From f29f3ce642c899a200de2a6c5e7e2703db5e7a8f Mon Sep 17 00:00:00 2001
From: Giuliano Mele <giuliano.mele@verdigado.com>
Date: Fri, 20 Aug 2021 16:45:14 +0200
Subject: [PATCH] Ensure admin cannot unassign SAML group members

Co-authored-by: Jonathan Treffler <mail@jonathan-treffler.de>
Co-authored-by: Giuliano Mele <giuliano.mele@verdigado.com>
---
 lib/GroupBackend.php | 5 +----
 lib/GroupManager.php | 2 +-
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/lib/GroupBackend.php b/lib/GroupBackend.php
index 2f31d7866..36363fb42 100644
--- a/lib/GroupBackend.php
+++ b/lib/GroupBackend.php
@@ -8,12 +8,9 @@
 use OCP\Group\Backend\ABackend;
 use OCP\Group\Backend\IAddToGroupBackend;
 use OCP\Group\Backend\ICountUsersBackend;
-use OCP\Group\Backend\ICreateGroupBackend;
-use OCP\Group\Backend\IDeleteGroupBackend;
-use OCP\Group\Backend\IRemoveFromGroupBackend;
 use OCP\IDBConnection;
 
-class GroupBackend extends ABackend implements IAddToGroupBackend, IRemoveFromGroupBackend, ICountUsersBackend {
+class GroupBackend extends ABackend implements IAddToGroupBackend, ICountUsersBackend {
 	/** @var IDBConnection */
 	private $dbc;
 
diff --git a/lib/GroupManager.php b/lib/GroupManager.php
index 23972b335..833e72850 100644
--- a/lib/GroupManager.php
+++ b/lib/GroupManager.php
@@ -119,7 +119,7 @@ public function removeGroup(IUser $user, string $gid) {
 		if($group === null) {
 			return;
 		}
-		$group->removeUser($user);
+		$this->ownGroupBackend->removeFromGroup($user->getUID(), $group->getGID());
 		if ($this->ownGroupBackend->countUsersInGroup($gid) === 0) {
 			$this->ownGroupBackend->deleteGroup($group->getGID());
 		}