diff options
| author | Georg Ehrke <dev@georgswebsite.de> | 2012-07-26 16:50:02 +0200 |
|---|---|---|
| committer | Georg Ehrke <dev@georgswebsite.de> | 2012-07-26 16:50:02 +0200 |
| commit | ebe4d1f0ee7b7835dd55950c25c768f547ac0fa6 (patch) | |
| tree | d7b37c830956e5525c03ccbfd4f9a3e762a5c99e | |
| parent | 0810f9289409f54c374bb60da8e0262b64b15417 (diff) | |
| parent | e1d14ab461aa81363497e914cb6864da49ace372 (diff) | |
| download | nextcloud-server-ebe4d1f0ee7b7835dd55950c25c768f547ac0fa6.tar.gz nextcloud-server-ebe4d1f0ee7b7835dd55950c25c768f547ac0fa6.zip | |
Merge branch 'subadmin'
| -rw-r--r-- | db_structure.xml | 26 | ||||
| -rwxr-xr-x | lib/app.php | 13 | ||||
| -rw-r--r-- | lib/group.php | 13 | ||||
| -rw-r--r-- | lib/json.php | 12 | ||||
| -rw-r--r-- | lib/subadmin.php | 181 | ||||
| -rwxr-xr-x | lib/util.php | 19 | ||||
| -rw-r--r-- | settings/ajax/changepassword.php | 13 | ||||
| -rw-r--r-- | settings/ajax/createuser.php | 26 | ||||
| -rw-r--r-- | settings/ajax/removeuser.php | 8 | ||||
| -rw-r--r-- | settings/ajax/setquota.php | 8 | ||||
| -rw-r--r-- | settings/ajax/togglegroups.php | 8 | ||||
| -rw-r--r-- | settings/ajax/togglesubadmins.php | 19 | ||||
| -rw-r--r-- | settings/js/users.js | 94 | ||||
| -rw-r--r-- | settings/templates/users.php | 45 | ||||
| -rw-r--r-- | settings/users.php | 22 |
15 files changed, 461 insertions, 46 deletions
diff --git a/db_structure.xml b/db_structure.xml index 94567b4d539..f6dedab0a13 100644 --- a/db_structure.xml +++ b/db_structure.xml @@ -235,6 +235,32 @@ <table> + <name>*dbprefix*group_admin</name> + + <declaration> + + <field> + <name>gid</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>64</length> + </field> + + <field> + <name>uid</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>64</length> + </field> + + </declaration> + + </table> + + <table> + <name>*dbprefix*groups</name> <declaration> diff --git a/lib/app.php b/lib/app.php index 56132c08671..d1018c37aa7 100755 --- a/lib/app.php +++ b/lib/app.php @@ -292,16 +292,21 @@ class OC_App{ if (OC_User::isLoggedIn()) { // personal menu $settings[] = array( "id" => "personal", "order" => 1, "href" => OC_Helper::linkTo( "settings", "personal.php" ), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath( "settings", "personal.svg" )); - + // if there're some settings forms if(!empty(self::$settingsForms)) // settings menu $settings[]=array( "id" => "settings", "order" => 1000, "href" => OC_Helper::linkTo( "settings", "settings.php" ), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath( "settings", "settings.svg" )); - - // if the user is an admin - if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { + + //SubAdmins are also allowed to access user management + if(OC_SubAdmin::isSubAdmin($_SESSION["user_id"]) || OC_Group::inGroup( $_SESSION["user_id"], "admin" )){ // admin users menu $settings[] = array( "id" => "core_users", "order" => 2, "href" => OC_Helper::linkTo( "settings", "users.php" ), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath( "settings", "users.svg" )); + } + + + // if the user is an admin + if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { // admin apps menu $settings[] = array( "id" => "core_apps", "order" => 3, "href" => OC_Helper::linkTo( "settings", "apps.php" ).'?installed', "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath( "settings", "apps.svg" )); diff --git a/lib/group.php b/lib/group.php index 12e5f5ebb30..7b137f0f8f1 100644 --- a/lib/group.php +++ b/lib/group.php @@ -271,4 +271,17 @@ class OC_Group { } return $users; } + + /** + * @brief get a list of all users in several groups + * @param array $gids + * @returns array with user ids + */ + public static function usersInGroups($gids){ + $users = array(); + foreach($gids as $gid){ + $users = array_merge(array_diff(self::usersInGroup($gid), $users), $users); + } + return $users; + } } diff --git a/lib/json.php b/lib/json.php index b46878375d5..3d9d5c96fa3 