There was no "isAdminUser()" function which returned bool. This is irritiating as there were a loooooooot of places in the code which checked this itself with `OC_Group::inGroup($uid, 'admin)` - why not use a function for this? (Especially if you consider that we might change the group name in the future, which would lead to problems then) Additionally, @Raydiation needed such a method for his AppFramework :)tags/v5.0.0alpha1
@@ -127,8 +127,7 @@ class OC_API { | |||
return false; | |||
} else { | |||
$subAdmin = OC_SubAdmin::isSubAdmin($user); | |||
$admin = OC_Group::inGroup($user, 'admin'); | |||
if($subAdmin || $admin) { | |||
if($subAdmin) { | |||
return true; | |||
} else { | |||
return false; | |||
@@ -141,7 +140,7 @@ class OC_API { | |||
if(!$user) { | |||
return false; | |||
} else { | |||
return OC_Group::inGroup($user, 'admin'); | |||
return OC_User::isAdminUser($user); | |||
} | |||
break; | |||
default: |
@@ -313,14 +313,14 @@ class OC_App{ | |||
$settings[]=array( "id" => "settings", "order" => 1000, "href" => OC_Helper::linkToRoute( "settings_settings" ), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath( "settings", "settings.svg" )); | |||
//SubAdmins are also allowed to access user management | |||
if(OC_SubAdmin::isSubAdmin($_SESSION["user_id"]) || OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { | |||
if(OC_SubAdmin::isSubAdmin(OC_User::getUser())) { | |||
// admin users menu | |||
$settings[] = array( "id" => "core_users", "order" => 2, "href" => OC_Helper::linkToRoute( "settings_users" ), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath( "settings", "users.svg" )); | |||
} | |||
// if the user is an admin | |||
if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { | |||
if(OC_User::isAdminUser(OC_User::getUser())) { | |||
// admin apps menu | |||
$settings[] = array( "id" => "core_apps", "order" => 3, "href" => OC_Helper::linkToRoute( "settings_apps" ).'?installed', "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath( "settings", "apps.svg" )); | |||
@@ -57,9 +57,7 @@ class OC_JSON{ | |||
* Check if the user is a admin, send json error msg if not | |||
*/ | |||
public static function checkAdminUser() { | |||
self::checkLoggedIn(); | |||
self::verifyUser(); | |||
if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { | |||
if( !OC_User::isAdminUser(OC_User::getUser())) { | |||
$l = OC_L10N::get('lib'); | |||
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); | |||
exit(); | |||
@@ -70,9 +68,7 @@ class OC_JSON{ | |||
* Check if the user is a subadmin, send json error msg if not | |||
*/ | |||
public static function checkSubAdminUser() { | |||
self::checkLoggedIn(); | |||
self::verifyUser(); | |||
if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) { | |||
if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { | |||
$l = OC_L10N::get('lib'); | |||
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); | |||
exit(); |
@@ -219,7 +219,7 @@ class OC_Migrate{ | |||
// We need to be an admin if we are not importing our own data | |||
if(($type == 'user' && self::$uid != $currentuser) || $type != 'user' ) { | |||
if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { | |||
if( !OC_User::isAdminUser($currentuser)) { | |||
// Naughty. | |||
OC_Log::write( 'migration', 'Import not permitted.', OC_Log::ERROR ); | |||
return json_encode( array( 'success' => false ) ); |
@@ -40,7 +40,7 @@ class OC_OCS_Cloud { | |||
public static function getUserQuota($parameters) { | |||
$user = OC_User::getUser(); | |||
if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { | |||
if(OC_User::isAdminUser($user) or ($user==$parameters['user'])) { | |||
if(OC_User::userExists($parameters['user'])) { | |||
// calculate the disc space | |||
@@ -82,7 +82,7 @@ class OC_OCS_Cloud { | |||
public static function getUserPrivatekey($parameters) { | |||
$user = OC_User::getUser(); | |||
if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { | |||
if(OC_User::isAdminUser($user) or ($user==$parameters['user'])) { | |||
if(OC_User::userExists($user)) { | |||
// calculate the disc space |
@@ -122,6 +122,11 @@ class OC_SubAdmin{ | |||
* @return bool | |||
*/ | |||
public static function isSubAdmin($uid) { | |||
// Check if the user is already an admin | |||
if(OC_Group::inGroup($uid, 'admin' )) { | |||
return true; | |||
} | |||
$stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ?'); | |||
$result = $stmt->execute(array($uid)); | |||
$result = $result->fetchRow(); | |||
@@ -141,7 +146,7 @@ class OC_SubAdmin{ | |||
if(!self::isSubAdmin($subadmin)) { | |||
return false; | |||
} | |||
if(OC_Group::inGroup($user, 'admin')) { | |||
if(OC_User::isAdminUser($user)) { | |||
return false; | |||
} | |||
$accessiblegroups = self::getSubAdminsGroups($subadmin); |
