diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2016-04-06 11:09:55 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2016-04-06 11:12:22 +0200 |
| commit | c12bb839e197990db86f0062fa6b7ec54aff5121 (patch) | |
| tree | f70c0ac4f4113db7c0b5fdde0665c1f510fe6601 /settings/controller | |
| parent | 046506dd146f823499098d0d2b0042072e436469 (diff) | |
| download | nextcloud-server-c12bb839e197990db86f0062fa6b7ec54aff5121.tar.gz nextcloud-server-c12bb839e197990db86f0062fa6b7ec54aff5121.zip | |
Rename files to be PSR-4 compliant
Diffstat (limited to 'settings/controller')
| -rw-r--r-- | settings/controller/appsettingscontroller.php | 322 | ||||
| -rw-r--r-- | settings/controller/certificatecontroller.php | 183 | ||||
| -rw-r--r-- | settings/controller/checksetupcontroller.php | 350 | ||||
| -rw-r--r-- | settings/controller/encryptioncontroller.php | 145 | ||||
| -rw-r--r-- | settings/controller/groupscontroller.php | 159 | ||||
| -rw-r--r-- | settings/controller/logsettingscontroller.php | 109 | ||||
| -rw-r--r-- | settings/controller/mailsettingscontroller.php | 181 | ||||
| -rw-r--r-- | settings/controller/securitysettingscontroller.php | 70 | ||||
| -rw-r--r-- | settings/controller/userscontroller.php | 659 |
9 files changed, 0 insertions, 2178 deletions
diff --git a/settings/controller/appsettingscontroller.php b/settings/controller/appsettingscontroller.php deleted file mode 100644 index cc69d3130d9..00000000000 --- a/settings/controller/appsettingscontroller.php +++ /dev/null @@ -1,322 +0,0 @@ -<?php -/** - * @author Joas Schilling <nickvergessen@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use OC\App\DependencyAnalyzer; -use OC\App\Platform; -use OC\OCSClient; -use OCP\App\IAppManager; -use \OCP\AppFramework\Controller; -use OCP\AppFramework\Http\ContentSecurityPolicy; -use OCP\AppFramework\Http\DataResponse; -use OCP\AppFramework\Http\TemplateResponse; -use OCP\ICacheFactory; -use OCP\INavigationManager; -use OCP\IRequest; -use OCP\IL10N; -use OCP\IConfig; - -/** - * @package OC\Settings\Controller - */ -class AppSettingsController extends Controller { - const CAT_ENABLED = 0; - const CAT_DISABLED = 1; - - /** @var \OCP\IL10N */ - private $l10n; - /** @var IConfig */ - private $config; - /** @var \OCP\ICache */ - private $cache; - /** @var INavigationManager */ - private $navigationManager; - /** @var IAppManager */ - private $appManager; - /** @var OCSClient */ - private $ocsClient; - - /** - * @param string $appName - * @param IRequest $request - * @param IL10N $l10n - * @param IConfig $config - * @param ICacheFactory $cache - * @param INavigationManager $navigationManager - * @param IAppManager $appManager - * @param OCSClient $ocsClient - */ - public function __construct($appName, - IRequest $request, - IL10N $l10n, - IConfig $config, - ICacheFactory $cache, - INavigationManager $navigationManager, - IAppManager $appManager, - OCSClient $ocsClient) { - parent::__construct($appName, $request); - $this->l10n = $l10n; - $this->config = $config; - $this->cache = $cache->create($appName); - $this->navigationManager = $navigationManager; - $this->appManager = $appManager; - $this->ocsClient = $ocsClient; - } - - /** - * Enables or disables the display of experimental apps - * @param bool $state - * @return DataResponse - */ - public function changeExperimentalConfigState($state) { - $this->config->setSystemValue('appstore.experimental.enabled', $state); - $this->appManager->clearAppsCache(); - return new DataResponse(); - } - - /** - * @param string|int $category - * @return int - */ - protected function getCategory($category) { - if (is_string($category)) { - foreach ($this->listCategories() as $cat) { - if (isset($cat['ident']) && $cat['ident'] === $category) { - $category = (int) $cat['id']; - break; - } - } - - // Didn't find the category, falling back to enabled - if (is_string($category)) { - $category = self::CAT_ENABLED; - } - } - return (int) $category; - } - - /** - * @NoCSRFRequired - * @param string $category - * @return TemplateResponse - */ - public function viewApps($category = '') { - $categoryId = $this->getCategory($category); - if ($categoryId === self::CAT_ENABLED) { - // Do not use an arbitrary input string, because we put the category in html - $category = 'enabled'; - } - - $params = []; - $params['experimentalEnabled'] = $this->config->getSystemValue('appstore.experimental.enabled', false); - $params['category'] = $category; - $params['appstoreEnabled'] = $this->config->getSystemValue('appstoreenabled', true) === true; - $this->navigationManager->setActiveEntry('core_apps'); - - $templateResponse = new TemplateResponse($this->appName, 'apps', $params, 'user'); - $policy = new ContentSecurityPolicy(); - $policy->addAllowedImageDomain('https://apps.owncloud.com'); - $templateResponse->setContentSecurityPolicy($policy); - - return $templateResponse; - } - - /** - * Get all available categories - * @return array - */ - public function listCategories() { - - if(!is_null($this->cache->get('listCategories'))) { - return $this->cache->get('listCategories'); - } - $categories = [ - ['id' => self::CAT_ENABLED, 'ident' => 'enabled', 'displayName' => (string)$this->l10n->t('Enabled')], - ['id' => self::CAT_DISABLED, 'ident' => 'disabled', 'displayName' => (string)$this->l10n->t('Not enabled')], - ]; - - if($this->ocsClient->isAppStoreEnabled()) { - // apps from external repo via OCS - $ocs = $this->ocsClient->getCategories(\OCP\Util::getVersion()); - if ($ocs) { - foreach($ocs as $k => $v) { - $name = str_replace('ownCloud ', '', $v); - $ident = str_replace(' ', '-', urlencode(strtolower($name))); - $categories[] = [ - 'id' => $k, - 'ident' => $ident, - 'displayName' => $name, - ]; - } - } - } - - $this->cache->set('listCategories', $categories, 3600); - - return $categories; - } - - /** - * Get all available apps in a category - * - * @param string $category - * @param bool $includeUpdateInfo Should we check whether there is an update - * in the app store? - * @return array - */ - public function listApps($category = '', $includeUpdateInfo = true) { - $category = $this->getCategory($category); - $cacheName = 'listApps-' . $category . '-' . (int) $includeUpdateInfo; - - if(!is_null($this->cache->get($cacheName))) { - $apps = $this->cache->get($cacheName); - } else { - switch ($category) { - // installed apps - case 0: - $apps = $this->getInstalledApps($includeUpdateInfo); - usort($apps, function ($a, $b) { - $a = (string)$a['name']; - $b = (string)$b['name']; - if ($a === $b) { - return 0; - } - return ($a < $b) ? -1 : 1; - }); - $version = \OCP\Util::getVersion(); - foreach($apps as $key => $app) { - if(!array_key_exists('level', $app) && array_key_exists('ocsid', $app)) { - $remoteAppEntry = $this->ocsClient->getApplication($app['ocsid'], $version); - - if(is_array($remoteAppEntry) && array_key_exists('level', $remoteAppEntry)) { - $apps[$key]['level'] = $remoteAppEntry['level']; - } - } - } - break; - // not-installed apps - case 1: - $apps = \OC_App::listAllApps(true, $includeUpdateInfo, $this->ocsClient); - $apps = array_filter($apps, function ($app) { - return !