diff options
Diffstat (limited to 'settings')
| -rw-r--r-- | settings/application.php | 7 | ||||
| -rw-r--r-- | settings/controller/userscontroller.php | 43 | ||||
| -rw-r--r-- | settings/factory/subadminfactory.php | 45 |
3 files changed, 70 insertions, 25 deletions
diff --git a/settings/application.php b/settings/application.php index 3b2c77ab849..6fe23447a72 100644 --- a/settings/application.php +++ b/settings/application.php @@ -16,6 +16,7 @@ use OC\Settings\Controller\LogSettingsController; use OC\Settings\Controller\MailSettingsController; use OC\Settings\Controller\SecuritySettingsController; use OC\Settings\Controller\UsersController; +use OC\Settings\Factory\SubAdminFactory; use OC\Settings\Middleware\SubadminMiddleware; use \OCP\AppFramework\App; use OCP\IContainer; @@ -92,7 +93,7 @@ class Application extends App { $c->query('DefaultMailAddress'), $c->query('URLGenerator'), $c->query('OCP\\App\\IAppManager'), - $c->query('SubAdminOfGroups') + $c->query('SubAdminFactory') ); }); $container->registerService('LogSettingsController', function(IContainer $c) { @@ -147,8 +148,8 @@ class Application extends App { return \OC_Subadmin::isSubAdmin(\OC_User::getUser()); }); /** FIXME: Remove once OC_SubAdmin is non-static and mockable */ - $container->registerService('SubAdminOfGroups', function(IContainer $c) { - return \OC_SubAdmin::getSubAdminsGroups(\OC_User::getUser()); + $container->registerService('SubAdminFactory', function(IContainer $c) { + return new SubAdminFactory(); }); $container->registerService('Mail', function(IContainer $c) { return new \OC_Mail; diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php index 39d94fd2e18..b1caaa17991 100644 --- a/settings/controller/userscontroller.php +++ b/settings/controller/userscontroller.php @@ -11,6 +11,7 @@ namespace OC\Settings\Controller; use OC\AppFramework\Http; +use OC\Settings\Factory\SubAdminFactory; use OC\User\User; use OCP\App\IAppManager; use OCP\AppFramework\Controller; @@ -56,8 +57,8 @@ class UsersController extends Controller { private $isEncryptionAppEnabled; /** @var bool contains the state of the admin recovery setting */ private $isRestoreEnabled = false; - /** @var string[] Array of groups the user is sub-admin of */ - private $subAdminOfGroups = []; + /** @var SubAdminFactory */ + private $subAdminFactory; /** * @param string $appName @@ -74,7 +75,7 @@ class UsersController extends Controller { * @param string $fromMailAddress * @param IURLGenerator $urlGenerator * @param IAppManager $appManager - * @param array $subAdminOfGroups + * @param SubAdminFactory $subAdminFactory */ public function __construct($appName, IRequest $request, @@ -90,7 +91,7 @@ class UsersController extends Controller { $fromMailAddress, IURLGenerator $urlGenerator, IAppManager $appManager, - array $subAdminOfGroups) { + SubAdminFactory $subAdminFactory) { parent::__construct($appName, $request); $this->userManager = $userManager; $this->groupManager = $groupManager; @@ -103,7 +104,7 @@ class UsersController extends Controller { $this->mail = $mail; $this->fromMailAddress = $fromMailAddress; $this->urlGenerator = $urlGenerator; - $this->subAdminOfGroups = $subAdminOfGroups; + $this->subAdminFactory = $subAdminFactory; // check for encryption state - TODO see formatUserForIndex $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('files_encryption'); @@ -216,15 +217,18 @@ class UsersController extends Controller { } } else { + $subAdminOfGroups = $this->subAdminFactory->getSubAdminsOfGroups( + $this->userSession->getUser()->getUID() + ); // Set the $gid parameter to an empty value if the subadmin has no rights to access a specific group - if($gid !== '' && !in_array($gid, $this->subAdminOfGroups)) { + if($gid !