diff options
author | Joas Schilling <coding@schilljs.com> | 2016-12-05 11:55:21 +0100 |
---|---|---|
committer | Joas Schilling <coding@schilljs.com> | 2016-12-05 11:55:21 +0100 |
commit | bea85adc087648f170d898ea5f16079cde820d35 (patch) | |
tree | adc197f81ca06dbcdf79e20daf5c99a52cf7f77f | |
parent | eeb81ec783e6e555aa8f1ac3eaa806b3c9dacaf7 (diff) | |
download | nextcloud-server-bea85adc087648f170d898ea5f16079cde820d35.tar.gz nextcloud-server-bea85adc087648f170d898ea5f16079cde820d35.zip |
Require sudo mode on the provisioning API
Signed-off-by: Joas Schilling <coding@schilljs.com>
3 files changed, 24 insertions, 7 deletions
diff --git a/apps/provisioning_api/lib/Controller/AppsController.php b/apps/provisioning_api/lib/Controller/AppsController.php index 7d11d92b55a..e384d5af907 100644 --- a/apps/provisioning_api/lib/Controller/AppsController.php +++ b/apps/provisioning_api/lib/Controller/AppsController.php @@ -25,12 +25,10 @@ namespace OCA\Provisioning_API\Controller; -use OC\OCSClient; use \OC_App; use OCP\App\IAppManager; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSException; -use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; use OCP\IRequest; @@ -86,7 +84,7 @@ class AppsController extends OCSController { /** * @param string $app * @return DataResponse - * @throws OCSNotFoundException + * @throws OCSException */ public function getAppInfo($app) { $info = \OCP\App::getAppInfo($app); @@ -98,6 +96,7 @@ class AppsController extends OCSController { } /** + * @PasswordConfirmationRequired * @param string $app * @return DataResponse */ @@ -107,6 +106,7 @@ class AppsController extends OCSController { } /** + * @PasswordConfirmationRequired * @param string $app * @return DataResponse */ diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php index d36d0de8997..c772076c3d1 100644 --- a/apps/provisioning_api/lib/Controller/GroupsController.php +++ b/apps/provisioning_api/lib/Controller/GroupsController.php @@ -128,7 +128,7 @@ class GroupsController extends OCSController { /** * creates a new group * - * @NoAdminRequired + * @PasswordConfirmationRequired * * @param string $groupid * @return DataResponse @@ -149,6 +149,8 @@ class GroupsController extends OCSController { } /** + * @PasswordConfirmationRequired + * * @param string $groupId * @return DataResponse * @throws OCSException diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 8e5975468b1..cc1d63d2d34 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -93,6 +93,7 @@ class UsersController extends OCSController { */ public function getUsers($search = '', $limit = null, $offset = null) { $user = $this->userSession->getUser(); + $users = []; // Admin? Or SubAdmin? $uid = $user->getUID(); @@ -125,6 +126,7 @@ class UsersController extends OCSController { } /** + * @PasswordConfirmationRequired * @NoAdminRequired * * @param string $userid @@ -218,6 +220,7 @@ class UsersController extends OCSController { /** * @NoAdminRequired * @NoSubAdminRequired + * @PasswordConfirmationRequired * * edit users * @@ -308,6 +311,7 @@ class UsersController extends OCSController { } /** + * @PasswordConfirmationRequired * @NoAdminRequired * * @param string $userId @@ -339,20 +343,26 @@ class UsersController extends OCSController { } /** + * @PasswordConfirmationRequired * @NoAdminRequired * * @param string $userId * @return DataResponse + * @throws OCSException + * @throws OCSForbiddenException */ public function disableUser($userId) { return $this->setEnabled($userId, false); } /** + * @PasswordConfirmationRequired * @NoAdminRequired * * @param string $userId * @return DataResponse + * @throws OCSException + * @throws OCSForbiddenException */ public function enableUser($userId) { return $this->setEnabled($userId, true); @@ -390,8 +400,7 @@ class UsersController extends OCSController { * * @param string $userId * @return DataResponse - * @throws OCSForbiddenException - * @throws OCSNotFoundException + * @throws OCSException */ public function getUsersGroups($userId) { $loggedInUser = $this->userSession->getUser(); @@ -430,6 +439,7 @@ class UsersController extends OCSController { } /** + * @PasswordConfirmationRequired * @param string $userId * @param string $groupid * @return DataResponse @@ -455,9 +465,10 @@ class UsersController extends OCSController { } /** + * @PasswordConfirmationRequired * @NoAdminRequired * - * @param string userId + * @param string $userId * @param string $groupid * @return DataResponse * @throws OCSException @@ -511,6 +522,8 @@ class UsersController extends OCSController { /** * Creates a subadmin * + * @PasswordConfirmationRequired + * * @param string $userId * @param string $groupid * @return DataResponse @@ -550,6 +563,8 @@ class UsersController extends OCSController { /** * Removes a subadmin from a group * + * @PasswordConfirmationRequired + * * @param string $userId * @param string $groupid * @return DataResponse |