mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 994 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44299 Commits
363 Branches
Tree: b0a296e2e1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b0a296e2e1'
${ noResults }
nextcloud/lib/private/SubAdmin.php

SubAdmin.php 7.4KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2016, ownCloud, Inc.

  4.  *

  5.  * @author Arthur Schiwon <blizzz@arthur-schiwon.de>

  6.  * @author Bart Visscher <bartv@thisnet.nl>

  7.  * @author Georg Ehrke <oc.list@georgehrke.com>

  8.  * @author Joas Schilling <coding@schilljs.com>

  9.  * @author Lukas Reschke <lukas@statuscode.ch>

  10.  * @author Morris Jobke <hey@morrisjobke.de>

  11.  * @author Roeland Jago Douma <roeland@famdouma.nl>

  12.  *

  13.  * @license AGPL-3.0

  14.  *

  15.  * This code is free software: you can redistribute it and/or modify

  16.  * it under the terms of the GNU Affero General Public License, version 3,

  17.  * as published by the Free Software Foundation.

  18.  *

  19.  * This program is distributed in the hope that it will be useful,

  20.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  21.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  22.  * GNU Affero General Public License for more details.

  23.  *

  24.  * You should have received a copy of the GNU Affero General Public License, version 3,

  25.  * along with this program.  If not, see <http://www.gnu.org/licenses/>

  26.  *

  27.  */

  28. 

  29. namespace OC;

  30. 

  31. use OC\Hooks\PublicEmitter;

  32. use OCP\IUser;

  33. use OCP\IUserManager;

  34. use OCP\IGroup;

  35. use OCP\IGroupManager;

  36. use OCP\IDBConnection;

  37. 

  38. class SubAdmin extends PublicEmitter {

  39. 

  40. 	/** @var IUserManager */

  41. 	private $userManager;

  42. 

  43. 	/** @var IGroupManager */

  44. 	private $groupManager;

  45. 

  46. 	/** @var IDBConnection */

  47. 	private $dbConn;

  48. 

  49. 	/**

  50. 	 * @param IUserManager $userManager

  51. 	 * @param IGroupManager $groupManager

  52. 	 * @param IDBConnection $dbConn

  53. 	 */

  54. 	public function __construct(IUserManager $userManager,

  55. 	                            IGroupManager $groupManager,

  56. 								IDBConnection $dbConn) {

  57. 		$this->userManager = $userManager;

  58. 		$this->groupManager = $groupManager;

  59. 		$this->dbConn = $dbConn;

  60. 

  61. 		$this->userManager->listen('\OC\User', 'postDelete', function($user) {

  62. 			$this->post_deleteUser($user);

  63. 		});

  64. 		$this->groupManager->listen('\OC\Group', 'postDelete', function($group) {

  65. 			$this->post_deleteGroup($group);

  66. 		});

  67. 	}

  68. 

  69. 	/**

  70. 	 * add a SubAdmin

  71. 	 * @param IUser $user user to be SubAdmin

  72. 	 * @param IGroup $group group $user becomes subadmin of

  73. 	 * @return bool

  74. 	 */

  75. 	public function createSubAdmin(IUser $user, IGroup $group) {

  76. 		$qb = $this->dbConn->getQueryBuilder();

  77. 

  78. 		$qb->insert('group_admin')

  79. 			->values([

  80. 				'gid' => $qb->createNamedParameter($group->getGID()),

  81. 				'uid' => $qb->createNamedParameter($user->getUID())

  82. 			])

  83. 			->execute();

  84. 

  85. 		$this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);

  86. 		\OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);

  87. 		return true;

  88. 	}

  89. 

  90. 	/**

  91. 	 * delete a SubAdmin

  92. 	 * @param IUser $user the user that is the SubAdmin

  93. 	 * @param IGroup $group the group

  94. 	 * @return bool

  95. 	 */

  96. 	public function deleteSubAdmin(IUser $user, IGroup $group) {

  97. 		$qb = $this->dbConn->getQueryBuilder();

  98. 

  99. 		$qb->delete('group_admin')

  100. 			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))

  101. 			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))

  102. 			->execute();

  103. 

  104. 		$this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);

  105. 		\OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);

  106. 		return true;

  107. 	}

  108. 

  109. 	/**

  110. 	 * get groups of a SubAdmin

  111. 	 * @param IUser $user the SubAdmin

  112. 	 * @return IGroup[]

  113. 	 */

  114. 	public function getSubAdminsGroups(IUser $user) {

  115. 		$qb = $this->dbConn->getQueryBuilder();

  116. 

  117. 		$result = $qb->select('gid')

  118. 			->from('group_admin')

  119. 			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))

  120. 			->execute();

  121. 

  122. 		$groups = [];

  123. 		while($row = $result->fetch()) {

  124. 			$group = $this->groupManager->get($row['gid']);

  125. 			if(!is_null($group)) {

  126. 				$groups[$group->getGID()] = $group;

  127. 			}

  128. 		}

  129. 		$result->closeCursor();

  130. 

  131. 		return $groups;

  132. 	}

  133. 

  134. 	/**

  135. 	 * get an array of groupid and displayName for a user

  136. 	 * @param IUser $user

  137. 	 * @return array ['displayName' => displayname]

  138. 	 */

  139. 	public function getSubAdminsGroupsName(IUser $user) {

  140. 		return array_map(function($group) {

  141. 			return array('displayName' => $group->getDisplayName());

  142. 		}, $this->getSubAdminsGroups($user));

  143. 	}

  144. 