== '' && !in_array($gid, $subAdminOfGroups)) { $gid = ''; } // Batch all groups the user is subadmin of when a group is specified $batch = []; if($gid === '') { - foreach($this->subAdminOfGroups as $group) { + foreach($subAdminOfGroups as $group) { $groupUsers = $this->groupManager->displayNamesInGroup($group, $pattern, $limit, $offset); foreach($groupUsers as $uid => $displayName) { $batch[$uid] = $displayName; @@ -239,7 +243,7 @@ class UsersController extends Controller { // Only add the groups, this user is a subadmin of $userGroups = array_values(array_intersect( $this->groupManager->getUserGroupIds($user), - $this->subAdminOfGroups + $subAdminOfGroups )); $users[] = $this->formatUserForIndex($user, $userGroups); } @@ -256,8 +260,6 @@ class UsersController extends Controller { * @param array $groups * @param string $email * @return DataResponse - * - * TODO: Tidy up and write unit tests - code is mainly static method calls */ public function create($username, $password, array $groups=array(), $email='') { @@ -270,17 +272,17 @@ class UsersController extends Controller { ); } - // TODO FIXME get rid of the static calls to OC_Subadmin if (!$this->isAdmin) { + $uid = $this->userSession->getUser()->getUID(); if (!empty($groups)) { foreach ($groups as $key => $group) { - if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) { + if (!$this->subAdminFactory->isGroupAccessible($uid, $group)) { unset($groups[$key]); } } } if (empty($groups)) { - $groups = $this->subAdminOfGroups; + $groups = $this->subAdminFactory->getSubAdminsOfGroups($uid); } } @@ -297,7 +299,7 @@ class UsersController extends Controller { if($user instanceof User) { if($groups !== null) { - foreach( $groups as $groupName ) { + foreach($groups as $groupName) { $group = $this->groupManager->get($groupName); if(empty($group)) { @@ -363,11 +365,10 @@ class UsersController extends Controller { * * @param string $id * @return DataResponse - * - * TODO: Tidy up and write unit tests - code is mainly static method calls */ public function destroy($id) { - if($this->userSession->getUser()->getUID() === $id) { + $UserId = $this->userSession->getUser()->getUID(); + if($UserId === $id) { return new DataResponse( array( 'status' => 'error', @@ -379,8 +380,7 @@ class UsersController extends Controller { ); } - // FIXME: Remove this static function call at some point… - if(!$this->isAdmin && !\OC_SubAdmin::isUserAccessible($this->userSession->getUser()->getUID(), $id)) { + if(!$this->isAdmin && !$this->subAdminFactory->isUserAccessible($UserId, $id)) { return new DataResponse( array( 'status' => 'error', @@ -427,14 +427,13 @@ class UsersController extends Controller { * @param string $id * @param string $mailAddress * @return DataResponse - * - * TODO: Tidy up and write unit tests - code is mainly static method calls */ public function setMailAddress($id, $mailAddress) { + $UserId = $this->userSession->getUser()->getUID(); // FIXME: Remove this static function call at some point… if($this->userSession->getUser()->getUID() !== $id && !$this->isAdmin - && !\OC_SubAdmin::isUserAccessible($this->userSession->getUser()->getUID(), $id)) { + && !$this->subAdminFactory->isUserAccessible($UserId, $id)) { return new DataResponse( array( 'status' => 'error', diff --git a/settings/factory/subadminfactory.php b/settings/factory/subadminfactory.php new file mode 100644 index 00000000000..12a45527ae1 --- /dev/null +++ b/settings/factory/subadminfactory.php @@ -0,0 +1,45 @@ +<?php +/** + * @author Lukas Reschke + * @copyright 2015 Lukas Reschke lukas@owncloud.com + * + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Settings\Factory; + +/** + * @package OC\Settings\Factory + */ +class SubAdminFactory { + /** + * Get the groups $uid is SubAdmin of + * @param string $uid + * @return array Array of groups that $uid is subadmin of + */ + function getSubAdminsOfGroups($uid) { + return \OC_SubAdmin::getSubAdminsGroups($uid); + } + + /** + * Whether the $group is accessible to $uid as subadmin + * @param string $uid + * @param string $group + * @return bool + */ + function isGroupAccessible($uid, $group) { + return \OC_SubAdmin::isGroupAccessible($uid, $group); + } + + /** + * Whether $uid is accessible to $subAdmin + * @param string $subAdmin + * @param string $uid + * @return bool + */ + function isUserAccessible($subAdmin, $uid) { + return \OC_SubAdmin::isUserAccessible($subAdmin, $uid); + } +} |