summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2015-01-23 17:45:45 +0100
committerMorris Jobke <hey@morrisjobke.de>2015-01-27 13:23:19 +0100
commit9fbeaf0fd9f3ba4cd01aa566553cb2373dde8cb2 (patch)
tree183f374f0021c680fffd95238457c16af071da45 /settings
parent5da4071c4553b5ee64799856e4db58e9484d9839 (diff)
downloadnextcloud-server-9fbeaf0fd9f3ba4cd01aa566553cb2373dde8cb2.tar.gz
nextcloud-server-9fbeaf0fd9f3ba4cd01aa566553cb2373dde8cb2.zip
Add value if restore of data is possible for a user
* reason: nice to know before password change in user management * restore is possible: * encryption is disabled * encryption is enabled, admin and user has checked the restore option * if not possible: * highlight users row in red once the admin wants to change the password * show also a little tipsy
Diffstat (limited to 'settings')
-rw-r--r--settings/application.php3
-rw-r--r--settings/controller/userscontroller.php53
-rw-r--r--settings/css/settings.css5
-rw-r--r--settings/js/users/users.js17
4 files changed, 69 insertions, 9 deletions
diff --git a/settings/application.php b/settings/application.php
index f7ba72f3bfc..d5516a1eefd 100644
--- a/settings/application.php
+++ b/settings/application.php
@@ -90,7 +90,8 @@ class Application extends App {
$c->query('Defaults'),
$c->query('Mail'),
$c->query('DefaultMailAddress'),
- $c->query('URLGenerator')
+ $c->query('URLGenerator'),
+ $c->query('OCP\\App\\IAppManager')
);
});
$container->registerService('LogSettingsController', function(IContainer $c) {
diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php
index 1be2f4db9b9..be1b26f86ad 100644
--- a/settings/controller/userscontroller.php
+++ b/settings/controller/userscontroller.php
@@ -11,9 +11,9 @@
namespace OC\Settings\Controller;
use OC\AppFramework\Http;
-use OC\User\Manager;
use OC\User\User;
-use \OCP\AppFramework\Controller;
+use OCP\App\IAppManager;
+use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IConfig;
@@ -52,6 +52,10 @@ class UsersController extends Controller {
private $fromMailAddress;
/** @var IURLGenerator */
private $urlGenerator;
+ /** @var bool contains the state of the encryption app */
+ private $isEncryptionAppEnabled;
+ /** @var bool contains the state of the admin recovery setting */
+ private $isRestoreEnabled = false;
/**
* @param string $appName
@@ -66,6 +70,7 @@ class UsersController extends Controller {
* @param \OC_Defaults $defaults
* @param \OC_Mail $mail
* @param string $fromMailAddress
+ * @param IAppManager $appManager
*/
public function __construct($appName,
IRequest $request,
@@ -79,7 +84,8 @@ class UsersController extends Controller {
\OC_Defaults $defaults,
\OC_Mail $mail,
$fromMailAddress,
- IURLGenerator $urlGenerator) {
+ IURLGenerator $urlGenerator,
+ IAppManager $appManager) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->groupManager = $groupManager;
@@ -92,6 +98,14 @@ class UsersController extends Controller {
$this->mail = $mail;
$this->fromMailAddress = $fromMailAddress;
$this->urlGenerator = $urlGenerator;
+
+ // check for encryption state - TODO see formatUserForIndex
+ $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('files_encryption');
+ if($this->isEncryptionAppEnabled) {
+ // putting this directly in empty is possible in PHP 5.5+
+ $result = $config->getAppValue('files_encryption', 'recoveryAdminEnabled', 0);
+ $this->isRestoreEnabled = !empty($result);
+ }
}
/**
@@ -100,7 +114,33 @@ class UsersController extends Controller {
* @return array
*/
private function formatUserForIndex(IUser $user, array $userGroups = null) {
- return array(
+
+ // TODO: eliminate this encryption specific code below and somehow
+ // hook in additional user info from other apps
+
+ // recovery isn't possible if admin or user has it disabled and encryption
+ // is enabled - so we eliminate the else paths in the conditional tree
