* * @author Arthur Schiwon * @author Christoph Wurst * @author Lukas Reschke * @author Robin Appelman * @author Kate Döen * * @license GNU AGPL version 3 or any later version * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . * */ namespace OCA\Settings\Controller; use OC\AppFramework\Middleware\Security\Exceptions\NotAdminException; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Attribute\OpenAPI; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Services\IInitialState; use OCP\Group\ISubAdmin; use OCP\IGroupManager; use OCP\INavigationManager; use OCP\IRequest; use OCP\IUser; use OCP\IUserSession; use OCP\Settings\IDeclarativeManager; use OCP\Settings\IManager as ISettingsManager; use OCP\Template; #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] class AdminSettingsController extends Controller { use CommonSettingsTrait; public function __construct( $appName, IRequest $request, INavigationManager $navigationManager, ISettingsManager $settingsManager, IUserSession $userSession, IGroupManager $groupManager, ISubAdmin $subAdmin, IDeclarativeManager $declarativeSettingsManager, IInitialState $initialState, ) { parent::__construct($appName, $request); $this->navigationManager = $navigationManager; $this->settingsManager = $settingsManager; $this->userSession = $userSession; $this->groupManager = $groupManager; $this->subAdmin = $subAdmin; $this->declarativeSettingsManager = $declarativeSettingsManager; $this->initialState = $initialState; } /** * @NoCSRFRequired * @NoAdminRequired * @NoSubAdminRequired * We are checking the permissions in the getSettings method. If there is no allowed * settings for the given section. The user will be gretted by an error message. */ public function index(string $section): TemplateResponse { return $this->getIndexResponse('admin', $section); } /** * @param string $section * @return array */ protected function getSettings($section) { /** @var IUser $user */ $user = $this->userSession->getUser(); $isSubAdmin = !$this->groupManager->isAdmin($user->getUID()) && $this->subAdmin->isSubAdmin($user); $settings = $this->settingsManager->getAllowedAdminSettings($section, $user); $declarativeFormIDs = $this->declarativeSettingsManager->getFormIDs($user, 'admin', $section); if (empty($settings) && empty($declarativeFormIDs)) { throw new NotAdminException("Logged in user doesn't have permission to access these settings."); } $formatted = $this->formatSettings($settings); // Do not show legacy forms for sub admins if ($section === 'additional' && !$isSubAdmin) { $formatted['content'] .= $this->getLegacyForms(); } return $formatted; } /** * @return bool|string */ private function getLegacyForms() { $forms = \OC_App::getForms('admin'); $forms = array_map(function ($form) { if (preg_match('%([^>]*)>.*?)%i', $form, $regs)) { $sectionName = str_replace('', '', $regs[0]); $sectionName = str_replace('', '', $sectionName); $anchor = strtolower($sectionName); $anchor = str_replace(' ', '-', $anchor); return [ 'anchor' => $anchor, 'section-name' => $sectionName, 'form' => $form ]; } return [ 'form' => $form ]; }, $forms); $out = new Template('settings', 'settings/additional'); $out->assign('forms', $forms); return $out->fetchPage(); } }