Merge pull request #11784 from nextcloud/bugfix/noid/add-avatar-test

test(federation): Add test for avatar federation

3 files changed, 9 insertions, 3 deletions

diff --git a/lib/Controller/FederationController.php b/lib/Controller/FederationController.php
index 2a8072672..a9b352604 100644
--- a/lib/Controller/FederationController.php
+++ b/lib/Controller/FederationController.php
@@ -129,9 +129,10 @@ class FederationController extends OCSController {
 	 *
 	 * @param int $id ID of the share
 	 * @psalm-param non-negative-int $id
-	 * @return DataResponse<Http::STATUS_OK, array<empty>, array{}>|DataResponse<Http::STATUS_NOT_FOUND, array{error?: string}, array{}>
+	 * @return DataResponse<Http::STATUS_OK, array<empty>, array{}>|DataResponse<Http::STATUS_NOT_FOUND|Http::STATUS_BAD_REQUEST, array{error?: string}, array{}>
 	 *
 	 * 200: Invite declined successfully
+	 * 400: Invite was already accepted, use the "Remove the current user from a room" endpoint instead
 	 * 404: Invite can not be found
 	 */
 	#[NoAdminRequired]
@@ -146,7 +147,7 @@ class FederationController extends OCSController {
 		} catch (UnauthorizedException $e) {
 			return new DataResponse([], Http::STATUS_NOT_FOUND);
 		} catch (\InvalidArgumentException $e) {
-			return new DataResponse(['error' => $e->getMessage()], Http::STATUS_NOT_FOUND);
+			return new DataResponse(['error' => $e->getMessage()], $e->getMessage() === 'invitation' ? Http::STATUS_NOT_FOUND : Http::STATUS_BAD_REQUEST);
 		}
 		return new DataResponse();
 	}
diff --git a/lib/Federation/FederationManager.php b/lib/Federation/FederationManager.php
index d81d1e344..6dfaf27ff 100644
--- a/lib/Federation/FederationManager.php
+++ b/lib/Federation/FederationManager.php
@@ -177,6 +177,11 @@ class FederationManager {
 		} catch (DoesNotExistException $e) {
 			throw new \InvalidArgumentException('invitation');
 		}
+
+		if ($invitation->getState() !== Invitation::STATE_PENDING) {
+			throw new \InvalidArgumentException('state');
+		}
+
 		if ($invitation->getUserId() !== $user->getUID()) {
 			throw new UnauthorizedException('user');
 		}
diff --git a/lib/Middleware/InjectionMiddleware.php b/lib/Middleware/InjectionMiddleware.php
index 81279fcd3..31b961d24 100644
--- a/lib/Middleware/InjectionMiddleware.php
+++ b/lib/Middleware/InjectionMiddleware.php
@@ -259,13 +259,13 @@ class InjectionMiddleware extends Middleware {
 		if (!$room instanceof Room) {
 			$token = $this->request->getParam('token');
 			$room = $this->manager->getRoomByToken($token);
-			$controller->setRoom($room);
 		}
 
 		$participant = $controller->getParticipant();
 		if (!$participant instanceof Participant) {
 			try {
 				$invitation = $this->invitationMapper->getInvitationsForUserByLocalRoom($room, $this->userId);
+				$controller->setRoom($room);
 				$controller->setInvitation($invitation);
 			} catch (DoesNotExistException $e) {
 				throw new ParticipantNotFoundException('No invite available', $e->getCode(), $e);