diff options
-rw-r--r-- | lib/api.php | 5 | ||||
-rw-r--r-- | lib/app.php | 4 | ||||
-rw-r--r-- | lib/json.php | 8 | ||||
-rw-r--r-- | lib/migrate.php | 2 | ||||
-rw-r--r-- | lib/ocs/cloud.php | 4 | ||||
-rw-r--r-- | lib/subadmin.php | 7 | ||||
-rw-r--r-- | lib/user.php | 13 | ||||
-rwxr-xr-x | lib/util.php | 11 | ||||
-rw-r--r-- | settings/ajax/changepassword.php | 2 | ||||
-rw-r--r-- | settings/ajax/createuser.php | 4 | ||||
-rw-r--r-- | settings/ajax/removeuser.php | 2 | ||||
-rw-r--r-- | settings/ajax/setquota.php | 2 | ||||
-rw-r--r-- | settings/ajax/togglegroups.php | 4 | ||||
-rw-r--r-- | settings/ajax/userlist.php | 2 | ||||
-rw-r--r-- | settings/help.php | 2 | ||||
-rw-r--r-- | settings/users.php | 3 |
16 files changed, 38 insertions, 37 deletions
diff --git a/lib/api.php b/lib/api.php index cb67e0c2a89..c464cd04913 100644 --- a/lib/api.php +++ b/lib/api.php @@ -127,8 +127,7 @@ class OC_API { return false; } else { $subAdmin = OC_SubAdmin::isSubAdmin($user); - $admin = OC_Group::inGroup($user, 'admin'); - if($subAdmin || $admin) { + if($subAdmin) { return true; } else { return false; @@ -141,7 +140,7 @@ class OC_API { if(!$user) { return false; } else { - return OC_Group::inGroup($user, 'admin'); + return OC_User::isAdminUser($user); } break; default: diff --git a/lib/app.php b/lib/app.php index e60bce2a201..3b039733fe5 100644 --- a/lib/app.php +++ b/lib/app.php @@ -313,14 +313,14 @@ class OC_App{ $settings[]=array( "id" => "settings", "order" => 1000, "href" => OC_Helper::linkToRoute( "settings_settings" ), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath( "settings", "settings.svg" )); //SubAdmins are also allowed to access user management - if(OC_SubAdmin::isSubAdmin($_SESSION["user_id"]) || OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { + if(OC_SubAdmin::isSubAdmin(OC_User::getUser())) { // admin users menu $settings[] = array( "id" => "core_users", "order" => 2, "href" => OC_Helper::linkToRoute( "settings_users" ), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath( "settings", "users.svg" )); } // if the user is an admin - if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { + if(OC_User::isAdminUser(OC_User::getUser())) { // admin apps menu $settings[] = array( "id" => "core_apps", "order" => 3, "href" => OC_Helper::linkToRoute( "settings_apps" ).'?installed', "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath( "settings", "apps.svg" )); diff --git a/lib/json.php b/lib/json.php index 204430411c0..5ab877540d4 100644 --- a/lib/json.php +++ b/lib/json.php @@ -57,9 +57,7 @@ class OC_JSON{ * Check if the user is a admin, send json error msg if not */ public static function checkAdminUser() { - self::checkLoggedIn(); - self::verifyUser(); - if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { + if( !OC_User::isAdminUser(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); @@ -70,9 +68,7 @@ class OC_JSON{ * Check if the user is a subadmin, send json error msg if not */ public static function checkSubAdminUser() { - self::checkLoggedIn(); - self::verifyUser(); - if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) { + if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); diff --git a/lib/migrate.php b/lib/migrate.php index 5ff8e338a44..62ab00bc332 100644 --- a/lib/migrate.php +++ b/lib/migrate.php @@ -219,7 +219,7 @@ class OC_Migrate{ // We need to be an admin if we are not importing our own data if(($type == 'user' && self::$uid != $currentuser) || $type != 'user' ) { - if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { + if( !OC_User::isAdminUser($currentuser)) { // Naughty. OC_Log::write( 