subadmins can now add users

author: Georg Ehrke <dev@georgswebsite.de> 2012-07-15 16:31:28 +0200
committer: Georg Ehrke <dev@georgswebsite.de> 2012-07-15 16:31:28 +0200
commit: e707e948577b927a28b86545d345e7b6c8606352 (patch)
tree: df7f5a1705e1ee4815f28f0d864b97026a32f849 /settings/ajax/createuser.php
parent: 0cb9f5e159b1588550830dda4b21010a0412bae9 (diff)
download: nextcloud-server-e707e948577b927a28b86545d345e7b6c8606352.tar.gz
nextcloud-server-e707e948577b927a28b86545d345e7b6c8606352.zip
1 files changed, 25 insertions, 4 deletions
diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php
index c56df4bc15a..41bf31a05f6 100644
--- a/settings/ajax/createuser.php
+++ b/settings/ajax/createuser.php
@@ -4,15 +4,36 @@
 require_once('../../lib/base.php');
 
 // Check if we are a user
-if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )){
+if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && !OC_SubAdmin::isSubAdmin(OC_User::getUser()))){
 	OC_JSON::error(array("data" => array( "message" => "Authentication error" )));
 	exit();
 }
 OCP\JSON::callCheck();
 
-$groups = array();
-if( isset( $_POST["groups"] )){
-	$groups = $_POST["groups"];
+$isadmin = OC_Group::inGroup(OC_User::getUser(),'admin')?true:false;
+
+if($isadmin){
+	$groups = array();
+	if( isset( $_POST["groups"] )){
+		$groups = $_POST["groups"];
+	}
+}else{
+	$accessiblegroups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
+	$accessiblegroups = array_flip($accessiblegroups);
+	if(isset( $_POST["groups"] )){
+		$unauditedgroups = $_POST["groups"];
+		$groups = array();
+		foreach($unauditedgroups as $group){
+			if(array_key_exists($group, $accessiblegroups)){
+				$groups[] = $group;
+			}
+		}
+		if(count($groups) == 0){
+			$groups = array_flip($accessiblegroups);
+		}
+	}else{
+		$groups = array_flip($accessiblegroups);
+	}
 }
 $username = $_POST["username"];
 $password = $_POST["password"];
author	Georg Ehrke <dev@georgswebsite.de>	2012-07-15 16:31:28 +0200
committer	Georg Ehrke <dev@georgswebsite.de>	2012-07-15 16:31:28 +0200
commit	e707e948577b927a28b86545d345e7b6c8606352 (patch)
tree	df7f5a1705e1ee4815f28f0d864b97026a32f849 /settings/ajax/createuser.php
parent	0cb9f5e159b1588550830dda4b21010a0412bae9 (diff)
download	nextcloud-server-e707e948577b927a28b86545d345e7b6c8606352.tar.gz nextcloud-server-e707e948577b927a28b86545d345e7b6c8606352.zip