diff options
Diffstat (limited to 'apps/provisioning_api')
| -rw-r--r-- | apps/provisioning_api/appinfo/info.xml | 4 | ||||
| -rw-r--r-- | apps/provisioning_api/appinfo/routes.php | 1 | ||||
| -rw-r--r-- | apps/provisioning_api/composer/composer/ClassLoader.php | 4 | ||||
| -rw-r--r-- | apps/provisioning_api/l10n/zh_HK.js | 4 | ||||
| -rw-r--r-- | apps/provisioning_api/l10n/zh_HK.json | 4 | ||||
| -rw-r--r-- | apps/provisioning_api/lib/Controller/AUserData.php | 14 | ||||
| -rw-r--r-- | apps/provisioning_api/lib/Controller/UsersController.php | 141 | ||||
| -rw-r--r-- | apps/provisioning_api/tests/Controller/UsersControllerTest.php | 20 |
8 files changed, 156 insertions, 36 deletions
diff --git a/apps/provisioning_api/appinfo/info.xml b/apps/provisioning_api/appinfo/info.xml index 6d6eb719acf..be09abc3a72 100644 --- a/apps/provisioning_api/appinfo/info.xml +++ b/apps/provisioning_api/appinfo/info.xml @@ -13,7 +13,7 @@ listed above. More information is available in the Provisioning API documentation, including example calls and server responses. </description> - <version>1.11.0</version> + <version>1.12.0</version> <licence>agpl</licence> <author>Tom Needham</author> <namespace>Provisioning_API</namespace> @@ -27,6 +27,6 @@ <category>integration</category> <bugs>https://github.com/nextcloud/server/issues</bugs> <dependencies> - <nextcloud min-version="22" max-version="22"/> + <nextcloud min-version="23" max-version="23"/> </dependencies> </info> diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php index 8cf57487d3a..2f981e0c924 100644 --- a/apps/provisioning_api/appinfo/routes.php +++ b/apps/provisioning_api/appinfo/routes.php @@ -54,6 +54,7 @@ return [ ['root' => '/cloud', 'name' => 'Users#getEditableFields', 'url' => '/user/fields', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#getEditableFieldsForUser', 'url' => '/user/fields/{userId}', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#editUser', 'url' => '/users/{userId}', 'verb' => 'PUT'], + ['root' => '/cloud', 'name' => 'Users#editUserMultiValue', 'url' => '/users/{userId}/{collectionName}', 'verb' => 'PUT', 'requirements' => ['collectionName' => '^(?!enable$|disable$)[a-zA-Z0-9_]*$']], ['root' => '/cloud', 'name' => 'Users#wipeUserDevices', 'url' => '/users/{userId}/wipe', 'verb' => 'POST'], ['root' => '/cloud', 'name' => 'Users#deleteUser', 'url' => '/users/{userId}', 'verb' => 'DELETE'], ['root' => '/cloud', 'name' => 'Users#enableUser', 'url' => '/users/{userId}/enable', 'verb' => 'PUT'], diff --git a/apps/provisioning_api/composer/composer/ClassLoader.php b/apps/provisioning_api/composer/composer/ClassLoader.php index 247294d66ee..6d0c3f2d001 100644 --- a/apps/provisioning_api/composer/composer/ClassLoader.php +++ b/apps/provisioning_api/composer/composer/ClassLoader.php @@ -338,7 +338,7 @@ class ClassLoader * Loads the given class or interface. * * @param string $class The name of the class - * @return bool|null True if loaded, null otherwise + * @return true|null True if loaded, null otherwise */ public function loadClass($class) { @@ -347,6 +347,8 @@ class ClassLoader return true; } + + return null; } /** diff --git a/apps/provisioning_api/l10n/zh_HK.js b/apps/provisioning_api/l10n/zh_HK.js index 1786b6dcdfd..c5c3af1d007 100644 --- a/apps/provisioning_api/l10n/zh_HK.js +++ b/apps/provisioning_api/l10n/zh_HK.js @@ -3,7 +3,7 @@ OC.L10N.register( { "Provisioning API" : "Provisioning API", "This application enables a set of APIs that external systems can use to manage users, groups and apps." : "此應用程序啟用了一組 API ,外部系統可以使用這些 API 來管理用戶、組和應用程序。", - "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, HTTP requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。 Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。", - "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, http requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。 Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。" + "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, HTTP requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。", + "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, http requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。" }, "nplurals=1; plural=0;"); diff --git a/apps/provisioning_api/l10n/zh_HK.json b/apps/provisioning_api/l10n/zh_HK.json index 3bc5a44e98c..32e1ba2739c 100644 --- a/apps/provisioning_api/l10n/zh_HK.json +++ b/apps/provisioning_api/l10n/zh_HK.json @@ -1,7 +1,7 @@ { "translations": { "Provisioning API" : "Provisioning API", "This application enables a set of APIs that external systems can use to manage users, groups and apps." : "此應用程序啟用了一組 API ,外部系統可以使用這些 API 來管理用戶、組和應用程序。", - "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, HTTP requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。 Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。", - "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, http requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。 Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。" + "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, HTTP requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。", + "This application enables a set of APIs that external systems can use to create, edit, delete and query user\n\t\tattributes, query, set and remove groups, set quota and query total storage used in Nextcloud. Group admin users\n\t\tcan also query Nextcloud and perform the same functions as an admin for groups they manage. The API also enables\n\t\tan admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely.\n\t\tOnce the app is enabled, http requests can be used via a Basic Auth header to perform any of the functions\n\t\tlisted above. More information is available in the Provisioning API documentation, including example calls\n\t\tand server responses." : "此應用程序啟用了一組 API,外部系統可以使用它們來創建、編輯、刪除和查詢用戶\n\t\t屬性、查詢、設置和刪除組,設置配額以及查詢 Nextcloud 中使用的總存儲量。組管理員用戶\n\t\t還可以查詢 Nextcloud,並為其管理的組執行與管理員相同的功能。該 API 還支持\n\t\t管理員查詢活動的 Nextcloud 應用程序、應用程序信息,以及遠程啟用或禁用應用程序。\n\t\t啟用該應用後,可以通過基本身分驗證標頭使用 HTTP 請求執行\n以上所列任何功能。Provisioning API 文檔中提供了更多信息,包括示例調用\n\t\t和伺服器響應。" },"pluralForm" :"nplurals=1; plural=0;" }
\ No newline at end of file diff --git a/apps/provisioning_api/lib/Controller/AUserData.php b/apps/provisioning_api/lib/Controller/AUserData.php index c4fa537c2df..e358d282061 100644 --- a/apps/provisioning_api/lib/Controller/AUserData.php +++ b/apps/provisioning_api/lib/Controller/AUserData.php @@ -150,6 +150,20 @@ abstract class AUserData extends OCSController { if ($includeScopes) { $data[IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX] = $userAccount->getProperty(IAccountManager::PROPERTY_EMAIL)->getScope(); } + + $additionalEmails = $additionalEmailScopes = []; + $emailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL); + foreach ($emailCollection->getProperties() as $property) { + $additionalEmails[] = $property->getValue(); + if ($includeScopes) { + $additionalEmailScopes[] = $property->getScope(); + } + } + $data[IAccountManager::COLLECTION_EMAIL] = $additionalEmails; + if ($includeScopes) { + $data[IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX] = $additionalEmailScopes; + } + $data[IAccountManager::PROPERTY_DISPLAYNAME] = $targetUserObject->getDisplayName(); if ($includeScopes) { $data[IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX] = $userAccount->getProperty(IAccountManager::PROPERTY_DISPLAYNAME)->getScope(); diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 