$app['active']; - }); - $version = \OCP\Util::getVersion(); - foreach($apps as $key => $app) { - if(!array_key_exists('level', $app) && array_key_exists('ocsid', $app)) { - $remoteAppEntry = $this->ocsClient->getApplication($app['ocsid'], $version); - - if(is_array($remoteAppEntry) && array_key_exists('level', $remoteAppEntry)) { - $apps[$key]['level'] = $remoteAppEntry['level']; - } - } - } - usort($apps, function ($a, $b) { - $a = (string)$a['name']; - $b = (string)$b['name']; - if ($a === $b) { - return 0; - } - return ($a < $b) ? -1 : 1; - }); - break; - default: - $filter = $this->config->getSystemValue('appstore.experimental.enabled', false) ? 'all' : 'approved'; - - $apps = \OC_App::getAppstoreApps($filter, $category, $this->ocsClient); - if (!$apps) { - $apps = array(); - } else { - // don't list installed apps - $installedApps = $this->getInstalledApps(false); - $installedApps = array_map(function ($app) { - if (isset($app['ocsid'])) { - return $app['ocsid']; - } - return $app['id']; - }, $installedApps); - $apps = array_filter($apps, function ($app) use ($installedApps) { - return !in_array($app['id'], $installedApps); - }); - } - - // sort by score - usort($apps, function ($a, $b) { - $a = (int)$a['score']; - $b = (int)$b['score']; - if ($a === $b) { - return 0; - } - return ($a > $b) ? -1 : 1; - }); - break; - } - } - - // fix groups to be an array - $dependencyAnalyzer = new DependencyAnalyzer(new Platform($this->config), $this->l10n); - $apps = array_map(function($app) use ($dependencyAnalyzer) { - - // fix groups - $groups = array(); - if (is_string($app['groups'])) { - $groups = json_decode($app['groups']); - } - $app['groups'] = $groups; - $app['canUnInstall'] = !$app['active'] && $app['removable']; - - // fix licence vs license - if (isset($app['license']) && !isset($app['licence'])) { - $app['licence'] = $app['license']; - } - - // analyse dependencies - $missing = $dependencyAnalyzer->analyze($app); - $app['canInstall'] = empty($missing); - $app['missingDependencies'] = $missing; - - $app['missingMinOwnCloudVersion'] = !isset($app['dependencies']['owncloud']['@attributes']['min-version']); - $app['missingMaxOwnCloudVersion'] = !isset($app['dependencies']['owncloud']['@attributes']['max-version']); - - return $app; - }, $apps); - - $this->cache->set($cacheName, $apps, 300); - - return ['apps' => $apps, 'status' => 'success']; - } - - /** - * @param bool $includeUpdateInfo Should we check whether there is an update - * in the app store? - * @return array - */ - private function getInstalledApps($includeUpdateInfo = true) { - $apps = \OC_App::listAllApps(true, $includeUpdateInfo, $this->ocsClient); - $apps = array_filter($apps, function ($app) { - return $app['active']; - }); - return $apps; - } -} diff --git a/settings/controller/certificatecontroller.php b/settings/controller/certificatecontroller.php deleted file mode 100644 index 90d0c664d84..00000000000 --- a/settings/controller/certificatecontroller.php +++ /dev/null @@ -1,183 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Robin Appelman <icewind@owncloud.com> - * @author Vincent Petry <pvince81@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use OCP\App\IAppManager; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http; -use OCP\AppFramework\Http\DataResponse; -use OCP\ICertificateManager; -use OCP\IL10N; -use OCP\IRequest; - -/** - * @package OC\Settings\Controller - */ -class CertificateController extends Controller { - /** @var ICertificateManager */ - private $userCertificateManager; - /** @var ICertificateManager */ - private $systemCertificateManager; - /** @var IL10N */ - private $l10n; - /** @var IAppManager */ - private $appManager; - - /** - * @param string $appName - * @param IRequest $request - * @param ICertificateManager $userCertificateManager - * @param ICertificateManager $systemCertificateManager - * @param IL10N $l10n - * @param IAppManager $appManager - */ - public function __construct($appName, - IRequest $request, - ICertificateManager $userCertificateManager, - ICertificateManager $systemCertificateManager, - IL10N $l10n, - IAppManager $appManager) { - parent::__construct($appName, $request); - $this->userCertificateManager = $userCertificateManager; - $this->systemCertificateManager = $systemCertificateManager; - $this->l10n = $l10n; - $this->appManager = $appManager; - } - - /** - * Add a new personal root certificate to the users' trust store - * - * @NoAdminRequired - * @NoSubadminRequired - * @return array - */ - public function addPersonalRootCertificate() { - return $this->addCertificate($this->userCertificateManager); - } - - /** - * Add a new root certificate to a trust store - * - * @param ICertificateManager $certificateManager - * @return array - */ - private function addCertificate(ICertificateManager $certificateManager) { - $headers = []; - if ($this->request->isUserAgent([\OC\AppFramework\Http\Request::USER_AGENT_IE_8])) { - // due to upload iframe workaround, need to set content-type to text/plain - $headers['Content-Type'] = 'text/plain'; - } - - if ($this->isCertificateImportAllowed() === false) { - return new DataResponse(['message' => 'Individual certificate management disabled'], Http::STATUS_FORBIDDEN, $headers); - } - - $file = $this->request->getUploadedFile('rootcert_import'); - if (empty($file)) { - return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY, $headers); - } - - try { - $certificate = $certificateManager->addCertificate(file_get_contents($file['tmp_name']), $file['name']); - return new DataResponse( - [ - 'name' => $certificate->getName(), - 'commonName' => $certificate->getCommonName(), - 'organization' => $certificate->getOrganization(), - 'validFrom' => $certificate->getIssueDate()->getTimestamp(), - 'validTill' => $certificate->getExpireDate()->getTimestamp(), - 'validFromString' => $this->l10n->l('date', $certificate->getIssueDate()), - 'validTillString' => $this->l10n->l('date', $certificate->getExpireDate()), - 'issuer' => $certificate->getIssuerName(), - 'issuerOrganization' => $certificate->getIssuerOrganization(), - ], - Http::STATUS_OK, - $headers - ); - } catch (\Exception $e) { - return new DataResponse('An error occurred.', Http::STATUS_UNPROCESSABLE_ENTITY, $headers); - } - } - - /** - * Removes a personal root certificate from the