diff --git a/lib/Model/User/User.php b/lib/Model/User/User.php index 163d84636..7940cedac 100644 --- a/lib/Model/User/User.php +++ b/lib/Model/User/User.php @@ -10,7 +10,6 @@ use OCA\Polls\Helper\Container; use OCA\Polls\Model\UserBase; -use OCP\IConfig; use OCP\IUser; use OCP\IUserManager; @@ -22,7 +21,6 @@ class User extends UserBase { /** @var string */ public const PRINCIPAL_PREFIX = 'principals/users/'; - private IConfig $config; private IUser $user; public function __construct( @@ -40,7 +38,6 @@ public function __construct( * setUp */ private function setUp(): void { - $this->config = Container::queryClass(IConfig::class); $this->user = Container::queryClass(IUserManager::class)->get($this->id); $this->displayName = $this->user->getDisplayName(); $this->emailAddress = (string)$this->user->getEmailAddress(); diff --git a/lib/Model/UserBase.php b/lib/Model/UserBase.php index 872aa5526..7543fd1e1 100644 --- a/lib/Model/UserBase.php +++ b/lib/Model/UserBase.php @@ -24,6 +24,7 @@ use OCA\Polls\Model\User\User; use OCA\Polls\UserSession; use OCP\Collaboration\Collaborators\ISearch; +use OCP\IConfig; use OCP\IDateTimeZone; use OCP\IGroupManager; use OCP\IL10N; @@ -61,6 +62,7 @@ class UserBase implements JsonSerializable { protected IL10N $l10n; protected UserSession $userSession; protected AppSettings $appSettings; + protected IConfig $config; public function __construct( protected string $id, @@ -77,6 +79,7 @@ public function __construct( $this->timeZone = Server::get(IDateTimeZone::class); $this->userSession = Server::get(UserSession::class); $this->appSettings = Server::get(AppSettings::class); + $this->config = Server::get(IConfig::class); } public function getId(): string { @@ -102,8 +105,10 @@ public function getPrincipalUri(): string { * hash the real userId to obfuscate the real userId */ public function getHashedUserId(): string { - // TODO: add a session salt - return hash('md5', $this->getId()); + $instanceId = $this->config->getSystemValue('instanceid'); + $instanceSecret = $this->config->getSystemValue('secret'); + $salt = hash('md5', $instanceId . $instanceSecret); + return hash('md5', $this->getId() . $salt); } /**