Require sudo mode on the provisioning API

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2016-12-05 11:55:21 +0100
committer: Joas Schilling <coding@schilljs.com> 2016-12-05 11:55:21 +0100
commit: bea85adc087648f170d898ea5f16079cde820d35 (patch)
tree: adc197f81ca06dbcdf79e20daf5c99a52cf7f77f /apps/provisioning_api
parent: eeb81ec783e6e555aa8f1ac3eaa806b3c9dacaf7 (diff)
download: nextcloud-server-bea85adc087648f170d898ea5f16079cde820d35.tar.gz
nextcloud-server-bea85adc087648f170d898ea5f16079cde820d35.zip
3 files changed, 24 insertions, 7 deletions
diff --git a/apps/provisioning_api/lib/Controller/AppsController.php b/apps/provisioning_api/lib/Controller/AppsController.php
index 7d11d92b55a..e384d5af907 100644
--- a/apps/provisioning_api/lib/Controller/AppsController.php
+++ b/apps/provisioning_api/lib/Controller/AppsController.php
@@ -25,12 +25,10 @@
 
 namespace OCA\Provisioning_API\Controller;
 
-use OC\OCSClient;
 use \OC_App;
 use OCP\App\IAppManager;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCS\OCSException;
-use OCP\AppFramework\OCS\OCSNotFoundException;
 use OCP\AppFramework\OCSController;
 use OCP\IRequest;
 
@@ -86,7 +84,7 @@ class AppsController extends OCSController {
 	/**
 	 * @param string $app
 	 * @return DataResponse
-	 * @throws OCSNotFoundException
+	 * @throws OCSException
 	 */
 	public function getAppInfo($app) {
 		$info = \OCP\App::getAppInfo($app);
@@ -98,6 +96,7 @@ class AppsController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @param string $app
 	 * @return DataResponse
 	 */
@@ -107,6 +106,7 @@ class AppsController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @param string $app
 	 * @return DataResponse
 	 */
diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php
index d36d0de8997..c772076c3d1 100644
--- a/apps/provisioning_api/lib/Controller/GroupsController.php
+++ b/apps/provisioning_api/lib/Controller/GroupsController.php
@@ -128,7 +128,7 @@ class GroupsController extends OCSController {
 	/**
 	 * creates a new group
 	 *
-	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 *
 	 * @param string $groupid
 	 * @return DataResponse
@@ -149,6 +149,8 @@ class GroupsController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
+	 *
 	 * @param string $groupId
 	 * @return DataResponse
 	 * @throws OCSException
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index 8e5975468b1..cc1d63d2d34 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -93,6 +93,7 @@ class UsersController extends OCSController {
 	 */
 	public function getUsers($search = '', $limit = null, $offset = null) {
 		$user = $this->userSession->getUser();
+		$users = [];
 
 		// Admin? Or SubAdmin?
 		$uid = $user->getUID();
@@ -125,6 +126,7 @@ class UsersController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired
 	 *
 	 * @param string $userid
@@ -218,6 +220,7 @@ class UsersController extends OCSController {
 	/**
 	 * @NoAdminRequired
 	 * @NoSubAdminRequired
+	 * @PasswordConfirmationRequired
 	 *
 	 * edit users
 	 *
@@ -308,6 +311,7 @@ class UsersController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired
 	 *
 	 * @param string $userId
@@ -339,20 +343,26 @@ class UsersController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired
 	 *
 	 * @param string $userId
 	 * @return DataResponse
+	 * @throws OCSException
+	 * @throws OCSForbiddenException
 	 */
 	public function disableUser($userId) {
 		return $this->setEnabled($userId, false);
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired
 	 *
 	 * @param string $userId
 	 * @return DataResponse
+	 * @throws OCSException
+	 * @throws OCSForbiddenException
 	 */
 	public function enableUser($userId) {
 		return $this->setEnabled($userId, true);
@@ -390,8 +400,7 @@ class UsersController extends OCSController {
 	 *
 	 * @param string $userId
 	 * @return DataResponse
-	 * @throws OCSForbiddenException
-	 * @throws OCSNotFoundException
+	 * @throws OCSException
 	 */
 	public function getUsersGroups($userId) {
 		$loggedInUser = $this->userSession->getUser();
@@ -430,6 +439,7 @@ class UsersController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @param string $userId
 	 * @param string $groupid
 	 * @return DataResponse
@@ -455,9 +465,10 @@ class UsersController extends OCSController {
 	}
 
 	/**
+	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired
 	 *
-	 * @param string userId
+	 * @param string $userId
 	 * @param string $groupid
 	 * @return DataResponse
 	 * @throws OCSException
@@ -511,6 +522,8 @@ class UsersController extends OCSController {
 	/**
 	 * Creates a subadmin
 	 *
+	 * @PasswordConfirmationRequired
+	 *
 	 * @param string $userId
 	 * @param string $groupid
 	 * @return DataResponse
@@ -550,6 +563,8 @@ class UsersController extends OCSController {
 	/**
 	 * Removes a subadmin from a group
 	 *
+	 * @PasswordConfirmationRequired
+	 *
 	 * @param string $userId
 	 * @param string $groupid
 	 * @return DataResponse
author	Joas Schilling <coding@schilljs.com>	2016-12-05 11:55:21 +0100
committer	Joas Schilling <coding@schilljs.com>	2016-12-05 11:55:21 +0100
commit	bea85adc087648f170d898ea5f16079cde820d35 (patch)
tree	adc197f81ca06dbcdf79e20daf5c99a52cf7f77f /apps/provisioning_api
parent	eeb81ec783e6e555aa8f1ac3eaa806b3c9dacaf7 (diff)
download	nextcloud-server-bea85adc087648f170d898ea5f16079cde820d35.tar.gz nextcloud-server-bea85adc087648f170d898ea5f16079cde820d35.zip