users' trust store - * - * @NoAdminRequired - * @NoSubadminRequired - * @param string $certificateIdentifier - * @return DataResponse - */ - public function removePersonalRootCertificate($certificateIdentifier) { - - if ($this->isCertificateImportAllowed() === false) { - return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN); - } - - $this->userCertificateManager->removeCertificate($certificateIdentifier); - return new DataResponse(); - } - - /** - * check if certificate import is allowed - * - * @return bool - */ - protected function isCertificateImportAllowed() { - $externalStorageEnabled = $this->appManager->isEnabledForUser('files_external'); - if ($externalStorageEnabled) { - /** @var \OCA\Files_External\Service\BackendService $backendService */ - $backendService = \OC_Mount_Config::$app->getContainer()->query('\OCA\Files_External\Service\BackendService'); - if ($backendService->isUserMountingAllowed()) { - return true; - } - } - return false; - } - - /** - * Add a new personal root certificate to the system's trust store - * - * @return array - */ - public function addSystemRootCertificate() { - return $this->addCertificate($this->systemCertificateManager); - } - - /** - * Removes a personal root certificate from the users' trust store - * - * @param string $certificateIdentifier - * @return DataResponse - */ - public function removeSystemRootCertificate($certificateIdentifier) { - - if ($this->isCertificateImportAllowed() === false) { - return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN); - } - - $this->systemCertificateManager->removeCertificate($certificateIdentifier); - return new DataResponse(); - } -} diff --git a/settings/controller/checksetupcontroller.php b/settings/controller/checksetupcontroller.php deleted file mode 100644 index cfdfa5021bc..00000000000 --- a/settings/controller/checksetupcontroller.php +++ /dev/null @@ -1,350 +0,0 @@ -<?php -/** - * @author Joas Schilling <nickvergessen@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin McCorkell <robin@mccorkell.me.uk> - * @author Roeland Jago Douma <rullzer@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use GuzzleHttp\Exception\ClientException; -use OC\AppFramework\Http; -use OC\IntegrityCheck\Checker; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http\DataDisplayResponse; -use OCP\AppFramework\Http\DataResponse; -use OCP\AppFramework\Http\RedirectResponse; -use OCP\Http\Client\IClientService; -use OCP\IConfig; -use OCP\IL10N; -use OCP\IRequest; -use OC_Util; -use OCP\IURLGenerator; - -/** - * @package OC\Settings\Controller - */ -class CheckSetupController extends Controller { - /** @var IConfig */ - private $config; - /** @var IClientService */ - private $clientService; - /** @var \OC_Util */ - private $util; - /** @var IURLGenerator */ - private $urlGenerator; - /** @var IL10N */ - private $l10n; - /** @var Checker */ - private $checker; - - /** - * @param string $AppName - * @param IRequest $request - * @param IConfig $config - * @param IClientService $clientService - * @param IURLGenerator $urlGenerator - * @param \OC_Util $util - * @param IL10N $l10n - * @param Checker $checker - */ - public function __construct($AppName, - IRequest $request, - IConfig $config, - IClientService $clientService, - IURLGenerator $urlGenerator, - \OC_Util $util, - IL10N $l10n, - Checker $checker) { - parent::__construct($AppName, $request); - $this->config = $config; - $this->clientService = $clientService; - $this->util = $util; - $this->urlGenerator = $urlGenerator; - $this->l10n = $l10n; - $this->checker = $checker; - } - - /** - * Checks if the ownCloud server can connect to the internet using HTTPS and HTTP - * @return bool - */ - private function isInternetConnectionWorking() { - if ($this->config->getSystemValue('has_internet_connection', true) === false) { - return false; - } - - try { - $client = $this->clientService->newClient(); - $client->get('https://www.owncloud.org/'); - $client->get('http://www.owncloud.org/'); - return true; - } catch (\Exception $e) { - return false; - } - } - - /** - * Checks whether a local memcache is installed or not - * @return bool - */ - private function isMemcacheConfigured() { - return $this->config->getSystemValue('memcache.local', null) !== null; - } - - /** - * Whether /dev/urandom is available to the PHP controller - * - * @return bool - */ - private function isUrandomAvailable() { - if(@file_exists('/dev/urandom')) { - $file = fopen('/dev/urandom', 'rb'); - if($file) { - fclose($file); - return true; - } - } - - return false; - } - - /** - * Public for the sake of unit-testing - * - * @return array - */ - protected function getCurlVersion() { - return curl_version(); - } - - /** - * Check if the used SSL lib is outdated. Older OpenSSL and NSS versions do - * have multiple bugs which likely lead to problems in combination with - * functionality required by ownCloud such as SNI. - * - * @link https://github.com/owncloud/core/issues/17446#issuecomment-122877546 - * @link https://bugzilla.redhat.com/show_bug.cgi?id=1241172 - * @return string - */ - private function isUsedTlsLibOutdated() { - // Appstore is disabled by default in EE - $appStoreDefault = false; - if (\OC_Util::getEditionString() === '') { - $appStoreDefault = true; - } - - // Don't run check when: - // 1. Server has `has_internet_connection` set to false - // 2. AppStore AND S2S is disabled - if(!$this->config->getSystemValue('has_internet_connection', true)) { - return ''; - } - if(!$this->config->getSystemValue('appstoreenabled', $appStoreDefault) - && $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'no' - && $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'no') { - return ''; - } - - $versionString = $this->getCurlVersion(); - if(isset($versionString['ssl_version'])) { - $versionString = $versionString['ssl_version']; - } else { - return ''; - } - - $features = (string)$this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing'); - if(!