diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2014-12-04 14:15:55 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2014-12-08 12:11:01 +0100 |
| commit | fe7d9a7ca07bb21905c6483dee49bf37dd131674 (patch) | |
| tree | f37a25e518c0ce38530a452d63386a525f5121f3 /settings/middleware | |
| parent | e6908f8b890414451dfc32af4d76562016d75d0f (diff) | |
| download | nextcloud-server-fe7d9a7ca07bb21905c6483dee49bf37dd131674.tar.gz nextcloud-server-fe7d9a7ca07bb21905c6483dee49bf37dd131674.zip | |
Add REST route for user & group management
First step of a somewhat testable user management. - I know, the JSON returns are in an ugly format but the JS expects it that way. So let's keep it that way until we have time to fix the JS in the future.
Diffstat (limited to 'settings/middleware')
| -rw-r--r-- | settings/middleware/subadminmiddleware.php | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/settings/middleware/subadminmiddleware.php b/settings/middleware/subadminmiddleware.php new file mode 100644 index 00000000000..a5c005e3148 --- /dev/null +++ b/settings/middleware/subadminmiddleware.php @@ -0,0 +1,65 @@ +<?php +/** + * @author Lukas Reschke + * @copyright 2014 Lukas Reschke lukas@owncloud.com + * + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Settings\Middleware; + +use OC\AppFramework\Http; +use OC\AppFramework\Utility\ControllerMethodReflector; +use OCP\AppFramework\Http\TemplateResponse; +use OCP\AppFramework\Middleware; + +/** + * Verifies whether an user has at least subadmin rights. + * To bypass use the `@NoSubadminRequired` annotation + * + * @package OC\Settings\Middleware + */ +class SubadminMiddleware extends Middleware { + /** @var bool */ + protected $isSubAdmin; + /** @var ControllerMethodReflector */ + protected $reflector; + + /** + * @param ControllerMethodReflector $reflector + * @param bool $isSubAdmin + */ + public function __construct(ControllerMethodReflector $reflector, + $isSubAdmin) { + $this->reflector = $reflector; + $this->isSubAdmin = $isSubAdmin; + } + + /** + * Check if sharing is enabled before the controllers is executed + * @param \OCP\AppFramework\Controller $controller + * @param string $methodName + * @throws \Exception + */ + public function beforeController($controller, $methodName) { + if(!$this->reflector->hasAnnotation('NoSubadminRequired')) { + if(!$this->isSubAdmin) { + throw new \Exception('Logged in user must be a subadmin'); + } + } + } + + /** + * Return 403 page in case of an exception + * @param \OCP\AppFramework\Controller $controller + * @param string $methodName + * @param \Exception $exception + * @return TemplateResponse + */ + public function afterException($controller, $methodName, \Exception $exception) { + return new TemplateResponse('core', '403', array(), 'guest'); + } + +} |