diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/api.php | 8 | ||||
-rw-r--r-- | lib/private/app.php | 7 | ||||
-rw-r--r-- | lib/private/group/metadata.php | 53 | ||||
-rw-r--r-- | lib/private/json.php | 8 | ||||
-rw-r--r-- | lib/private/legacy/subadmin.php | 166 | ||||
-rw-r--r-- | lib/private/subadmin.php | 19 | ||||
-rw-r--r-- | lib/private/util.php | 8 |
7 files changed, 57 insertions, 212 deletions
diff --git a/lib/private/api.php b/lib/private/api.php index 6d7354c7193..edee30dfc96 100644 --- a/lib/private/api.php +++ b/lib/private/api.php @@ -303,9 +303,13 @@ class OC_API { if(!$user) { return false; } else { - $subAdmin = OC_SubAdmin::isSubAdmin($user); + $userObject = \OC::$server->getUserSession()->getUser(); + if($userObject === null) { + return false; + } + $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); $admin = OC_User::isAdminUser($user); - if($subAdmin || $admin) { + if($isSubAdmin || $admin) { return true; } else { return false; diff --git a/lib/private/app.php b/lib/private/app.php index d7e62dfd852..c6e235eda4d 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -430,7 +430,12 @@ class OC_App { ); //SubAdmins are also allowed to access user management - if (OC_SubAdmin::isSubAdmin(OC_User::getUser())) { + $userObject = \OC::$server->getUserSession()->getUser(); + $isSubAdmin = false; + if($userObject !== null) { + $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); + } + if ($isSubAdmin) { // admin users menu $settings[] = array( "id" => "core_users", diff --git a/lib/private/group/metadata.php b/lib/private/group/metadata.php index 63447012b0c..63ac0928563 100644 --- a/lib/private/group/metadata.php +++ b/lib/private/group/metadata.php @@ -26,49 +26,42 @@ namespace OC\Group; +use OCP\IUserSession; + class MetaData { const SORT_NONE = 0; const SORT_USERCOUNT = 1; // May have performance issues on LDAP backends const SORT_GROUPNAME = 2; - /** - * @var string $user - */ + /** @var string */ protected $user; - - /** - * @var bool $isAdmin - */ + /** @var bool */ protected $isAdmin; - - /** - * @var array $metaData - */ + /** @var array */ protected $metaData = array(); - - /** - * @var \OCP\IGroupManager $groupManager - */ + /** @var \OCP\IGroupManager */ protected $groupManager; - - /** - * @var int $sorting - */ + /** @var bool */ protected $sorting = false; + /** @var IUserSession */ + protected $userSession; /** * @param string $user the uid of the current user * @param bool $isAdmin whether the current users is an admin * @param \OCP\IGroupManager $groupManager + * @param IUserSession $userSession */ public function __construct( $user, $isAdmin, - \OCP\IGroupManager $groupManager + \OCP\IGroupManager $groupManager, + IUserSession $userSession ) { $this->user = $user; $this->isAdmin = (bool)$isAdmin; $this->groupManager = $groupManager; + $this->userSession = $userSession; } /** @@ -190,23 +183,15 @@ class MetaData { * @param string $search a search string * @return \OCP\IGroup[] */ - private function getGroups($search = '') { + protected function getGroups($search = '') { if($this->isAdmin) { return $this->groupManager->search($search); } else { - // FIXME: Remove static method call - $groupIds = \OC_SubAdmin::getSubAdminsGroups($this->user); - - /* \OC_SubAdmin::getSubAdminsGroups() returns an array of GIDs, but this - * method is expected to return an array with the GIDs as keys and group objects as - * values, so we need to convert this information. - */ - $groups = array(); - foreach($groupIds as $gid) { - $group = $this->groupManager->get($gid); - if (!is_null($group)) { - $groups[$gid] = $group; - } + $userObject = $this->userSession->getUser(); + if($userObject !