+ // below
+ $restorePossible = false;
+
+ if ($this->isEncryptionAppEnabled) {
+ if ($this->isRestoreEnabled) {
+ // check for the users recovery setting
+ $recoveryMode = $this->config->getUserValue($user->getUID(), 'files_encryption', 'recovery_enabled', '0');
+ // method call inside empty is possible with PHP 5.5+
+ $recoveryModeEnabled = !empty($recoveryMode);
+ if ($recoveryModeEnabled) {
+ // user also has recovery mode enabled
+ $restorePossible = true;
+ }
+ }
+ } else {
+ // recovery is possible if encryption is disabled (plain files are
+ // available)
+ $restorePossible = true;
+ }
+
+ return [
'name' => $user->getUID(),
'displayname' => $user->getDisplayName(),
'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups,
@@ -109,8 +149,9 @@ class UsersController extends Controller {
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin(),
'backend' => $user->getBackendClassName(),
- 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', '')
- );
+ 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', ''),
+ 'isRestoreDisabled' => !$restorePossible,
+ ];
}
/**
diff --git a/settings/css/settings.css b/settings/css/settings.css
index 55367e716c2..57edc18bd9a 100644
--- a/settings/css/settings.css
+++ b/settings/css/settings.css
@@ -132,7 +132,10 @@ input.userFilter {width: 200px;}
.ie8 table.hascontrols{border-collapse:collapse;width: 100%;}
.ie8 table.hascontrols tbody tr{border-collapse:collapse;border: 1px solid #ddd !important;}
-
+/* used to highlight a user row in red */
+#userlist tr.row-warning {
+ background-color: #FDD;
+}
/* APPS */
diff --git a/settings/js/users/users.js b/settings/js/users/users.js
index f21c660b41f..1a755ab7b25 100644
--- a/settings/js/users/users.js
+++ b/settings/js/users/users.js
@@ -42,6 +42,7 @@ var UserList = {
* 'lastLogin': '1418632333'
* 'backend': 'LDAP',
* 'email': 'username@example.org'
+ * 'isRestoreDisabled':false
* }
* @param sort
* @returns table row created for this user
@@ -63,11 +64,12 @@ var UserList = {
}
/**
- * add username and displayname to row (in data and visible markup
+ * add username and displayname to row (in data and visible markup)
*/
$tr.data('uid', user.name);
$tr.data('displayname', user.displayname);
$tr.data('mailAddress', user.email);
+ $tr.data('restoreDisabled', user.isRestoreDisabled);
$tr.find('td.name').text(user.name);
$tr.find('td.displayName > span').text(user.displayname);
$tr.find('td.mailAddress > span').text(user.email);
@@ -352,6 +354,9 @@ var UserList = {
getMailAddress: function(element) {
return ($(element).closest('tr').data('mailAddress') || '').toString();
},
+ getRestoreDisabled: function(element) {
+ return ($(element).closest('tr').data('restoreDisabled') || '');
+ },
initDeleteHandling: function() {
//set up handler
UserDeleteHandler = new DeleteHandler('/settings/users/users', 'username',
@@ -627,8 +632,16 @@ $(document).ready(function () {
event.stopPropagation();
var $td = $(this).closest('td');
+ var $tr = $(this).closest('tr');
var uid = UserList.getUID($td);
var $input = $('<input type="password">');
+ var isRestoreDisabled = UserList.getRestoreDisabled($td) === true;
+ if(isRestoreDisabled) {
+ $tr.addClass('row-warning');
+ // add tipsy if the password change could cause data loss - no recovery enabled
+ $input.tipsy({gravity:'s', fade:false});
+ $input.attr('title', t('settings', 'Changing the password will result in data loss, because data recovery is not available for this user'));
+ }
$td.find('img').hide();
$td.children('span').replaceWith($input);
$input
@@ -655,6 +668,8 @@ $(document).ready(function () {
.blur(function () {
$(this).replaceWith($('<span>●●●●●●●</span>'));
$td.find('img').show();
+ // remove highlight class from users without recovery ability
+ $tr.removeClass('row-warning');
});
});
$('input:password[id="recoveryPassword"]').keyup(function() {