From 1283fd68fc2063dc934c3ac365c2c3dc048fc719 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20=C5=81ojewski?= <marcin.lojewski@mlojewski.me>
Date: Tue, 8 Oct 2019 19:44:23 +0200
Subject: [PATCH] issue#95 - Do not include users which are disabled

---
 CHANGELOG.md                |  1 +
 README.md                   |  1 +
 lib/Constant/DB.php         |  1 +
 lib/Query/QueryProvider.php | 15 +++++++++++----
 templates/admin.php         |  1 +
 5 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5f52e58..f5babed 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Support Nextcloud password_policy
 - Extend user/group search
 - Support for Nextcloud 18
+- Do not include users which are disabled
 
 ### Fixed
 - Getting user display names backend
diff --git a/README.md b/README.md
index 5888a6d..d004637 100644
--- a/README.md
+++ b/README.md
@@ -73,6 +73,7 @@ Name | Description | Details
 **Password** | Password hash column. | Mandatory for user backend.
 **Display name** | Display name column. | Optional.
 **Active** | Flag indicating if user can log in. | Optional.<br/>Default: true.
+**Disabled** | Flag indicating if user should not be visible (not included in searches). | Optional.<br/>Default: false.
 **Provide avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
 **Salt** | Salt which is appended to password when checking or changing the password. | Optional.
 **Append salt** | Append a salt to the password. | Optional.<br/>Default: false.
diff --git a/lib/Constant/DB.php b/lib/Constant/DB.php
index b05fc0f..0442b13 100644
--- a/lib/Constant/DB.php
+++ b/lib/Constant/DB.php
@@ -47,6 +47,7 @@ final class DB
 
     const USER_ACTIVE_COLUMN = "db.table.user.column.active";
     const USER_AVATAR_COLUMN = "db.table.user.column.avatar";
+    const USER_DISABLED_COLUMN = "db.table.user.column.disabled";
     const USER_EMAIL_COLUMN = "db.table.user.column.email";
     const USER_HOME_COLUMN = "db.table.user.column.home";
     const USER_NAME_COLUMN = "db.table.user.column.name";
diff --git a/lib/Query/QueryProvider.php b/lib/Query/QueryProvider.php
index eca7571..81ff994 100644
--- a/lib/Query/QueryProvider.php
+++ b/lib/Query/QueryProvider.php
@@ -68,6 +68,7 @@ class QueryProvider implements \ArrayAccess
 
         $uActive = $this->properties[DB::USER_ACTIVE_COLUMN];
         $uAvatar = $this->properties[DB::USER_AVATAR_COLUMN];
+        $uDisabled = $this->properties[DB::USER_DISABLED_COLUMN];
         $uEmail = $this->properties[DB::USER_EMAIL_COLUMN];
         $uHome = $this->properties[DB::USER_HOME_COLUMN];
         $uName = $this->properties[DB::USER_NAME_COLUMN];
@@ -121,7 +122,8 @@ class QueryProvider implements \ArrayAccess
             Query::COUNT_USERS =>
                 "SELECT COUNT(u.$uUID) AS count " .
                 "FROM $user u " .
-                "WHERE u.$uUID LIKE :$searchParam",
+                "WHERE u.$uUID LIKE :$searchParam " .
+                (empty($uDisabled) ? "" : "AND NOT u.$uDisabled"),
 
             Query::FIND_GROUP =>
                 "SELECT $groupColumns " .
@@ -146,12 +148,14 @@ class QueryProvider implements \ArrayAccess
             Query::FIND_USER =>
                 "SELECT $userColumns, u.$uPassword AS password " .
                 "FROM $user u " .
-                "WHERE u.$uUID = :$uidParam",
+                "WHERE u.$uUID = :$uidParam " .
+                (empty($uDisabled) ? "" : "AND NOT u.$uDisabled"),
 
             Query::FIND_USER_CASE_INSENSITIVE =>
                 "SELECT $userColumns, u.$uPassword AS password " .
                 "FROM $user u " .
-                "WHERE lower(u.$uUID) = lower(:$uidParam)",
+                "WHERE lower(u.$uUID) = lower(:$uidParam) " .
+                (empty($uDisabled) ? "" : "AND NOT u.$uDisabled"),
 
             Query::FIND_USER_GROUPS =>
                 "SELECT $groupColumns " .
@@ -163,9 +167,12 @@ class QueryProvider implements \ArrayAccess
             Query::FIND_USERS =>
                 "SELECT $userColumns " .
                 "FROM $user u " .
-                "WHERE u.$uUID LIKE :$searchParam " .
+                "WHERE (" .
+                "u.$uUID LIKE :$searchParam " .
                 (empty($uName) ? "" : "OR u.$uName LIKE :$searchParam ") .
                 (empty($uEmail) ? "" : "OR u.$uEmail LIKE :$searchParam ") .
+                ")" .
+                (empty($uDisabled) ? "" : "AND NOT u.$uDisabled ") .
                 "ORDER BY u.$uUID",
 
             Query::UPDATE_DISPLAY_NAME =>
diff --git a/templates/admin.php b/templates/admin.php
index 579fb94..a5c7c34 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -158,6 +158,7 @@ function print_select_options(
                 print_text_input($l, "db-table-user-column-password", "Password", $_["db.table.user.column.password"]);
                 print_text_input($l, "db-table-user-column-name", "Display name", $_["db.table.user.column.name"]);
                 print_text_input($l, "db-table-user-column-active", "Active", $_["db.table.user.column.active"]);
+                print_text_input($l, "db-table-user-column-disabled", "Disabled", $_["db.table.user.column.disabled"]);
                 print_text_input($l, "db-table-user-column-avatar", "Provide avatar", $_["db.table.user.column.avatar"]);
                 print_text_input($l, "db-table-user-column-salt", "Salt", $_["db.table.user.column.salt"]); ?>
                 <div class="inner-fieldset">