Change auth checks

3 files changed, 7 insertions, 19 deletions

diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index b3ebbe6e456..5eab751b04e 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -3,14 +3,15 @@
 // Init owncloud
 require_once '../../lib/base.php';
 
+// Check if we are a user
+OCP\JSON::callCheck();
+OC_JSON::checkLoggedIn();
+OC_JSON::verifyUser();
+
 $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
 $password = $_POST["password"];
 $oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';
 
-// Check if we are a user
-OC_JSON::checkLoggedIn();
-OCP\JSON::callCheck();
-
 $userstatus = null;
 if(OC_Group::inGroup(OC_User::getUser(), 'admin')) {
 	$userstatus = 'admin';
diff --git a/settings/ajax/creategroup.php b/settings/ajax/creategroup.php
index 83733ac4d2d..431b449a811 100644
--- a/settings/ajax/creategroup.php
+++ b/settings/ajax/creategroup.php
@@ -3,14 +3,7 @@
 // Init owncloud
 require_once '../../lib/base.php';
 OCP\JSON::callCheck();
-
-// Check if we are a user
-if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )) {
-	OC_JSON::error(array("data" => array( "message" => $l->t("Authentication error") )));
-	exit();
-}
-
-OCP\JSON::callCheck();
+OC_JSON::checkAdminUser();
 
 $groupname = $_POST["groupname"];
 
diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php
index bdf7e4983ac..b3e5c23de54 100644
--- a/settings/ajax/createuser.php
+++ b/settings/ajax/createuser.php
@@ -3,13 +3,7 @@
 // Init owncloud
 require_once '../../lib/base.php';
 OCP\JSON::callCheck();
-
-// Check if we are a user
-if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && !OC_SubAdmin::isSubAdmin(OC_User::getUser()))) {
-	OC_JSON::error(array("data" => array( "message" => "Authentication error" )));
-	exit();
-}
-OCP\JSON::callCheck();
+OC_JSON::checkSubAdminUser();
 
 $isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false;