diff options
| author | michag86 <micha_g@arcor.de> | 2015-08-27 18:29:28 +0200 |
|---|---|---|
| committer | Roeland Jago Douma <rullzer@owncloud.com> | 2015-11-12 22:31:17 +0100 |
| commit | 3b88c469c781e5255663e81c7c6b0459cbba34b2 (patch) | |
| tree | 615d4a17f47c8d7c164821bc3b058425ef3c31ae /apps/provisioning_api/lib | |
| parent | aff4aed43ccea159dae796e89e2684f967af7fa2 (diff) | |
| download | nextcloud-server-3b88c469c781e5255663e81c7c6b0459cbba34b2.tar.gz nextcloud-server-3b88c469c781e5255663e81c7c6b0459cbba34b2.zip | |
enable api addUser for subadmins
* Fix existing unit tests
Diffstat (limited to 'apps/provisioning_api/lib')
| -rw-r--r-- | apps/provisioning_api/lib/users.php | 44 |
1 files changed, 37 insertions, 7 deletions
diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php index 304fe901cfd..49199d4169c 100644 --- a/apps/provisioning_api/lib/users.php +++ b/apps/provisioning_api/lib/users.php @@ -117,18 +117,48 @@ class Users { public function addUser() { $userId = isset($_POST['userid']) ? $_POST['userid'] : null; $password = isset($_POST['password']) ? $_POST['password'] : null; + $groups = isset($_POST['groups']) ? $_POST['groups'] : null; + $user = $this->userSession->getUser(); + $isAdmin = $this->groupManager->isAdmin($user->getUID()); + + if (!$isAdmin && !$this->groupManager->getSubAdmin()->isSubAdmin($user)) { + return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); + } + if($this->userManager->userExists($userId)) { $this->logger->error('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']); return new OC_OCS_Result(null, 102, 'User already exists'); + } + + if(is_array($groups)) { + foreach ($groups as $key => $group) { + if(!$this->groupManager->groupExists($group)){ + return new OC_OCS_Result(null, 104, 'group '.$group.' does not exist'); + } + if(!$isAdmin && !$this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $this->groupManager->get($group))) { + return new OC_OCS_Result(null, 105, 'insufficient privileges for group '. $group); + } + } } else { - try { - $this->userManager->createUser($userId, $password); - $this->logger->info('Successful addUser call with userid: '.$_POST['userid'], ['app' => 'ocs_api']); - return new OC_OCS_Result(null, 100); - } catch (\Exception $e) { - $this->logger->error('Failed addUser attempt with exception: '.$e->getMessage(), ['app' => 'ocs_api']); - return new OC_OCS_Result(null, 101, 'Bad request'); + if(!$isAdmin) { + return new OC_OCS_Result(null, 106, 'no group specified (required for subadmins)'); + } + } + + try { + $user = $this->userManager->createUser($userId, $password); + $this->logger->info('Successful addUser call with userid: '.$_POST['userid'], ['app' => 'ocs_api']); + + if (is_array($groups)) { + foreach ($groups as $group) { + $this->groupManager->get($group)->addUser($user); + $this->logger->info('Added user (' . $user->getUID() . ') to group ' . $group, ['app' => 'ocs_api']); + } } + return new OC_OCS_Result(null, 100); + } catch (\Exception $e) { + $this->logger->error('Failed addUser attempt with exception: '.$e->getMessage(), ['app' => 'ocs_api']); + return new OC_OCS_Result(null, 101, 'Bad request'); } } |