100644 --- a/lib/json.php +++ b/lib/json.php @@ -64,6 +64,18 @@ class OC_JSON{ exit(); } } + + /** + * Check if the user is a subadmin, send json error msg if not + */ + public static function checkSubAdminUser(){ + self::checkLoggedIn(); + if(!OC_Group::inGroup(OC_User::getUser(),'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())){ + $l = OC_L10N::get('core'); + self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); + exit(); + } + } /** * Send json error msg diff --git a/lib/subadmin.php b/lib/subadmin.php new file mode 100644 index 00000000000..0806f27a6bd --- /dev/null +++ b/lib/subadmin.php @@ -0,0 +1,181 @@ +<?php +/** + * ownCloud + * + * @author Georg Ehrke + * @copyright 2012 Georg Ehrke + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + */ +OC_Hook::connect('OC_User', 'post_deleteUser', 'OC_SubAdmin', 'post_deleteUser'); +OC_Hook::connect('OC_User', 'post_deleteGroup', 'OC_SubAdmin', 'post_deleteGroup'); +/** + * This class provides all methods needed for managing groups. + * + * Hooks provided: + * post_createSubAdmin($gid) + * post_deleteSubAdmin($gid) + */ +class OC_SubAdmin{ + + /** + * @brief add a SubAdmin + * @param $uid uid of the SubAdmin + * @param $gid gid of the group + * @return boolean + */ + public static function createSubAdmin($uid, $gid){ + $stmt = OC_DB::prepare('INSERT INTO *PREFIX*group_admin (gid,uid) VALUES(?,?)'); + $result = $stmt->execute(array($gid, $uid)); + OC_Hook::emit( "OC_SubAdmin", "post_createSubAdmin", array( "gid" => $gid )); + return true; + } + + /** + * @brief delete a SubAdmin + * @param $uid uid of the SubAdmin + * @param $gid gid of the group + * @return boolean + */ + public static function deleteSubAdmin($uid, $gid){ + $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ? AND uid = ?'); + $result = $stmt->execute(array($gid, $uid)); + OC_Hook::emit( "OC_SubAdmin", "post_deleteSubAdmin", array( "gid" => $gid )); + return true; + } + + /** + * @brief get groups of a SubAdmin + * @param $uid uid of the SubAdmin + * @return array + */ + public static function getSubAdminsGroups($uid){ + $stmt = OC_DB::prepare('SELECT gid FROM *PREFIX*group_admin WHERE uid = ?'); + $result = $stmt->execute(array($uid)); + $gids = array(); + while($row = $result->fetchRow()){ + $gids[] = $row['gid']; + } + return $gids; + } + + /** + * @brief get SubAdmins of a group + * @param $gid gid of the group + * @return array + */ + public static function getGroupsSubAdmins($gid){ + $stmt = OC_DB::prepare('SELECT uid FROM *PREFIX*group_admin WHERE gid = ?'); + $result = $stmt->execute(array($gid)); + $uids = array(); + while($row = $result->fetchRow()){ + $uids[] = $row['uid']; + } + return $uids; + } + + /** + * @brief get all SubAdmins + * @return array + */ + public static function getAllSubAdmins(){ + $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*group_admin'); + $result = $stmt->execute(); + $subadmins = array(); + while($row = $result->fetchRow()){ + $subadmins[] = $row; + } + return $subadmins; + } + + /** + * @brief checks if a user is a SubAdmin of a group + * @param $uid uid of the subadmin + * @param $gid gid of the group + * @return bool + */ + public static function isSubAdminofGroup($uid, $gid){ + $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin where uid = ? AND gid = ?'); + $result = $stmt->execute(array($uid, $gid)); + $result = $result->fetchRow(); + if($result['count'] >= 1){ + return true; + } + return false; + } + + /** + * @brief checks if a user is a SubAdmin + * @param $uid uid of the subadmin + * @return bool + */ + public static function isSubAdmin($uid){ + $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin WHERE uid = ?'); + $result = $stmt->execute(array($uid)); + $result = $result->fetchRow(); + if($result['count'] > 0){ + return true; + } + return false; + } + + /** + * @brief checks if a user is a accessible by a subadmin + * @param $subadmin uid of the subadmin + * @param $user uid of the user + * @return bool + */ + public static function isUserAccessible($subadmin, $user){ + if(!self::isSubAdmin($subadmin)){ + return false; + } + $accessiblegroups = self::getSubAdminsGroups($subadmin); + foreach($accessiblegroups as $accessiblegroup){ + if(OC_Group::inGroup($user, $accessiblegroup)){ + return true; + } + } + return false; + } + + /* + * @brief alias for self::isSubAdminofGroup() + */ + public static function isGroupAccessible($subadmin, $group){ + return self::isSubAdminofGroup($subadmin, $group); + } + + /** + * @brief delete all SubAdmins by uid + * @param $parameters + * @return boolean + */ + public static function post_deleteUser($parameters){ + $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE uid = ?'); + $result = $stmt->execute(array($parameters['uid'])); + return true; + } + + /** + * @brief delete all SubAdmins8 by gid + * @param $parameters + * @return boolean + */ + public static function post_deleteGroup($parameters){ + $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ?'); + $result = $stmt->execute(array($parameters['gid'])); + return true; + } +} diff --git a/lib/util.php b/lib/util.php index 0c563278cc5..6e62ed9bf58 100755 --- a/lib/util.php +++ b/lib/util.php @@ -66,7 +66,7 @@ class OC_Util { * @return array */ public static function getVersion(){ - return array(4,80,1); + return array(4,81,2); } /** @@ -319,6 +319,23 @@ class OC_Util { } /** + * Check if the user is a subadmin, redirects to home if not + * @return array $groups where the current user is subadmin + */ + public static function checkSubAdminUser(){ + // Check if we are a user + self::checkLoggedIn(); + if(OC_Group::inGroup(OC_User::getUser(),'admin')){ + return true; + } + if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())){ + header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); + exit(); + } + return true; + } + + /** * Redirect to the user default page */ public static function redirectToDefaultPage(){ diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php index 4ba6813517b..fa778de5c95 100644 --- a/settings/ajax/changepassword.php +++ b/settings/ajax/changepassword.php @@ -11,7 +11,18 @@ $oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:''; OC_JSON::checkLoggedIn(); OCP\JSON::callCheck(); -if( (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && ($username!=OC_User::getUser() || !OC_User::checkPassword($username,$oldPassword)))) { +$userstatus = null; +if(OC_Group::inGroup(OC_User::getUser(), 'admin')){ + $userstatus = 'admin'; +} +if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)){ + $userstatus = 'subadmin'; +} +if(OC_User::getUser() == $username && OC_User::checkPassword($username,$oldPassword)){ + $userstatus = 'user'; +} + +if(is_null($userstatus)){ OC_JSON::error( array( "data" => array( "message" => "Authentication error" ))); exit(); } diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php index c56df4bc15a..f16e91e2001 100644 --- a/settings/ajax/createuser.php +++ b/settings/ajax/createuser.php @@ -4,15 +4,33 @@ require_once('../../lib/base.php'); // Check if we are a user -if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )){ +if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && !OC_SubAdmin::isSubAdmin(OC_User::getUser()))){ OC_JSON::error(array("data" => array( "message" => "Authentication error" ))); exit(); } OCP\JSON::callCheck(); -$groups = array(); -if( isset( $_POST["groups"] )){ - $groups = $_POST["groups"]; +$isadmin = OC_Group::inGroup(OC_User::getUser(),'admin')?true:false; + +if($isadmin){ + $groups = array(); + if( isset( $_POST["groups"] )){ + $groups = $_POST["groups"]; + } +}else{ + if(isset( $_POST["groups"] )){ + $groups = array(); + foreach($_POST["groups"] as $group){ + if(OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)){ + $groups[] = $group; + } + } + if(count($groups) == 0){ + $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); + } + }else{ + $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); + } } $username = $_POST["username"]; $password = $_POST["password"]; diff --git a/settings/ajax/removeuser.php b/settings/ajax/removeuser.php index 230815217c3..bfab13a68c8 100644 --- a/settings/ajax/removeuser.php +++ b/settings/ajax/removeuser.php @@ -3,11 +3,17 @@ // Init owncloud require_once('../../lib/base.php'); -OC_JSON::checkAdminUser(); +OC_JSON::checkSubAdminUser(); OCP\JSON::callCheck(); $username = $_POST["username"]; +if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)){ + $l = OC_L10N::get('core'); + OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); + exit(); +} + // Return Success story if( OC_User::deleteUser( $username )){ OC_JSON::success(array("data" => array( "username" => $username ))); diff --git a/settings/ajax/setquota.php b/settings/ajax/setquota.php index 2b412c0f2fd..2a30b1d97e6 100644 --- a/settings/ajax/setquota.php +++ b/settings/ajax/setquota.php @@ -8,11 +8,17 @@ // Init owncloud require_once('../../lib/base.php'); -OC_JSON::checkAdminUser(); +OC_JSON::checkSubAdminUser(); OCP\JSON::callCheck(); $username = isset($_POST["username"])?$_POST["username"]:''; +if(($username == '' && !OC_Group::inGroup(OC_User::getUser(), 'admin')) || (!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))){ + $l = OC_L10N::get('core'); + OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); + exit(); +} + //make sure the quota is in the expected format $quota=$_POST["quota"]; if($quota!='none' and $quota!='default'){ diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php index 95338ed0267..75cd0858bbc 100644 --- a/settings/ajax/togglegroups.php +++ b/settings/ajax/togglegroups.php @@ -3,7 +3,7 @@ // Init owncloud require_once('../../lib/base.php'); -OC_JSON::checkAdminUser(); +OC_JSON::checkSubAdminUser(); OCP\JSON::callCheck(); $success = true; @@ -13,6 +13,12 @@ $action = "add"; $username = $_POST["username"]; $group = OC_Util::sanitizeHTML($_POST["group"]); +if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))){ + $l = OC_L10N::get('core'); + OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); + exit(); +} + if(!OC_Group::groupExists($group)){ OC_Group::createGroup($group); } diff --git a/settings/ajax/togglesubadmins.php b/settings/ajax/togglesubadmins.php new file mode 100644 index 00000000000..42db8450302 --- /dev/null +++ b/settings/ajax/togglesubadmins.php @@ -0,0 +1,19 @@ +<?php + +// Init owncloud +require_once('../../lib/base.php'); + +OC_JSON::checkAdminUser(); +OCP\JSON::callCheck(); + +$username = $_POST["username"]; +$group = OC_Util::sanitizeHTML($_POST["group"]); + +// Toggle group +if(OC_SubAdmin::isSubAdminofGroup($username, $group)){ + OC_SubAdmin::deleteSubAdmin($username, $group); +}else{ + OC_SubAdmin::createSubAdmin($username, $group); +} + +OC_JSON::success();
\ No newline at end of file diff --git a/settings/js/users.js b/settings/js/users.js index 63ad426ecf4..e46c6446b86 100644 --- a/settings/js/users.js +++ b/settings/js/users.js @@ -85,16 +85,62 @@ $(document).ready(function(){ function applyMultiplySelect(element){ var checked=[]; var user=element.data('username'); - if(element.data('userGroups')){ - checked=element.data('userGroups').split(', '); + if($(element).attr('class') == 'groupsselect'){ + if(element.data('userGroups')){ + checked=element.data('userGroups').split(', '); + } + if(user){ + var checkHandeler=function(group){ + if(user==OC.currentUser && group=='admin'){ + return false; + } + if(!isadmin && checked.length == 1 && checked[0] == group){ + return false; + } + $.post( + OC.filePath('settings','ajax','togglegroups.php'), + { + username:user, + group:group + }, + function(){} + ); + }; + }else{ + checkHandeler=false; + } + var addGroup = function(group) { + $('select[multiple]').each(function(index, element) { + if ($(element).find('option[value="'+group +'"]').length == 0) { + $(element).append('<option