summaryrefslogtreecommitdiffstats
path: root/apps/provisioning_api
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2015-07-25 14:49:20 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2015-08-02 10:22:26 +0200
commit9f59add9ed596a156ae18ce8e28d1bfc9b596617 (patch)
treedc1d3f1d984721ff00f28f415b0bd0f3f61b2142 /apps/provisioning_api
parentb745e7573731039ab0cf97440782c170069d25e2 (diff)
downloadnextcloud-server-9f59add9ed596a156ae18ce8e28d1bfc9b596617.tar.gz
nextcloud-server-9f59add9ed596a156ae18ce8e28d1bfc9b596617.zip
[provisioning_api] subadmin check for users
Diffstat (limited to 'apps/provisioning_api')
-rw-r--r--apps/provisioning_api/lib/users.php20
1 files changed, 10 insertions, 10 deletions
diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php
index f75e3c0e575..9db8a828c78 100644
--- a/apps/provisioning_api/lib/users.php
+++ b/apps/provisioning_api/lib/users.php
@@ -93,7 +93,7 @@ class Users {
public function getUser($parameters){
$userId = $parameters['userid'];
// Admin? Or SubAdmin?
- if(OC_User::isAdminUser(OC_User::getUser()) || OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)) {
+ if($this->groupManager->isAdmin(OC_User::getUser()) || OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)) {
// Check they exist
if(!$this->userManager->userExists($userId)) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested user could not be found');
@@ -103,12 +103,12 @@ class Users {
'email',
'enabled',
);
- if(OC_User::getUser() != $userId) {
+ if(OC_User::getUser() !== $userId) {
$return[] = 'quota';
}
} else {
// Check they are looking up themselves
- if(OC_User::getUser() != $userId) {
+ if(OC_User::getUser() !== $userId) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Return some additional information compared to the core route
@@ -145,13 +145,13 @@ class Users {
$permittedFields[] = 'email';
$permittedFields[] = 'password';
// If admin they can edit their own quota
- if(OC_User::isAdminUser(OC_User::getUser())) {
+ if($this->groupManager->isAdmin(OC_User::getUser())) {
$permittedFields[] = 'quota';
}
} else {
// Check if admin / subadmin
if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)
- || OC_User::isAdminUser(OC_User::getUser())) {
+ || $this->groupManager->isAdmin(OC_User::getUser())) {
// They have permissions over the user
$permittedFields[] = 'display';
$permittedFields[] = 'quota';
@@ -182,9 +182,9 @@ class Users {
if ($quota === false) {
return new OC_OCS_Result(null, 103, "Invalid quota value {$parameters['_put']['value']}");
}
- if($quota == 0) {
+ if($quota === 0) {
$quota = 'default';
- }else if($quota == -1){
+ }else if($quota === -1){
$quota = 'none';
} else {
$quota = OC_Helper::humanFileSize($quota);
@@ -215,7 +215,7 @@ class Users {
return new OC_OCS_Result(null, 101);
}
// If not permitted
- if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) {
+ if(!$this->groupManager->isAdmin(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) {
return new OC_OCS_Result(null, 997);
}
// Go ahead with the delete
@@ -227,7 +227,7 @@ class Users {
}
public function getUsersGroups($parameters){
- if($parameters['userid'] === OC_User::getUser() || OC_User::isAdminUser(OC_User::getUser())) {
+ if($parameters['userid'] === OC_User::getUser() || $this->groupManager->isAdmin(OC_User::getUser())) {
// Self lookup or admin lookup
return new OC_OCS_Result([
'groups' => $this->groupManager->getUserGroupIds(
@@ -330,7 +330,7 @@ class Users {
return new OC_OCS_Result(null, 102, 'Group:'.$group.' does not exist');
}
// Check if trying to make subadmin of admin group
- if(strtolower($group) == 'admin') {
+ if(strtolower($group) === 'admin') {
return new OC_OCS_Result(null, 103, 'Cannot create subadmins for admin group');
}
// We cannot be subadmin twice