diff options
Diffstat (limited to 'apps/provisioning_api')
-rw-r--r-- | apps/provisioning_api/appinfo/routes.php | 2 | ||||
-rw-r--r-- | apps/provisioning_api/lib/users.php | 27 | ||||
-rw-r--r-- | apps/provisioning_api/tests/userstest.php | 78 |
3 files changed, 104 insertions, 3 deletions
diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php index 5c53684fd77..17cfea26572 100644 --- a/apps/provisioning_api/appinfo/routes.php +++ b/apps/provisioning_api/appinfo/routes.php @@ -33,7 +33,7 @@ $users = new \OCA\Provisioning_API\Users( \OC::$server->getGroupManager(), \OC::$server->getUserSession() ); -API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::ADMIN_AUTH); +API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::SUBADMIN_AUTH); API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::ADMIN_AUTH); API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH); API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH); diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php index fc5e79d4b2b..0b529bcea2c 100644 --- a/apps/provisioning_api/lib/users.php +++ b/apps/provisioning_api/lib/users.php @@ -29,6 +29,7 @@ namespace OCA\Provisioning_API; use \OC_OCS_Result; use \OC_SubAdmin; use \OC_Helper; +use \OC_Group; use OCP\Files\NotFoundException; class Users { @@ -71,7 +72,31 @@ class Users { $limit = !empty($_GET['limit']) ? $_GET['limit'] : null; $offset = !empty($_GET['offset']) ? $_GET['offset'] : null; - $users = $this->userManager->search($search, $limit, $offset); + // Check if user is logged in + $user = $this->userSession->getUser(); + if ($user === null) { + return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); + } + + // Admin? Or SubAdmin? + if($this->groupManager->isAdmin($user->getUID())){ + $users = $this->userManager->search($search, $limit, $offset); + } else if (\OC_SubAdmin::isSubAdmin($user->getUID())) { + $subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID()); + + if($offset === null) { + $offset = 0; + } + + $users = []; + foreach ($subAdminOfGroups as $group) { + $users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search)); + } + + $users = array_slice($users, $offset, $limit); + } else { + return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); + } $users = array_keys($users); return new OC_OCS_Result([ diff --git a/apps/provisioning_api/tests/userstest.php b/apps/provisioning_api/tests/userstest.php index 350586f8335..3869af87e5a 100644 --- a/apps/provisioning_api/tests/userstest.php +++ b/apps/provisioning_api/tests/userstest.php @@ -63,10 +63,16 @@ class UsersTest extends TestCase { $this->groupManager, $this->userSession ); + + $this->userSession->setUser(null); } // Test getting the list of users - public function testGetUsers() { + public function testGetUsersAsAdmin() { + $user = $this->generateUsers(); + $this->groupManager->get('admin')->addUser($user); + $this->userSession->setUser($user); + $result = $this->api->getUsers(); $this->assertInstanceOf('OC_OCS_Result', $result); $this->assertTrue($result->succeeded()); @@ -103,6 +109,70 @@ class UsersTest extends TestCase { $this->assertEquals(array_keys($this->userManager->search('', 1, 1)), $data['users']); } + public function testGetUsersAsSubAdmin() { + $user = $this->generateUsers(10); + $this->userSession->setUser($user[0]); + $group = $this->groupManager->createGroup($this->getUniqueID()); + \OC_SubAdmin::createSubAdmin($user[0]->getUID(), $group->getGID()); + + //Empty list + $result = $this->api->getUsers([]); + $this->assertInstanceOf('OC_OCS_Result', $result); + $this->assertTrue($result->succeeded()); + $this->assertEquals(['users' => []], $result->getData()); + + //Some users in group + $group->addUser($user[1]); + $group->addUser($user[2]); + $group->addUser($user[3]); + $group->addUser($user[4]); + + $result = $this->api->getUsers([]); + $this->assertInstanceOf('OC_OCS_Result', $result); + $this->assertTrue($result->succeeded()); + $this->assertArrayHasKey('users', $result->getData()); + + $this->assertContains($user[1]->getUID(), $result->getData()['users']); + $this->assertContains($user[2]->getUID(), $result->getData()['users']); + $this->assertContains($user[3]->getUID(), $result->getData()['users']); + $this->assertContains($user[4]->getUID(), $result->getData()['users']); + + $uids = [ + $user[1]->getUID(), + $user[2]->getUID(), + $user[3]->getUID(), + $user[4]->getUID() + ]; + sort($uids); + + $_GET['limit'] = 2; + $_GET['offset'] = 1; + $result = $this->api->getUsers([]); + + $this->assertInstanceOf('OC_OCS_Result', $result); + $this->assertTrue($result->succeeded()); + $this->assertEquals(['users' => array_slice($uids, 1, 2)], $result->getData()); + } + + public function testGetUsersNoUser() { + $result = $this->api->getUsers([]); + + $this->assertInstanceOf('OC_OCS_Result', $result); + $this->assertFalse($result->succeeded()); + $this->assertEquals(\OCP\API::RESPOND_UNAUTHORISED, $result->getStatusCode()); + } + + public function testGetUsersAsUser() { + $user = $this->generateUsers(); + $this->userSession->setUser($user); + + $result = $this->api->getUsers(); + $this->assertInstanceOf('OC_OCS_Result', $result); + $this->assertFalse($result->succeeded()); + $this->assertEquals(\OCP\API::RESPOND_UNAUTHORISED, $result->getStatusCode()); + + } + public function testAddUser() { $this->resetParams(); $_POST['userid'] = $this->getUniqueID(); @@ -794,6 +864,9 @@ class UsersTest extends TestCase { } public function testAddToGroupNoGroupId() { + $user = $this->generateUsers(); + $this->userSession->setUser($user); + $_POST['groupid'] = ''; $result = $this->api->addToGroup([ 'userid' => $this->getUniqueID(), @@ -935,6 +1008,9 @@ class UsersTest extends TestCase { } public function testRemoveFromGroupNoGroupId() { + $user = $this->generateUsers(); + $this->userSession->setUser($user); + $result = $this->api->removeFromGroup([ '_delete' => [ 'groupid' => '' |