aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--settings/ajax/changedisplayname.php67
-rw-r--r--settings/controller/userscontroller.php54
-rw-r--r--settings/js/personal.js2
-rw-r--r--settings/js/users/users.js2
-rw-r--r--settings/routes.php3
-rw-r--r--tests/settings/controller/userscontrollertest.php169
6 files changed, 226 insertions, 71 deletions
diff --git a/settings/ajax/changedisplayname.php b/settings/ajax/changedisplayname.php
deleted file mode 100644
index 380cbac43da..00000000000
--- a/settings/ajax/changedisplayname.php
+++ /dev/null
@@ -1,67 +0,0 @@
-<?php
-/**
- * @author Bart Visscher <bartv@thisnet.nl>
- * @author Christopher Schäpers <kondou@ts.unde.re>
- * @author David Reagan <reagand@lanecc.edu>
- * @author Jan-Christoph Borchardt <hey@jancborchardt.net>
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Robin Appelman <icewind@owncloud.com>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-// Check if we are a user
-
-OCP\JSON::callCheck();
-OC_JSON::checkLoggedIn();
-
-$l = \OC::$server->getL10N('settings');
-
-$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$displayName = (string)$_POST["displayName"];
-
-$userstatus = null;
-if(OC_User::isAdminUser(OC_User::getUser())) {
- $userstatus = 'admin';
-}
-
-$isUserAccessible = false;
-$subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser());
-$targetUserObject = \OC::$server->getUserManager()->get($username);
-if($subadminUserObject !== null && $targetUserObject !== null) {
- $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject);
-}
-
-if($isUserAccessible) {
- $userstatus = 'subadmin';
-}
-
-if ($username === OC_User::getUser() && OC_User::canUserChangeDisplayName($username)) {
- $userstatus = 'changeOwnDisplayName';
-}
-
-if(is_null($userstatus)) {
- OC_JSON::error( array( "data" => array( "message" => $l->t("Authentication error") )));
- exit();
-}
-
-// Return Success story
-if( OC_User::setDisplayName( $username, $displayName )) {
- OC_JSON::success(array("data" => array( "message" => $l->t('Your full name has been changed.'), "username" => $username, 'displayName' => $displayName )));
-}
-else{
- OC_JSON::error(array("data" => array( "message" => $l->t("Unable to change full name"), 'displayName' => OC_User::getDisplayName($username) )));
-}
diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php
index 82483a76245..942319901f3 100644
--- a/settings/controller/userscontroller.php
+++ b/settings/controller/userscontroller.php
@@ -585,4 +585,58 @@ class UsersController extends Controller {
);
}
+
+ /**
+ * Set the displayName of a user
+ *
+ * @NoAdminRequired
+ * @NoSubadminRequired
+ *
+ * @param string $username
+ * @param string $displayName
+ * @return DataResponse
+ */
+ public function setDisplayName($username, $displayName) {
+ $currentUser = $this->userSession->getUser();
+
+ if ($username === null) {
+ $username = $currentUser->getUID();
+ }
+
+ $user = $this->userManager->get($username);
+
+ if ($user === null ||
+ !$user->canChangeDisplayName() ||
+ (
+ !$this->groupManager->isAdmin($currentUser->getUID()) &&
+ !$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) &&
+ $currentUser !== $user)
+ ) {
+ return new DataResponse([
+ 'status' => 'error',
+ 'data' => [
+ 'message' => $this->l10n->t('Authentication error'),
+ ],
+ ]);
+ }
+
+ if ($user->setDisplayName($displayName)) {
+ return new DataResponse([
+ 'status' => 'success',
+ 'data' => [
+ 'message' => $this->l10n->t('Your full name has been changed.'),
+ 'username' => $username,
+ 'displayName' => $displayName,
+ ],
+ ]);
+ } else {
+ return new DataResponse([
+ 'status' => 'error',
+ 'data' => [
+ 'message' => $this->l10n->t('Unable to change full name'),
+ 'displayName' => $user->getDisplayName(),
+ ],
+ ]);
+ }
+ }
}
diff --git a/settings/js/personal.js b/settings/js/personal.js
