aboutsummaryrefslogtreecommitdiffstats
path: root/settings/ajax
diff options
context:
space:
mode:
Diffstat (limited to 'settings/ajax')
-rw-r--r--settings/ajax/changepassword.php6
-rw-r--r--settings/ajax/createuser.php4
-rw-r--r--settings/ajax/disableapp.php1
-rw-r--r--settings/ajax/enableapp.php1
-rw-r--r--settings/ajax/openid.php16
-rw-r--r--settings/ajax/removeuser.php2
-rw-r--r--settings/ajax/setquota.php2
-rw-r--r--settings/ajax/setsecurity.php13
-rw-r--r--settings/ajax/togglegroups.php8
-rw-r--r--settings/ajax/userlist.php2
10 files changed, 22 insertions, 33 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index b2db2611518..8d45e62e4d8 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -9,7 +9,7 @@ $password = $_POST["password"];
$oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';
$userstatus = null;
-if(OC_Group::inGroup(OC_User::getUser(), 'admin')) {
+if(OC_User::isAdminUser(OC_User::getUser())) {
$userstatus = 'admin';
}
if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
@@ -30,10 +30,6 @@ if(is_null($userstatus)) {
exit();
}
-if($userstatus === 'admin' || $userstatus === 'subadmin') {
- OC_JSON::verifyUser();
-}
-
// Return Success story
if( OC_User::setPassword( $username, $password )) {
OC_JSON::success(array("data" => array( "username" => $username )));
diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php
index addae78517a..09ef25d92fa 100644
--- a/settings/ajax/createuser.php
+++ b/settings/ajax/createuser.php
@@ -3,9 +3,7 @@
OCP\JSON::callCheck();
OC_JSON::checkSubAdminUser();
-$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin')?true:false;
-
-if($isadmin) {
+if(OC_User::isAdminUser(OC_User::getUser())) {
$groups = array();
if( isset( $_POST["groups"] )) {
$groups = $_POST["groups"];
diff --git a/settings/ajax/disableapp.php b/settings/ajax/disableapp.php
index a39b06b9c7d..e89de928eac 100644
--- a/settings/ajax/disableapp.php
+++ b/settings/ajax/disableapp.php
@@ -1,7 +1,6 @@
<?php
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
-OC_JSON::setContentTypeHeader();
OC_App::disable($_POST['appid']);
diff --git a/settings/ajax/enableapp.php b/settings/ajax/enableapp.php
index f4d5c53adef..18202dc39e9 100644
--- a/settings/ajax/enableapp.php
+++ b/settings/ajax/enableapp.php
@@ -2,7 +2,6 @@
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
-OC_JSON::setContentTypeHeader();
$appid = OC_App::enable($_POST['appid']);
if($appid !== false) {
diff --git a/settings/ajax/openid.php b/settings/ajax/openid.php
deleted file mode 100644
index 23c43c3c48e..00000000000
--- a/settings/ajax/openid.php
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-
-$l=OC_L10N::get('settings');
-
-OC_JSON::checkLoggedIn();
-OCP\JSON::callCheck();
-OC_JSON::checkAppEnabled('user_openid');
-
-// Get data
-if( isset( $_POST['identity'] ) ) {
- $identity=$_POST['identity'];
- OC_Preferences::setValue(OC_User::getUser(), 'user_openid', 'identity', $identity);
- OC_JSON::success(array("data" => array( "message" => $l->t("OpenID Changed") )));
-}else{
- OC_JSON::error(array("data" => array( "message" => $l->t("Invalid request") )));
-}
diff --git a/settings/ajax/removeuser.php b/settings/ajax/removeuser.php
index 9ffb32a0b23..bf3a34f1472 100644
--- a/settings/ajax/removeuser.php
+++ b/settings/ajax/removeuser.php
@@ -10,7 +10,7 @@ if(OC_User::getUser() === $username) {
exit;
}
-if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
+if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$l = OC_L10N::get('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
diff --git a/settings/ajax/setquota.php b/settings/ajax/setquota.php
index 845f8ea408c..356466c0c00 100644
--- a/settings/ajax/setquota.php
+++ b/settings/ajax/setquota.php
@@ -10,7 +10,7 @@ OCP\JSON::callCheck();
$username = isset($_POST["username"])?$_POST["username"]:'';
-if(($username == '' && !OC_Group::inGroup(OC_User::getUser(), 'admin')) || (!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) {
+if(($username == '' && !OC_User::isAdminUser(OC_User::getUser()))|| (!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) {
$l = OC_L10N::get('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
diff --git a/settings/ajax/setsecurity.php b/settings/ajax/setsecurity.php
new file mode 100644
index 00000000000..16a85aade81
--- /dev/null
+++ b/settings/ajax/setsecurity.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ * Copyright (c) 2013, Lukas Reschke <lukas@statuscode.ch>
+ * This file is licensed under the Affero General Public License version 3 or later.
+ * See the COPYING-README file.
+ */
+
+OC_Util::checkAdminUser();
+OCP\JSON::callCheck();
+
+OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
+
+echo 'true'; \ No newline at end of file
diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php
index 83d455550ae..9bba9c5269d 100644
--- a/settings/ajax/togglegroups.php
+++ b/settings/ajax/togglegroups.php
@@ -7,13 +7,13 @@ $success = true;
$username = $_POST["username"];
$group = $_POST["group"];
-if($username == OC_User::getUser() && $group == "admin" && OC_Group::inGroup($username, 'admin')) {
+if($username == OC_User::getUser() && $group == "admin" && OC_User::isAdminUser($username)) {
$l = OC_L10N::get('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Admins can\'t remove themself from the admin group'))));
exit();
}
-if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
+if(!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
$l = OC_L10N::get('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
@@ -31,8 +31,8 @@ $action = "add";
// Toggle group
if( OC_Group::inGroup( $username, $group )) {
$action = "remove";
- $error = $l->t("Unable to remove user from group %s", $group);
- $success = OC_Group::removeFromGroup( $username, $group );
+ $error = $l->t("Unable to remove user from group %s", $group);
+ $success = OC_Group::removeFromGroup( $username, $group );
$usersInGroup=OC_Group::usersInGroup($group);
if(count($usersInGroup)==0) {
OC_Group::deleteGroup($group);
diff --git a/settings/ajax/userlist.php b/settings/ajax/userlist.php
index eaeade60a39..9bbff80ea0c 100644
--- a/settings/ajax/userlist.php
+++ b/settings/ajax/userlist.php
@@ -28,7 +28,7 @@ if (isset($_GET['offset'])) {
$offset = 0;
}
$users = array();
-if (OC_Group::inGroup(OC_User::getUser(), 'admin')) {
+if (OC_User::isAdminUser(OC_User::getUser())) {
$batch = OC_User::getUsers('', 10, $offset);
foreach ($batch as $user) {
$users[] = array(
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-15 11:42:40 +0000