fix(assignments): show real display name to share recipients

lib/Db/User.php

@@ -12,18 +12,17 @@
 
 class User extends RelationalObject {
 	private IUserManager $userManager;
-	public function __construct($uid, IUserManager $userManager) {
+
+	public function __construct(string $uid, IUserManager $userManager) {
 		$this->userManager = $userManager;
-		parent::__construct($uid, function ($object) {
-			return $this->userManager->get($object->getPrimaryKey());
-		});
+		parent::__construct($uid, fn () => $this->userManager->get($uid));
 	}
 
 	public function getObjectSerialization(): array {
 		return [
-			'uid' => $this->getObject()->getUID(),
+			'uid' => $this->getUID(),
 			'displayname' => $this->getDisplayName(),
-			'type' => Acl::PERMISSION_TYPE_USER
+			'type' => Acl::PERMISSION_TYPE_USER,
 		];
 	}
 
@@ -32,10 +31,11 @@ public function getUID(): string {
 	}
 
 	public function getDisplayName(): ?string {
-		return $this->userManager->getDisplayName($this->getPrimaryKey());
+		$user = $this->getObject();
+		return $user ? $user->getDisplayName() : $this->getPrimaryKey();
 	}
 
-	public function getUserObject(): IUser {
+	public function getUserObject(): ?IUser {
 		return $this->getObject();
 	}
 }

lib/Sharing/DeckShareProvider.php

@@ -1210,7 +1210,10 @@ public function getUsersForShare(IShare $share): iterable {
 			}
 
 			foreach ($this->permissionService->findUsers($boardId) as $user) {
-				yield $user->getUserObject();
+				$userObject = $user->getUserObject();
+				if ($userObject !== null) {
+					yield $userObject;
+				}
 			}
 		}
 

tests/unit/Db/UserTest.php

@@ -34,13 +34,13 @@ public function testGroupObjectSerialize() {
 		$user->expects($this->any())
 			->method('getUID')
 			->willReturn('myuser');
+		$user->expects($this->any())
+			->method('getDisplayName')
+			->willReturn('myuser displayname');
 		$userManager = $this->createMock(IUserManager::class);
 		$userManager->expects($this->any())
 			->method('get')
 			->willReturn($user);
-		$userManager->expects($this->any())
-			->method('getDisplayName')
-			->willReturn('myuser displayname');
 		$userRelationalObject = new User('myuser', $userManager);
 		$expected = [
 			'uid' => 'myuser',
@@ -56,13 +56,13 @@ public function testGroupJSONSerialize() {
 		$user->expects($this->any())
 			->method('getUID')
 			->willReturn('myuser');
+		$user->expects($this->any())
+			->method('getDisplayName')
+			->willReturn('myuser displayname');
 		$userManager = $this->createMock(IUserManager::class);
 		$userManager->expects($this->any())
 			->method('get')
 			->willReturn($user);
-		$userManager->expects($this->any())
-			->method('getDisplayName')
-			->willReturn('myuser displayname');
 		$userRelationalObject = new User('myuser', $userManager);
 		$expected = [
 			'uid' => 'myuser',
@@ -72,4 +72,29 @@ public function testGroupJSONSerialize() {
 		];
 		$this->assertEquals($expected, $userRelationalObject->jsonSerialize());
 	}
+
+	public function testIgnoresAccountPropertyScope() {
+		// Regression: IUserManager::getDisplayName() returns the UID when the
+		// requesting user is not allowed to see the target user's display name
+		// (account-property visibility scope). Serialization must use the IUser
+		// directly so collaborators on the same board always see real names.
+		/** @var IUser $user */
+		$user = $this->createMock(IUser::class);
+		$user->expects($this->any())
+			->method('getUID')
+			->willReturn('WBE32');
+		$user->expects($this->any())
+			->method('getDisplayName')
+			->willReturn('Pedro Jota');
+		$userManager = $this->createMock(IUserManager::class);
+		$userManager->expects($this->any())
+			->method('get')
+			->willReturn($user);
+		$userManager->expects($this->any())
+			->method('getDisplayName')
+			->willReturn('WBE32');
+		$userRelationalObject = new User('WBE32', $userManager);
+		$serialized = $userRelationalObject->getObjectSerialization();
+		$this->assertSame('Pedro Jota', $serialized['displayname']);
+	}
 }