value="'+group+'">'+group+'</option>'); + } + }) + }; + var label; + if(isadmin){ + label = t('files', 'add group'); + }else{ + label = null; + } + element.multiSelect({ + createCallback:addGroup, + createText:label, + checked:checked, + oncheck:checkHandeler, + onuncheck:checkHandeler, + minWidth: 100, + }); } - if(user){ + if($(element).attr('class') == 'subadminsselect'){ + if(element.data('subadmin')){ + checked=element.data('subadmin').split(', '); + } var checkHandeler=function(group){ - if(user==OC.currentUser && group=='admin'){ + if(group=='admin'){ return false; } $.post( - OC.filePath('settings','ajax','togglegroups.php'), + OC.filePath('settings','ajax','togglesubadmins.php'), { username:user, group:group @@ -102,24 +148,23 @@ $(document).ready(function(){ function(){} ); }; - }else{ - checkHandeler=false; + + var addSubAdmin = function(group) { + $('select[multiple]').each(function(index, element) { + if ($(element).find('option[value="'+group +'"]').length == 0) { + $(element).append('<option value="'+group+'">'+group+'</option>'); + } + }) + }; + element.multiSelect({ + createCallback:addSubAdmin, + createText:null, + checked:checked, + oncheck:checkHandeler, + onuncheck:checkHandeler, + minWidth: 100, + }); } - var addGroup = function(group) { - $('select[multiple]').each(function(index, element) { - if ($(element).find('option[value="'+group +'"]').length == 0) { - $(element).append('<option value="'+group+'">'+group+'</option>'); - } - }) - }; - element.multiSelect({ - createCallback:addGroup, - createText:'add group', - checked:checked, - oncheck:checkHandeler, - onuncheck:checkHandeler, - minWidth: 100, - }); } $('select[multiple]').each(function(index,element){ applyMultiplySelect($(element)); @@ -254,12 +299,13 @@ $(document).ready(function(){ OC.dialogs.alert(result.data.message, 'Error creating user'); } else { + groups = result.data.groups; var tr=$('#content table tbody tr').first().clone(); tr.attr('data-uid',username); tr.find('td.name').text(username); - var select=$('<select multiple="multiple" data-placehoder="Groups" title="Groups">'); + var select=$('<select multiple="multiple" class="groupsselect" data-placehoder="Groups" title="Groups">'); select.data('username',username); - select.data('userGroups',groups.join(', ')); + select.data('userGroups',groups); tr.find('td.groups').empty(); var allGroups=$('#content table').data('groups').split(', '); for(var i=0;i<groups.length;i++){ diff --git a/settings/templates/users.php b/settings/templates/users.php index 55112424561..3e1eb9a0bbe 100644 --- a/settings/templates/users.php +++ b/settings/templates/users.php @@ -1,20 +1,27 @@ -<?php /** +<?php +/** * Copyright (c) 2011, Robin Appelman <icewind1991@gmail.com> * This file is licensed under the Affero General Public License version 3 or later. * See the COPYING-README file. */ - $allGroups=array(); foreach($_["groups"] as $group) { - $allGroups[]=$group['name']; + $allGroups[] = $group['name']; } +$_['subadmingroups'] = $allGroups; +$items = array_flip($_['subadmingroups']); +unset($items['admin']); +$_['subadmingroups'] = array_flip($items); ?> - +<script> +var isadmin = <?php echo $_['isadmin']?'true':'false'; ?>; +</script> <div id="controls"> <form id="newuser"> <input id="newusername" placeholder="<?php echo $l->t('Name')?>" /> <input type="password" id="newuserpassword" placeholder="<?php echo $l->t('Password')?>" /> <select + class="groupsselect" id="newusergroups" data-placeholder="groups" title="<?php echo $l->t('Groups')?>" multiple="multiple"> <?php foreach($_["groups"] as $group): ?> @@ -27,6 +34,7 @@ foreach($_["groups"] as $group) { <div class="quota"> <span><?php echo $l->t('Default Quota');?>:</span> <div class="quota-select-wrapper"> + <?php if((bool) $_['isadmin']): ?> <select class='quota'> <?php foreach($_['quota_preset'] as $preset):?> <?php if($preset!='default'):?> @@ -48,6 +56,14 @@ foreach($_["groups"] as $group) { ... </option> </select> <input class='quota-other'></input> + <?php endif; ?