|
|
@@ -32,6 +32,7 @@ namespace OC\Settings\Controller; |
|
|
|
|
|
|
|
use OC\Accounts\AccountManager; |
|
|
|
use OC\AppFramework\Http; |
|
|
|
use OC\ForbiddenException; |
|
|
|
use OC\User\User; |
|
|
|
use OCP\App\IAppManager; |
|
|
|
use OCP\AppFramework\Controller; |
|
|
@@ -48,6 +49,7 @@ use OCP\IUserManager; |
|
|
|
use OCP\IUserSession; |
|
|
|
use OCP\Mail\IMailer; |
|
|
|
use OCP\IAvatarManager; |
|
|
|
use Punic\Exception; |
|
|
|
|
|
|
|
/** |
|
|
|
* @package OC\Settings\Controller |
|
|
@@ -61,7 +63,7 @@ class UsersController extends Controller { |
|
|
|
private $isAdmin; |
|
|
|
/** @var IUserManager */ |
|
|
|
private $userManager; |
|
|
|
/** @var IGroupManager */ |
|
|
|
/** @var \OC\Group\Manager */ |
|
|
|
private $groupManager; |
|
|
|
/** @var IConfig */ |
|
|
|
private $config; |
|
|
@@ -506,7 +508,6 @@ class UsersController extends Controller { |
|
|
|
* @NoSubadminRequired |
|
|
|
* @PasswordConfirmationRequired |
|
|
|
* |
|
|
|
* @param string $userId |
|
|
|
* @param string $avatarScope |
|
|
|
* @param string $displayname |
|
|
|
* @param string $displaynameScope |
|
|
@@ -520,17 +521,29 @@ class UsersController extends Controller { |
|
|
|
* @param string $addressScope |
|
|
|
* @return DataResponse |
|
|
|
*/ |
|
|
|
public function saveUserSettings($userId, $avatarScope, |
|
|
|
$displayname, $displaynameScope, |
|
|
|
$phone, $phoneScope, |
|
|
|
$email, $emailScope, |
|
|
|
$website, $websiteScope, |
|
|
|
$address, $addressScope) { |
|
|
|
|
|
|
|
if($userId === null) { |
|
|
|
$userId = $this->userSession->getUser()->getUID(); |
|
|
|
public function setUserSettings($avatarScope, |
|
|
|
$displayname, $displaynameScope, |
|
|
|
$phone, $phoneScope, |
|
|
|
$email, $emailScope, |
|
|
|
$website, $websiteScope, |
|
|
|
$address, $addressScope |
|
|
|
) { |
|
|
|
|
|
|
|
|
|
|
|
if(!$this->mailer->validateMailAddress($email)) { |
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'error', |
|
|
|
'data' => array( |
|
|
|
'message' => (string)$this->l10n->t('Invalid mail address') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_UNPROCESSABLE_ENTITY |
|
|
|
); |
|
|
|
} |
|
|
|
|
|
|
|
$userId = $this->userSession->getUser()->getUID(); |
|
|
|
|
|
|
|
$data = [ |
|
|
|
'avatar' => ['scope' => $avatarScope], |
|
|
|
'displayName' => ['value' => $displayname, 'scope' => $displaynameScope], |
|
|
@@ -542,106 +555,66 @@ class UsersController extends Controller { |
|
|
|
|
|
|
|
$this->accountManager->updateUser($userId, $data); |
|
|
|
|
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'success', |
|
|
|
'data' => array( |
|
|
|
'userId' => $userId, |
|
|
|
'avatarScope' => $avatarScope, |
|
|
|
'displayname' => $displayname, |
|
|
|
'displaynameScope' => 'public', // force value for test purposes |
|
|
|
'email' => $email, |
|
|
|
'emailScope' => $emailScope, |
|
|
|
'website' => $website, |
|
|
|
'websiteScope' => $websiteScope, |
|
|
|
'address' => $address, |
|
|
|
'addressScope' => $addressScope, |
|
|
|
'message' => (string)$this->l10n->t('Settings saved') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_OK |
|
|
|
); |
|
|
|
} |
|
|
|
|
|
|
|
/** |
|
|
|
* Set the mail address of a user |
|
|
|
* |
|
|
|
* @todo Merge into saveUserSettings |
|
|
|
* |
|
|
|
* @param string $id |
|
|
|
* @param string $mailAddress |
|
|
|
* @return DataResponse |
|
|
|
*/ |
|
|
|
private function setMailAddress($id, $mailAddress) { |
|
|
|
$userId = $this->userSession->getUser()->getUID(); |
|
|
|
$user = $this->userManager->get($id); |
|
|
|
|
|
|
|
if($userId !== $id |
|
|
|
&& !$this->isAdmin |
|
|
|
&& !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { |
|
|
|
try { |
|
|
|
$this->saveUserSettings($userId, $data); |
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'error', |
|
|
|
'status' => 'success', |
|
|
|
'data' => array( |
|
|
|
'message' => (string)$this->l10n->t('Forbidden') |
|
|
|
'userId' => $userId, |
|
|
|
'avatarScope' => $avatarScope, |
|
|
|
'displayname' => $displayname, |
|
|
|
'displaynameScope' => $displaynameScope, |
|
|
|
'email' => $email, |
|
|
|
'emailScope' => $emailScope, |
|
|
|
'website' => $website, |
|
|
|
'websiteScope' => $websiteScope, |
|
|
|
'address' => $address, |
|
|
|
'addressScope' => $addressScope, |
|
|
|
'message' => (string)$this->l10n->t('Settings saved') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_FORBIDDEN |
|
|
|
Http::STATUS_OK |
|
|
|
); |
|
|
|
} catch (ForbiddenException $e) { |
|
|
|
return new DataResponse([ |
|
|
|
'status' => 'error', |
|
|
|
'data' => [ |
|
