use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
use OCP\Files\NotFoundException;
+use OCP\Group\ISubAdmin;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IRequest;
+use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\L10N\IFactory;
protected $userSession;
/** @var IAccountManager */
protected $accountManager;
+ /** @var ISubAdmin */
+ protected $subAdminManager;
/** @var IFactory */
protected $l10nFactory;
IGroupManager $groupManager,
IUserSession $userSession,
IAccountManager $accountManager,
+ ISubAdmin $subAdminManager,
IFactory $l10nFactory) {
parent::__construct($appName, $request);
$this->groupManager = $groupManager;
$this->userSession = $userSession;
$this->accountManager = $accountManager;
+ $this->subAdminManager = $subAdminManager;
$this->l10nFactory = $l10nFactory;
}
$data['backend'] = $targetUserObject->getBackendClassName();
$data['subadmin'] = $this->getUserSubAdminGroupsData($targetUserObject->getUID());
$data[self::USER_FIELD_QUOTA] = $this->fillStorageInfo($targetUserObject->getUID());
- $managerUids = $targetUserObject->getManagerUids();
- $data[self::USER_FIELD_MANAGER] = empty($managerUids) ? '' : $managerUids[0];
+ $managers = $this->getManagers($targetUserObject);
+ $data[self::USER_FIELD_MANAGER] = empty($managers) ? '' : $managers[0];
try {
if ($includeScopes) {
return $data;
}
+ /**
+ * @return string[]
+ */
+ protected function getManagers(IUser $user): array {
+ $currentLoggedInUser = $this->userSession->getUser();
+
+ $managerUids = $user->getManagerUids();
+ if ($this->groupManager->isAdmin($currentLoggedInUser->getUID()) || $this->groupManager->isDelegatedAdmin($currentLoggedInUser->getUID())) {
+ return $managerUids;
+ }
+
+ if ($this->subAdminManager->isSubAdmin($currentLoggedInUser)) {
+ $accessibleManagerUids = array_values(array_filter(
+ $managerUids,
+ function (string $managerUid) use ($currentLoggedInUser) {
+ $manager = $this->userManager->get($managerUid);
+ if (!($manager instanceof IUser)) {
+ return false;
+ }
+ return $this->subAdminManager->isUserAccessible($currentLoggedInUser, $manager);
+ },
+ ));
+ return $accessibleManagerUids;
+ }
+
+ return [];
+ }
+
/**
* Get the groups a user is a subadmin of
*
use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
+use OCP\Group\ISubAdmin;
use OCP\IConfig;
use OCP\IGroup;
use OCP\IGroupManager;
IGroupManager $groupManager,
IUserSession $userSession,
IAccountManager $accountManager,
+ ISubAdmin $subAdminManager,
IFactory $l10nFactory,
LoggerInterface $logger) {
parent::__construct($appName,
$groupManager,
$userSession,
$accountManager,
+ $subAdminManager,
$l10nFactory
);
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Group\ISubAdmin;
use OCP\HintException;
use OCP\IConfig;
use OCP\IGroup;
IGroupManager $groupManager,
IUserSession $userSession,
IAccountManager $accountManager,
+ ISubAdmin $subAdminManager,
IFactory $l10nFactory,
private IURLGenerator $urlGenerator,
private LoggerInterface $logger,
$groupManager,
$userSession,
$accountManager,
+ $subAdminManager,
$l10nFactory
);
$permittedFields[] = IAccountManager::PROPERTY_PROFILE_ENABLED;
$permittedFields[] = IAccountManager::PROPERTY_BIRTHDATE;
$permittedFields[] = IAccountManager::PROPERTY_PRONOUNS;
-
+
$permittedFields[] = IAccountManager::PROPERTY_PHONE . self::SCOPE_SUFFIX;
$permittedFields[] = IAccountManager::PROPERTY_ADDRESS . self::SCOPE_SUFFIX;
$permittedFields[] = IAccountManager::PROPERTY_WEBSITE . self::SCOPE_SUFFIX;
projects / nextcloud-server.git / commitdiff