diff options
Diffstat (limited to 'settings')
-rw-r--r-- | settings/ajax/creategroup.php | 21 | ||||
-rw-r--r-- | settings/ajax/createuser.php | 59 | ||||
-rw-r--r-- | settings/ajax/grouplist.php | 46 | ||||
-rw-r--r-- | settings/ajax/removegroup.php | 14 | ||||
-rw-r--r-- | settings/ajax/removeuser.php | 26 | ||||
-rw-r--r-- | settings/ajax/userlist.php | 92 | ||||
-rw-r--r-- | settings/application.php | 71 | ||||
-rw-r--r-- | settings/controller/groupscontroller.php | 140 | ||||
-rw-r--r-- | settings/controller/userscontroller.php | 251 | ||||
-rw-r--r-- | settings/js/settings.js | 2 | ||||
-rw-r--r-- | settings/js/users/deleteHandler.js | 5 | ||||
-rw-r--r-- | settings/js/users/groups.js | 6 | ||||
-rw-r--r-- | settings/js/users/users.js | 6 | ||||
-rw-r--r-- | settings/middleware/subadminmiddleware.php | 65 | ||||
-rw-r--r-- | settings/routes.php | 39 |
15 files changed, 542 insertions, 301 deletions
diff --git a/settings/ajax/creategroup.php b/settings/ajax/creategroup.php deleted file mode 100644 index be376bea9dc..00000000000 --- a/settings/ajax/creategroup.php +++ /dev/null @@ -1,21 +0,0 @@ -<?php - -OCP\JSON::callCheck(); -OC_JSON::checkAdminUser(); - -$groupname = $_POST["groupname"]; -$l = \OC::$server->getL10N('settings'); - -// Does the group exist? -if( in_array( $groupname, OC_Group::getGroups())) { - OC_JSON::error(array("data" => array( "message" => $l->t("Group already exists") ))); - exit(); -} - -// Return Success story -if( OC_Group::createGroup( $groupname )) { - OC_JSON::success(array("data" => array( "groupname" => $groupname ))); -} -else{ - OC_JSON::error(array("data" => array( "message" => $l->t("Unable to add group") ))); -} diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php deleted file mode 100644 index 463c15d59e8..00000000000 --- a/settings/ajax/createuser.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php - -OCP\JSON::callCheck(); -OC_JSON::checkSubAdminUser(); - -if(OC_User::isAdminUser(OC_User::getUser())) { - $groups = array(); - if (!empty($_POST["groups"])) { - $groups = $_POST["groups"]; - } -}else{ - if (isset($_POST["groups"])) { - $groups = array(); - if (!empty($_POST["groups"])) { - foreach ($_POST["groups"] as $group) { - if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) { - $groups[] = $group; - } - } - } - if (empty($groups)) { - $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); - } - } else { - $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); - } -} -$username = $_POST["username"]; -$password = $_POST["password"]; - -// Return Success story -try { - // check whether the user's files home exists - $userDirectory = OC_User::getHome($username) . '/files/'; - $homeExists = file_exists($userDirectory); - - if (!OC_User::createUser($username, $password)) { - OC_JSON::error(array('data' => array( 'message' => 'User creation failed for '.$username ))); - exit(); - } - foreach( $groups as $i ) { - if(!OC_Group::groupExists($i)) { - OC_Group::createGroup($i); - } - OC_Group::addToGroup( $username, $i ); - } - - $userManager = \OC_User::getManager(); - $user = $userManager->get($username); - OCP\JSON::success(array("data" => - array( - // returns whether the home already existed - "homeExists" => $homeExists, - "username" => $username, - "groups" => OC_Group::getUserGroups( $username ), - 'storageLocation' => $user->getHome()))); -} catch (Exception $exception) { - OCP\JSON::error(array("data" => array( "message" => $exception->getMessage()))); -} diff --git a/settings/ajax/grouplist.php b/settings/ajax/grouplist.php deleted file mode 100644 index 93bb510773d..00000000000 --- a/settings/ajax/grouplist.php +++ /dev/null @@ -1,46 +0,0 @@ -<?php -/** - * ownCloud - * - * @author Arthur Schiwon - * @copyright 2014 Arthur Schiwon <blizzz@owncloud.