@@ -299,6 +299,19 @@ class OC_User { | |||
return false; | |||
} | |||
/** | |||
* @brief Check if the user is an admin user | |||
* @param $uid uid of the admin | |||
* @returns bool | |||
*/ | |||
public static function isAdminUser($uid) { | |||
if(OC_Group::inGroup($uid, 'admin' )) { | |||
return true; | |||
} | |||
return false; | |||
} | |||
/** | |||
* @brief get the user id of the user currently logged in. | |||
* @return string uid or false |
@@ -342,10 +342,7 @@ class OC_Util { | |||
* Check if the user is a admin, redirects to home if not | |||
*/ | |||
public static function checkAdminUser() { | |||
// Check if we are a user | |||
self::checkLoggedIn(); | |||
self::verifyUser(); | |||
if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { | |||
if( !OC_User::isAdminUser(OC_User::getUser())) { | |||
header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); | |||
exit(); | |||
} | |||
@@ -356,12 +353,6 @@ class OC_Util { | |||
* @return array $groups where the current user is subadmin | |||
*/ | |||
public static function checkSubAdminUser() { | |||
// Check if we are a user | |||
self::checkLoggedIn(); | |||
self::verifyUser(); | |||
if(OC_Group::inGroup(OC_User::getUser(), 'admin')) { | |||
return true; | |||
} | |||
if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { | |||
header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); | |||
exit(); |
@@ -9,7 +9,7 @@ $password = $_POST["password"]; | |||
$oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:''; | |||
$userstatus = null; | |||
if(OC_Group::inGroup(OC_User::getUser(), 'admin')) { | |||
if(OC_User::isAdminUser(OC_User::getUser()) { | |||
$userstatus = 'admin'; | |||
} | |||
if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { |
@@ -3,9 +3,7 @@ | |||
OCP\JSON::callCheck(); | |||
OC_JSON::checkSubAdminUser(); | |||
$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false; | |||
if($isadmin) { | |||
if(OC_User::isAdminUser(OC_User::getUser())) { | |||
$groups = array(); | |||
if( isset( $_POST["groups"] )) { | |||
$groups = $_POST["groups"]; |
@@ -10,7 +10,7 @@ if(OC_User::getUser() === $username) { | |||
exit; | |||
} | |||
if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { | |||
if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { | |||
$l = OC_L10N::get('core'); | |||
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); | |||
exit(); |
@@ -10,7 +10,7 @@ OCP\JSON::callCheck(); | |||
$username = isset($_POST["username"])?$_POST["username"]:''; | |||
if(($username == '' && !OC_Group::inGroup(OC_User::getUser(), 'admin')) || (!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) { | |||
if(($username == '' && !OC_User::isAdminUser($user)) || (!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) { | |||
$l = OC_L10N::get('core'); | |||
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); | |||
exit(); |
@@ -7,13 +7,13 @@ $success = true; | |||
$username = $_POST["username"]; | |||
$group = $_POST["group"]; | |||
if($username == OC_User::getUser() && $group == "admin" && OC_Group::inGroup($username, 'admin')) { | |||
if($username == OC_User::getUser() && $group == "admin" && OC_User::isAdminUser($username)) { | |||
$l = OC_L10N::get('core'); | |||
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Admins can\'t remove themself from the admin group')))); | |||
exit(); | |||
} | |||
if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { | |||
if(!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { | |||
$l = OC_L10N::get('core'); | |||
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); | |||
exit(); |
@@ -28,7 +28,7 @@ if (isset($_GET['offset'])) { | |||
$offset = 0; | |||
} | |||
$users = array(); | |||
if (OC_Group::inGroup(OC_User::getUser(), 'admin')) { | |||
if (OC_User::isAdminUser(OC_User::getUser())) { | |||
$batch = OC_User::getUsers('', 10, $offset); | |||
foreach ($batch as $user) { | |||
$users[] = array( |
@@ -27,7 +27,7 @@ $url1=OC_Helper::linkToRoute( "settings_help" ).'?mode=user'; | |||
$url2=OC_Helper::linkToRoute( "settings_help" ).'?mode=admin'; | |||
$tmpl = new OC_Template( "settings", "help", "user" ); | |||
$tmpl->assign( "admin", OC_Group::inGroup(OC_User::getUser(), 'admin') ); | |||
$tmpl->assign( "admin", OC_User::isAdminUser(OC_User::getUser())); | |||
$tmpl->assign( "url", $url ); | |||
$tmpl->assign( "url1", $url1 ); | |||
$tmpl->assign( "url2", $url2 ); |
@@ -18,8 +18,7 @@ OC_App::setActiveNavigationEntry( 'core_users' ); | |||
$users = array(); | |||
$groups = array(); | |||
$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false; | |||
if($isadmin) { | |||
if(OC_User::isAdminUser(OC_User::getUser())) { | |||
$accessiblegroups = OC_Group::getGroups(); | |||
$accessibleusers = OC_User::getUsers('', 30); | |||
$subadmins = OC_SubAdmin::getAllSubAdmins(); |