Check circle level

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Author: juliusknorr

lib/Service/CirclesService.php

@@ -26,6 +26,7 @@
 
 namespace OCA\Deck\Service;
 
+use OCA\Circles\Api\v1\Circles;
 use OCP\App\IAppManager;
 
 /**
@@ -53,8 +54,8 @@ public function isUserInCircle($circleId, $userId): bool {
 		}
 
 		try {
-			\OCA\Circles\Api\v1\Circles::getMember($circleId, $userId, 1, true);
-			return true;
+			$member = \OCA\Circles\Api\v1\Circles::getMember($circleId, $userId, 1, true);
+			return $member->getLevel() >= Circles::LEVEL_MEMBER;
 		} catch (\Exception $e) {
 		}
 		return false;

lib/Service/PermissionService.php

@@ -23,6 +23,7 @@
 
 namespace OCA\Deck\Service;
 
+use OCA\Circles\Model\Member;
 use OCA\Deck\Db\Acl;
 use OCA\Deck\Db\AclMapper;
 use OCA\Deck\Db\Board;
@@ -194,8 +195,8 @@ public function userCan(array $acls, $permission, $userId = null) {
 
 			if ($this->circlesEnabled && $acl->getType() === Acl::PERMISSION_TYPE_CIRCLE) {
 				try {
-					\OCA\Circles\Api\v1\Circles::getMember($acl->getParticipant(), $this->userId, 1, true);
-					return $acl->getPermission($permission);
+					$member = \OCA\Circles\Api\v1\Circles::getMember($acl->getParticipant(), $this->userId, 1, true);
+					return $member->getLevel() >= Member::LEVEL_MEMBER && $acl->getPermission($permission);
 				} catch (\Exception $e) {
 					$this->logger->info('Member not found in circle that was accessed. This should not happen.');
 				}

tests/psalm-baseline.xml

@@ -260,7 +260,8 @@
     </RedundantCondition>
   </file>
   <file src="lib/Service/PermissionService.php">
-    <UndefinedClass occurrences="2">
+    <UndefinedClass occurrences="3">
+      <code>Member</code>
       <code>\OCA\Circles\Api\v1\Circles</code>
       <code>\OCA\Circles\Api\v1\Circles</code>
     </UndefinedClass>