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE - * License as published by the Free Software Foundation; either - * version 3 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU AFFERO GENERAL PUBLIC LICENSE for more details. - * - * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see <http://www.gnu.org/licenses/>. - * - */ - -OC_JSON::callCheck(); -OC_JSON::checkSubAdminUser(); -if (isset($_GET['pattern']) && !empty($_GET['pattern'])) { - $pattern = $_GET['pattern']; -} else { - $pattern = ''; -} -if (isset($_GET['filterGroups']) && !empty($_GET['filterGroups'])) { - $filterGroups = intval($_GET['filterGroups']) === 1; -} else { - $filterGroups = false; -} -$groupPattern = $filterGroups ? $pattern : ''; -$groups = array(); -$adminGroups = array(); -$groupManager = \OC_Group::getManager(); -$isAdmin = OC_User::isAdminUser(OC_User::getUser()); - -$groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager); -$groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT); -list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern); - -OC_JSON::success( - array('data' => array('adminGroups' => $adminGroups, 'groups' => $groups))); diff --git a/settings/ajax/removegroup.php b/settings/ajax/removegroup.php deleted file mode 100644 index 798d7916e61..00000000000 --- a/settings/ajax/removegroup.php +++ /dev/null @@ -1,14 +0,0 @@ -<?php - -OC_JSON::checkAdminUser(); -OCP\JSON::callCheck(); - -$name = $_POST["groupname"]; - -// Return Success story -if( OC_Group::deleteGroup( $name )) { - OC_JSON::success(array("data" => array( "groupname" => $name ))); -} -else{ - OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete group") ))); -} diff --git a/settings/ajax/removeuser.php b/settings/ajax/removeuser.php deleted file mode 100644 index eda85238780..00000000000 --- a/settings/ajax/removeuser.php +++ /dev/null @@ -1,26 +0,0 @@ -<?php - -OC_JSON::checkSubAdminUser(); -OCP\JSON::callCheck(); - -$username = $_POST["username"]; - -// A user shouldn't be able to delete his own account -if(OC_User::getUser() === $username) { - exit; -} - -if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { - $l = \OC::$server->getL10N('core'); - OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); - exit(); -} - -// Return Success story -if( OC_User::deleteUser( $username )) { - OC_JSON::success(array("data" => array( "username" => $username ))); -} -else{ - $l = \OC::$server->getL10N('core'); - OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete user") ))); -} diff --git a/settings/ajax/userlist.php b/settings/ajax/userlist.php deleted file mode 100644 index 807cf5f1899..00000000000 --- a/settings/ajax/userlist.php +++ /dev/null @@ -1,92 +0,0 @@ -<?php -/** - * ownCloud - * - * @author Michael Gapczynski - * @copyright 2012 Michael Gapczynski mtgap@owncloud.com - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE - * License as published by the Free Software Foundation; either - * version 3 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU AFFERO GENERAL PUBLIC LICENSE for more details. - * - * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see <http://www.gnu.org/licenses/>. - * - */ - -OC_JSON::callCheck(); -OC_JSON::checkSubAdminUser(); -if (isset($_GET['offset'])) { - $offset = $_GET['offset']; -} else { - $offset = 0; -} -if (isset($_GET['limit'])) { - $limit = $_GET['limit']; -} else { - $limit = 10; -} -if (isset($_GET['gid']) && !empty($_GET['gid'])) { - $gid = $_GET['gid']; - if ($gid === '_everyone') { - $gid = false; - } -} else { - $gid = false; -} -if (isset($_GET['pattern']) && !empty($_GET['pattern'])) { - $pattern = $_GET['pattern']; -} else { - $pattern = ''; -} -$users = array(); -$userManager = \OC_User::getManager(); -if (OC_User::isAdminUser(OC_User::getUser())) { - if($gid !== false) { - $batch = OC_Group::displayNamesInGroup($gid, $pattern, $limit, $offset); - } else { - $batch = OC_User::getDisplayNames($pattern, $limit, $offset); - } - foreach ($batch as $uid => $displayname) { - $user = $userManager->get($uid); - $users[] = array( - 'name' => $uid, - 'displayname' => $displayname, - 'groups' => OC_Group::getUserGroups($uid), - 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid), - 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'), - 'storageLocation' => $user->getHome(), - 'lastLogin' => $user->getLastLogin(), - ); - } -} else { - $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); - if($gid !== false && in_array($gid, $groups)) { - $groups = array($gid); - } elseif($gid !