fixup! fix(dav): Limit share/unshare requests per user

Author: kesselb

apps/dav/lib/DAV/Security/RateLimiting.php

@@ -11,29 +11,24 @@
 
 use OCA\DAV\Connector\Sabre\Exception\TooManyRequests;
 use OCP\IAppConfig;
-use OCP\IUserManager;
+use OCP\IUserSession;
 use OCP\Security\RateLimiting\ILimiter;
 use OCP\Security\RateLimiting\IRateLimitExceededException;
 
 class RateLimiting {
 
 	public function __construct(
-		private readonly ILimiter $limiter,
-		private readonly IUserManager $userManager,
+		private readonly IUserSession $userSession,
 		private readonly IAppConfig $config,
-		private readonly ?string $userId,
+		private readonly ILimiter $limiter,
 	) {
 	}
 
 	/**
 	 * @throws TooManyRequests
 	 */
 	public function check(): void {
-		if ($this->userId === null) {
-			return;
-		}
-
-		$user = $this->userManager->get($this->userId);
+		$user = $this->userSession->getUser();
 		if ($user === null) {
 			return;
 		}

apps/dav/tests/unit/DAV/Security/RateLimitingTest.php

@@ -13,49 +13,47 @@
 use OCA\DAV\DAV\Security\RateLimiting;
 use OCP\IAppConfig;
 use OCP\IUser;
-use OCP\IUserManager;
+use OCP\IUserSession;
 use OCP\Security\RateLimiting\ILimiter;
 use OCP\Security\RateLimiting\IRateLimitExceededException;
 use PHPUnit\Framework\MockObject\MockObject;
 use Test\TestCase;
 
 class RateLimitingTest extends TestCase {
-	private ILimiter&MockObject $limiter;
-	private IUserManager&MockObject $userManager;
+	private IUserSession $userSession;
 	private IAppConfig&MockObject $config;
+	private ILimiter&MockObject $limiter;
 	private RateLimiting $rateLimiting;
 	private string $userId = 'user123';
 
 	protected function setUp(): void {
 		parent::setUp();
 
-		$this->limiter = $this->createMock(ILimiter::class);
-		$this->userManager = $this->createMock(IUserManager::class);
+		$this->userSession = $this->createMock(IUserSession::class);
 		$this->config = $this->createMock(IAppConfig::class);
+		$this->limiter = $this->createMock(ILimiter::class);
+
 		$this->rateLimiting = new RateLimiting(
-			$this->limiter,
-			$this->userManager,
+			$this->userSession,
 			$this->config,
-			$this->userId,
+			$this->limiter,
 		);
 	}
 
 	public function testNoUserObject(): void {
-		$this->userManager->expects(self::once())
-			->method('get')
-			->with($this->userId)
+		$this->userSession->expects($this->once())
+			->method('getUser')
 			->willReturn(null);
-		$this->limiter->expects(self::never())
+		$this->limiter->expects($this->never())
 			->method('registerUserRequest');
 
 		$this->rateLimiting->check();
 	}
 
 	public function testRegisterShareRequest(): void {
 		$user = $this->createMock(IUser::class);
-		$this->userManager->expects(self::once())
-			->method('get')
-			->with($this->userId)
+		$this->userSession->expects($this->once())
+			->method('getUser')
 			->willReturn($user);
 		$this->config->method('getValueInt')
 			->willReturnCallback(static function (string $app, string $key, int $default): int {
@@ -65,7 +63,7 @@ public function testRegisterShareRequest(): void {
 					default => $default,
 				};
 			});
-		$this->limiter->expects(self::once())
+		$this->limiter->expects($this->once())
 			->method('registerUserRequest')
 			->with(
 				'share-addressbook-or-calendar',
@@ -79,13 +77,12 @@ public function testRegisterShareRequest(): void {
 
 	public function testShareRequestRateLimitExceeded(): void {
 		$user = $this->createMock(IUser::class);
-		$this->userManager->expects(self::once())
-			->method('get')
-			->with($this->userId)
+		$this->userSession->expects($this->once())
+			->method('getUser')
 			->willReturn($user);
 		$this->config->method('getValueInt')
 			->willReturnArgument(2);
-		$this->limiter->expects(self::once())
+		$this->limiter->expects($this->once())
 			->method('registerUserRequest')
 			->with(
 				'share-addressbook-or-calendar',