$this->config->getSystemValue('appstoreenabled', $appStoreDefault)) { - $features = (string)$this->l10n->t('Federated Cloud Sharing'); - } - - // Check if at least OpenSSL after 1.01d or 1.0.2b - if(strpos($versionString, 'OpenSSL/') === 0) { - $majorVersion = substr($versionString, 8, 5); - $patchRelease = substr($versionString, 13, 6); - - if(($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) || - ($majorVersion === '1.0.2' && ord($patchRelease) < ord('b'))) { - return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['OpenSSL', $versionString, $features]); - } - } - - // Check if NSS and perform heuristic check - if(strpos($versionString, 'NSS/') === 0) { - try { - $firstClient = $this->clientService->newClient(); - $firstClient->get('https://www.owncloud.org/'); - - $secondClient = $this->clientService->newClient(); - $secondClient->get('https://owncloud.org/'); - } catch (ClientException $e) { - if($e->getResponse()->getStatusCode() === 400) { - return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['NSS', $versionString, $features]); - } - } - } - - return ''; - } - - /** - * Whether the php version is still supported (at time of release) - * according to: https://secure.php.net/supported-versions.php - * - * @return array - */ - private function isPhpSupported() { - $eol = false; - - //PHP 5.4 is EOL on 14 Sep 2015 - if (version_compare(PHP_VERSION, '5.5.0') === -1) { - $eol = true; - } - - return ['eol' => $eol, 'version' => PHP_VERSION]; - } - - /** - * Check if the reverse proxy configuration is working as expected - * - * @return bool - */ - private function forwardedForHeadersWorking() { - $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); - $remoteAddress = $this->request->getRemoteAddress(); - - if (is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) { - return false; - } - - // either not enabled or working correctly - return true; - } - - /** - * Checks if the correct memcache module for PHP is installed. Only - * fails if memcached is configured and the working module is not installed. - * - * @return bool - */ - private function isCorrectMemcachedPHPModuleInstalled() { - if ($this->config->getSystemValue('memcache.distributed', null) !== '\OC\Memcache\Memcached') { - return true; - } - - // there are two different memcached modules for PHP - // we only support memcached and not memcache - // https://code.google.com/p/memcached/wiki/PHPClientComparison - return !(!extension_loaded('memcached') && extension_loaded('memcache')); - } - - /** - * @return RedirectResponse - */ - public function rescanFailedIntegrityCheck() { - $this->checker->runInstanceVerification(); - return new RedirectResponse( - $this->urlGenerator->linkToRoute('settings_admin') - ); - } - - /** - * @NoCSRFRequired - * @return DataResponse - */ - public function getFailedIntegrityCheckFiles() { - if(!$this->checker->isCodeCheckEnforced()) { - return new DataDisplayResponse('Integrity checker has been disabled. Integrity cannot be verified.'); - } - - $completeResults = $this->checker->getResults(); - - if(!empty($completeResults)) { - $formattedTextResponse = 'Technical information -===================== -The following list covers which files have failed the integrity check. Please read -the previous linked documentation to learn more about the errors and how to fix -them. - -Results -======= -'; - foreach($completeResults as $context => $contextResult) { - $formattedTextResponse .= "- $context\n"; - - foreach($contextResult as $category => $result) { - $formattedTextResponse .= "\t- $category\n"; - if($category !== 'EXCEPTION') { - foreach ($result as $key => $results) { - $formattedTextResponse .= "\t\t- $key\n"; - } - } else { - foreach ($result as $key => $results) { - $formattedTextResponse .= "\t\t- $results\n"; - } - } - - } - } - - $formattedTextResponse .= ' -Raw output -========== -'; - $formattedTextResponse .= print_r($completeResults, true); - } else { - $formattedTextResponse = 'No errors have been found.'; - } - - - $response = new DataDisplayResponse( - $formattedTextResponse, - Http::STATUS_OK, - [ - 'Content-Type' => 'text/plain', - ] - ); - - return $response; - } - - /** - * @return DataResponse - */ - public function check() { - return new DataResponse( - [ - 'serverHasInternetConnection' => $this->isInternetConnectionWorking(), - 'isMemcacheConfigured' => $this->isMemcacheConfigured(), - 'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'), - 'isUrandomAvailable' => $this->isUrandomAvailable(), - 'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'), - 'isUsedTlsLibOutdated' => $this->isUsedTlsLibOutdated(), - 'phpSupported' => $this->isPhpSupported(), - 'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(), - 'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'), - 'isCorrectMemcachedPHPModuleInstalled' => $this->isCorrectMemcachedPHPModuleInstalled(), - 'hasPassedCodeIntegrityCheck' => $this->checker->hasPassedCheck(), - 'codeIntegrityCheckerDocumentation' => $this->urlGenerator->linkToDocs('admin-code-integrity'), - ] - ); - } -} diff --git a/settings/controller/encryptioncontroller.php b/settings/controller/encryptioncontroller.php deleted file mode 100644 index 504448a5a2c..00000000000 --- a/settings/controller/encryptioncontroller.php +++ /dev/null @@ -1,145 +0,0 @@ -<?php -/** - * @author Björn Schießle <schiessle@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - - -namespace OC\Settings\Controller; -use OC\Files\View; -use OCA\Encryption\Migration; -use OCP\IL10N; -use OCP\AppFramework\Controller; -use OCP\ILogger; -use OCP\IRequest; -use OCP\IConfig; -use OC\DB\Connection; -use OCP\IUserManager; - -/** - * @package OC\Settings\Controller - */ -class EncryptionController extends Controller { - - /** @var \OCP\IL10N */ - private $l10n; - - /** @var Connection */ - private $connection; - - /** @var IConfig */ - private $config; - - /** @var IUserManager */ - private $userManager; - - /** @var View */ - private $view; - - /** @var ILogger */ - private $logger; - - /** - * @param string $appName - * @param IRequest $request - * @param \OCP\IL10N $l10n - * @param \OCP\IConfig $config - * @param \OC\DB\Connection $connection - * @param IUserManager $userManager - * @param View $view - * @param ILogger $logger - */ - public function __construct($appName, - IRequest $request, - IL10N $l10n, - IConfig $config, - Connection $connection, - IUserManager $userManager, - View $view, - ILogger $logger) { - parent::__construct($appName, $request); - $this->l10n = $l10n; - $this->config = $config; - $this->connection = $connection; - $this->view = $view; - $this->userManager = $userManager; - $this->logger = $logger; - } - - /** - * @param IConfig $config - * @param View $view - * @param Connection $connection - * @param ILogger $logger - * @return Migration - */ - protected function getMigration(IConfig $config, - View $view, - Connection $connection, - ILogger $logger) { - return new Migration($config, $view, $connection, $logger); - } - - /** - * start migration - * - * @return array - */ - public function startMigration() { - // allow as long execution on the web server as possible - set_time_limit(0); - - try { - - $migration = $this->getMigration($this->config, $this->view, $this->connection, $this->logger); - $migration->reorganizeSystemFolderStructure(); - $migration->updateDB(); - - foreach ($this->userManager->getBackends() as $backend) { - $limit = 500; - $offset = 0; - do { - $users = $backend->getUsers('', $limit, $offset); - foreach ($users as $user) { - $migration->reorganizeFolderStructureForUser($user); - } - $offset += $limit; - } while (count($users) >= $limit); - } - - $migration->finalCleanUp(); - - } catch (\Exception $e) { - return [ - 'data' => [ - 'message' => (string)$this->l10n->t('A problem occurred, please check your log files (Error: %s)', [$e->getMessage()]), - ], - 'status' => 'error', - ]; - } - - return [ - 'data' => [ - 'message' => (string) $this->l10n->t('Migration Completed'), - ], - 'status' => 'success', - ]; - } - -} diff --git a/settings/controller/groupscontroller.php b/settings/controller/groupscontroller.php deleted file mode 100644 index bb8e6755d41..00000000000 --- a/settings/controller/groupscontroller.php +++ /dev/null @@ -1,159 +0,0 @@ -<?php -/** - * @author Joas Schilling <nickvergessen@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use OC\AppFramework\Http; -use OC\Group\MetaData; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http\DataResponse; -use OCP\IGroupManager; -use OCP\IL10N; -use OCP\IRequest; -use OCP\IUserSession; - -/** - * @package OC\Settings\Controller - */ -class GroupsController extends Controller { - /** @var IGroupManager */ - private $groupManager; - /** @var IL10N */ - private $l10n; - /** @var IUserSession */ - private $userSession; - /** @var bool */ - private $isAdmin; - - /** - * @param string $appName - * @param IRequest $request - * @param IGroupManager $groupManager - * @param IUserSession $userSession - * @param bool $isAdmin - * @param IL10N $l10n - */ - public function __construct($appName, - IRequest $request, - IGroupManager $groupManager, - IUserSession $userSession, - $isAdmin, - IL10N $l10n) { - parent::__construct($appName, $request); - $this->groupManager = $groupManager; - $this->userSession = $userSession; - $this->isAdmin = $isAdmin; - $this->l10n = $l10n; - } - - /** - * @NoAdminRequired - * - * @param string $pattern - * @param bool $filterGroups - * @param int $sortGroups - * @return DataResponse - */ - public function index($pattern = '', $filterGroups = false, $sortGroups = MetaData::SORT_USERCOUNT) { - $groupPattern = $filterGroups ? $pattern : ''; - - $groupsInfo = new MetaData( - $this->userSession->getUser()->getUID(), - $this->isAdmin, - $this->groupManager, - $this->userSession - ); - $groupsInfo->setSorting($sortGroups); - list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern); - - return new DataResponse( - array( - 'data' => array('adminGroups' => $adminGroups, 'groups' => $groups) - ) - ); - } - - /** - * @param string $id - * @return DataResponse - */ - public function create($id) { - if($this->groupManager->groupExists($id)) { - return new DataResponse( - array( - 'message' => (string)$this->l10n->t('Group already exists.') - ), - Http::STATUS_CONFLICT - ); - } - if($this->groupManager->createGroup($id)) { - return new DataResponse( - array( - 'groupname' => $id - ), - Http::STATUS_CREATED - ); - } - - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Unable to add group.') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - - /** - * @param string $id - * @return DataResponse - */ - public function destroy($id) { - $group = $this->groupManager->get($id); - if ($group) { - if ($group->delete()) { - return new DataResponse( - array( - 'status' => 'success', - 'data' => array( - 'groupname' => $id - ) - ), - Http::STATUS_NO_CONTENT - ); - } - } - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Unable to delete group.') - ), - ), - Http::STATUS_FORBIDDEN - ); - } - -} diff --git a/settings/controller/logsettingscontroller.php b/settings/controller/logsettingscontroller.php deleted file mode 100644 index c0c9ee04ca3..00000000000 --- a/settings/controller/logsettingscontroller.php +++ /dev/null @@ -1,109 +0,0 @@ -<?php -/** - * @author Georg Ehrke <georg@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http; -use OCP\AppFramework\Http\JSONResponse; -use OCP\AppFramework\Http\StreamResponse; -use OCP\IL10N; -use OCP\IRequest; -use OCP\IConfig; - -/** - * Class LogSettingsController - * - * @package OC\Settings\Controller - */ -class LogSettingsController extends Controller { - /** - * @var \OCP\IConfig - */ - private $config; - - /** - * @var \OCP\IL10N - */ - private $l10n; - - /** - * @param string $appName - * @param IRequest $request - * @param IConfig $config - */ - public function __construct($appName, - IRequest $request, - IConfig $config, - IL10N $l10n) { - parent::__construct($appName, $request); - $this->config = $config; - $this->l10n = $l10n; - } - - /** - * set log level for logger - * - * @param int $level - * @return JSONResponse - */ - public function setLogLevel($level) { - if ($level < 0 || $level > 4) { - return new JSONResponse([ - 'message' => (string) $this->l10n->t('log-level out of allowed range'), - ], Http::STATUS_BAD_REQUEST); - } - - $this->config->setSystemValue('loglevel', $level); - return new JSONResponse([ - 'level' => $level, - ]); - } - - /** - * get log entries from logfile - * - * @param int $count - * @param int $offset - * @return JSONResponse - */ - public function getEntries($count=50, $offset=0) { - return new JSONResponse([ - 'data' => \OC_Log_Owncloud::getEntries($count, $offset), - 'remain' => count(\OC_Log_Owncloud::getEntries(1, $offset + $count)) !== 0, - ]); - } - - /** - * download logfile - * - * @NoCSRFRequired - * - * @return StreamResponse - */ - public function download() { - $resp = new StreamResponse(\OC_Log_Owncloud::getLogFilePath()); - $resp->addHeader('Content-Disposition', 'attachment; filename="owncloud.log"'); - return $resp; - } -} diff --git a/settings/controller/mailsettingscontroller.php b/settings/controller/mailsettingscontroller.php deleted file mode 100644 index dbba4bd9bc0..00000000000 --- a/settings/controller/mailsettingscontroller.php +++ /dev/null @@ -1,181 +0,0 @@ -<?php -/** - * @author Joas Schilling <nickvergessen@owncloud.