summaryrefslogtreecommitdiffstats
path: root/apps/provisioning_api
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2016-04-07 17:22:21 +0200
committerThomas Müller <thomas.mueller@tmit.eu>2016-05-02 09:31:22 +0200
commit8486926a147ad767d2ac8957512142f8a4873fa7 (patch)
treeb05e4e103b445babbeba6beeac1916f2f7191e8d /apps/provisioning_api
parent9c9fec36dd469494738b57c691338cbe71926c10 (diff)
downloadnextcloud-server-8486926a147ad767d2ac8957512142f8a4873fa7.tar.gz
nextcloud-server-8486926a147ad767d2ac8957512142f8a4873fa7.zip
Add provisioning api to enable and disable users
Diffstat (limited to 'apps/provisioning_api')
-rw-r--r--apps/provisioning_api/appinfo/routes.php11
-rw-r--r--apps/provisioning_api/lib/users.php72
-rw-r--r--apps/provisioning_api/tests/userstest.php64
3 files changed, 128 insertions, 19 deletions
diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php
index 08411856e7e..00a362864e5 100644
--- a/apps/provisioning_api/appinfo/routes.php
+++ b/apps/provisioning_api/appinfo/routes.php
@@ -26,10 +26,13 @@
namespace OCA\Provisioning_API\AppInfo;
+use OCA\Provisioning_API\Apps;
+use OCA\Provisioning_API\Groups;
+use OCA\Provisioning_API\Users;
use OCP\API;
// Users
-$users = new \OCA\Provisioning_API\Users(
+$users = new Users(
\OC::$server->getUserManager(),
\OC::$server->getConfig(),
\OC::$server->getGroupManager(),
@@ -41,6 +44,8 @@ API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', A
API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH);
+API::register('put', '/cloud/users/{userid}/enable', [$users, 'enableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
+API::register('put', '/cloud/users/{userid}/disable', [$users, 'disableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('get', '/cloud/users/{userid}/groups', [$users, 'getUsersGroups'], 'provisioning_api', API::USER_AUTH);
API::register('post', '/cloud/users/{userid}/groups', [$users, 'addToGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('delete', '/cloud/users/{userid}/groups', [$users, 'removeFromGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
@@ -49,7 +54,7 @@ API::register('delete', '/cloud/users/{userid}/subadmins', [$users, 'removeSubAd
API::register('get', '/cloud/users/{userid}/subadmins', [$users, 'getUserSubAdminGroups'], 'provisioning_api', API::ADMIN_AUTH);
// Groups
-$groups = new \OCA\Provisioning_API\Groups(
+$groups = new Groups(
\OC::$server->getGroupManager(),
\OC::$server->getUserSession(),
\OC::$server->getRequest()
@@ -61,7 +66,7 @@ API::register('delete', '/cloud/groups/{groupid}', [$groups, 'deleteGroup'], 'pr
API::register('get', '/cloud/groups/{groupid}/subadmins', [$groups, 'getSubAdminsOfGroup'], 'provisioning_api', API::ADMIN_AUTH);
// Apps
-$apps = new \OCA\Provisioning_API\Apps(
+$apps = new Apps(
\OC::$server->getAppManager(),
\OC::$server->getOcsClient()
);
diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php
index 68c89e41f6f..2749372c393 100644
--- a/apps/provisioning_api/lib/users.php
+++ b/apps/provisioning_api/lib/users.php
@@ -31,32 +31,36 @@ namespace OCA\Provisioning_API;
use \OC_OCS_Result;
use \OC_Helper;
use OCP\Files\NotFoundException;
+use OCP\IConfig;
+use OCP\IGroupManager;
use OCP\ILogger;
+use OCP\IUserManager;
+use OCP\IUserSession;
class Users {
- /** @var \OCP\IUserManager */
+ /** @var IUserManager */
private $userManager;
- /** @var \OCP\IConfig */
+ /** @var IConfig */
private $config;
- /** @var \OCP\IGroupManager */
+ /** @var IGroupManager */
private $groupManager;
- /** @var \OCP\IUserSession */
+ /** @var IUserSession */
private $userSession;
/** @var ILogger */
private $logger;
/**
- * @param \OCP\IUserManager $userManager
- * @param \OCP\IConfig $config
- * @param \OCP\IGroupManager $groupManager
- * @param \OCP\IUserSession $userSession
+ * @param IUserManager $userManager
+ * @param IConfig $config
+ * @param IGroupManager $groupManager
+ * @param IUserSession $userSession
* @param ILogger $logger
*/
- public function __construct(\OCP\IUserManager $userManager,
- \OCP\IConfig $config,
- \OCP\IGroupManager $groupManager,
- \OCP\IUserSession $userSession,
+ public function __construct(IUserManager $userManager,
+ IConfig $config,
+ IGroupManager $groupManager,
+ IUserSession $userSession,
ILogger $logger) {
