diff --git a/lib/private/Avatar/AvatarManager.php b/lib/private/Avatar/AvatarManager.php index 1e137fa87157e..69a35556a8cff 100644 --- a/lib/private/Avatar/AvatarManager.php +++ b/lib/private/Avatar/AvatarManager.php @@ -69,6 +69,9 @@ public function __construct( /** * return a user specific instance of \OCP\IAvatar + * + * If the user is disabled a guest avatar will be returned + * * @see \OCP\IAvatar * @param string $userId the ownCloud user id * @throws \Exception In case the username is potentially dangerous @@ -80,6 +83,10 @@ public function getAvatar(string $userId): IAvatar { throw new \Exception('user does not exist'); } + if (!$user->isEnabled()) { + return $this->getGuestAvatar($userId); + } + // sanitize userID - fixes casing issue (needed for the filesystem stuff that is done below) $userId = $user->getUID(); diff --git a/tests/lib/Avatar/AvatarManagerTest.php b/tests/lib/Avatar/AvatarManagerTest.php index b35fb2f23a8ab..a756eff58a003 100644 --- a/tests/lib/Avatar/AvatarManagerTest.php +++ b/tests/lib/Avatar/AvatarManagerTest.php @@ -108,6 +108,11 @@ public function testGetAvatarForSelf() { ->method('getUID') ->willReturn('valid-user'); + $user + ->expects($this->any()) + ->method('isEnabled') + ->willReturn(true); + // requesting user $this->userSession->expects($this->once()) ->method('getUser') @@ -162,6 +167,11 @@ public function testGetAvatarValidUserDifferentCasing() { ->method('getUID') ->willReturn('valid-user'); + $user + ->expects($this->any()) + ->method('isEnabled') + ->willReturn(true); + $this->userSession->expects($this->once()) ->method('getUser') ->willReturn($user); @@ -231,6 +241,12 @@ public function testGetAvatarScopes($avatarScope, $isPublicCall, $isKnownUser, $ ->expects($this->once()) ->method('getUID') ->willReturn('valid-user'); + + $user + ->expects($this->any()) + ->method('isEnabled') + ->willReturn(true); + $this->userManager ->expects($this->once()) ->method('get')