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use OC\User\Session; -use \OCP\AppFramework\Controller; -use OCP\IRequest; -use OCP\IL10N; -use OCP\IConfig; -use OCP\Mail\IMailer; -use OCP\Mail\IMessage; - -/** - * @package OC\Settings\Controller - */ -class MailSettingsController extends Controller { - - /** @var \OCP\IL10N */ - private $l10n; - /** @var \OCP\IConfig */ - private $config; - /** @var Session */ - private $userSession; - /** @var \OC_Defaults */ - private $defaults; - /** @var IMailer */ - private $mailer; - /** @var string */ - private $defaultMailAddress; - - /** - * @param string $appName - * @param IRequest $request - * @param IL10N $l10n - * @param IConfig $config - * @param Session $userSession - * @param \OC_Defaults $defaults - * @param IMailer $mailer - * @param string $defaultMailAddress - */ - public function __construct($appName, - IRequest $request, - IL10N $l10n, - IConfig $config, - Session $userSession, - \OC_Defaults $defaults, - IMailer $mailer, - $defaultMailAddress) { - parent::__construct($appName, $request); - $this->l10n = $l10n; - $this->config = $config; - $this->userSession = $userSession; - $this->defaults = $defaults; - $this->mailer = $mailer; - $this->defaultMailAddress = $defaultMailAddress; - } - - /** - * Sets the email settings - * @param string $mail_domain - * @param string $mail_from_address - * @param string $mail_smtpmode - * @param string $mail_smtpsecure - * @param string $mail_smtphost - * @param string $mail_smtpauthtype - * @param int $mail_smtpauth - * @param string $mail_smtpport - * @return array - */ - public function setMailSettings($mail_domain, - $mail_from_address, - $mail_smtpmode, - $mail_smtpsecure, - $mail_smtphost, - $mail_smtpauthtype, - $mail_smtpauth, - $mail_smtpport) { - - $params = get_defined_vars(); - $configs = []; - foreach($params as $key => $value) { - $configs[$key] = (empty($value)) ? null : $value; - } - - // Delete passwords from config in case no auth is specified - if ($params['mail_smtpauth'] !== 1) { - $configs['mail_smtpname'] = null; - $configs['mail_smtppassword'] = null; - } - - $this->config->setSystemValues($configs); - - return array('data' => - array('message' => - (string) $this->l10n->t('Saved') - ), - 'status' => 'success' - ); - } - - /** - * Store the credentials used for SMTP in the config - * @param string $mail_smtpname - * @param string $mail_smtppassword - * @return array - */ - public function storeCredentials($mail_smtpname, $mail_smtppassword) { - $this->config->setSystemValues([ - 'mail_smtpname' => $mail_smtpname, - 'mail_smtppassword' => $mail_smtppassword, - ]); - - return array('data' => - array('message' => - (string) $this->l10n->t('Saved') - ), - 'status' => 'success' - ); - } - - /** - * Send a mail to test the settings - * @return array - */ - public function sendTestMail() { - $email = $this->config->getUserValue($this->userSession->getUser()->getUID(), $this->appName, 'email', ''); - if (!empty($email)) { - try { - $message = $this->mailer->createMessage(); - $message->setTo([$email => $this->userSession->getUser()->getDisplayName()]); - $message->setFrom([$this->defaultMailAddress]); - $message->setSubject($this->l10n->t('test email settings')); - $message->setPlainBody('If you received this email, the settings seem to be correct.'); - $this->mailer->send($message); - } catch (\Exception $e) { - return [ - 'data' => [ - 'message' => (string) $this->l10n->t('A problem occurred while sending the email. Please revise your settings. (Error: %s)', [$e->getMessage()]), - ], - 'status' => 'error', - ]; - } - - return array('data' => - array('message' => - (string) $this->l10n->t('Email sent') - ), - 'status' => 'success' - ); - } - - return array('data' => - array('message' => - (string) $this->l10n->t('You need to set your user email before being able to send test emails.'), - ), - 'status' => 'error' - ); - } - -} diff --git a/settings/controller/securitysettingscontroller.php b/settings/controller/securitysettingscontroller.php deleted file mode 100644 index d7274d6bcb2..00000000000 --- a/settings/controller/securitysettingscontroller.php +++ /dev/null @@ -1,70 +0,0 @@ -<?php -/** - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use \OCP\AppFramework\Controller; -use OCP\IRequest; -use OCP\IConfig; - -/** - * @package OC\Settings\Controller - */ -class SecuritySettingsController extends Controller { - /** @var \OCP\IConfig */ - private $config; - - /** - * @param string $appName - * @param IRequest $request - * @param IConfig $config - */ - public function __construct($appName, - IRequest $request, - IConfig $config) { - parent::__construct($appName, $request); - $this->config = $config; - } - - /** - * @return array - */ - protected function returnSuccess() { - return array( - 'status' => 'success' - ); - } - - /** - * Add a new trusted domain - * @param string $newTrustedDomain The newly to add trusted domain - * @return array - */ - public function trustedDomains($newTrustedDomain) { - $trustedDomains = $this->config->getSystemValue('trusted_domains'); - $trustedDomains[] = $newTrustedDomain; - $this->config->setSystemValue('trusted_domains', $trustedDomains); - - return $this->returnSuccess(); - } - -} diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php deleted file mode 100644 index f5b7f2d2e5d..00000000000 --- a/settings/controller/userscontroller.php +++ /dev/null @@ -1,659 +0,0 @@ -<?php -/** - * @author Arthur Schiwon <blizzz@owncloud.com> - * @author Clark Tomlinson <fallen013@gmail.com> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <icewind@owncloud.com> - * @author Roeland Jago Douma <rullzer@owncloud.com> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * @author Vincent Petry <pvince81@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Settings\Controller; - -use OC\AppFramework\Http; -use OC\User\User; -use OCP\App\IAppManager; -use OCP\AppFramework\Controller; -use OCP\AppFramework\Http\DataResponse; -use OCP\AppFramework\Http\TemplateResponse; -use OCP\IConfig; -use OCP\IGroupManager; -use OCP\IL10N; -use OCP\ILogger; -use OCP\IRequest; -use OCP\IURLGenerator; -use OCP\IUser; -use OCP\IUserManager; -use OCP\IUserSession; -use OCP\Mail\IMailer; -use OCP\IAvatarManager; - -/** - * @package OC\Settings\Controller - */ -class UsersController extends Controller { - /** @var IL10N */ - private $l10n; - /** @var IUserSession */ - private $userSession; - /** @var bool */ - private $isAdmin; - /** @var IUserManager */ - private $userManager; - /** @var IGroupManager */ - private $groupManager; - /** @var IConfig */ - private $config; - /** @var ILogger */ - private $log; - /** @var \OC_Defaults */ - private $defaults; - /** @var IMailer */ - private $mailer; - /** @var string */ - private $fromMailAddress; - /** @var IURLGenerator */ - private $urlGenerator; - /** @var bool contains the state of the encryption app */ - private $isEncryptionAppEnabled; - /** @var bool contains the state of the admin recovery setting */ - private $isRestoreEnabled = false; - /** @var IAvatarManager */ - private $avatarManager; - - /** - * @param string $appName - * @param IRequest $request - * @param IUserManager $userManager - * @param IGroupManager $groupManager - * @param IUserSession $userSession - * @param IConfig $config - * @param bool $isAdmin - * @param IL10N $l10n - * @param ILogger $log - * @param \OC_Defaults $defaults - * @param IMailer $mailer - * @param string $fromMailAddress - * @param IURLGenerator $urlGenerator - * @param