256077e9ae9..01e4bac9c2b 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -47,17 +47,19 @@ use libphonenumber\PhoneNumber; use libphonenumber\PhoneNumberFormat; use libphonenumber\PhoneNumberUtil; use OC\Authentication\Token\RemoteWipe; -use OC\HintException; use OC\KnownUser\KnownUserService; use OC\User\Backend; use OCA\Settings\Mailer\NewUserMailHelper; use OCP\Accounts\IAccountManager; -use OCP\App\IAppManager; +use OCP\Accounts\IAccountProperty; +use OCP\Accounts\PropertyDoesNotExistException; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\AppFramework\OCSController; +use OCP\EventDispatcher\IEventDispatcher; +use OCP\HintException; use OCP\IConfig; use OCP\IGroup; use OCP\IGroupManager; @@ -67,16 +69,13 @@ use OCP\IUser; use OCP\IUserManager; use OCP\IUserSession; use OCP\L10N\IFactory; -use OCP\Security\ISecureRandom; use OCP\Security\Events\GenerateSecurePasswordEvent; -use OCP\EventDispatcher\IEventDispatcher; +use OCP\Security\ISecureRandom; use OCP\User\Backend\ISetDisplayNameBackend; use Psr\Log\LoggerInterface; class UsersController extends AUserData { - /** @var IAppManager */ - private $appManager; /** @var IURLGenerator */ protected $urlGenerator; /** @var LoggerInterface */ @@ -98,7 +97,6 @@ class UsersController extends AUserData { IRequest $request, IUserManager $userManager, IConfig $config, - IAppManager $appManager, IGroupManager $groupManager, IUserSession $userSession, IAccountManager $accountManager, @@ -119,7 +117,6 @@ class UsersController extends AUserData { $accountManager, $l10nFactory); - $this->appManager = $appManager; $this->urlGenerator = $urlGenerator; $this->logger = $logger; $this->l10nFactory = $l10nFactory; @@ -592,6 +589,7 @@ class UsersController extends AUserData { $permittedFields[] = IAccountManager::PROPERTY_EMAIL; } + $permittedFields[] = IAccountManager::COLLECTION_EMAIL; $permittedFields[] = IAccountManager::PROPERTY_PHONE; $permittedFields[] = IAccountManager::PROPERTY_ADDRESS; $permittedFields[] = IAccountManager::PROPERTY_WEBSITE; @@ -605,6 +603,92 @@ class UsersController extends AUserData { * @NoSubAdminRequired * @PasswordConfirmationRequired * + * @throws OCSException + */ + public function editUserMultiValue( + string $userId, + string $collectionName, + string $key, + string $value + ): DataResponse { + $currentLoggedInUser = $this->userSession->getUser(); + if ($currentLoggedInUser === null) { + throw new OCSException('', OCSController::RESPOND_UNAUTHORISED); + } + + $targetUser = $this->userManager->get($userId); + if ($targetUser === null) { + throw new OCSException('', OCSController::RESPOND_NOT_FOUND); + } + + $permittedFields = []; + if ($targetUser->getUID() === $currentLoggedInUser->getUID()) { + // Editing self (display, email) + $permittedFields[] = IAccountManager::COLLECTION_EMAIL; + $permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX; + } else { + // Check if admin / subadmin + $subAdminManager = $this->groupManager->getSubAdmin(); + if ($this->groupManager->isAdmin($currentLoggedInUser->getUID()) + || $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) { + // They have permissions over the user + + $permittedFields[] = IAccountManager::COLLECTION_EMAIL; + } else { + // No rights + throw new OCSException('', OCSController::RESPOND_NOT_FOUND); + } + } + + // Check if permitted to edit this field + if (!in_array($collectionName, $permittedFields)) { + throw new OCSException('', 103); + } + + switch ($collectionName) { + case IAccountManager::COLLECTION_EMAIL: + $userAccount = $this->accountManager->getAccount($targetUser); + $mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL); + $mailCollection->removePropertyByValue($key); + if ($value !