== false) { - //don't you try to investigate loops you must not know about - $groups = array(); - } - $batch = OC_Group::usersInGroups($groups, $pattern, $limit, $offset); - foreach ($batch as $uid) { - $user = $userManager->get($uid); - - // Only add the groups, this user is a subadmin of - $userGroups = array_intersect(OC_Group::getUserGroups($uid), OC_SubAdmin::getSubAdminsGroups(OC_User::getUser())); - $users[] = array( - 'name' => $uid, - 'displayname' => $user->getDisplayName(), - 'groups' => $userGroups, - 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'), - 'storageLocation' => $user->getHome(), - 'lastLogin' => $user->getLastLogin(), - ); - } -} -OC_JSON::success(array('data' => $users)); diff --git a/settings/application.php b/settings/application.php index 64aa4671228..0a80bd8b1e7 100644 --- a/settings/application.php +++ b/settings/application.php @@ -10,11 +10,14 @@ namespace OC\Settings; -use OC\AppFramework\Utility\SimpleContainer; use OC\Settings\Controller\AppSettingsController; +use OC\Settings\Controller\GroupsController; use OC\Settings\Controller\MailSettingsController; use OC\Settings\Controller\SecuritySettingsController; +use OC\Settings\Controller\UsersController; +use OC\Settings\Middleware\SubadminMiddleware; use \OCP\AppFramework\App; +use OCP\IContainer; use \OCP\Util; /** @@ -34,7 +37,7 @@ class Application extends App { /** * Controllers */ - $container->registerService('MailSettingsController', function(SimpleContainer $c) { + $container->registerService('MailSettingsController', function(IContainer $c) { return new MailSettingsController( $c->query('AppName'), $c->query('Request'), @@ -46,7 +49,7 @@ class Application extends App { $c->query('DefaultMailAddress') ); }); - $container->registerService('AppSettingsController', function(SimpleContainer $c) { + $container->registerService('AppSettingsController', function(IContainer $c) { return new AppSettingsController( $c->query('AppName'), $c->query('Request'), @@ -54,33 +57,81 @@ class Application extends App { $c->query('Config') ); }); - $container->registerService('SecuritySettingsController', function(SimpleContainer $c) { + $container->registerService('SecuritySettingsController', function(IContainer $c) { return new SecuritySettingsController( $c->query('AppName'), $c->query('Request'), $c->query('Config') ); }); + $container->registerService('GroupsController', function(IContainer $c) { + return new GroupsController( + $c->query('AppName'), + $c->query('Request'), + $c->query('GroupManager'), + $c->query('UserSession'), + $c->query('IsAdmin'), + $c->query('L10N') + ); + }); + $container->registerService('UsersController', function(IContainer $c) { + return new UsersController( + $c->query('AppName'), + $c->query('Request'), + $c->query('UserManager'), + $c->query('GroupManager'), + $c->query('UserSession'), + $c->query('Config'), + $c->query('IsAdmin'), + $c->query('L10N') + ); + }); + + /** + * Middleware + */ + $container->registerService('SubadminMiddleware', function(IContainer $c){ + return new SubadminMiddleware( + $c->query('ControllerMethodReflector'), + $c->query('IsSubAdmin') + ); + }); + // Execute middlewares + $container->registerMiddleware('SubadminMiddleware'); /** * Core class wrappers */ - $container->registerService('Config', function(SimpleContainer $c) { + $container->registerService('Config', function(IContainer $c) { return $c->query('ServerContainer')->getConfig(); }); - $container->registerService('L10N', function(SimpleContainer $c) { + $container->registerService('L10N', function(IContainer $c) { return $c->query('ServerContainer')->getL10N('settings'); }); - $container->registerService('UserSession', function(SimpleContainer $c) { + $container->registerService('GroupManager', function(IContainer $c) { + return $c->query('ServerContainer')->getGroupManager(); + }); + $container->registerService('UserManager', function(IContainer $c) { + return $c->query('ServerContainer')->getUserManager(); + }); + $container->registerService('UserSession', function(IContainer $c) { return $c->query('ServerContainer')->getUserSession(); }); - $container->registerService('Mail', function(SimpleContainer $c) { + /** FIXME: Remove once OC_User is non-static and mockable */ + $container->registerService('IsAdmin', function(IContainer $c) { + return \OC_User::isAdminUser(\OC_User::getUser()); + }); + /** FIXME: Remove once OC_SubAdmin is non-static and mockable */ + $container->registerService('IsSubAdmin', function(IContainer $c) { + return \OC_Subadmin::isSubAdmin(\OC_User::getUser()); + }); + $container->registerService('Mail', function(IContainer $c) { return new \OC_Mail; }); - $container->registerService('Defaults', function(SimpleContainer $c) { + $container->registerService('Defaults', function(IContainer $c) { return new \OC_Defaults; }); - $container->registerService('DefaultMailAddress', function(SimpleContainer $c) { + $container->registerService('DefaultMailAddress', function(IContainer $c) { return Util::getDefaultEmailAddress('no-reply'); }); } diff --git a/settings/controller/groupscontroller.php b/settings/controller/groupscontroller.php new file mode 100644 index 00000000000..6e6ab894605 --- /dev/null +++ b/settings/controller/groupscontroller.php @@ -0,0 +1,140 @@ +<?php +/** + * @author Lukas Reschke + * @copyright 2014 Lukas Reschke lukas@owncloud.com + * + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Settings\Controller; + +use \OCP\AppFramework\Controller; +use OCP\AppFramework\Http\DataResponse; +use OCP\IGroupManager; +use OCP\IL10N; +use OCP\IRequest; +use OCP\IUserSession; + +/** + * @package OC\Settings\Controller + */ +class GroupsController extends Controller { + /** @var IGroupManager */ + private $groupManager; + /** @var IL10N */ + private $l10n; + /** @var IUserSession */ + private $userSession; + /** @var bool */ + private $isAdmin; + + /** + * @param string $appName + * @param IRequest $request + * @param IGroupManager $groupManager + * @param IUserSession $userSession + * @param bool $isAdmin + * @param IL10N $l10n + */ + public function __construct($appName, + IRequest $request, + IGroupManager $groupManager, + IUserSession $userSession, + $isAdmin, + IL10N $l10n) { + parent::__construct($appName, $request); + $this->groupManager = $groupManager; + $this->userSession = $userSession; + $this->isAdmin = $isAdmin; + $this->l10n = $l10n; + } + + /** + * @NoAdminRequired + * + * @param string $pattern + * @param bool $filterGroups + * @return DataResponse + */ + public function index($pattern = '', $filterGroups = false) { + $groupPattern = $filterGroups ? $pattern : ''; + + $groupsInfo = new \OC\Group\MetaData($this->userSession->getUser()->getUID(), + $this->isAdmin, $this->groupManager); + $groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT); + list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern); + + return new DataResponse( + array( + 'data' => array('adminGroups' => $adminGroups, 'groups' => $groups) + ) + ); + } + + /** + * @param string $id + * @return DataResponse + */ + public function create($id) { + if($this->groupManager->groupExists($id)) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Group already exists.') + ) + ) + ); + } + if($this->groupManager->createGroup($id)) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'groupname' => $id + ) + ) + ); + } + + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to add group.') + ) + ) + ); + } + + /** + * @param string $id + * @return DataResponse + */ + public function destroy($id) { + $group = $this->groupManager->get($id); + if ($group) { + if ($group->delete()) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'groupname' => $id + ) + ) + ); + } + } + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to delete group.') + ) + ) + ); + } + +} diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php new file mode 100644 index 00000000000..d61d19f8cb4 --- /dev/null +++ b/settings/controller/userscontroller.php @@ -0,0 +1,251 @@ +<?php +/** + * @author Lukas Reschke + * @copyright 2014 Lukas Reschke lukas@owncloud.com + * + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Settings\Controller; + +use OC\User\User; +use \OCP\AppFramework\Controller; +use OCP\AppFramework\Http\DataResponse; +use OCP\IConfig; +use OCP\IGroupManager; +use OCP\IL10N; +use OCP\IRequest; +use OCP\IUserManager; +use OCP\IUserSession; + +/** + * @package OC\Settings\Controller + */ +class UsersController extends Controller { + /** @var IL10N */ + private $l10n; + /** @var IUserSession */ + private $userSession; + /** @var bool */ + private $isAdmin; + /** @var IUserManager */ + private $userManager; + /** @var IGroupManager */ + private $groupManager; + /** @var IConfig */ + private $config; + + /** + * @param string $appName + * @param IRequest $request + * @param IUserManager $userManager + * @param IGroupManager $groupManager + * @param IUserSession $userSession + * @param IConfig $config + * @param bool $isAdmin + * @param IL10N $l10n + */ + public function __construct($appName, + IRequest $request, + IUserManager $userManager, + IGroupManager $groupManager, + IUserSession $userSession, + IConfig $config, + $isAdmin, + IL10N $l10n) { + parent::__construct($appName, $request); + $this->userManager = $userManager; + $this->groupManager = $groupManager; + $this->userSession = $userSession; + $this->config = $config; + $this->isAdmin = $isAdmin; + $this->l10n = $l10n; + } + + /** + * @NoAdminRequired + * @NoCSRFRequired + * @param int $offset + * @param int $limit + * @param string $gid + * @param string $pattern + * @return DataResponse + * + * TODO: Tidy up and write unit tests - code is mainly static method calls + */ + public function index($offset = 0, $limit = 10, $gid = '', $pattern = '') { + // FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group. + if($gid === '_everyone') { + $gid = ''; + } + $users = array(); + if ($this->isAdmin) { + if($gid !== '') { + $batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset); + } else { + // FIXME: Remove static method call + $batch = \OC_User::getDisplayNames($pattern, $limit, $offset); + } + + foreach ($batch as $uid => $displayname) { + $user = $this->userManager->get($uid); + $users[] = array( + 'name' => $uid, + 'displayname' => $displayname, + 'groups' => $this->groupManager->getUserGroupIds($user), + 'subadmin' => \OC_SubAdmin::getSubAdminsGroups($uid), + 'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'), + 'storageLocation' => $user->getHome(), + 'lastLogin' => $user->getLastLogin(), + ); + } + } else { + $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()); + if($gid !== '' && in_array($gid, $groups)) { + $groups = array($gid); + } elseif($gid !== '') { + //don't you try to investigate loops you must not know about + $groups = array(); + } + $batch = \OC_Group::usersInGroups($groups, $pattern, $limit, $offset); + foreach ($batch as $uid) { + $user = $this->userManager->get($uid); + + // Only add the groups, this user is a subadmin of + $userGroups = array_intersect($this->groupManager->getUserGroupIds($user), \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID())); + $users[] = array( + 'name' => $uid, + 'displayname' => $user->getDisplayName(), + 'groups' => $userGroups, + 'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'), + 'storageLocation' => $user->getHome(), + 'lastLogin' => $user->getLastLogin(), + ); + } + } + + // FIXME: That assignment on "data" is uneeded here - JS should be adjusted + return new DataResponse(array('data' => $users, 'status' => 'success')); + } + + /** + * @NoAdminRequired + * + * @param string $username + * @param string $password + * @param array $groups + * @return DataResponse + * + * TODO: Tidy up and write unit tests - code is mainly static method calls + */ + public function create($username, $password, array $groups) { + + if (!$this->isAdmin) { + if (!empty($groups)) { + foreach ($groups as $key => $group) { + if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) { + unset($groups[$key]); + } + } + } + if (empty($groups)) { + $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()); + } + } + + try { + $user = $this->userManager->createUser($username, $password); + } catch (\Exception $exception) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to create user.') + ) + ) + ); + } + + if($user instanceof User) { + foreach( $groups as $groupName ) { + $group = $this->groupManager->get($groupName); + + if(empty($group)) { + $group = $this->groupManager->createGroup($groupName); + } + $group->addUser($user); + } + } + + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'username' => $username, + 'groups' => $this->groupManager->getUserGroupIds($user), + 'storageLocation' => $user->getHome() + ) + ) + ); + + } + + /** + * @NoAdminRequired + * + * @param string $id + * @return DataResponse + * + * TODO: Tidy up and write unit tests - code is mainly static method calls + */ + public function destroy($id) { + if($this->userSession->getUser()->getUID() === $id) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to delete user.') + ) + ) + ); + } + + // FIXME: Remove this static function call at some point… + if(!$this->isAdmin && !