Merge pull request #46418 from nextcloud/artonge/feat/user_admin_delegation

feat(users): Add users and group management to admin delegation
author: Louis <louis@chmn.me> 2024-07-24 11:15:54 +0200
committer: GitHub <noreply@github.com> 2024-07-24 11:15:54 +0200
commit: 7266a9ef333b47f4ec6dd16f48227fd4b4e862d4 (patch)
tree: adb2b808e653b2ea1d0255ae774e97241d8c25c6 /apps/settings/lib
parent: f3a2806b691543ba48968f875ad381d53f68ba35 (diff)
parent: 7f0f671417f6de083827327d72fa7f8a21c7a950 (diff)
download: nextcloud-server-7266a9ef333b47f4ec6dd16f48227fd4b4e862d4.tar.gz
nextcloud-server-7266a9ef333b47f4ec6dd16f48227fd4b4e862d4.zip
2 files changed, 68 insertions, 1 deletions
diff --git a/apps/settings/lib/Controller/UsersController.php b/apps/settings/lib/Controller/UsersController.php
index 999f883bad8..823d3d4cb8b 100644
--- a/apps/settings/lib/Controller/UsersController.php
+++ b/apps/settings/lib/Controller/UsersController.php
@@ -19,12 +19,14 @@ use OC\Security\IdentityProof\Manager;
 use OC\User\Manager as UserManager;
 use OCA\Settings\BackgroundJobs\VerifyUserData;
 use OCA\Settings\Events\BeforeTemplateRenderedEvent;
+use OCA\Settings\Settings\Admin\Users;
 use OCA\User_LDAP\User_Proxy;
 use OCP\Accounts\IAccount;
 use OCP\Accounts\IAccountManager;
 use OCP\Accounts\PropertyDoesNotExistException;
 use OCP\App\IAppManager;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\JSONResponse;
@@ -93,6 +95,7 @@ class UsersController extends Controller {
 		$user = $this->userSession->getUser();
 		$uid = $user->getUID();
 		$isAdmin = $this->groupManager->isAdmin($uid);
+		$isDelegatedAdmin = $this->groupManager->isDelegatedAdmin($uid);
 
 		\OC::$server->getNavigationManager()->setActiveEntry('core_users');
 
@@ -118,6 +121,7 @@ class UsersController extends Controller {
 		$groupsInfo = new \OC\Group\MetaData(
 			$uid,
 			$isAdmin,
+			$isDelegatedAdmin,
 			$this->groupManager,
 			$this->userSession
 		);
@@ -135,7 +139,7 @@ class UsersController extends Controller {
 		$userCount = 0;
 
 		if (!$isLDAPUsed) {
-			if ($isAdmin) {
+			if ($isAdmin || $isDelegatedAdmin) {
 				$disabledUsers = $this->userManager->countDisabledUsers();
 				$userCount = array_reduce($this->userManager->countUsers(), function ($v, $w) {
 					return $v + (int)$w;
@@ -201,6 +205,7 @@ class UsersController extends Controller {
 		$serverData['groups'] = array_merge_recursive($adminGroup, [$recentUsersGroup, $disabledUsersGroup], $groups);
 		// Various data
 		$serverData['isAdmin'] = $isAdmin;
+		$serverData['isDelegatedAdmin'] = $isDelegatedAdmin;
 		$serverData['sortGroups'] = $forceSortGroupByName
 			? \OC\Group\MetaData::SORT_GROUPNAME
 			: (int)$this->config->getAppValue('core', 'group.sortBy', (string)\OC\Group\MetaData::SORT_USERCOUNT);
@@ -232,6 +237,7 @@ class UsersController extends Controller {
 	 *
 	 * @return JSONResponse
 	 */
+	#[AuthorizedAdminSetting(settings:Users::class)]
 	public function setPreference(string $key, string $value): JSONResponse {
 		$allowed = ['newUser.sendEmail', 'group.sortBy'];
 		if (!in_array($key, $allowed, true)) {
diff --git a/apps/settings/lib/Settings/Admin/Users.php b/apps/settings/lib/Settings/Admin/Users.php
new file mode 100644
index 00000000000..3af018e0cf1
--- /dev/null
+++ b/apps/settings/lib/Settings/Admin/Users.php
@@ -0,0 +1,61 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Settings\Settings\Admin;
+
+use OCP\AppFramework\Http\TemplateResponse;
+use OCP\IL10N;
+use OCP\Settings\IDelegatedSettings;
+
+/**
+ * Empty settings class, used only for admin delegation.
+ */
+class Users implements IDelegatedSettings {
+
+	public function __construct(
+		protected string $appName,
+		private IL10N $l10n,
+	) {
+	}
+
+	/**
+	 * Empty template response
+	 */
+	public function getForm(): TemplateResponse {
+
+		return new /** @template-extends TemplateResponse<\OCP\AppFramework\Http::STATUS_OK, array{}> */ class($this->appName, '') extends TemplateResponse {
+			public function render(): string {
+				return '';
+			}
+		};
+	}
+
+	public function getSection(): ?string {
+		return 'admindelegation';
+	}
+
+	/**
+	 * @return int whether the form should be rather on the top or bottom of
+	 * the admin section. The forms are arranged in ascending order of the
+	 * priority values. It is required to return a value between 0 and 100.
+	 *
+	 * E.g.: 70
+	 */
+	public function getPriority(): int {
+		return 0;
+	}
+
+	public function getName(): string {
+		return $this->l10n->t('Users');
+	}
+
+	public function getAuthorizedAppConfig(): array {
+		return [];
+	}
+}
author	Louis <louis@chmn.me>	2024-07-24 11:15:54 +0200
committer	GitHub <noreply@github.com>	2024-07-24 11:15:54 +0200
commit	7266a9ef333b47f4ec6dd16f48227fd4b4e862d4 (patch)
tree	adb2b808e653b2ea1d0255ae774e97241d8c25c6 /apps/settings/lib
parent	f3a2806b691543ba48968f875ad381d53f68ba35 (diff)
parent	7f0f671417f6de083827327d72fa7f8a21c7a950 (diff)
download	nextcloud-server-7266a9ef333b47f4ec6dd16f48227fd4b4e862d4.tar.gz nextcloud-server-7266a9ef333b47f4ec6dd16f48227fd4b4e862d4.zip