diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2015-07-25 14:49:20 +0200 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2015-08-02 10:22:26 +0200 |
| commit | 9f59add9ed596a156ae18ce8e28d1bfc9b596617 (patch) | |
| tree | dc1d3f1d984721ff00f28f415b0bd0f3f61b2142 /apps/provisioning_api | |
| parent | b745e7573731039ab0cf97440782c170069d25e2 (diff) | |
| download | nextcloud-server-9f59add9ed596a156ae18ce8e28d1bfc9b596617.tar.gz nextcloud-server-9f59add9ed596a156ae18ce8e28d1bfc9b596617.zip | |
[provisioning_api] subadmin check for users
Diffstat (limited to 'apps/provisioning_api')
| -rw-r--r-- | apps/provisioning_api/lib/users.php | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php index f75e3c0e575..9db8a828c78 100644 --- a/apps/provisioning_api/lib/users.php +++ b/apps/provisioning_api/lib/users.php @@ -93,7 +93,7 @@ class Users { public function getUser($parameters){ $userId = $parameters['userid']; // Admin? Or SubAdmin? - if(OC_User::isAdminUser(OC_User::getUser()) || OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)) { + if($this->groupManager->isAdmin(OC_User::getUser()) || OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)) { // Check they exist if(!$this->userManager->userExists($userId)) { return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested user could not be found'); @@ -103,12 +103,12 @@ class Users { 'email', 'enabled', ); - if(OC_User::getUser() != $userId) { + if(OC_User::getUser() !== $userId) { $return[] = 'quota'; } } else { // Check they are looking up themselves - if(OC_User::getUser() != $userId) { + if(OC_User::getUser() !== $userId) { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); } // Return some additional information compared to the core route @@ -145,13 +145,13 @@ class Users { $permittedFields[] = 'email'; $permittedFields[] = 'password'; // If admin they can edit their own quota - if(OC_User::isAdminUser(OC_User::getUser())) { + if($this->groupManager->isAdmin(OC_User::getUser())) { $permittedFields[] = 'quota'; } } else { // Check if admin / subadmin if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId) - || OC_User::isAdminUser(OC_User::getUser())) { + || $this->groupManager->isAdmin(OC_User::getUser())) { // They have permissions over the user $permittedFields[] = 'display'; $permittedFields[] = 'quota'; @@ -182,9 +182,9 @@ class Users { if ($quota === false) { return new OC_OCS_Result(null, 103, "Invalid quota value {$parameters['_put']['value']}"); } - if($quota == 0) { + if($quota === 0) { $quota = 'default'; - }else if($quota == -1){ + }else if($quota === -1){ $quota = 'none'; } else { $quota = OC_Helper::humanFileSize($quota); @@ -215,7 +215,7 @@ class Users { return new OC_OCS_Result(null, 101); } // If not permitted - if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) { + if(!$this->groupManager->isAdmin(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) { return new OC_OCS_Result(null, 997); } // Go ahead with the delete @@ -227,7 +227,7 @@ class Users { } public function getUsersGroups($parameters){ - if($parameters['userid'] === OC_User::getUser() || OC_User::isAdminUser(OC_User::getUser())) { + if($parameters['userid'] === OC_User::getUser() || $this->groupManager->isAdmin(OC_User::getUser())) { // Self lookup or admin lookup return new OC_OCS_Result([ 'groups' => $this->groupManager->getUserGroupIds( @@ -330,7 +330,7 @@ class Users { return new OC_OCS_Result(null, 102, 'Group:'.$group.' does not exist'); } // Check if trying to make subadmin of admin group - if(strtolower($group) == 'admin') { + if(strtolower($group) === 'admin') { return new OC_OCS_Result(null, 103, 'Cannot create subadmins for admin group'); } // We cannot be subadmin twice |