summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
authorRoeland Jago Douma <rullzer@owncloud.com>2015-11-08 22:08:19 +0100
committerRoeland Jago Douma <rullzer@owncloud.com>2015-11-20 16:05:43 +0100
commit0265bcfdae6eff2ea87eb0f6de66e2eacb590820 (patch)
tree45333175470f4a822c727ca065bf6e5cadfda424 /settings
parent427d107b9f375f5667a3e8f40191edd46924fdb8 (diff)
downloadnextcloud-server-0265bcfdae6eff2ea87eb0f6de66e2eacb590820.tar.gz
nextcloud-server-0265bcfdae6eff2ea87eb0f6de66e2eacb590820.zip
Moved changedisplayname to usercontroller
Killed the old static route to change a users display name and moved it to a properly testable controller.
Diffstat (limited to 'settings')
-rw-r--r--settings/ajax/changedisplayname.php67
-rw-r--r--settings/controller/userscontroller.php54
-rw-r--r--settings/js/personal.js2
-rw-r--r--settings/js/users/users.js2
-rw-r--r--settings/routes.php3
5 files changed, 57 insertions, 71 deletions
diff --git a/settings/ajax/changedisplayname.php b/settings/ajax/changedisplayname.php
deleted file mode 100644
index 380cbac43da..00000000000
--- a/settings/ajax/changedisplayname.php
+++ /dev/null
@@ -1,67 +0,0 @@
-<?php
-/**
- * @author Bart Visscher <bartv@thisnet.nl>
- * @author Christopher Schäpers <kondou@ts.unde.re>
- * @author David Reagan <reagand@lanecc.edu>
- * @author Jan-Christoph Borchardt <hey@jancborchardt.net>
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Robin Appelman <icewind@owncloud.com>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-// Check if we are a user
-
-OCP\JSON::callCheck();
-OC_JSON::checkLoggedIn();
-
-$l = \OC::$server->getL10N('settings');
-
-$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$displayName = (string)$_POST["displayName"];
-
-$userstatus = null;
-if(OC_User::isAdminUser(OC_User::getUser())) {
- $userstatus = 'admin';
-}
-
-$isUserAccessible = false;
-$subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser());
-$targetUserObject = \OC::$server->getUserManager()->get($username);
-if($subadminUserObject !== null && $targetUserObject !== null) {
- $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject);
-}
-
-if($isUserAccessible) {
- $userstatus = 'subadmin';
-}
-
-if ($username === OC_User::getUser() && OC_User::canUserChangeDisplayName($username)) {
- $userstatus = 'changeOwnDisplayName';
-}
-
-if(is_null($userstatus)) {
- OC_JSON::error( array( "data" => array( "message" => $l->t("Authentication error") )));
- exit();
-}
-
-// Return Success story
-if( OC_User::setDisplayName( $username, $displayName )) {
- OC_JSON::success(array("data" => array( "message" => $l->t('Your full name has been changed.'), "username" => $username, 'displayName' => $displayName )));
-}
-else{
- OC_JSON::error(array("data" => array( "message" => $l->t("Unable to change full name"), 'displayName' => OC_User::getDisplayName($username) )));
-}
diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php
index 82483a76245..942319901f3 100644
--- a/settings/controller/userscontroller.php
+++ b/settings/controller/userscontroller.php
@@ -585,4 +585,58 @@ class UsersController extends Controller {
);
}
+
+ /**
+ * Set the displayName of a user
+ *
+ * @NoAdminRequired
+ * @NoSubadminRequired
+ *
+ * @param string $username
+ * @param string $displayName
+ * @return DataResponse
+ */
+ public function setDisplayName($username, $displayName) {
+ $currentUser = $this->userSession->getUser();
+
+ if ($username === null) {
+ $username = $currentUser->getUID();
+ }
+
+ $user = $this->userManager->get($username);
+
+ if ($user === null ||
+ !$user->canChangeDisplayName() ||
+ (
+ !$this->groupManager->isAdmin($currentUser->getUID()) &&
+ !$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) &&
+ $currentUser !== $user)
+ ) {
+ return new DataResponse([
+ 'status' => 'error',
+ 'data' => [
+ 'message' => $this->l10n->t('Authentication error'),
+ ],
+ ]);
+ }
+
+ if ($user->setDisplayName($displayName)) {
+ return new DataResponse([
+ 'status' => 'success',
+ 'data' => [
+ 'message' => $this->l10n->t('Your full name has been changed.'),
+ 'username' => $username,
+ 'displayName' => $displayName,
+ ],
+ ]);
+ } else {
+ return new DataResponse([
+ 'status' => 'error',
+ 'data' => [
+ 'message' => $this->l10n->t('Unable to change full name'),
+ 'displayName' => $user->getDisplayName(),
+ ],
+ ]);
+ }
+ }
}
diff --git a/settings/js/personal.js b/settings/js/personal.js
index 3439eba686f..c9280d31353 100644
--- a/settings/js/personal.js
+++ b/settings/js/personal.js
@@ -70,7 +70,7 @@ function changeDisplayName () {
// Serialize the data
var post = $("#displaynameform").serialize();
// Ajax foo
- $.post('ajax/changedisplayname.php', post, function (data) {
+ $.post(OC.generateUrl('/settings/users/{id}/displayName', {id: OC.currentUser}), post, function (data) {
if (data.status === "success") {
$('#oldDisplayName').val($('#displayName').val());
// update displayName on the top right expand button
diff --git a/settings/js/users/users.js b/settings/js/users/users.js
index 8ce9cb6ac7c..c20a21b060a 100644
--- a/settings/js/users/users.js
+++ b/settings/js/users/users.js
@@ -687,7 +687,7 @@ $(document).ready(function () {
$div.imageplaceholder(uid, displayName);
}
$.post(
- OC.filePath('settings', 'ajax', 'changedisplayname.php'),
+ OC.generateUrl('/settings/users/{id}/displayName', {id: uid}),
{username: uid, displayName: $(this).val()},
function (result) {
if (result && result.status==='success' && $div.length){
diff --git a/settings/routes.php b/settings/routes.php
index 6ba38388d3a..95ad234c699 100644
--- a/settings/routes.php
+++ b/settings/routes.php
@@ -46,6 +46,7 @@ $application->registerRoutes($this, [
['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'],
['name' => 'AppSettings#changeExperimentalConfigState', 'url' => '/settings/apps/experimental', 'verb' => 'POST'],
['name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'],
+ ['name' => 'Users#setDisplayName', 'url' => '/settings/users/{username}/displayName', 'verb' => 'POST'],
['name' => 'Users#setMailAddress', 'url' => '/settings/users/{id}/mailAddress', 'verb' => 'PUT'],
['name' => 'Users#stats', 'url' => '/settings/users/stats', 'verb' => 'GET'],
['name' => 'LogSettings#setLogLevel', 'url' => '/settings/admin/log/level', 'verb' => 'POST'],
@@ -79,8 +80,6 @@ $this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.p
$this->create('settings_users_changepassword', '/settings/users/changepassword')
->post()
->action('OC\Settings\ChangePassword\Controller', 'changeUserPassword');
-$this->create('settings_ajax_changedisplayname', '/settings/ajax/changedisplayname.php')
- ->actionInclude('settings/ajax/changedisplayname.php');
$this->create('settings_ajax_changegorupname', '/settings/ajax/changegroupname.php')
->actionInclude('settings/ajax/changegroupname.php');
// personal