diff options
author | michag86 <micha_g@arcor.de> | 2015-08-18 17:43:16 +0200 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2015-08-26 11:00:13 +0200 |
commit | e95863822153e6b88a365e6db83444bdf1c4c0ce (patch) | |
tree | 94eeccbdd7c0b4f17f3d7ac0723c5f686b5f2ebb /apps | |
parent | 90e11ee0056e11b2275226edfb823bece0b7c5cf (diff) | |
download | nextcloud-server-e95863822153e6b88a365e6db83444bdf1c4c0ce.tar.gz nextcloud-server-e95863822153e6b88a365e6db83444bdf1c4c0ce.zip |
enable api getUsers for subadmins
Now subadmins can get a list of users they are subadmins of.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/provisioning_api/appinfo/routes.php | 2 | ||||
-rw-r--r-- | apps/provisioning_api/lib/users.php | 27 |
2 files changed, 27 insertions, 2 deletions
diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php index 2ee3a185dae..77a44cd85b6 100644 --- a/apps/provisioning_api/appinfo/routes.php +++ b/apps/provisioning_api/appinfo/routes.php @@ -32,7 +32,7 @@ $users = new \OCA\Provisioning_API\Users( \OC::$server->getGroupManager(), \OC::$server->getUserSession() ); -API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::ADMIN_AUTH); +API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::SUBADMIN_AUTH); API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::ADMIN_AUTH); API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH); API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH); diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php index f5b201a55ea..63cc39550de 100644 --- a/apps/provisioning_api/lib/users.php +++ b/apps/provisioning_api/lib/users.php @@ -28,6 +28,7 @@ namespace OCA\Provisioning_API; use \OC_OCS_Result; use \OC_SubAdmin; use \OC_Helper; +use \OC_Group; use OCP\Files\NotFoundException; class Users { @@ -68,7 +69,31 @@ class Users { $limit = !empty($_GET['limit']) ? $_GET['limit'] : null; $offset = !empty($_GET['offset']) ? $_GET['offset'] : null; - $users = $this->userManager->search($search, $limit, $offset); + // Check if user is logged in + $user = $this->userSession->getUser(); + if ($user === null) { + return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); + } + + // Admin? Or SubAdmin? + if($this->groupManager->isAdmin($user->getUID())){ + $users = $this->userManager->search($search, $limit, $offset); + } else if (\OC_SubAdmin::isSubAdmin($user->getUID())) { + $subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID()); + + if($offset === null) { + $offset = 0; + } + + $users = []; + foreach ($subAdminOfGroups as $group) { + $users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search)); + } + + $users = array_slice($users, $offset, $limit); + } else { + return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); + } $users = array_keys($users); return new OC_OCS_Result([ |