summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
Diffstat (limited to 'settings')
-rw-r--r--settings/ajax/creategroup.php21
-rw-r--r--settings/ajax/createuser.php59
-rw-r--r--settings/ajax/grouplist.php46
-rw-r--r--settings/ajax/removegroup.php14
-rw-r--r--settings/ajax/removeuser.php26
-rw-r--r--settings/ajax/userlist.php92
-rw-r--r--settings/application.php71
-rw-r--r--settings/controller/groupscontroller.php140
-rw-r--r--settings/controller/userscontroller.php251
-rw-r--r--settings/js/settings.js2
-rw-r--r--settings/js/users/deleteHandler.js5
-rw-r--r--settings/js/users/groups.js6
-rw-r--r--settings/js/users/users.js6
-rw-r--r--settings/middleware/subadminmiddleware.php65
-rw-r--r--settings/routes.php39
15 files changed, 542 insertions, 301 deletions
diff --git a/settings/ajax/creategroup.php b/settings/ajax/creategroup.php
deleted file mode 100644
index be376bea9dc..00000000000
--- a/settings/ajax/creategroup.php
+++ /dev/null
@@ -1,21 +0,0 @@
-<?php
-
-OCP\JSON::callCheck();
-OC_JSON::checkAdminUser();
-
-$groupname = $_POST["groupname"];
-$l = \OC::$server->getL10N('settings');
-
-// Does the group exist?
-if( in_array( $groupname, OC_Group::getGroups())) {
- OC_JSON::error(array("data" => array( "message" => $l->t("Group already exists") )));
- exit();
-}
-
-// Return Success story
-if( OC_Group::createGroup( $groupname )) {
- OC_JSON::success(array("data" => array( "groupname" => $groupname )));
-}
-else{
- OC_JSON::error(array("data" => array( "message" => $l->t("Unable to add group") )));
-}
diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php
deleted file mode 100644
index 463c15d59e8..00000000000
--- a/settings/ajax/createuser.php
+++ /dev/null
@@ -1,59 +0,0 @@
-<?php
-
-OCP\JSON::callCheck();
-OC_JSON::checkSubAdminUser();
-
-if(OC_User::isAdminUser(OC_User::getUser())) {
- $groups = array();
- if (!empty($_POST["groups"])) {
- $groups = $_POST["groups"];
- }
-}else{
- if (isset($_POST["groups"])) {
- $groups = array();
- if (!empty($_POST["groups"])) {
- foreach ($_POST["groups"] as $group) {
- if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) {
- $groups[] = $group;
- }
- }
- }
- if (empty($groups)) {
- $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
- }
- } else {
- $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
- }
-}
-$username = $_POST["username"];
-$password = $_POST["password"];
-
-// Return Success story
-try {
- // check whether the user's files home exists
- $userDirectory = OC_User::getHome($username) . '/files/';
- $homeExists = file_exists($userDirectory);
-
- if (!OC_User::createUser($username, $password)) {
- OC_JSON::error(array('data' => array( 'message' => 'User creation failed for '.$username )));
- exit();
- }
- foreach( $groups as $i ) {
- if(!OC_Group::groupExists($i)) {
- OC_Group::createGroup($i);
- }
- OC_Group::addToGroup( $username, $i );
- }
-
- $userManager = \OC_User::getManager();
- $user = $userManager->get($username);
- OCP\JSON::success(array("data" =>
- array(
- // returns whether the home already existed
- "homeExists" => $homeExists,
- "username" => $username,
- "groups" => OC_Group::getUserGroups( $username ),
- 'storageLocation' => $user->getHome())));
-} catch (Exception $exception) {
- OCP\JSON::error(array("data" => array( "message" => $exception->getMessage())));
-}
diff --git a/settings/ajax/grouplist.php b/settings/ajax/grouplist.php
deleted file mode 100644
index 93bb510773d..00000000000
--- a/settings/ajax/grouplist.php
+++ /dev/null
@@ -1,46 +0,0 @@
-<?php
-/**
- * ownCloud
- *
- * @author Arthur Schiwon
- * @copyright 2014 Arthur Schiwon <blizzz@owncloud.com>
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
- *
- * You should have received a copy of the GNU Affero General Public
- * License along with this library. If not, see <http://www.gnu.org/licenses/>.