'migration', 'Import not permitted.', OC_Log::ERROR ); return json_encode( array( 'success' => false ) ); diff --git a/lib/ocs/cloud.php b/lib/ocs/cloud.php index 21095ec91e9..4564a1e9f1f 100644 --- a/lib/ocs/cloud.php +++ b/lib/ocs/cloud.php @@ -40,7 +40,7 @@ class OC_OCS_Cloud { public static function getUserQuota($parameters) { $user = OC_User::getUser(); - if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { + if(OC_User::isAdminUser($user) or ($user==$parameters['user'])) { if(OC_User::userExists($parameters['user'])) { // calculate the disc space @@ -82,7 +82,7 @@ class OC_OCS_Cloud { public static function getUserPrivatekey($parameters) { $user = OC_User::getUser(); - if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { + if(OC_User::isAdminUser($user) or ($user==$parameters['user'])) { if(OC_User::userExists($user)) { // calculate the disc space diff --git a/lib/subadmin.php b/lib/subadmin.php index 9e83e6da430..8cda7240ac9 100644 --- a/lib/subadmin.php +++ b/lib/subadmin.php @@ -122,6 +122,11 @@ class OC_SubAdmin{ * @return bool */ public static function isSubAdmin($uid) { + // Check if the user is already an admin + if(OC_Group::inGroup($uid, 'admin' )) { + return true; + } + $stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ?'); $result = $stmt->execute(array($uid)); $result = $result->fetchRow(); @@ -141,7 +146,7 @@ class OC_SubAdmin{ if(!self::isSubAdmin($subadmin)) { return false; } - if(OC_Group::inGroup($user, 'admin')) { + if(OC_User::isAdminUser($user)) { return false; } $accessiblegroups = self::getSubAdminsGroups($subadmin); diff --git a/lib/user.php b/lib/user.php index 80f88ca7052..8d4eb7aec4d 100644 --- a/lib/user.php +++ b/lib/user.php @@ -300,6 +300,19 @@ class OC_User { } /** + * @brief Check if the user is an admin user + * @param $uid uid of the admin + * @returns bool + */ + public static function isAdminUser($uid) { + if(OC_Group::inGroup($uid, 'admin' )) { + return true; + } + return false; + } + + + /** * @brief get the user id of the user currently logged in. * @return string uid or false */ diff --git a/lib/util.php b/lib/util.php index 7b1de094ead..06ae37176c1 100755 --- a/lib/util.php +++ b/lib/util.php @@ -342,10 +342,7 @@ class OC_Util { * Check if the user is a admin, redirects to home if not */ public static function checkAdminUser() { - // Check if we are a user - self::checkLoggedIn(); - self::verifyUser(); - if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { + if( !OC_User::isAdminUser(OC_User::getUser())) { header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); exit(); } @@ -356,12 +353,6 @@ class OC_Util { * @return array $groups where the current user is subadmin */ public static function checkSubAdminUser() { - // Check if we are a user - self::checkLoggedIn(); - self::verifyUser(); - if(OC_Group::inGroup(OC_User::getUser(), 'admin')) { - return true; - } if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); exit(); diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php index b2db2611518..cf440c577da 100644 --- a/settings/ajax/changepassword.php +++ b/settings/ajax/changepassword.php @@ -9,7 +9,7 @@ $password = $_POST["password"]; $oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:''; $userstatus = null; -if(OC_Group::inGroup(OC_User::getUser(), 'admin')) { +if(OC_User::isAdminUser(OC_User::getUser()) { $userstatus = 'admin'; } if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php index addae78517a..09ef25d92fa 100644 --- a/settings/ajax/createuser.php +++ b/settings/ajax/createuser.php @@ -3,9 +3,7 @@ OCP\JSON::callCheck(); OC_JSON::checkSubAdminUser(); -$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false; - -if($isadmin) { +if(OC_User::isAdminUser(OC_User::getUser())) { $groups = array(); if( isset( $_POST["groups"] )) { $groups = $_POST["groups"]; diff --git a/settings/ajax/removeuser.php b/settings/ajax/removeuser.php index 9ffb32a0b23..bf3a34f1472 100644 --- a/settings/ajax/removeuser.php +++ b/settings/ajax/removeuser.php @@ -10,7 +10,7 @@ if(OC_User::getUser() === $username) { exit; } -if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { +if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { $l = OC_L10N::get('core'); OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); diff --git a/settings/ajax/setquota.php b/settings/ajax/setquota.php index 845f8ea408c..89c46294d08 100644 --- a/settings/ajax/setquota.php +++ b/settings/ajax/setquota.php @@ -10,7 +10,7 @@ OCP\JSON::callCheck(); $username = isset($_POST["username"])?$_POST["username"]:''; -if(($username == '' && !OC_Group::inGroup(OC_User::getUser(), 'admin')) || (!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) { +if(($username == '' && !OC_User::isAdminUser($user)) || (!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) { $l = OC_L10N::get('core'); OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php index 83d455550ae..548dc2e209b 100644 --- a/settings/ajax/togglegroups.php +++ b/settings/ajax/togglegroups.php @@ -7,13 +7,13 @@ $success = true; $username = $_POST["username"]; $group = $_POST["group"]; -if($username == OC_User::getUser() && $group == "admin" && OC_Group::inGroup($username, 'admin')) { +if($username == OC_User::getUser() && $group == "admin" && OC_User::isAdminUser($username)) { $l = OC_L10N::get('core'); OC_JSON::error(array( 'data' => array( 'message' => $l->t('Admins can\'t remove themself from the admin group')))); exit(); } -if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { +if(!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { $l = OC_L10N::get('core'); OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); diff --git a/settings/ajax/userlist.php b/settings/ajax/userlist.php index eaeade60a39..9bbff80ea0c 100644 --- a/settings/ajax/userlist.php +++ b/settings/ajax/userlist.php @@ -28,7 +28,7 @@ if (isset($_GET['offset'])) { $offset = 0; } $users = array(); -if (OC_Group::inGroup(OC_User::getUser(), 'admin')) { +if (OC_User::isAdminUser(OC_User::getUser())) { $batch = OC_User::getUsers('', 10, $offset); foreach ($batch as $user) { $users[] = array( diff --git a/settings/help.php b/settings/help.php index cd3d615425c..a5ac11ec9a3 100644 --- a/settings/help.php +++ b/settings/help.php @@ -27,7 +27,7 @@ $url1=OC_Helper::linkToRoute( "settings_help" ).'?mode=user'; $url2=OC_Helper::linkToRoute( "settings_help" ).'?mode=admin'; $tmpl = new OC_Template( "settings", "help", "user" ); -$tmpl->assign( "admin", OC_Group::inGroup(OC_User::getUser(), 'admin') ); +$tmpl->assign( "admin", OC_User::isAdminUser(OC_User::getUser())); $tmpl->assign( "url", $url ); $tmpl->assign( "url1", $url1 ); $tmpl->assign( "url2", $url2 ); diff --git a/settings/users.php b/settings/users.php index 07a7620d3c0..1a32a7ecb5b 100644 --- a/settings/users.php +++ b/settings/users.php @@ -18,8 +18,7 @@ OC_App::setActiveNavigationEntry( 'core_users' ); $users = array(); $groups = array(); -$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false; -if($isadmin) { +if(OC_User::isAdminUser(OC_User::getUser())) { $accessiblegroups = OC_Group::getGroups(); $accessibleusers = OC_User::getUsers('', 30); $subadmins = OC_SubAdmin::getAllSubAdmins(); |