index 3439eba686f..c9280d31353 100644
--- a/settings/js/personal.js
+++ b/settings/js/personal.js
@@ -70,7 +70,7 @@ function changeDisplayName () {
// Serialize the data
var post = $("#displaynameform").serialize();
// Ajax foo
- $.post('ajax/changedisplayname.php', post, function (data) {
+ $.post(OC.generateUrl('/settings/users/{id}/displayName', {id: OC.currentUser}), post, function (data) {
if (data.status === "success") {
$('#oldDisplayName').val($('#displayName').val());
// update displayName on the top right expand button
diff --git a/settings/js/users/users.js b/settings/js/users/users.js
index 8ce9cb6ac7c..c20a21b060a 100644
--- a/settings/js/users/users.js
+++ b/settings/js/users/users.js
@@ -687,7 +687,7 @@ $(document).ready(function () {
$div.imageplaceholder(uid, displayName);
}
$.post(
- OC.filePath('settings', 'ajax', 'changedisplayname.php'),
+ OC.generateUrl('/settings/users/{id}/displayName', {id: uid}),
{username: uid, displayName: $(this).val()},
function (result) {
if (result && result.status==='success' && $div.length){
diff --git a/settings/routes.php b/settings/routes.php
index 6ba38388d3a..95ad234c699 100644
--- a/settings/routes.php
+++ b/settings/routes.php
@@ -46,6 +46,7 @@ $application->registerRoutes($this, [
['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'],
['name' => 'AppSettings#changeExperimentalConfigState', 'url' => '/settings/apps/experimental', 'verb' => 'POST'],
['name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'],
+ ['name' => 'Users#setDisplayName', 'url' => '/settings/users/{username}/displayName', 'verb' => 'POST'],
['name' => 'Users#setMailAddress', 'url' => '/settings/users/{id}/mailAddress', 'verb' => 'PUT'],
['name' => 'Users#stats', 'url' => '/settings/users/stats', 'verb' => 'GET'],
['name' => 'LogSettings#setLogLevel', 'url' => '/settings/admin/log/level', 'verb' => 'POST'],
@@ -79,8 +80,6 @@ $this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.p
$this->create('settings_users_changepassword', '/settings/users/changepassword')
->post()
->action('OC\Settings\ChangePassword\Controller', 'changeUserPassword');
-$this->create('settings_ajax_changedisplayname', '/settings/ajax/changedisplayname.php')
- ->actionInclude('settings/ajax/changedisplayname.php');
$this->create('settings_ajax_changegorupname', '/settings/ajax/changegroupname.php')
->actionInclude('settings/ajax/changegroupname.php');
// personal
diff --git a/tests/settings/controller/userscontrollertest.php b/tests/settings/controller/userscontrollertest.php
index f4b05671ce8..b10737035ea 100644
--- a/tests/settings/controller/userscontrollertest.php
+++ b/tests/settings/controller/userscontrollertest.php
@@ -1746,4 +1746,173 @@ class UsersControllerTest extends \Test\TestCase {
$this->assertEquals($expectedResponse, $response);
}
+ public function testSetDisplayNameNull() {
+ $user = $this->getMock('\OCP\IUser');
+ $user->method('getUID')->willReturn('userName');
+
+ $this->container['UserSession']
+ ->expects($this->once())
+ ->method('getUser')
+ ->willReturn($user);
+
+ $expectedResponse = new DataResponse(
+ [
+ 'status' => 'error',
+ 'data' => [
+ 'message' => 'Authentication error',
+ ],
+ ]
+ );
+ $response = $this->container['UsersController']->setDisplayName(null, 'displayName');
+
+ $this->assertEquals($expectedResponse, $response);
+ }
+
+ public function dataSetDisplayName() {
+ $data = [];
+
+ $user1 = $this->getMock('\OCP\IUser');
+ $user1->method('getUID')->willReturn('user1');
+ $user1->method('canChangeDisplayName')->willReturn(true);
+ $data[] = [$user1, $user1, false, false, true];
+
+ $user1 = $this->getMock('\OCP\IUser');
+ $user1->method('getUID')->willReturn('user1');
+ $user1->method('canChangeDisplayName')->willReturn(false);
+ $data[] = [$user1, $user1, false, false, false];
+
+ $user1 = $this->getMock('\OCP\IUser');