- *
- */
-
-OC_JSON::callCheck();
-OC_JSON::checkSubAdminUser();
-if (isset($_GET['pattern']) && !empty($_GET['pattern'])) {
- $pattern = $_GET['pattern'];
-} else {
- $pattern = '';
-}
-if (isset($_GET['filterGroups']) && !empty($_GET['filterGroups'])) {
- $filterGroups = intval($_GET['filterGroups']) === 1;
-} else {
- $filterGroups = false;
-}
-$groupPattern = $filterGroups ? $pattern : '';
-$groups = array();
-$adminGroups = array();
-$groupManager = \OC_Group::getManager();
-$isAdmin = OC_User::isAdminUser(OC_User::getUser());
-
-$groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager);
-$groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT);
-list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern);
-
-OC_JSON::success(
- array('data' => array('adminGroups' => $adminGroups, 'groups' => $groups)));
diff --git a/settings/ajax/removegroup.php b/settings/ajax/removegroup.php
deleted file mode 100644
index 798d7916e61..00000000000
--- a/settings/ajax/removegroup.php
+++ /dev/null
@@ -1,14 +0,0 @@
-<?php
-
-OC_JSON::checkAdminUser();
-OCP\JSON::callCheck();
-
-$name = $_POST["groupname"];
-
-// Return Success story
-if( OC_Group::deleteGroup( $name )) {
- OC_JSON::success(array("data" => array( "groupname" => $name )));
-}
-else{
- OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete group") )));
-}
diff --git a/settings/ajax/removeuser.php b/settings/ajax/removeuser.php
deleted file mode 100644
index eda85238780..00000000000
--- a/settings/ajax/removeuser.php
+++ /dev/null
@@ -1,26 +0,0 @@
-<?php
-
-OC_JSON::checkSubAdminUser();
-OCP\JSON::callCheck();
-
-$username = $_POST["username"];
-
-// A user shouldn't be able to delete his own account
-if(OC_User::getUser() === $username) {
- exit;
-}
-
-if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
- $l = \OC::$server->getL10N('core');
- OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
- exit();
-}
-
-// Return Success story
-if( OC_User::deleteUser( $username )) {
- OC_JSON::success(array("data" => array( "username" => $username )));
-}
-else{
- $l = \OC::$server->getL10N('core');
- OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete user") )));
-}
diff --git a/settings/ajax/userlist.php b/settings/ajax/userlist.php
deleted file mode 100644
index 807cf5f1899..00000000000
--- a/settings/ajax/userlist.php
+++ /dev/null
@@ -1,92 +0,0 @@
-<?php
-/**
- * ownCloud
- *
- * @author Michael Gapczynski
- * @copyright 2012 Michael Gapczynski mtgap@owncloud.com
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
- *
- * You should have received a copy of the GNU Affero General Public
- * License along with this library. If not, see <http://www.gnu.org/licenses/>.