\OC_SubAdmin::isUserAccessible($this->userSession->getUser()->getUID(), $id)) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Authentication error')) + ) + ); + } + + $user = $this->userManager->get($id); + if($user) { + if($user->delete()) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'username' => $id + ) + ) + ); + } + } + + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to delete user.') + ) + ) + ); + + } + +} diff --git a/settings/js/settings.js b/settings/js/settings.js index 13c56a8f53a..e98bd2cc895 100644 --- a/settings/js/settings.js +++ b/settings/js/settings.js @@ -41,7 +41,7 @@ OC.Settings = _.extend(OC.Settings, { }; } $.ajax({ - url: OC.generateUrl('/settings/ajax/grouplist'), + url: OC.generateUrl('/settings/users/groups'), data: queryData, dataType: 'json', success: function(data) { diff --git a/settings/js/users/deleteHandler.js b/settings/js/users/deleteHandler.js index c89a844044e..942bae91cd3 100644 --- a/settings/js/users/deleteHandler.js +++ b/settings/js/users/deleteHandler.js @@ -189,11 +189,10 @@ DeleteHandler.prototype.deleteEntry = function(keepNotification) { var payload = {}; payload[dh.ajaxParamID] = dh.oidToDelete; $.ajax({ - type: 'POST', - url: OC.filePath('settings', 'ajax', dh.ajaxEndpoint), + type: 'DELETE', + url: OC.generateUrl(dh.ajaxEndpoint+'/'+this.oidToDelete), // FIXME: do not use synchronous ajax calls as they block the browser ! async: false, - data: payload, success: function (result) { if (result.status === 'success') { // Remove undo option, & remove user from table diff --git a/settings/js/users/groups.js b/settings/js/users/groups.js index 081842734f0..284d5598ed5 100644 --- a/settings/js/users/groups.js +++ b/settings/js/users/groups.js @@ -84,9 +84,9 @@ GroupList = { createGroup: function (groupname) { $.post( - OC.filePath('settings', 'ajax', 'creategroup.php'), + OC.generateUrl('/settings/users/groups'), { - groupname: groupname + id: groupname }, function (result) { if (result.status !== 'success') { @@ -221,7 +221,7 @@ GroupList = { }, initDeleteHandling: function () { //set up handler - GroupDeleteHandler = new DeleteHandler('removegroup.php', 'groupname', + GroupDeleteHandler = new DeleteHandler('/settings/users/groups', 'groupname', GroupList.hide, GroupList.remove); //configure undo diff --git a/settings/js/users/users.js b/settings/js/users/users.js index 5e0c0cac189..6de8b7029ed 100644 --- a/settings/js/users/users.js +++ b/settings/js/users/users.js @@ -292,7 +292,7 @@ var UserList = { }, initDeleteHandling: function() { //set up handler - UserDeleteHandler = new DeleteHandler('removeuser.php', 'username', + UserDeleteHandler = new DeleteHandler('/settings/users/users', 'username', UserList.markRemove, UserList.remove); //configure undo @@ -326,7 +326,7 @@ var UserList = { UserList.currentGid = gid; var pattern = filter.getPattern(); $.get( - OC.generateUrl('/settings/ajax/userlist'), + OC.generateUrl('/settings/users/users'), { offset: UserList.offset, limit: UserList.usersToLoad, gid: gid, pattern: pattern }, function (result) { var loadedUsers = 0; @@ -667,7 +667,7 @@ $(document).ready(function () { var groups = $('#newusergroups').val(); $('#newuser').get(0).reset(); $.post( - OC.filePath('settings', 'ajax', 'createuser.php'), + OC.generateUrl('/settings/users/users'), { username: username, password: password, diff --git a/settings/middleware/subadminmiddleware.php b/settings/middleware/subadminmiddleware.php new file mode 100644 index 00000000000..a5c005e3148 --- /dev/null +++ b/settings/middleware/subadminmiddleware.php @@ -0,0 +1,65 @@ +<?php +/** + * @author Lukas Reschke + * @copyright 2014 Lukas Reschke lukas@owncloud.com + * + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Settings\Middleware; + +use OC\AppFramework\Http; +use OC\AppFramework\Utility\ControllerMethodReflector; +use OCP\AppFramework\Http\TemplateResponse; +use OCP\AppFramework\Middleware; + +/** + * Verifies whether an user has at least subadmin rights. + * To bypass use the `@NoSubadminRequired` annotation + * + * @package OC\Settings\Middleware + */ +class SubadminMiddleware extends Middleware { + /** @var bool */ + protected $isSubAdmin; + /** @var ControllerMethodReflector */ + protected $reflector; + + /** + * @param ControllerMethodReflector $reflector + * @param bool $isSubAdmin + */ + public function __construct(ControllerMethodReflector $reflector, + $isSubAdmin) { + $this->reflector = $reflector; + $this->isSubAdmin = $isSubAdmin; + } + + /** + * Check if sharing is enabled before the controllers is executed + * @param \OCP\AppFramework\Controller $controller + * @param string $methodName + * @throws \Exception + */ + public function beforeController($controller, $methodName) { + if(!