XWikiUser object. Requires programming rights.
*
* @return The wrapped XWikiUser object, or {@code null} if the user does not have programming rights.
*/
@Programming
public XWikiUser getUser()
{
if (hasProgrammingRights()) {
return this.user;
}
return null;
}
We need to expose more public APIs to be able to know if the current user reference matches a given reference and to check for its existence (not sure why we need this since the current user has to exist, no?)
Attachments
Issue Links
- relates to
-
XWIKI-20497 The PR checker is not executed for docker-based tests
-
- Closed
-