- *
- */
-
-OC_JSON::callCheck();
-OC_JSON::checkSubAdminUser();
-if (isset($_GET['offset'])) {
- $offset = $_GET['offset'];
-} else {
- $offset = 0;
-}
-if (isset($_GET['limit'])) {
- $limit = $_GET['limit'];
-} else {
- $limit = 10;
-}
-if (isset($_GET['gid']) && !empty($_GET['gid'])) {
- $gid = $_GET['gid'];
- if ($gid === '_everyone') {
- $gid = false;
- }
-} else {
- $gid = false;
-}
-if (isset($_GET['pattern']) && !empty($_GET['pattern'])) {
- $pattern = $_GET['pattern'];
-} else {
- $pattern = '';
-}
-$users = array();
-$userManager = \OC_User::getManager();
-if (OC_User::isAdminUser(OC_User::getUser())) {
- if($gid !== false) {
- $batch = OC_Group::displayNamesInGroup($gid, $pattern, $limit, $offset);
- } else {
- $batch = OC_User::getDisplayNames($pattern, $limit, $offset);
- }
- foreach ($batch as $uid => $displayname) {
- $user = $userManager->get($uid);
- $users[] = array(
- 'name' => $uid,
- 'displayname' => $displayname,
- 'groups' => OC_Group::getUserGroups($uid),
- 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid),
- 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'),
- 'storageLocation' => $user->getHome(),
- 'lastLogin' => $user->getLastLogin(),
- );
- }
-} else {
- $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
- if($gid !== false && in_array($gid, $groups)) {
- $groups = array($gid);
- } elseif($gid !== false) {
- //don't you try to investigate loops you must not know about
- $groups = array();
- }
- $batch = OC_Group::usersInGroups($groups, $pattern, $limit, $offset);
- foreach ($batch as $uid) {
- $user = $userManager->get($uid);
-
- // Only add the groups, this user is a subadmin of
- $userGroups = array_intersect(OC_Group::getUserGroups($uid), OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()));
- $users[] = array(
- 'name' => $uid,
- 'displayname' => $user->getDisplayName(),
- 'groups' => $userGroups,
- 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'),
- 'storageLocation' => $user->getHome(),
- 'lastLogin' => $user->getLastLogin(),
- );
- }
-}
-OC_JSON::success(array('data' => $users));
diff --git a/settings/application.php b/settings/application.php
index 64aa4671228..0a80bd8b1e7 100644
--- a/settings/application.php
+++ b/settings/application.php
@@ -10,11 +10,14 @@
namespace OC\Settings;
-use OC\AppFramework\Utility\SimpleContainer;
use OC\Settings\Controller\AppSettingsController;
+use OC\Settings\Controller\GroupsController;
use OC\Settings\Controller\MailSettingsController;
use OC\Settings\Controller\SecuritySettingsController;
+use OC\Settings\Controller\UsersController;
+use OC\Settings\Middleware\SubadminMiddleware;
use \OCP\AppFramework\App;
+use OCP\IContainer;
use \OCP\Util;
/**
@@ -34,7 +37,7 @@ class Application extends App {
/**
* Controllers
*/
- $container->registerService('MailSettingsController', function(SimpleContainer $c) {
+ $container->registerService('MailSettingsController', function(IContainer $c) {
return new MailSettingsController(
$c->query('AppName'),
$c->query('Request'),
@@ -46,7 +49,7 @@ class Application extends App {
$c->query('DefaultMailAddress')
);
});
- $container->registerService('AppSettingsController', function(SimpleContainer $c) {
+ $container->registerService('AppSettingsController', function(IContainer $c) {
return new AppSettingsController(
$c->query('AppName'),
$c->query('Request'),
@@ -54,33 +57,81 @@ class Application extends App {
$c->query('Config')
);
});
- $container->registerService('SecuritySettingsController', function(SimpleContainer $c) {
+ $container->registerService('SecuritySettingsController', function(IContainer $c) {
return new SecuritySettingsController(
$c->query('AppName'),
$c->query('Request'),
$c->query('Config')
);
});
+ $container->registerService('GroupsController', function(IContainer $c) {
+ return new GroupsController(
+ $c->query('AppName'),
+ $c->query('Request'),
+ $c->query('GroupManager'),
+ $c->query('UserSession'),
+ $c->query('IsAdmin'),
+ $c->query('L10N')
+ );
+ });
+ $container->registerService('UsersController', function(IContainer $c) {
+ return new UsersController(
+ $c->query('AppName'),
+ $c->query('Request'),
+ $c->query('UserManager'),
+ $c->query('GroupManager'),
+ $c->query('UserSession'),
+ $c->query('Config'),
+ $c->query('IsAdmin'),
+ $c->query('L10N')
