From 20dd80d2fd7bf2bb41dc4523dcb5d9b6b03b73ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Tue, 19 Mar 2024 09:31:00 +0100
Subject: [PATCH 1/2] fix: Do not use incognito mode for direct editing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 lib/private/DirectEditing/Manager.php | 2 --
 1 file changed, 2 deletions(-)

diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php
index da4811589da..53e2e170ed1 100644
--- a/lib/private/DirectEditing/Manager.php
+++ b/lib/private/DirectEditing/Manager.php
@@ -272,13 +272,11 @@ class Manager implements IManager {
 	}
 
 	public function invokeTokenScope($userId): void {
-		\OC_User::setIncognitoMode(true);
 		\OC_User::setUserId($userId);
 	}
 
 	public function revertTokenScope(): void {
 		$this->userSession->setUser(null);
-		\OC_User::setIncognitoMode(false);
 	}
 
 	public function createToken($editorId, File $file, string $filePath, IShare $share = null): string {

From e330efe5a04b69af935b4b779511b732c2a69e73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Tue, 19 Mar 2024 11:12:03 +0100
Subject: [PATCH 2/2] fix: Implement option to temporarily set the user session
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 apps/files_external/lib/Migration/DummyUserSession.php | 9 +++++----
 lib/private/User/Session.php                           | 9 +++++++++
 lib/private/legacy/OC_User.php                         | 3 ++-
 lib/public/IUserSession.php                            | 8 ++++++++
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/apps/files_external/lib/Migration/DummyUserSession.php b/apps/files_external/lib/Migration/DummyUserSession.php
index e1b2b500188..ce987b3c575 100644
--- a/apps/files_external/lib/Migration/DummyUserSession.php
+++ b/apps/files_external/lib/Migration/DummyUserSession.php
@@ -29,10 +29,7 @@ use OCP\IUserSession;
 
 class DummyUserSession implements IUserSession {
 
-	/**
-	 * @var IUser
-	 */
-	private $user;
+	private ?IUser $user = null;
 
 	public function login($uid, $password) {
 	}
@@ -44,6 +41,10 @@ class DummyUserSession implements IUserSession {
 		$this->user = $user;
 	}
 
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->user = $user;
+	}
+
 	public function getUser() {
 		return $this->user;
 	}
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index f2c0010b6be..af2599e26b6 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -211,6 +211,15 @@ class Session implements IUserSession, Emitter {
 		$this->activeUser = $user;
 	}
 
+	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 */
+	public function setVolatileActiveUser(?IUser $user): void {
+		$this->activeUser = $user;
+	}
+
 	/**
 	 * get the current active user
 	 *
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php
index 47890fd8dda..c3bf2b995c4 100644
--- a/lib/private/legacy/OC_User.php
+++ b/lib/private/legacy/OC_User.php
@@ -41,6 +41,7 @@ use OCP\EventDispatcher\IEventDispatcher;
 use OCP\IGroupManager;
 use OCP\IUser;
 use OCP\IUserManager;
+use OCP\IUserSession;
 use OCP\Server;
 use OCP\User\Events\BeforeUserLoggedInEvent;
 use OCP\User\Events\UserLoggedInEvent;
@@ -338,7 +339,7 @@ class OC_User {
 	 * @return string|false uid or false
 	 */
 	public static function getUser() {
-		$uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
+		$uid = Server::get(IUserSession::class)->getUser()?->getUID();
 		if (!is_null($uid) && self::$incognitoMode === false) {
 			return $uid;
 		} else {
diff --git a/lib/public/IUserSession.php b/lib/public/IUserSession.php
index 7bc37cc67c6..dc6094550bc 100644
--- a/lib/public/IUserSession.php
+++ b/lib/public/IUserSession.php
@@ -63,6 +63,14 @@ interface IUserSession {
 	 */
 	public function setUser($user);
 
+	/**
+	 * Temporarily set the currently active user without persisting in the session
+	 *
+	 * @param IUser|null $user
+	 * @since 29.0.0
+	 */
+	public function setVolatileActiveUser(?IUser $user): void;
+
 	/**
 	 * get the current active user
 	 *