  145. 	/**

  146. 	 * get SubAdmins of a group

  147. 	 * @param IGroup $group the group

  148. 	 * @return IUser[]

  149. 	 */

  150. 	public function getGroupsSubAdmins(IGroup $group) {

  151. 		$qb = $this->dbConn->getQueryBuilder();

  152. 

  153. 		$result = $qb->select('uid')

  154. 			->from('group_admin')

  155. 			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))

  156. 			->execute();

  157. 

  158. 		$users = [];

  159. 		while($row = $result->fetch()) {

  160. 			$user = $this->userManager->get($row['uid']);

  161. 			if(!is_null($user)) {

  162. 				$users[] = $user;

  163. 			}

  164. 		}

  165. 		$result->closeCursor();

  166. 

  167. 		return $users;

  168. 	}

  169. 

  170. 	/**

  171. 	 * get all SubAdmins

  172. 	 * @return array

  173. 	 */

  174. 	public function getAllSubAdmins() {

  175. 		$qb = $this->dbConn->getQueryBuilder();

  176. 

  177. 		$result = $qb->select('*')

  178. 			->from('group_admin')

  179. 			->execute();

  180. 

  181. 		$subadmins = [];

  182. 		while($row = $result->fetch()) {

  183. 			$user = $this->userManager->get($row['uid']);

  184. 			$group = $this->groupManager->get($row['gid']);

  185. 			if(!is_null($user) && !is_null($group)) {

  186. 				$subadmins[] = [

  187. 					'user'  => $user,

  188. 					'group' => $group

  189. 				];

  190. 			}

  191. 		}

  192. 		$result->closeCursor();

  193. 

  194. 		return $subadmins;

  195. 	}

  196. 

  197. 	/**

  198. 	 * checks if a user is a SubAdmin of a group

  199. 	 * @param IUser $user

  200. 	 * @param IGroup $group

  201. 	 * @return bool

  202. 	 */

  203. 	public function isSubAdminOfGroup(IUser $user, IGroup $group) {

  204. 		$qb = $this->dbConn->getQueryBuilder();

  205. 

  206. 		/*

  207. 		 * Primary key is ('gid', 'uid') so max 1 result possible here

  208. 		 */

  209. 		$result = $qb->select('*')

  210. 			->from('group_admin')

  211. 			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))

  212. 			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))

  213. 			->execute();

  214. 

  215. 		$fetch =  $result->fetch();

  216. 		$result->closeCursor();

  217. 		$result = !empty($fetch) ? true : false;

  218. 

  219. 		return $result;

  220. 	}

  221. 

  222. 	/**

  223. 	 * checks if a user is a SubAdmin

  224. 	 * @param IUser $user

  225. 	 * @return bool

  226. 	 */

  227. 	public function isSubAdmin(IUser $user) {

  228. 		// Check if the user is already an admin

  229. 		if ($this->groupManager->isAdmin($user->getUID())) {

  230. 			return true;

  231. 		}

  232. 

  233. 		$qb = $this->dbConn->getQueryBuilder();

  234. 

  235. 		$result = $qb->select('gid')

  236. 			->from('group_admin')

  237. 			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))

  238. 			->setMaxResults(1)

  239. 			->execute();

  240. 

  241. 		$isSubAdmin = $result->fetch();

  242. 		$result->closeCursor();

  243. 

  244. 		return $isSubAdmin !== false;

  245. 	}

  246. 

  247. 	/**

  248. 	 * checks if a user is a accessible by a subadmin

  249. 	 * @param IUser $subadmin

  250. 	 * @param IUser $user

  251. 	 * @return bool

  252. 	 */

  253. 	public function isUserAccessible($subadmin, $user) {

  254. 		if(!$this->isSubAdmin($subadmin)) {

  255. 			return false;

  256. 		}

  257. 		if($this->groupManager->isAdmin($user->getUID())) {

  258. 			return false;

  259. 		}

  260. 		$accessibleGroups = $this->getSubAdminsGroups($subadmin);

  261. 		foreach($accessibleGroups as $accessibleGroup) {

  262. 			if($accessibleGroup->inGroup($user)) {

  263. 				return true;

  264. 			}

  265. 		}

  266. 		return false;

  267. 	}

  268. 

  269. 	/**

  270. 	 * delete all SubAdmins by $user

  271. 	 * @param IUser $user

  272. 	 * @return boolean

  273. 	 */

  274. 	private function post_deleteUser($user) {

  275. 		$qb = $this->dbConn->getQueryBuilder();

  276. 

  277. 		$qb->delete('group_admin')

  278. 			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))

  279. 			->execute();

  280. 

  281. 		return true;

  282. 	}

  283. 

  284. 	/**

  285. 	 * delete all SubAdmins by $group

  286. 	 * @param IGroup $group

  287. 	 * @return boolean

  288. 	 */

  289. 	private function post_deleteGroup($group) {

  290. 		$qb = $this->dbConn->getQueryBuilder();

  291. 

  292. 		$qb->delete('group_admin')

  293. 			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))

  294. 			->execute();

  295. 

  296. 		return true;

  297. 	}

  298. }