+ );
+ });
+
+ /**
+ * Middleware
+ */
+ $container->registerService('SubadminMiddleware', function(IContainer $c){
+ return new SubadminMiddleware(
+ $c->query('ControllerMethodReflector'),
+ $c->query('IsSubAdmin')
+ );
+ });
+ // Execute middlewares
+ $container->registerMiddleware('SubadminMiddleware');
/**
* Core class wrappers
*/
- $container->registerService('Config', function(SimpleContainer $c) {
+ $container->registerService('Config', function(IContainer $c) {
return $c->query('ServerContainer')->getConfig();
});
- $container->registerService('L10N', function(SimpleContainer $c) {
+ $container->registerService('L10N', function(IContainer $c) {
return $c->query('ServerContainer')->getL10N('settings');
});
- $container->registerService('UserSession', function(SimpleContainer $c) {
+ $container->registerService('GroupManager', function(IContainer $c) {
+ return $c->query('ServerContainer')->getGroupManager();
+ });
+ $container->registerService('UserManager', function(IContainer $c) {
+ return $c->query('ServerContainer')->getUserManager();
+ });
+ $container->registerService('UserSession', function(IContainer $c) {
return $c->query('ServerContainer')->getUserSession();
});
- $container->registerService('Mail', function(SimpleContainer $c) {
+ /** FIXME: Remove once OC_User is non-static and mockable */
+ $container->registerService('IsAdmin', function(IContainer $c) {
+ return \OC_User::isAdminUser(\OC_User::getUser());
+ });
+ /** FIXME: Remove once OC_SubAdmin is non-static and mockable */
+ $container->registerService('IsSubAdmin', function(IContainer $c) {
+ return \OC_Subadmin::isSubAdmin(\OC_User::getUser());
+ });
+ $container->registerService('Mail', function(IContainer $c) {
return new \OC_Mail;
});
- $container->registerService('Defaults', function(SimpleContainer $c) {
+ $container->registerService('Defaults', function(IContainer $c) {
return new \OC_Defaults;
});
- $container->registerService('DefaultMailAddress', function(SimpleContainer $c) {
+ $container->registerService('DefaultMailAddress', function(IContainer $c) {
return Util::getDefaultEmailAddress('no-reply');
});
}
diff --git a/settings/controller/groupscontroller.php b/settings/controller/groupscontroller.php
new file mode 100644
index 00000000000..6e6ab894605
--- /dev/null
+++ b/settings/controller/groupscontroller.php
@@ -0,0 +1,140 @@
+<?php
+/**
+ * @author Lukas Reschke
+ * @copyright 2014 Lukas Reschke lukas@owncloud.com
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OC\Settings\Controller;
+
+use \OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\IGroupManager;
+use OCP\IL10N;
+use OCP\IRequest;
+use OCP\IUserSession;
+
+/**
+ * @package OC\Settings\Controller
+ */
+class GroupsController extends Controller {
+ /** @var IGroupManager */
+ private $groupManager;
+ /** @var IL10N */
+ private $l10n;
+ /** @var IUserSession */
+ private $userSession;
+ /** @var bool */
+ private $isAdmin;
+
+ /**
+ * @param string $appName
+ * @param IRequest $request
+ * @param IGroupManager $groupManager
+ * @param IUserSession $userSession
+ * @param bool $isAdmin
+ * @param IL10N $l10n
+ */
+ public function __construct($appName,
+ IRequest $request,
+ IGroupManager $groupManager,
+ IUserSession $userSession,
+ $isAdmin,
+ IL10N $l10n) {
+ parent::__construct($appName, $request);
+ $this->groupManager = $groupManager;
+ $this->userSession = $userSession;
+ $this->isAdmin = $isAdmin;
+ $this->l10n = $l10n;
+ }
+
+ /**
+ * @NoAdminRequired
+ *
+ * @param string $pattern
+ * @param bool $filterGroups
+ * @return DataResponse
+ */
+ public function index($pattern = '', $filterGroups = false) {
+ $groupPattern = $filterGroups ? $pattern : '';
+
+ $groupsInfo = new \OC\Group\MetaData($this->userSession->getUser()->getUID(),
+ $this->isAdmin, $this->groupManager);
+ $groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT);
+ list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern);
+
+ return new DataResponse(
+ array(
+ 'data' => array('adminGroups' => $adminGroups, 'groups' => $groups)
+ )
+ );
+ }
+
+ /**
+ * @param string $id
+ * @return DataResponse
+ */
+ public function create($id) {
+ if($this->groupManager->groupExists($id)) {
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Group already exists.')