== '') { + $mailCollection->addPropertyWithDefaults($value); + } + $this->accountManager->updateAccount($userAccount); + break; + + case IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX: + $userAccount = $this->accountManager->getAccount($targetUser); + $mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL); + $targetProperty = null; + foreach ($mailCollection->getProperties() as $property) { + if ($property->getValue() === $key) { + $targetProperty = $property; + break; + } + } + if ($targetProperty instanceof IAccountProperty) { + try { + $targetProperty->setScope($value); + $this->accountManager->updateAccount($userAccount); + } catch (\InvalidArgumentException $e) { + throw new OCSException('', 102); + } + } else { + throw new OCSException('', 102); + } + break; + + default: + throw new OCSException('', 103); + } + return new DataResponse(); + } + + /** + * @NoAdminRequired + * @NoSubAdminRequired + * @PasswordConfirmationRequired + * * edit users * * @param string $userId @@ -636,6 +720,8 @@ class UsersController extends AUserData { $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX; $permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX; + $permittedFields[] = IAccountManager::COLLECTION_EMAIL; + $permittedFields[] = 'password'; if ($this->config->getSystemValue('force_language', false) === false || $this->groupManager->isAdmin($currentLoggedInUser->getUID())) { @@ -674,6 +760,7 @@ class UsersController extends AUserData { $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME; } $permittedFields[] = IAccountManager::PROPERTY_EMAIL; + $permittedFields[] = IAccountManager::COLLECTION_EMAIL; $permittedFields[] = 'password'; $permittedFields[] = 'language'; $permittedFields[] = 'locale'; @@ -746,24 +833,42 @@ class UsersController extends AUserData { throw new OCSException('', 102); } break; + case IAccountManager::COLLECTION_EMAIL: + if (filter_var($value, FILTER_VALIDATE_EMAIL) && $value !== $targetUser->getEMailAddress()) { + $userAccount = $this->accountManager->getAccount($targetUser); + $mailCollection = $userAccount->getPropertyCollection(IAccountManager::COLLECTION_EMAIL); + foreach ($mailCollection->getProperties() as $property) { + if ($property->getValue() === $value) { + break; + } + } + $mailCollection->addPropertyWithDefaults($value); + $this->accountManager->updateAccount($userAccount); + } else { + throw new OCSException('', 102); + } + break; case IAccountManager::PROPERTY_PHONE: case IAccountManager::PROPERTY_ADDRESS: case IAccountManager::PROPERTY_WEBSITE: case IAccountManager::PROPERTY_TWITTER: $userAccount = $this->accountManager->getAccount($targetUser); - $userProperty = $userAccount->getProperty($key); - if ($userProperty->getValue() !== $value) { - try { - $userProperty->setValue($value); - $this->accountManager->updateAccount($userAccount); - - if ($userProperty->getName() === IAccountManager::PROPERTY_PHONE) { - $this->knownUserService->deleteByContactUserId($targetUser->getUID()); + try { + $userProperty = $userAccount->getProperty($key); + if ($userProperty->getValue() !== $value) { + try { + $userProperty->setValue($value); + if ($userProperty->getName() === IAccountManager::PROPERTY_PHONE) { + $this->knownUserService->deleteByContactUserId($targetUser->getUID()); + } + } catch (\InvalidArgumentException $e) { + throw new OCSException('Invalid ' . $e->getMessage(), 102); } - } catch (\InvalidArgumentException $e) { - throw new OCSException('Invalid ' . $e->getMessage(), 102); } + } catch (PropertyDoesNotExistException $e) { + $userAccount->setProperty($key, $value, IAccountManager::SCOPE_PRIVATE, IAccountManager::NOT_VERIFIED); } + $this->accountManager->updateAccount($userAccount); break; case IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX: case IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX: diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 742335a919a..238bac34307 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -50,7 +50,6 @@ use OCA\Settings\Mailer\NewUserMailHelper; use OCP\Accounts\IAccount; use OCP\Accounts\IAccountManager; use OCP\Accounts\IAccountProperty; -use OCP\App\IAppManager; use OCP\AppFramework\Http\DataResponse; use OCP\EventDispatcher\IEventDispatcher; use OCP\IConfig; @@ -77,8 +76,6 @@ class UsersControllerTest extends TestCase { protected $userManager; /** @var IConfig|MockObject */ protected $config; - /** @var IAppManager|MockObject */ - protected $appManager; /** @var Manager|MockObject */ protected $groupManager; /** @var IUserSession|MockObject */ @@ -111,7 +108,6 @@ class UsersControllerTest extends TestCase { $this->userManager = $this->createMock(IUserManager::class); $this->config = $this->createMock(IConfig::class); - $this->appManager = $this->createMock(IAppManager::class); $this->groupManager = $this->createMock(Manager::class); $this->userSession = $this->createMock(IUserSession::class); $this->logger = $this->createMock(LoggerInterface::class); @@ -131,7 +127,6 @@ class UsersControllerTest extends TestCase { $this->request, $this->userManager, $this->config, - $this->appManager, $this->groupManager, $this->userSession, $this->accountManager, @@ -395,7 +390,6 @@ class UsersControllerTest extends TestCase { $this->request, $this->userManager, $this->config, - $this->appManager, $this->groupManager, $this->userSession, $this->accountManager, @@ -1071,7 +1065,8 @@ class UsersControllerTest extends TestCase { 'backendCapabilities' => [ 'setDisplayName' => true, 'setPassword' => true, - ] + ], + 'additional_mail' => [], ]; $this->assertEquals($expected, $this->invokePrivate($this->api, 'getUserData', ['UID'])); } @@ -1198,7 +1193,8 @@ class UsersControllerTest extends TestCase { 'backendCapabilities' => [ 'setDisplayName' => true, 'setPassword' => true, - ] + ], + 'additional_mail' => [], ]; $this->assertEquals($expected, $this->invokePrivate($this->api, 'getUserData', ['UID'])); } @@ -1363,7 +1359,8 @@ class UsersControllerTest extends TestCase { 'backendCapabilities' => [ 'setDisplayName' => false, 'setPassword' => false, - ] + ], + 'additional_mail' => [], ]; $this->assertEquals($expected, $this->invokePrivate($this->api, 'getUserData', ['UID'])); } @@ -3437,7 +3434,6 @@ class UsersControllerTest extends TestCase { $this->request, $this->userManager, $this->config, - $this->appManager, $this->groupManager, $this->userSession, $this->accountManager, @@ -3510,7 +3506,6 @@ class UsersControllerTest extends TestCase { $this->request, $this->userManager, $this->config, - $this->appManager, $this->groupManager, $this->userSession, $this->accountManager, @@ -3848,6 +3843,7 @@ class UsersControllerTest extends TestCase { public function dataGetEditableFields() { return [ [false, ISetDisplayNameBackend::class, [ + IAccountManager::COLLECTION_EMAIL, IAccountManager::PROPERTY_PHONE, IAccountManager::PROPERTY_ADDRESS, IAccountManager::PROPERTY_WEBSITE, @@ -3856,6 +3852,7 @@ class UsersControllerTest extends TestCase { [true, ISetDisplayNameBackend::class, [ IAccountManager::PROPERTY_DISPLAYNAME, IAccountManager::PROPERTY_EMAIL, + IAccountManager::COLLECTION_EMAIL, IAccountManager::PROPERTY_PHONE, IAccountManager::PROPERTY_ADDRESS, IAccountManager::PROPERTY_WEBSITE, @@ -3863,6 +3860,7 @@ class UsersControllerTest extends TestCase { ]], [true, UserInterface::class, [ IAccountManager::PROPERTY_EMAIL, + IAccountManager::COLLECTION_EMAIL, IAccountManager::PROPERTY_PHONE, IAccountManager::PROPERTY_ADDRESS, IAccountManager::PROPERTY_WEBSITE, |