> + <?php if((bool) !$_['isadmin']): ?> + <select class='quota' disabled="disabled"> + <option selected="selected"> + <?php echo $_['default_quota'];?> + </option> + </select> + <?php endif; ?> </div> </div> </div> @@ -60,6 +76,9 @@ foreach($_["groups"] as $group) { <th id='headerName'><?php echo $l->t('Name')?></th> <th id="headerPassword"><?php echo $l->t( 'Password' ); ?></th> <th id="headerGroups"><?php echo $l->t( 'Groups' ); ?></th> + <?php if(is_array($_['subadmins']) || $_['subadmins']): ?> + <th id="headerSubAdmins"><?php echo $l->t('SubAdmin'); ?></th> + <?php endif;?> <th id="headerQuota"><?php echo $l->t( 'Quota' ); ?></th> <th id="headerRemove"> </th> </tr> @@ -70,9 +89,10 @@ foreach($_["groups"] as $group) { <td class="name"><?php echo $user["name"]; ?></td> <td class="password"><span>●●●●●●●</span> <img class="svg action" src="<?php echo image_path('core','actions/rename.svg')?>" - alt="set new password" title="set new password" /> + alt="set new password" title="set new password"/> </td> <td class="groups"><select + class="groupsselect" data-username="<?php echo $user['name'] ;?>" data-user-groups="<?php echo $user['groups'] ;?>" data-placeholder="groups" title="<?php echo $l->t('Groups')?>" @@ -84,6 +104,21 @@ foreach($_["groups"] as $group) { <?php endforeach;?> </select> </td> + <?php if(is_array($_['subadmins']) || $_['subadmins']): ?> + <td class="subadmins"><select + class="subadminsselect" + data-username="<?php echo $user['name'] ;?>" + data-subadmin="<?php echo $user['subadmin'] ;?>" + data-placeholder="subadmins" title="<?php echo $l->t('SubAdmin for ...')?>" + multiple="multiple"> + <?php foreach($_["subadmingroups"] as $group): ?> + <option value="<?php echo $group;?>"> + <?php echo $group;?> + </option> + <?php endforeach;?> + </select> + </td> + <?php endif;?> <td class="quota"> <div class="quota-select-wrapper"> <select class='quota-user'> diff --git a/settings/users.php b/settings/users.php index c3259d2a3f1..e88c4d1d9ce 100644 --- a/settings/users.php +++ b/settings/users.php @@ -6,7 +6,7 @@ */ require_once('../lib/base.php'); -OC_Util::checkAdminUser(); +OC_Util::checkSubAdminUser(); // We have some javascript foo! OC_Util::addScript( 'settings', 'users' ); @@ -17,11 +17,22 @@ OC_App::setActiveNavigationEntry( 'core_users' ); $users = array(); $groups = array(); -foreach( OC_User::getUsers() as $i ){ - $users[] = array( "name" => $i, "groups" => join( ", ", OC_Group::getUserGroups( $i ) ),'quota'=>OC_Preferences::getValue($i,'files','quota','default')); +$isadmin = OC_Group::inGroup(OC_User::getUser(),'admin')?true:false; +if($isadmin){ + $accessiblegroups = OC_Group::getGroups(); + $accessibleusers = OC_User::getUsers(); + $subadmins = OC_SubAdmin::getAllSubAdmins(); +}else{ + $accessiblegroups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); + $accessibleusers = OC_Group::usersInGroups($accessiblegroups); + $subadmins = false; } -foreach( OC_Group::getGroups() as $i ){ +foreach($accessibleusers as $i){ + $users[] = array( "name" => $i, "groups" => join( ", ", /*array_intersect(*/OC_Group::getUserGroups($i)/*, OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()))*/),'quota'=>OC_Preferences::getValue($i,'files','quota','default'),'subadmin'=>implode(', ',OC_SubAdmin::getSubAdminsGroups($i))); +} + +foreach( $accessiblegroups as $i ){ // Do some more work here soon $groups[] = array( "name" => $i ); } @@ -44,6 +55,9 @@ if (\OC_App::isEnabled( "files_sharing" ) ) { $tmpl = new OC_Template( "settings", "users", "user" ); $tmpl->assign( "users", $users ); $tmpl->assign( "groups", $groups ); +$tmpl->assign( 'isadmin', (int) $isadmin); +$tmpl->assign( 'subadmins', $subadmins); +$tmpl->assign( 'numofgroups', count($accessiblegroups)); $tmpl->assign( 'quota_preset', $quotaPreset); $tmpl->assign( 'default_quota', $defaultQuota); $tmpl->assign( 'share_notice', $shareNotice); |