+ )
+ )
+ );
+ }
+ if($this->groupManager->createGroup($id)) {
+ return new DataResponse(
+ array(
+ 'status' => 'success',
+ 'data' => array(
+ 'groupname' => $id
+ )
+ )
+ );
+ }
+
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Unable to add group.')
+ )
+ )
+ );
+ }
+
+ /**
+ * @param string $id
+ * @return DataResponse
+ */
+ public function destroy($id) {
+ $group = $this->groupManager->get($id);
+ if ($group) {
+ if ($group->delete()) {
+ return new DataResponse(
+ array(
+ 'status' => 'success',
+ 'data' => array(
+ 'groupname' => $id
+ )
+ )
+ );
+ }
+ }
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Unable to delete group.')
+ )
+ )
+ );
+ }
+
+}
diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php
new file mode 100644
index 00000000000..d61d19f8cb4
--- /dev/null
+++ b/settings/controller/userscontroller.php
@@ -0,0 +1,251 @@
+<?php
+/**
+ * @author Lukas Reschke
+ * @copyright 2014 Lukas Reschke lukas@owncloud.com
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OC\Settings\Controller;
+
+use OC\User\User;
+use \OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\IConfig;
+use OCP\IGroupManager;
+use OCP\IL10N;
+use OCP\IRequest;
+use OCP\IUserManager;
+use OCP\IUserSession;
+
+/**
+ * @package OC\Settings\Controller
+ */
+class UsersController extends Controller {
+ /** @var IL10N */
+ private $l10n;
+ /** @var IUserSession */
+ private $userSession;
+ /** @var bool */
+ private $isAdmin;
+ /** @var IUserManager */
+ private $userManager;
+ /** @var IGroupManager */
+ private $groupManager;
+ /** @var IConfig */
+ private $config;
+
+ /**
+ * @param string $appName
+ * @param IRequest $request
+ * @param IUserManager $userManager
+ * @param IGroupManager $groupManager
+ * @param IUserSession $userSession
+ * @param IConfig $config
+ * @param bool $isAdmin
+ * @param IL10N $l10n
+ */
+ public function __construct($appName,
+ IRequest $request,
+ IUserManager $userManager,
+ IGroupManager $groupManager,
+ IUserSession $userSession,
+ IConfig $config,
+ $isAdmin,
+ IL10N $l10n) {
+ parent::__construct($appName, $request);
+ $this->userManager = $userManager;
+ $this->groupManager = $groupManager;
+ $this->userSession = $userSession;
+ $this->config = $config;
+ $this->isAdmin = $isAdmin;
+ $this->l10n = $l10n;
+ }
+
+ /**
+ * @NoAdminRequired
+ * @NoCSRFRequired
+ * @param int $offset
+ * @param int $limit
+ * @param string $gid
+ * @param string $pattern
+ * @return DataResponse
+ *
+ * TODO: Tidy up and write unit tests - code is mainly static method calls
+ */
+ public function index($offset = 0, $limit = 10, $gid = '', $pattern = '') {
+ // FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group.
