aboutsummaryrefslogtreecommitdiffstats
path: root/apps/settings/lib/Middleware/SubadminMiddleware.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/settings/lib/Middleware/SubadminMiddleware.php')
-rw-r--r--apps/settings/lib/Middleware/SubadminMiddleware.php40
1 files changed, 21 insertions, 19 deletions
diff --git a/apps/settings/lib/Middleware/SubadminMiddleware.php b/apps/settings/lib/Middleware/SubadminMiddleware.php
index f985cdf278c..02d68e138da 100644
--- a/apps/settings/lib/Middleware/SubadminMiddleware.php
+++ b/apps/settings/lib/Middleware/SubadminMiddleware.php
@@ -1,9 +1,13 @@
<?php
+
+declare(strict_types=1);
+
/**
* SPDX-FileCopyrightText: 2019-2024 Nextcloud GmbH and Nextcloud contributors/**
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
* SPDX-License-Identifier: AGPL-3.0-only
*/
+
namespace OCA\Settings\Middleware;
use OC\AppFramework\Http;
@@ -12,31 +16,29 @@ use OC\AppFramework\Utility\ControllerMethodReflector;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Middleware;
+use OCP\Group\ISubAdmin;
use OCP\IL10N;
+use OCP\IUserSession;
/**
* Verifies whether an user has at least subadmin rights.
* To bypass use the `@NoSubAdminRequired` annotation
*/
class SubadminMiddleware extends Middleware {
- /** @var bool */
- protected $isSubAdmin;
- /** @var ControllerMethodReflector */
- protected $reflector;
- /** @var IL10N */
- private $l10n;
+ public function __construct(
+ protected ControllerMethodReflector $reflector,
+ protected IUserSession $userSession,
+ protected ISubAdmin $subAdminManager,
+ private IL10N $l10n,
+ ) {
+ }
- /**
- * @param ControllerMethodReflector $reflector
- * @param bool $isSubAdmin
- * @param IL10N $l10n
- */
- public function __construct(ControllerMethodReflector $reflector,
- $isSubAdmin,
- IL10N $l10n) {
- $this->reflector = $reflector;
- $this->isSubAdmin = $isSubAdmin;
- $this->l10n = $l10n;
+ private function isSubAdmin(): bool {
+ $userObject = $this->userSession->getUser();
+ if ($userObject === null) {
+ return false;
+ }
+ return $this->subAdminManager->isSubAdmin($userObject);
}
/**
@@ -47,8 +49,8 @@ class SubadminMiddleware extends Middleware {
*/
public function beforeController($controller, $methodName) {
if (!$this->reflector->hasAnnotation('NoSubAdminRequired') && !$this->reflector->hasAnnotation('AuthorizedAdminSetting')) {
- if (!$this->isSubAdmin) {
- throw new NotAdminException($this->l10n->t('Logged in account must be a subadmin'));
+ if (!$this->isSubAdmin()) {
+ throw new NotAdminException($this->l10n->t('Logged in account must be a sub admin'));
}
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-15 04:21:49 +0000