$this->reflector->hasAnnotation('NoSubadminRequired')) { + if(!$this->isSubAdmin) { + throw new \Exception('Logged in user must be a subadmin'); + } + } + } + + /** + * Return 403 page in case of an exception + * @param \OCP\AppFramework\Controller $controller + * @param string $methodName + * @param \Exception $exception + * @return TemplateResponse + */ + public function afterException($controller, $methodName, \Exception $exception) { + return new TemplateResponse('core', '403', array(), 'guest'); + } + +} diff --git a/settings/routes.php b/settings/routes.php index 7ca33fc2745..1b7a918fa79 100644 --- a/settings/routes.php +++ b/settings/routes.php @@ -9,17 +9,22 @@ namespace OC\Settings; $application = new Application(); -$application->registerRoutes($this, array('routes' =>array( - array('name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'), - array('name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'), - array('name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'), - array('name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'), - array('name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'), - array('name' => 'SecuritySettings#enforceSSL', 'url' => '/settings/admin/security/ssl', 'verb' => 'POST'), - array('name' => 'SecuritySettings#enforceSSLForSubdomains', 'url' => '/settings/admin/security/ssl/subdomains', 'verb' => 'POST'), - array('name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'), - -))); +$application->registerRoutes($this, array( + 'resources' => array( + 'groups' => array('url' => '/settings/users/groups'), + 'users' => array('url' => '/settings/users/users') + ), + 'routes' =>array( + array('name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'), + array('name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'), + array('name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'), + array('name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'), + array('name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'), + array('name' => 'SecuritySettings#enforceSSL', 'url' => '/settings/admin/security/ssl', 'verb' => 'POST'), + array('name' => 'SecuritySettings#enforceSSLForSubdomains', 'url' => '/settings/admin/security/ssl/subdomains', 'verb' => 'POST'), + array('name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'), + ) +)); /** @var $this \OCP\Route\IRouter */ @@ -38,26 +43,14 @@ $this->create('settings_admin', '/settings/admin') ->actionInclude('settings/admin.php'); // Settings ajax actions // users -$this->create('settings_ajax_userlist', '/settings/ajax/userlist') - ->actionInclude('settings/ajax/userlist.php'); -$this->create('settings_ajax_grouplist', '/settings/ajax/grouplist') - ->actionInclude('settings/ajax/grouplist.php'); $this->create('settings_ajax_everyonecount', '/settings/ajax/geteveryonecount') ->actionInclude('settings/ajax/geteveryonecount.php'); -$this->create('settings_ajax_createuser', '/settings/ajax/createuser.php') - ->actionInclude('settings/ajax/createuser.php'); -$this->create('settings_ajax_removeuser', '/settings/ajax/removeuser.php') - ->actionInclude('settings/ajax/removeuser.php'); $this->create('settings_ajax_setquota', '/settings/ajax/setquota.php') ->actionInclude('settings/ajax/setquota.php'); -$this->create('settings_ajax_creategroup', '/settings/ajax/creategroup.php') - ->actionInclude('settings/ajax/creategroup.php'); $this->create('settings_ajax_togglegroups', '/settings/ajax/togglegroups.php') ->actionInclude('settings/ajax/togglegroups.php'); $this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.php') ->actionInclude('settings/ajax/togglesubadmins.php'); -$this->create('settings_ajax_removegroup', '/settings/ajax/removegroup.php') - ->actionInclude('settings/ajax/removegroup.php'); $this->create('settings_users_changepassword', '/settings/users/changepassword') ->post() ->action('OC\Settings\ChangePassword\Controller', 'changeUserPassword'); |