+ if($gid === '_everyone') {
+ $gid = '';
+ }
+ $users = array();
+ if ($this->isAdmin) {
+ if($gid !== '') {
+ $batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset);
+ } else {
+ // FIXME: Remove static method call
+ $batch = \OC_User::getDisplayNames($pattern, $limit, $offset);
+ }
+
+ foreach ($batch as $uid => $displayname) {
+ $user = $this->userManager->get($uid);
+ $users[] = array(
+ 'name' => $uid,
+ 'displayname' => $displayname,
+ 'groups' => $this->groupManager->getUserGroupIds($user),
+ 'subadmin' => \OC_SubAdmin::getSubAdminsGroups($uid),
+ 'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'),
+ 'storageLocation' => $user->getHome(),
+ 'lastLogin' => $user->getLastLogin(),
+ );
+ }
+ } else {
+ $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID());
+ if($gid !== '' && in_array($gid, $groups)) {
+ $groups = array($gid);
+ } elseif($gid !== '') {
+ //don't you try to investigate loops you must not know about
+ $groups = array();
+ }
+ $batch = \OC_Group::usersInGroups($groups, $pattern, $limit, $offset);
+ foreach ($batch as $uid) {
+ $user = $this->userManager->get($uid);
+
+ // Only add the groups, this user is a subadmin of
+ $userGroups = array_intersect($this->groupManager->getUserGroupIds($user), \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()));
+ $users[] = array(
+ 'name' => $uid,
+ 'displayname' => $user->getDisplayName(),
+ 'groups' => $userGroups,
+ 'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'),
+ 'storageLocation' => $user->getHome(),
+ 'lastLogin' => $user->getLastLogin(),
+ );
+ }
+ }
+
+ // FIXME: That assignment on "data" is uneeded here - JS should be adjusted
+ return new DataResponse(array('data' => $users, 'status' => 'success'));
+ }
+
+ /**
+ * @NoAdminRequired
+ *
+ * @param string $username
+ * @param string $password
+ * @param array $groups
+ * @return DataResponse
+ *
+ * TODO: Tidy up and write unit tests - code is mainly static method calls
+ */
+ public function create($username, $password, array $groups) {
+
+ if (!$this->isAdmin) {
+ if (!empty($groups)) {
+ foreach ($groups as $key => $group) {
+ if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) {
+ unset($groups[$key]);
+ }
+ }
+ }
+ if (empty($groups)) {
+ $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID());
+ }
+ }
+
+ try {
+ $user = $this->userManager->createUser($username, $password);
+ } catch (\Exception $exception) {
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Unable to create user.')
+ )
+ )
+ );
+ }
+
+ if($user instanceof User) {
+ foreach( $groups as $groupName ) {
+ $group = $this->groupManager->get($groupName);
+
+ if(empty($group)) {
+ $group = $this->groupManager->createGroup($groupName);
+ }
+ $group->addUser($user);
+ }
+ }
+
+ return new DataResponse(
+ array(
+ 'status' => 'success',
+ 'data' => array(
+ 'username' => $username,
+ 'groups' => $this->groupManager->getUserGroupIds($user),
+ 'storageLocation' => $user->getHome()
+ )
+ )
+ );
+
+ }
+
+ /**
+ * @NoAdminRequired
+ *
+ * @param string $id
+ * @return DataResponse
+ *
+ * TODO: Tidy up and write unit tests - code is mainly static method calls
+ */
+ public function destroy($id) {
+ if($this->userSession->getUser()->getUID() === $id) {
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Unable to delete user.')
+ )
+ )
+ );
+ }
+
+ // FIXME: Remove this static function call at some point…
+ if(!$this->isAdmin && !\OC_SubAdmin::isUserAccessible($this->userSession->getUser()->getUID(), $id)) {
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Authentication error'))
+ )
+ );
+ }
+
+ $user = $this->userManager->get($id);
+ if($user) {
+ if($user->delete()) {
+ return new DataResponse(
+ array(
+ 'status' => 'success',
+ 'data' => array(
+ 'username' => $id
+ )
+ )
+ );
+ }
+ }
+
+ return new DataResponse(
+ array(
+ 'status' => 'error',
+ 'data' => array(
+ 'message' => (string)$this->l10n->t('Unable to delete user.')
+ )
+ )
+ );
+
+ }
+
+}
diff --git a/settings/js/settings.js b/settings/js/settings.js
index 13c56a8f53a..e98bd2cc895 100644
--- a/settings/js/settings.js
+++ b/settings/js/settings.js
@@ -41,7 +41,7 @@ OC.Settings = _.extend(OC.Settings, {
};
}
$.ajax({
- url: OC.generateUrl('/settings/ajax/grouplist'),
+ url: OC.generateUrl('/settings/users/groups'),
data: queryData,
dataType: 'json',
success: function(data) {
diff --git a/settings/js/users/deleteHandler.js b/settings/js/users/deleteHandler.js
index c89a844044e..942bae91cd3 100644
--- a/settings/js/users/deleteHandler.js
+++ b/settings/js/users/deleteHandler.js
@@ -189,11 +189,10 @@ DeleteHandler.prototype.deleteEntry = function(keepNotification) {
var payload = {};
payload[dh.ajaxParamID] = dh.oidToDelete;
$.ajax({
- type: 'POST',
- url: OC.filePath('settings', 'ajax', dh.ajaxEndpoint),
+ type: 'DELETE',
+ url: OC.generateUrl(dh.ajaxEndpoint+'/'+this.oidToDelete),
// FIXME: do not use synchronous ajax calls as they block the browser !
