diff options
| author | Joas Schilling <coding@schilljs.com> | 2017-01-18 14:34:38 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2017-01-18 14:34:38 +0100 |
| commit | 5d1f7e5a7be4eba2c1cb0e601c7bc0ac43e1855f (patch) | |
| tree | e7ba4683129ac6a883b7800db601f4d46b178224 /apps/provisioning_api/lib | |
| parent | d80a4453af8271040026b781edb3c915468f6d52 (diff) | |
| download | nextcloud-server-5d1f7e5a7be4eba2c1cb0e601c7bc0ac43e1855f.tar.gz nextcloud-server-5d1f7e5a7be4eba2c1cb0e601c7bc0ac43e1855f.zip | |
Allow subadmins to add people to groups via provisioning api
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/provisioning_api/lib')
| -rw-r--r-- | apps/provisioning_api/lib/Controller/UsersController.php | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 022cbf92814..2e8a2ffe5ed 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -441,6 +441,8 @@ class UsersController extends OCSController { /** * @PasswordConfirmationRequired + * @NoAdminRequired + * * @param string $userId * @param string $groupid * @return DataResponse @@ -460,6 +462,13 @@ class UsersController extends OCSController { throw new OCSException('', 103); } + // If they're not an admin, check they are a subadmin of the group in question + $loggedInUser = $this->userSession->getUser(); + $subAdminManager = $this->groupManager->getSubAdmin(); + if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) { + throw new OCSException('', 104); + } + // Add user to group $group->addUser($targetUser); return new DataResponse(); |