== null) { + $groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($userObject); + } else { + $groups = []; } return $groups; diff --git a/lib/private/json.php b/lib/private/json.php index ac72f02f609..eba374f4da2 100644 --- a/lib/private/json.php +++ b/lib/private/json.php @@ -114,7 +114,13 @@ class OC_JSON{ * @deprecated Use annotation based ACLs from the AppFramework instead */ public static function checkSubAdminUser() { - if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { + $userObject = \OC::$server->getUserSession()->getUser(); + $isSubAdmin = false; + if($userObject !== null) { + $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); + } + + if(!$isSubAdmin) { $l = \OC::$server->getL10N('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); exit(); diff --git a/lib/private/legacy/subadmin.php b/lib/private/legacy/subadmin.php deleted file mode 100644 index aa8e035ed3e..00000000000 --- a/lib/private/legacy/subadmin.php +++ /dev/null @@ -1,166 +0,0 @@ -<?php -/** - * @author Roeland Jago Douma <rullzer@owncloud.com> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -/** - * This class provides all methods needed for managing groups. - * - * Hooks provided: - * post_createSubAdmin($gid) - * post_deleteSubAdmin($gid) - */ -class OC_SubAdmin{ - - /** - * add a SubAdmin - * @param string $uid uid of the SubAdmin - * @param string $gid gid of the group - * @return boolean - */ - public static function createSubAdmin($uid, $gid) { - $groupManager = \OC::$server->getGroupManager(); - $userManager = \OC::$server->getUserManager(); - $subAdmin = $groupManager->getSubAdmin(); - - return $subAdmin->createSubAdmin($userManager->get($uid), $groupManager->get($gid)); - } - - /** - * delete a SubAdmin - * @param string $uid uid of the SubAdmin - * @param string $gid gid of the group - * @return boolean - */ - public static function deleteSubAdmin($uid, $gid) { - $groupManager = \OC::$server->getGroupManager(); - $userManager = \OC::$server->getUserManager(); - $subAdmin = $groupManager->getSubAdmin(); - - return $subAdmin->deleteSubAdmin($userManager->get($uid), $groupManager->get($gid)); - } - - /** - * get groups of a SubAdmin - * @param string $uid uid of the SubAdmin - * @return array - */ - public static function getSubAdminsGroups($uid) { - $groupManager = \OC::$server->getGroupManager(); - $userManager = \OC::$server->getUserManager(); - $subAdmin = $groupManager->getSubAdmin(); - - $groups = $subAdmin->getSubAdminsGroups($userManager->get($uid)); - - // New class returns IGroup[] so convert back - $gids = []; - foreach ($groups as $group) { - $gids[] = $group->getGID(); - } - return $gids; - } - - /** - * get SubAdmins of a group - * @param string $gid gid of the group - * @return array - */ - public static function getGroupsSubAdmins($gid) { - $groupManager = \OC::$server->getGroupManager(); - $subAdmin = $groupManager->getSubAdmin(); - - $users = $subAdmin->getGroupsSubAdmins($groupManager->get($gid)); - - // New class returns IUser[] so convert back - $uids = []; - foreach ($users as $user) { - $uids[] = $user->getUID(); - } - return $uids; - } - - /** - * get all SubAdmins - * @return array - */ - public static function getAllSubAdmins() { - $groupManager = \OC::$server->getGroupManager(); - $subAdmin = $groupManager->getSubAdmin(); - - $subAdmins = $subAdmin->getAllSubAdmins(); - - // New class returns IUser[] so convert back - $result = []; - foreach ($subAdmins as $subAdmin) { - $result[] = [ - 'gid' => $subAdmin['group']->getGID(), - 'uid' => $subAdmin['user']->getUID(), - ]; - } - return $result; - } - - /** - * checks if a user is a SubAdmin of a group - * @param string $uid uid of the subadmin - * @param string $gid gid of the group - * @return bool - */ - public static function isSubAdminofGroup($uid, $gid) { - $groupManager = \OC::$server->getGroupManager(); - $userManager = \OC::$server->getUserManager(); - $subAdmin = $groupManager->getSubAdmin(); - - return $subAdmin->isSubAdminOfGroup($userManager->get($uid), $groupManager->get($gid)); - } - - /** - * checks if a user is a SubAdmin - * @param string $uid uid of the subadmin - * @return bool - */ - public static function isSubAdmin($uid) { - $groupManager = \OC::$server->getGroupManager(); - $userManager = \OC::$server->getUserManager(); - $subAdmin = $groupManager->getSubAdmin(); - - return $subAdmin->isSubAdmin($userManager->get($uid)); - } - - /** - * checks if a user is a accessible by a subadmin - * @param string $subadmin uid of the subadmin - * @param string $user uid of the user - * @return bool - */ - public static function isUserAccessible($subadmin, $user) { - $groupManager = \OC::$server->getGroupManager(); - $userManager = \OC::$server->getUserManager(); - $subAdmin = $groupManager->getSubAdmin(); - - return $subAdmin->isUserAccessible($userManager->get($subadmin), $userManager->get($user)); - } - - /* - * alias for self::isSubAdminofGroup() - */ - public static function isGroupAccessible($subadmin, $group) { - return self::isSubAdminofGroup($subadmin, $group); - } -} diff --git a/lib/private/subadmin.php b/lib/private/subadmin.php index 6bf960661b5..c00a2b24669 100644 --- a/lib/private/subadmin.php +++ b/lib/private/subadmin.php @@ -44,6 +44,11 @@ class SubAdmin extends PublicEmitter { /** @var IDBConnection */ private $dbConn; + /** + * @param IUserManager $userManager + * @param IGroupManager $groupManager + * @param IDBConnection $dbConn + */ public function __construct(IUserManager $userManager, IGroupManager $groupManager, IDBConnection $dbConn) { @@ -68,7 +73,7 @@ class SubAdmin extends PublicEmitter { public function createSubAdmin(IUser $user, IGroup $group) { $qb = $this->dbConn->getQueryBuilder(); - $result = $qb->insert('group_admin') + $qb->insert('group_admin') ->values([ 'gid' => $qb->createNamedParameter($group->getGID()), 'uid' => $qb->createNamedParameter($user->getUID()) @@ -89,7 +94,7 @@ class SubAdmin extends PublicEmitter { public function deleteSubAdmin(IUser $user, IGroup $group) { $qb = $this->dbConn->getQueryBuilder(); - $result = $qb->delete('group_admin') + $qb->delete('group_admin') ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID()))) ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) ->execute(); @@ -231,9 +236,9 @@ class SubAdmin extends PublicEmitter { if($this->groupManager->isAdmin($user->getUID())) { return false; } - $accessiblegroups = $this->getSubAdminsGroups($subadmin); - foreach($accessiblegroups as $accessiblegroup) { - if($accessiblegroup->inGroup($user)) { + $accessibleGroups = $this->getSubAdminsGroups($subadmin); + foreach($accessibleGroups as $accessibleGroup) { + if($accessibleGroup->inGroup($user)) { return true; } } @@ -248,7 +253,7 @@ class SubAdmin extends PublicEmitter { private function post_deleteUser($user) { $qb = $this->dbConn->getQueryBuilder(); - $result = $qb->delete('group_admin') + $qb->delete('group_admin') ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) ->execute(); @@ -263,7 +268,7 @@ class SubAdmin extends PublicEmitter { private function post_deleteGroup($group) { $qb = $this->dbConn->getQueryBuilder(); - $result = $qb->delete('group_admin') + $qb->delete('group_admin') ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID()))) ->execute(); diff --git a/lib/private/util.php b/lib/private/util.php index 0b6cfb099d1..41f3c26e405 100644 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -1025,7 +1025,13 @@ class OC_Util { */ public static function checkSubAdminUser() { OC_Util::checkLoggedIn(); - if (!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { + $userObject = \OC::$server->getUserSession()->getUser(); + $isSubAdmin = false; + if($userObject !== null) { + $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); + } + + if (!$isSubAdmin) { header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php')); exit(); } |