IAppManager $appManager - */ - public function __construct($appName, - IRequest $request, - IUserManager $userManager, - IGroupManager $groupManager, - IUserSession $userSession, - IConfig $config, - $isAdmin, - IL10N $l10n, - ILogger $log, - \OC_Defaults $defaults, - IMailer $mailer, - $fromMailAddress, - IURLGenerator $urlGenerator, - IAppManager $appManager, - IAvatarManager $avatarManager) { - parent::__construct($appName, $request); - $this->userManager = $userManager; - $this->groupManager = $groupManager; - $this->userSession = $userSession; - $this->config = $config; - $this->isAdmin = $isAdmin; - $this->l10n = $l10n; - $this->log = $log; - $this->defaults = $defaults; - $this->mailer = $mailer; - $this->fromMailAddress = $fromMailAddress; - $this->urlGenerator = $urlGenerator; - $this->avatarManager = $avatarManager; - - // check for encryption state - TODO see formatUserForIndex - $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption'); - if($this->isEncryptionAppEnabled) { - // putting this directly in empty is possible in PHP 5.5+ - $result = $config->getAppValue('encryption', 'recoveryAdminEnabled', 0); - $this->isRestoreEnabled = !empty($result); - } - } - - /** - * @param IUser $user - * @param array $userGroups - * @return array - */ - private function formatUserForIndex(IUser $user, array $userGroups = null) { - - // TODO: eliminate this encryption specific code below and somehow - // hook in additional user info from other apps - - // recovery isn't possible if admin or user has it disabled and encryption - // is enabled - so we eliminate the else paths in the conditional tree - // below - $restorePossible = false; - - if ($this->isEncryptionAppEnabled) { - if ($this->isRestoreEnabled) { - // check for the users recovery setting - $recoveryMode = $this->config->getUserValue($user->getUID(), 'encryption', 'recoveryEnabled', '0'); - // method call inside empty is possible with PHP 5.5+ - $recoveryModeEnabled = !empty($recoveryMode); - if ($recoveryModeEnabled) { - // user also has recovery mode enabled - $restorePossible = true; - } - } - } else { - // recovery is possible if encryption is disabled (plain files are - // available) - $restorePossible = true; - } - - $subAdminGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($user); - foreach($subAdminGroups as $key => $subAdminGroup) { - $subAdminGroups[$key] = $subAdminGroup->getGID(); - } - - $displayName = $user->getEMailAddress(); - if (is_null($displayName)) { - $displayName = ''; - } - - $avatarAvailable = false; - if ($this->config->getSystemValue('enable_avatars', true) === true) { - try { - $avatarAvailable = $this->avatarManager->getAvatar($user->getUID())->exists(); - } catch (\Exception $e) { - //No avatar yet - } - } - - return [ - 'name' => $user->getUID(), - 'displayname' => $user->getDisplayName(), - 'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups, - 'subadmin' => $subAdminGroups, - 'quota' => $user->getQuota(), - 'storageLocation' => $user->getHome(), - 'lastLogin' => $user->getLastLogin() * 1000, - 'backend' => $user->getBackendClassName(), - 'email' => $displayName, - 'isRestoreDisabled' => !$restorePossible, - 'isAvatarAvailable' => $avatarAvailable, - ]; - } - - /** - * @param array $userIDs Array with schema [$uid => $displayName] - * @return IUser[] - */ - private function getUsersForUID(array $userIDs) { - $users = []; - foreach ($userIDs as $uid => $displayName) { - $users[$uid] = $this->userManager->get($uid); - } - return $users; - } - - /** - * @NoAdminRequired - * - * @param int $offset - * @param int $limit - * @param string $gid GID to filter for - * @param string $pattern Pattern to search for in the username - * @param string $backend Backend to filter for (class-name) - * @return DataResponse - * - * TODO: Tidy up and write unit tests - code is mainly static method calls - */ - public function index($offset = 0, $limit = 10, $gid = '', $pattern = '', $backend = '') { - // FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group. - if($gid === '_everyone') { - $gid = ''; - } - - // Remove backends - if(!empty($backend)) { - $activeBackends = $this->userManager->getBackends(); - $this->userManager->clearBackends(); - foreach($activeBackends as $singleActiveBackend) { - if($backend === get_class($singleActiveBackend)) { - $this->userManager->registerBackend($singleActiveBackend); - break; - } - } - } - - $users = []; - if ($this->isAdmin) { - - if($gid !== '') { - $batch = $this->getUsersForUID($this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset)); - } else { - $batch = $this->userManager->search($pattern, $limit, $offset); - } - - foreach ($batch as $user) { - $users[] = $this->formatUserForIndex($user); - } - - } else { - $subAdminOfGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser()); - // New class returns IGroup[] so convert back - $gids = []; - foreach ($subAdminOfGroups as $group) { - $gids[] = $group->getGID(); - } - $subAdminOfGroups = $gids; - - // Set the $gid parameter to an empty value if the subadmin has no rights to access a specific group - if($gid !== '' && !in_array($gid, $subAdminOfGroups)) { - $gid = ''; - } - - // Batch all groups the user is subadmin of when a group is specified - $batch = []; - if($gid === '') { - foreach($subAdminOfGroups as $group) { - $groupUsers = $this->groupManager->displayNamesInGroup($group, $pattern, $limit, $offset); - - foreach($groupUsers as $uid => $displayName) { - $batch[$uid] = $displayName; - } - } - } else { - $batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset); - } - $batch = $this->getUsersForUID($batch); - - foreach ($batch as $user) { - // Only add the groups, this user is a subadmin of - $userGroups = array_values(array_intersect( - $this->groupManager->getUserGroupIds($user), - $subAdminOfGroups - )); - $users[] = $this->formatUserForIndex($user, $userGroups); - } - } - - return new DataResponse($users); - } - - /** - * @NoAdminRequired - * - * @param string $username - * @param string $password - * @param array $groups - * @param string $email - * @return DataResponse - */ - public function create($username, $password, array $groups=array(), $email='') { - if($email !== '' && !$this->mailer->validateMailAddress($email)) { - return new DataResponse( - array( - 'message' => (string)$this->l10n->t('Invalid mail address') - ), - Http::STATUS_UNPROCESSABLE_ENTITY - ); - } - - $currentUser = $this->userSession->getUser(); - - if (!$this->isAdmin) { - if (!empty($groups)) { - foreach ($groups as $key => $group) { - $groupObject = $this->groupManager->get($group); - if($groupObject === null) { - unset($groups[$key]); - continue; - } - - if (!