async: false,
- data: payload,
success: function (result) {
if (result.status === 'success') {
// Remove undo option, & remove user from table
diff --git a/settings/js/users/groups.js b/settings/js/users/groups.js
index 081842734f0..284d5598ed5 100644
--- a/settings/js/users/groups.js
+++ b/settings/js/users/groups.js
@@ -84,9 +84,9 @@ GroupList = {
createGroup: function (groupname) {
$.post(
- OC.filePath('settings', 'ajax', 'creategroup.php'),
+ OC.generateUrl('/settings/users/groups'),
{
- groupname: groupname
+ id: groupname
},
function (result) {
if (result.status !== 'success') {
@@ -221,7 +221,7 @@ GroupList = {
},
initDeleteHandling: function () {
//set up handler
- GroupDeleteHandler = new DeleteHandler('removegroup.php', 'groupname',
+ GroupDeleteHandler = new DeleteHandler('/settings/users/groups', 'groupname',
GroupList.hide, GroupList.remove);
//configure undo
diff --git a/settings/js/users/users.js b/settings/js/users/users.js
index 5e0c0cac189..6de8b7029ed 100644
--- a/settings/js/users/users.js
+++ b/settings/js/users/users.js
@@ -292,7 +292,7 @@ var UserList = {
},
initDeleteHandling: function() {
//set up handler
- UserDeleteHandler = new DeleteHandler('removeuser.php', 'username',
+ UserDeleteHandler = new DeleteHandler('/settings/users/users', 'username',
UserList.markRemove, UserList.remove);
//configure undo
@@ -326,7 +326,7 @@ var UserList = {
UserList.currentGid = gid;
var pattern = filter.getPattern();
$.get(
- OC.generateUrl('/settings/ajax/userlist'),
+ OC.generateUrl('/settings/users/users'),
{ offset: UserList.offset, limit: UserList.usersToLoad, gid: gid, pattern: pattern },
function (result) {
var loadedUsers = 0;
@@ -667,7 +667,7 @@ $(document).ready(function () {
var groups = $('#newusergroups').val();
$('#newuser').get(0).reset();
$.post(
- OC.filePath('settings', 'ajax', 'createuser.php'),
+ OC.generateUrl('/settings/users/users'),
{
username: username,
password: password,
diff --git a/settings/middleware/subadminmiddleware.php b/settings/middleware/subadminmiddleware.php
new file mode 100644
index 00000000000..a5c005e3148
--- /dev/null
+++ b/settings/middleware/subadminmiddleware.php
@@ -0,0 +1,65 @@
+<?php
+/**
+ * @author Lukas Reschke
+ * @copyright 2014 Lukas Reschke lukas@owncloud.com
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OC\Settings\Middleware;
+
+use OC\AppFramework\Http;
+use OC\AppFramework\Utility\ControllerMethodReflector;
+use OCP\AppFramework\Http\TemplateResponse;
+use OCP\AppFramework\Middleware;
+
+/**
+ * Verifies whether an user has at least subadmin rights.