$this->userManager = $userManager;
$this->config = $config;
@@ -333,6 +337,50 @@ class Users {
* @param array $parameters
* @return OC_OCS_Result
*/
+ public function disableUser($parameters) {
+ return $this->setEnabled($parameters, false);
+ }
+
+ /**
+ * @param array $parameters
+ * @return OC_OCS_Result
+ */
+ public function enableUser($parameters) {
+ return $this->setEnabled($parameters, true);
+ }
+
+ /**
+ * @param array $parameters
+ * @param bool $value
+ * @return OC_OCS_Result
+ */
+ private function setEnabled($parameters, $value) {
+ // Check if user is logged in
+ $currentLoggedInUser = $this->userSession->getUser();
+ if ($currentLoggedInUser === null) {
+ return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
+ }
+
+ $targetUser = $this->userManager->get($parameters['userid']);
+ if($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
+ return new OC_OCS_Result(null, 101);
+ }
+
+ // If not permitted
+ $subAdminManager = $this->groupManager->getSubAdmin();
+ if(!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+ return new OC_OCS_Result(null, 997);
+ }
+
+ // enable/disable the user now
+ $targetUser->setEnabled($value);
+ return new OC_OCS_Result(null, 100);
+ }
+
+ /**
+ * @param array $parameters
+ * @return OC_OCS_Result
+ */
public function getUsersGroups($parameters) {
// Check if user is logged in
$loggedInUser = $this->userSession->getUser();
diff --git a/apps/provisioning_api/tests/userstest.php b/apps/provisioning_api/tests/userstest.php
index 020071bcfa1..8f463ec8b88 100644
--- a/apps/provisioning_api/tests/userstest.php
+++ b/apps/provisioning_api/tests/userstest.php
@@ -58,8 +58,8 @@ class UsersTest extends OriginalTest {
parent::tearDown();
}
- protected function setup() {
- parent::setup();
+ protected function setUp() {
+ parent::setUp();
$this->userManager = $this->getMock('\OCP\IUserManager');
$this->config = $this->getMock('\OCP\IConfig');
@@ -540,7 +540,7 @@ class UsersTest extends OriginalTest {
->expects($this->once())
->method('isSubAdminOfGroup')
->with($loggedInUser, $existingGroup)
- ->wilLReturn(false);
+ ->willReturn(false);
$this->groupManager
->expects($this->once())
->method('getSubAdmin')
@@ -642,7 +642,7 @@ class UsersTest extends OriginalTest {
[$loggedInUser, $existingGroup1],
[$loggedInUser, $existingGroup2]
)
- ->wilLReturn(true);
+ ->willReturn(true);
$expected = new \OC_OCS_Result(null, 100);
@@ -2295,4 +2295,60 @@ class UsersTest extends OriginalTest {
$expected = new \OC_OCS_Result(null, 102, 'Unknown error occurred');
$this->assertEquals($expected, $this->api->getUserSubAdminGroups(['userid' => 'RequestedUser']));
}
+
+ public function testEnableUser() {
+ $targetUser = $this->getMock('\OCP\IUser');
+ $targetUser->expects($this->once())
+ ->method('setEnabled')
+ ->with(true);
+ $this->userManager
+ ->expects($this->once())
+ ->method('get')
+ ->with('RequestedUser')
+ ->will($this->returnValue($targetUser));
+ $loggedInUser = $this->getMock('\OCP\IUser');
+ $loggedInUser
+ ->expects($this->exactly(2))
+ ->method('getUID')
+ ->will($this->returnValue('admin'));
+ $this->userSession
+ ->expects($this->once())
+ ->method('getUser')
+ ->will($this->returnValue($loggedInUser));
+ $this->groupManager
+ ->expects($this->once())
+ ->method('isAdmin')
+ ->will($this->returnValue(true));
+
+ $expected = new \OC_OCS_Result(null, 100);
+ $this->assertEquals($expected, $this->api->enableUser(['userid' => 'RequestedUser']));
+ }
+
+ public function testDisableUser() {
+ $targetUser = $this->getMock('\OCP\IUser');
+ $targetUser->expects($this->once())
+ ->method('setEnabled')
+ ->with(false);
+ $this->userManager
+ ->expects($this->once())
+ ->method('get')
+ ->with('RequestedUser')
+ ->will($this->returnValue($targetUser));
+ $loggedInUser = $this->getMock('\OCP\IUser');
+ $loggedInUser
+ ->expects($this->exactly(2))
+ ->method('getUID')
+ ->will($this->returnValue('admin'));
+ $this->userSession
+ ->expects($this->once())
+ ->method('getUser')
+ ->will($this->returnValue($loggedInUser));
+ $this->groupManager
+ ->expects($this->once())
+ ->method('isAdmin')
+ ->will($this->returnValue(true));
+
+ $expected = new \OC_OCS_Result(null, 100);
+ $this->assertEquals($expected, $this->api->disableUser(['userid' => 'RequestedUser']));
+ }
}