+ $user1->method('getUID')->willReturn('user1');
+ $user2 = $this->getMock('\OCP\IUser');
+ $user2->method('getUID')->willReturn('user2');
+ $user2->method('canChangeDisplayName')->willReturn(true);
+ $data[] = [$user1, $user2, false, false, false];
+
+ $user1 = $this->getMock('\OCP\IUser');
+ $user1->method('getUID')->willReturn('user1');
+ $user2 = $this->getMock('\OCP\IUser');
+ $user2->method('getUID')->willReturn('user2');
+ $user2->method('canChangeDisplayName')->willReturn(true);
+ $data[] = [$user1, $user2, true, false, true];
+
+ $user1 = $this->getMock('\OCP\IUser');
+ $user1->method('getUID')->willReturn('user1');
+ $user2 = $this->getMock('\OCP\IUser');
+ $user2->method('getUID')->willReturn('user2');
+ $user2->method('canChangeDisplayName')->willReturn(true);
+ $data[] = [$user1, $user2, false, true, true];
+
+ return $data;
+ }
+
+ /**
+ * @dataProvider dataSetDisplayName
+ */
+ public function testSetDisplayName($currentUser, $editUser, $isAdmin, $isSubAdmin, $valid) {
+ $this->container['UserSession']
+ ->expects($this->once())
+ ->method('getUser')
+ ->willReturn($currentUser);
+ $this->container['UserManager']
+ ->expects($this->once())
+ ->method('get')
+ ->with($editUser->getUID())
+ ->willReturn($editUser);
+
+ $subadmin = $this->getMockBuilder('\OC\SubAdmin')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $subadmin
+ ->method('isUserAccessible')
+ ->with($currentUser, $editUser)
+ ->willReturn($isSubAdmin);
+
+ $this->container['GroupManager']
+ ->method('getSubAdmin')
+ ->willReturn($subadmin);
+ $this->container['GroupManager']
+ ->method('isAdmin')
+ ->with($currentUser->getUID())
+ ->willReturn($isAdmin);
+
+ if ($valid === true) {
+ $editUser->expects($this->once())
+ ->method('setDisplayName')
+ ->with('newDisplayName')
+ ->willReturn(true);
+ $expectedResponse = new DataResponse(
+ [
+ 'status' => 'success',
+ 'data' => [
+ 'message' => 'Your full name has been changed.',
+ 'username' => $editUser->getUID(),
+ 'displayName' => 'newDisplayName',
+ ],
+ ]
+ );
+ } else {
+ $editUser->expects($this->never())->method('setDisplayName');
+ $expectedResponse = new DataResponse(
+ [
+ 'status' => 'error',
+ 'data' => [
+ 'message' => 'Authentication error',
+ ],
+ ]
+ );
+ }
+
+ $response = $this->container['UsersController']->setDisplayName($editUser->getUID(), 'newDisplayName');
+ $this->assertEquals($expectedResponse, $response);
+ }
+
+ public function testSetDisplayNameFails() {
+ $user = $this->getMock('\OCP\IUser');
+ $user->method('canChangeDisplayname')->willReturn(true);
+ $user->method('getUID')->willReturn('user');
+ $user->expects($this->once())
+ ->method('setDisplayName')
+ ->with('newDisplayName')
+ ->willReturn(false);
+ $user->method('getDisplayName')->willReturn('oldDisplayName');
+
+ $this->container['UserSession']
+ ->expects($this->once())
+ ->method('getUser')
+ ->willReturn($user);
+ $this->container['UserManager']
+ ->expects($this->once())
+ ->method('get')
+ ->with($user->getUID())
+ ->willReturn($user);
+
+ $subadmin = $this->getMockBuilder('\OC\SubAdmin')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $subadmin
+ ->method('isUserAccessible')
+ ->with($user, $user)
+ ->willReturn(false);
+
+ $this->container['GroupManager']
+ ->method('getSubAdmin')
+ ->willReturn($subadmin);
+ $this->container['GroupManager']
+ ->expects($this->once())
+ ->method('isAdmin')
+ ->with($user->getUID())
+ ->willReturn(false);
+
+ $expectedResponse = new DataResponse(
+ [
+ 'status' => 'error',
+ 'data' => [
+ 'message' => 'Unable to change full name',
+ 'displayName' => 'oldDisplayName',
+ ],
+ ]
+ );
+ $response = $this->container['UsersController']->setDisplayName($user->getUID(), 'newDisplayName');
+ $this->assertEquals($expectedResponse, $response);
+ }
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 09:36:24 +0000