+ * To bypass use the `@NoSubadminRequired` annotation
+ *
+ * @package OC\Settings\Middleware
+ */
+class SubadminMiddleware extends Middleware {
+ /** @var bool */
+ protected $isSubAdmin;
+ /** @var ControllerMethodReflector */
+ protected $reflector;
+
+ /**
+ * @param ControllerMethodReflector $reflector
+ * @param bool $isSubAdmin
+ */
+ public function __construct(ControllerMethodReflector $reflector,
+ $isSubAdmin) {
+ $this->reflector = $reflector;
+ $this->isSubAdmin = $isSubAdmin;
+ }
+
+ /**
+ * Check if sharing is enabled before the controllers is executed
+ * @param \OCP\AppFramework\Controller $controller
+ * @param string $methodName
+ * @throws \Exception
+ */
+ public function beforeController($controller, $methodName) {
+ if(!$this->reflector->hasAnnotation('NoSubadminRequired')) {
+ if(!$this->isSubAdmin) {
+ throw new \Exception('Logged in user must be a subadmin');
+ }
+ }
+ }
+
+ /**
+ * Return 403 page in case of an exception
+ * @param \OCP\AppFramework\Controller $controller
+ * @param string $methodName
+ * @param \Exception $exception
+ * @return TemplateResponse
+ */
+ public function afterException($controller, $methodName, \Exception $exception) {
+ return new TemplateResponse('core', '403', array(), 'guest');
+ }
+
+}
diff --git a/settings/routes.php b/settings/routes.php
index 7ca33fc2745..1b7a918fa79 100644
--- a/settings/routes.php
+++ b/settings/routes.php
@@ -9,17 +9,22 @@
namespace OC\Settings;
$application = new Application();
-$application->registerRoutes($this, array('routes' =>array(
- array('name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'),
- array('name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'),
- array('name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'),
- array('name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'),
- array('name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'),
- array('name' => 'SecuritySettings#enforceSSL', 'url' => '/settings/admin/security/ssl', 'verb' => 'POST'),
- array('name' => 'SecuritySettings#enforceSSLForSubdomains', 'url' => '/settings/admin/security/ssl/subdomains', 'verb' => 'POST'),
- array('name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'),
-
-)));
+$application->registerRoutes($this, array(
+ 'resources' => array(
+ 'groups' => array('url' => '/settings/users/groups'),
+ 'users' => array('url' => '/settings/users/users')
+ ),
+ 'routes' =>array(
+ array('name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'),
+ array('name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'),
+ array('name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'),
+ array('name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'),
+ array('name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'),
+ array('name' => 'SecuritySettings#enforceSSL', 'url' => '/settings/admin/security/ssl', 'verb' => 'POST'),
+ array('name' => 'SecuritySettings#enforceSSLForSubdomains', 'url' => '/settings/admin/security/ssl/subdomains', 'verb' => 'POST'),
+ array('name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'),
+ )
+));
/** @var $this \OCP\Route\IRouter */
@@ -38,26 +43,14 @@ $this->create('settings_admin', '/settings/admin')
->actionInclude('settings/admin.php');
// Settings ajax actions
// users
-$this->create('settings_ajax_userlist', '/settings/ajax/userlist')
- ->actionInclude('settings/ajax/userlist.php');
-$this->create('settings_ajax_grouplist', '/settings/ajax/grouplist')
- ->actionInclude('settings/ajax/grouplist.php');
$this->create('settings_ajax_everyonecount', '/settings/ajax/geteveryonecount')
->actionInclude('settings/ajax/geteveryonecount.php');
-$this->create('settings_ajax_createuser', '/settings/ajax/createuser.php')
- ->actionInclude('settings/ajax/createuser.php');
-$this->create('settings_ajax_removeuser', '/settings/ajax/removeuser.php')
- ->actionInclude('settings/ajax/removeuser.php');
$this->create('settings_ajax_setquota', '/settings/ajax/setquota.php')
->actionInclude('settings/ajax/setquota.php');
-$this->create('settings_ajax_creategroup', '/settings/ajax/creategroup.php')
- ->actionInclude('settings/ajax/creategroup.php');
$this->create('settings_ajax_togglegroups', '/settings/ajax/togglegroups.php')
->actionInclude('settings/ajax/togglegroups.php');
$this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.php')
->actionInclude('settings/ajax/togglesubadmins.php');
-$this->create('settings_ajax_removegroup', '/settings/ajax/removegroup.php')
- ->actionInclude('settings/ajax/removegroup.php');
$this->create('settings_users_changepassword', '/settings/users/changepassword')
->post()
->action('OC\Settings\ChangePassword\Controller', 'changeUserPassword');