|
|
'message' => $e->getMessage() |
|
|
|
], |
|
|
|
]); |
|
|
|
} |
|
|
|
|
|
|
|
if($mailAddress !== '' && !$this->mailer->validateMailAddress($mailAddress)) { |
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'error', |
|
|
|
'data' => array( |
|
|
|
'message' => (string)$this->l10n->t('Invalid mail address') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_UNPROCESSABLE_ENTITY |
|
|
|
); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if(!$user){ |
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'error', |
|
|
|
'data' => array( |
|
|
|
'message' => (string)$this->l10n->t('Invalid user') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_UNPROCESSABLE_ENTITY |
|
|
|
); |
|
|
|
} |
|
|
|
|
|
|
|
// this is the only permission a backend provides and is also used |
|
|
|
// for the permission of setting a email address |
|
|
|
if(!$user->canChangeDisplayName()){ |
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'error', |
|
|
|
'data' => array( |
|
|
|
'message' => (string)$this->l10n->t('Unable to change mail address') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_FORBIDDEN |
|
|
|
); |
|
|
|
/** |
|
|
|
* update account manager with new user data |
|
|
|
* |
|
|
|
* @param string $userId |
|
|
|
* @param array $data |
|
|
|
* @throws ForbiddenException |
|
|
|
*/ |
|
|
|
private function saveUserSettings($userId, $data) { |
|
|
|
$user = $this->userManager->get($userId); |
|
|
|
|
|
|
|
// keep the user back-end up-to-date with the latest display name and email |
|
|
|
// address |
|
|
|
if (isset($data['displayName']['value']) && $user->getDisplayName() !== $data['displayName']['value']) { |
|
|
|
$result = $user->setDisplayName($data['displayName']['value']); |
|
|
|
if ($result === false) { |
|
|
|
throw new ForbiddenException($this->l10n->t('Unable to change full name')); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
// delete user value if email address is empty |
|
|
|
$user->setEMailAddress($mailAddress); |
|
|
|
if (isset($data['email'][0]['value']) && $user->getEMailAddress() !== $data['email'][0]['value']) { |
|
|
|
$result = $user->setEMailAddress($data['email'][0]['value']); |
|
|
|
if ($result === false) { |
|
|
|
throw new ForbiddenException($this->l10n->t('Unable to change mail address')); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
return new DataResponse( |
|
|
|
array( |
|
|
|
'status' => 'success', |
|
|
|
'data' => array( |
|
|
|
'username' => $id, |
|
|
|
'mailAddress' => $mailAddress, |
|
|
|
'message' => (string)$this->l10n->t('Email saved') |
|
|
|
) |
|
|
|
), |
|
|
|
Http::STATUS_OK |
|
|
|
); |
|
|
|
$this->accountManager->updateUser($userId, $data); |
|
|
|
} |
|
|
|
|
|
|
|
/** |
|
|
@@ -694,13 +667,8 @@ class UsersController extends Controller { |
|
|
|
* @param string $displayName |
|
|
|
* @return DataResponse |
|
|
|
*/ |
|
|
|
private function setDisplayName($username, $displayName) { |
|
|
|
public function setDisplayName($username, $displayName) { |
|
|
|
$currentUser = $this->userSession->getUser(); |
|
|
|
|
|
|
|
if ($username === null) { |
|
|
|
$username = $currentUser->getUID(); |
|
|
|
} |
|
|
|
|
|
|
|
$user = $this->userManager->get($username); |
|
|
|
|
|
|
|
if ($user === null || |
|
|
@@ -708,8 +676,10 @@ class UsersController extends Controller { |
|
|
|
( |
|
|
|
!$this->groupManager->isAdmin($currentUser->getUID()) && |
|
|
|
!$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) && |
|
|
|
$currentUser !== $user) |
|
|
|
) { |
|
|
|
$currentUser->getUID() !== $username |
|
|
|
|
|
|
|
) |
|
|
|
) { |
|
|
|
return new DataResponse([ |
|
|
|
'status' => 'error', |
|
|
|
'data' => [ |
|
|
@@ -718,7 +688,12 @@ class UsersController extends Controller { |
|
|
|
]); |
|
|
|
} |
|
|
|
|
|
|
|
if ($user->setDisplayName($displayName)) { |
|
|
|
$userData = $this->accountManager->getUser($user->getUID()); |
|
|
|
$userData['displayName']['value'] = $displayName; |
|
|
|
|
|
|
|
|
|
|
|
try { |
|
|
|
$this->saveUserSettings($username, $userData); |
|
|
|
return new DataResponse([ |
|
|
|
'status' => 'success', |
|
|
|
'data' => [ |
|
|
@@ -727,11 +702,11 @@ class UsersController extends Controller { |
|
|
|
'displayName' => $displayName, |
|
|
|
], |
|
|
|
]); |
|
|
|
} else { |
|
|
|
} catch (ForbiddenException $e) { |
|
|
|
return new DataResponse([ |
|
|
|
'status' => 'error', |
|
|
|
'data' => [ |
|
|
|
'message' => $this->l10n->t('Unable to change full name'), |
|
|
|
'message' => $e->getMessage(), |
|
|
|
'displayName' => $user->getDisplayName(), |
|
|
|
], |
|
|
|
]); |