aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/provisioning_api/lib/Controller/AUserData.php38
-rw-r--r--apps/provisioning_api/lib/Controller/GroupsController.php3
-rw-r--r--apps/provisioning_api/lib/Controller/UsersController.php3
3 files changed, 42 insertions, 2 deletions
diff --git a/apps/provisioning_api/lib/Controller/AUserData.php b/apps/provisioning_api/lib/Controller/AUserData.php
index 8879672c561..062191bb529 100644
--- a/apps/provisioning_api/lib/Controller/AUserData.php
+++ b/apps/provisioning_api/lib/Controller/AUserData.php
@@ -20,9 +20,11 @@ use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
use OCP\Files\NotFoundException;
+use OCP\Group\ISubAdmin;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IRequest;
+use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
use OCP\L10N\IFactory;
@@ -55,6 +57,8 @@ abstract class AUserData extends OCSController {
protected $userSession;
/** @var IAccountManager */
protected $accountManager;
+ /** @var ISubAdmin */
+ protected $subAdminManager;
/** @var IFactory */
protected $l10nFactory;
@@ -65,6 +69,7 @@ abstract class AUserData extends OCSController {
IGroupManager $groupManager,
IUserSession $userSession,
IAccountManager $accountManager,
+ ISubAdmin $subAdminManager,
IFactory $l10nFactory) {
parent::__construct($appName, $request);
@@ -73,6 +78,7 @@ abstract class AUserData extends OCSController {
$this->groupManager = $groupManager;
$this->userSession = $userSession;
$this->accountManager = $accountManager;
+ $this->subAdminManager = $subAdminManager;
$this->l10nFactory = $l10nFactory;
}
@@ -136,8 +142,8 @@ abstract class AUserData extends OCSController {
$data['backend'] = $targetUserObject->getBackendClassName();
$data['subadmin'] = $this->getUserSubAdminGroupsData($targetUserObject->getUID());
$data[self::USER_FIELD_QUOTA] = $this->fillStorageInfo($targetUserObject->getUID());
- $managerUids = $targetUserObject->getManagerUids();
- $data[self::USER_FIELD_MANAGER] = empty($managerUids) ? '' : $managerUids[0];
+ $managers = $this->getManagers($targetUserObject);
+ $data[self::USER_FIELD_MANAGER] = empty($managers) ? '' : $managers[0];
try {
if ($includeScopes) {
@@ -206,6 +212,34 @@ abstract class AUserData extends OCSController {
}
/**
+ * @return string[]
+ */
+ protected function getManagers(IUser $user): array {
+ $currentLoggedInUser = $this->userSession->getUser();
+
+ $managerUids = $user->getManagerUids();
+ if ($this->groupManager->isAdmin($currentLoggedInUser->getUID()) || $this->groupManager->isDelegatedAdmin($currentLoggedInUser->getUID())) {
+ return $managerUids;
+ }
+
+ if ($this->subAdminManager->isSubAdmin($currentLoggedInUser)) {
+ $accessibleManagerUids = array_values(array_filter(
+ $managerUids,
+ function (string $managerUid) use ($currentLoggedInUser) {
+ $manager = $this->userManager->get($managerUid);
+ if (!($manager instanceof IUser)) {
+ return false;
+ }
+ return $this->subAdminManager->isUserAccessible($currentLoggedInUser, $manager);
+ },
+ ));
+ return $accessibleManagerUids;
+ }
+
+ return [];
+ }
+
+ /**
* Get the groups a user is a subadmin of
*
* @param string $userId
diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php
index 4b05f772e8f..f0712d12261 100644
--- a/apps/provisioning_api/lib/Controller/GroupsController.php
+++ b/apps/provisioning_api/lib/Controller/GroupsController.php
@@ -21,6 +21,7 @@ use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
+use OCP\Group\ISubAdmin;
use OCP\IConfig;
use OCP\IGroup;
use OCP\IGroupManager;
@@ -47,6 +48,7 @@ class GroupsController extends AUserData {
IGroupManager $groupManager,
IUserSession $userSession,
IAccountManager $accountManager,
+ ISubAdmin $subAdminManager,
IFactory $l10nFactory,
LoggerInterface $logger) {
parent::__construct($appName,
@@ -56,6 +58,7 @@ class GroupsController extends AUserData {
$groupManager,
$userSession,
$accountManager,
+ $subAdminManager,
$l10nFactory
);
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index b0ddd4329af..d7794fd02a2 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -31,6 +31,7 @@ use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Group\ISubAdmin;
use OCP\HintException;
use OCP\IConfig;
use OCP\IGroup;
@@ -63,6 +64,7 @@ class UsersController extends AUserData {
IGroupManager $groupManager,
IUserSession $userSession,
IAccountManager $accountManager,
+ ISubAdmin $subAdminManager,
IFactory $l10nFactory,
private IURLGenerator $urlGenerator,
private LoggerInterface $logger,
@@ -81,6 +83,7 @@ class UsersController extends AUserData {
$groupManager,
$userSession,
$accountManager,
+ $subAdminManager,
$l10nFactory
);
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-15 22:34:54 +0000