$this->groupManager->getSubAdmin()->isSubAdminofGroup($currentUser, $groupObject)) { - unset($groups[$key]); - } - } - } - - if (empty($groups)) { - $groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($currentUser); - // New class returns IGroup[] so convert back - $gids = []; - foreach ($groups as $group) { - $gids[] = $group->getGID(); - } - $groups = $gids; - } - } - - if ($this->userManager->userExists($username)) { - return new DataResponse( - array( - 'message' => (string)$this->l10n->t('A user with that name already exists.') - ), - Http::STATUS_CONFLICT - ); - } - - try { - $user = $this->userManager->createUser($username, $password); - } catch (\Exception $exception) { - return new DataResponse( - array( - 'message' => (string)$this->l10n->t('Unable to create user.') - ), - Http::STATUS_FORBIDDEN - ); - } - - if($user instanceof User) { - if($groups !== null) { - foreach($groups as $groupName) { - $group = $this->groupManager->get($groupName); - - if(empty($group)) { - $group = $this->groupManager->createGroup($groupName); - } - $group->addUser($user); - } - } - /** - * Send new user mail only if a mail is set - */ - if($email !== '') { - $user->setEMailAddress($email); - - // data for the mail template - $mailData = array( - 'username' => $username, - 'url' => $this->urlGenerator->getAbsoluteURL('/') - ); - - $mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank'); - $mailContent = $mail->render(); - - $mail = new TemplateResponse('settings', 'email.new_user_plain_text', $mailData, 'blank'); - $plainTextMailContent = $mail->render(); - - $subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]); - - try { - $message = $this->mailer->createMessage(); - $message->setTo([$email => $username]); - $message->setSubject($subject); - $message->setHtmlBody($mailContent); - $message->setPlainBody($plainTextMailContent); - $message->setFrom([$this->fromMailAddress => $this->defaults->getName()]); - $this->mailer->send($message); - } catch(\Exception $e) { - $this->log->error("Can't send new user mail to $email: " . $e->getMessage(), array('app' => 'settings')); - } - } - // fetch users groups - $userGroups = $this->groupManager->getUserGroupIds($user); - - return new DataResponse( - $this->formatUserForIndex($user, $userGroups), - Http::STATUS_CREATED - ); - } - - return new DataResponse( - array( - 'message' => (string)$this->l10n->t('Unable to create user.') - ), - Http::STATUS_FORBIDDEN - ); - - } - - /** - * @NoAdminRequired - * - * @param string $id - * @return DataResponse - */ - public function destroy($id) { - $userId = $this->userSession->getUser()->getUID(); - $user = $this->userManager->get($id); - - if($userId === $id) { - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Unable to delete user.') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - - if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Authentication error') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - - if($user) { - if($user->delete()) { - return new DataResponse( - array( - 'status' => 'success', - 'data' => array( - 'username' => $id - ) - ), - Http::STATUS_NO_CONTENT - ); - } - } - - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Unable to delete user.') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - - /** - * Set the mail address of a user - * - * @NoAdminRequired - * @NoSubadminRequired - * - * @param string $id - * @param string $mailAddress - * @return DataResponse - */ - public function setMailAddress($id, $mailAddress) { - $userId = $this->userSession->getUser()->getUID(); - $user = $this->userManager->get($id); - - if($userId !== $id - && !$this->isAdmin - && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) { - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Forbidden') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - - if($mailAddress !== '' && !$this->mailer->validateMailAddress($mailAddress)) { - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Invalid mail address') - ) - ), - Http::STATUS_UNPROCESSABLE_ENTITY - ); - } - - if(!$user){ - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Invalid user') - ) - ), - Http::STATUS_UNPROCESSABLE_ENTITY - ); - } - - // this is the only permission a backend provides and is also used - // for the permission of setting a email address - if(!$user->canChangeDisplayName()){ - return new DataResponse( - array( - 'status' => 'error', - 'data' => array( - 'message' => (string)$this->l10n->t('Unable to change mail address') - ) - ), - Http::STATUS_FORBIDDEN - ); - } - - // delete user value if email address is empty - $user->setEMailAddress($mailAddress); - - return new DataResponse( - array( - 'status' => 'success', - 'data' => array( - 'username' => $id, - 'mailAddress' => $mailAddress, - 'message' => (string)$this->l10n->t('Email saved') - ) - ), - Http::STATUS_OK - ); - } - - /** - * Count all unique users visible for the current admin/subadmin. - * - * @NoAdminRequired - * - * @return DataResponse - */ - public function stats() { - $userCount = 0; - if ($this->isAdmin) { - $countByBackend = $this->userManager->countUsers(); - - if (!empty($countByBackend)) { - foreach ($countByBackend as $count) { - $userCount += $count; - } - } - } else { - $groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser()); - - $uniqueUsers = []; - foreach ($groups as $group) { - foreach($group->getUsers() as $uid => $displayName) { - $uniqueUsers[$uid] = true; - } - } - - $userCount = count($uniqueUsers); - } - - return new DataResponse( - [ - 'totalUsers' => $userCount - ] - ); - } - - - /** - * Set the displayName of a user - * - * @NoAdminRequired - * @NoSubadminRequired - * - * @param string $username - * @param string $displayName - * @return DataResponse - */ - public function setDisplayName($username, $displayName) { - $currentUser = $this->userSession->getUser(); - - if ($username === null) { - $username = $currentUser->getUID(); - } - - $user = $this->userManager->get($username); - - if ($user === null || - !$user->canChangeDisplayName() || - ( - !$this->groupManager->isAdmin($currentUser->getUID()) && - !$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) && - $currentUser !== $user) - ) { - return new DataResponse([ - 'status' => 'error', - 'data' => [ - 'message' => $this->l10n->t('Authentication error'), - ], - ]); - } - - if ($user->setDisplayName($displayName)) { - return new DataResponse([ - 'status' => 'success', - 'data' => [ - 'message' => $this->l10n->t('Your full name has been changed.'), - 'username' => $username, - 'displayName' => $displayName, - ], - ]); - } else { - return new DataResponse([ - 'status' => 'error', - 'data' => [ - 'message' => $this->l10n->t('Unable to change full name'), - 'displayName' => $user->getDisplayName(), - ], - ]); - } - } -} |