diff options
author | Morris Jobke <hey@morrisjobke.de> | 2015-01-23 17:45:45 +0100 |
---|---|---|
committer | Morris Jobke <hey@morrisjobke.de> | 2015-01-27 13:23:19 +0100 |
commit | 9fbeaf0fd9f3ba4cd01aa566553cb2373dde8cb2 (patch) | |
tree | 183f374f0021c680fffd95238457c16af071da45 /settings | |
parent | 5da4071c4553b5ee64799856e4db58e9484d9839 (diff) | |
download | nextcloud-server-9fbeaf0fd9f3ba4cd01aa566553cb2373dde8cb2.tar.gz nextcloud-server-9fbeaf0fd9f3ba4cd01aa566553cb2373dde8cb2.zip |
Add value if restore of data is possible for a user
* reason: nice to know before password change in user management
* restore is possible:
* encryption is disabled
* encryption is enabled, admin and user has checked the
restore option
* if not possible:
* highlight users row in red once the admin wants to change the password
* show also a little tipsy
Diffstat (limited to 'settings')
-rw-r--r-- | settings/application.php | 3 | ||||
-rw-r--r-- | settings/controller/userscontroller.php | 53 | ||||
-rw-r--r-- | settings/css/settings.css | 5 | ||||
-rw-r--r-- | settings/js/users/users.js | 17 |
4 files changed, 69 insertions, 9 deletions
diff --git a/settings/application.php b/settings/application.php index f7ba72f3bfc..d5516a1eefd 100644 --- a/settings/application.php +++ b/settings/application.php @@ -90,7 +90,8 @@ class Application extends App { $c->query('Defaults'), $c->query('Mail'), $c->query('DefaultMailAddress'), - $c->query('URLGenerator') + $c->query('URLGenerator'), + $c->query('OCP\\App\\IAppManager') ); }); $container->registerService('LogSettingsController', function(IContainer $c) { diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php index 1be2f4db9b9..be1b26f86ad 100644 --- a/settings/controller/userscontroller.php +++ b/settings/controller/userscontroller.php @@ -11,9 +11,9 @@ namespace OC\Settings\Controller; use OC\AppFramework\Http; -use OC\User\Manager; use OC\User\User; -use \OCP\AppFramework\Controller; +use OCP\App\IAppManager; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\TemplateResponse; use OCP\IConfig; @@ -52,6 +52,10 @@ class UsersController extends Controller { private $fromMailAddress; /** @var IURLGenerator */ private $urlGenerator; + /** @var bool contains the state of the encryption app */ + private $isEncryptionAppEnabled; + /** @var bool contains the state of the admin recovery setting */ + private $isRestoreEnabled = false; /** * @param string $appName @@ -66,6 +70,7 @@ class UsersController extends Controller { * @param \OC_Defaults $defaults * @param \OC_Mail $mail * @param string $fromMailAddress + * @param IAppManager $appManager */ public function __construct($appName, IRequest $request, @@ -79,7 +84,8 @@ class UsersController extends Controller { \OC_Defaults $defaults, \OC_Mail $mail, $fromMailAddress, - IURLGenerator $urlGenerator) { + IURLGenerator $urlGenerator, + IAppManager $appManager) { parent::__construct($appName, $request); $this->userManager = $userManager; $this->groupManager = $groupManager; @@ -92,6 +98,14 @@ class UsersController extends Controller { $this->mail = $mail; $this->fromMailAddress = $fromMailAddress; $this->urlGenerator = $urlGenerator; + + // check for encryption state - TODO see formatUserForIndex + $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('files_encryption'); + if($this->isEncryptionAppEnabled) { + // putting this directly in empty is possible in PHP 5.5+ + $result = $config->getAppValue('files_encryption', 'recoveryAdminEnabled', 0); + $this->isRestoreEnabled = !empty($result); + } } /** @@ -100,7 +114,33 @@ class UsersController extends Controller { * @return array */ private function formatUserForIndex(IUser $user, array $userGroups = null) { - return array( + + // TODO: eliminate this encryption specific code below and somehow + // hook in additional user info from other apps + + // recovery isn't possible if admin or user has it disabled and encryption + // is enabled - so we eliminate the else paths in the conditional tree + // below + $restorePossible = false; + + if ($this->isEncryptionAppEnabled) { + if ($this->isRestoreEnabled) { + // check for the users recovery setting + $recoveryMode = $this->config->getUserValue($user->getUID(), 'files_encryption', 'recovery_enabled', '0'); + // method call inside empty is possible with PHP 5.5+ + $recoveryModeEnabled = !empty($recoveryMode); + if ($recoveryModeEnabled) { + // user also has recovery mode enabled + $restorePossible = true; + } + } + } else { + // recovery is possible if encryption is disabled (plain files are + // available) + $restorePossible = true; + } + + return [ 'name' => $user->getUID(), 'displayname' => $user->getDisplayName(), 'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups, @@ -109,8 +149,9 @@ class UsersController extends Controller { 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin(), 'backend' => $user->getBackendClassName(), - 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', '') - ); + 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', ''), + 'isRestoreDisabled' => !$restorePossible, + ]; } /** diff --git a/settings/css/settings.css b/settings/css/settings.css index 55367e716c2..57edc18bd9a 100644 --- a/settings/css/settings.css +++ b/settings/css/settings.css @@ -132,7 +132,10 @@ input.userFilter {width: 200px;} .ie8 table.hascontrols{border-collapse:collapse;width: 100%;} .ie8 table.hascontrols tbody tr{border-collapse:collapse;border: 1px solid #ddd !important;} - +/* used to highlight a user row in red */ +#userlist tr.row-warning { + background-color: #FDD; +} /* APPS */ diff --git a/settings/js/users/users.js b/settings/js/users/users.js index f21c660b41f..1a755ab7b25 100644 --- a/settings/js/users/users.js +++ b/settings/js/users/users.js @@ -42,6 +42,7 @@ var UserList = { * 'lastLogin': '1418632333' * 'backend': 'LDAP', * 'email': 'username@example.org' + * 'isRestoreDisabled':false * } * @param sort * @returns table row created for this user @@ -63,11 +64,12 @@ var UserList = { } /** - * add username and displayname to row (in data and visible markup + * add username and displayname to row (in data and visible markup) */ $tr.data('uid', user.name); $tr.data('displayname', user.displayname); $tr.data('mailAddress', user.email); + $tr.data('restoreDisabled', user.isRestoreDisabled); $tr.find('td.name').text(user.name); $tr.find('td.displayName > span').text(user.displayname); $tr.find('td.mailAddress > span').text(user.email); @@ -352,6 +354,9 @@ var UserList = { getMailAddress: function(element) { return ($(element).closest('tr').data('mailAddress') || '').toString(); }, + getRestoreDisabled: function(element) { + return ($(element).closest('tr').data('restoreDisabled') || ''); + }, initDeleteHandling: function() { //set up handler UserDeleteHandler = new DeleteHandler('/settings/users/users', 'username', @@ -627,8 +632,16 @@ $(document).ready(function () { event.stopPropagation(); var $td = $(this).closest('td'); + var $tr = $(this).closest('tr'); var uid = UserList.getUID($td); var $input = $('<input type="password">'); + var isRestoreDisabled = UserList.getRestoreDisabled($td) === true; + if(isRestoreDisabled) { + $tr.addClass('row-warning'); + // add tipsy if the password change could cause data loss - no recovery enabled + $input.tipsy({gravity:'s', fade:false}); + $input.attr('title', t('settings', 'Changing the password will result in data loss, because data recovery is not available for this user')); + } $td.find('img').hide(); $td.children('span').replaceWith($input); $input @@ -655,6 +668,8 @@ $(document).ready(function () { .blur(function () { $(this).replaceWith($('<span>●●●●●●●</span>')); $td.find('img').show(); + // remove highlight class from users without recovery ability + $tr.removeClass('row-warning'); }); }); $('input:password[id="recoveryPassword"]').keyup(function() { |