diff options
Diffstat (limited to 'settings')
-rw-r--r-- | settings/ajax/changedisplayname.php | 67 | ||||
-rw-r--r-- | settings/controller/userscontroller.php | 54 | ||||
-rw-r--r-- | settings/js/personal.js | 2 | ||||
-rw-r--r-- | settings/js/users/users.js | 2 | ||||
-rw-r--r-- | settings/routes.php | 3 |
5 files changed, 57 insertions, 71 deletions
diff --git a/settings/ajax/changedisplayname.php b/settings/ajax/changedisplayname.php deleted file mode 100644 index 380cbac43da..00000000000 --- a/settings/ajax/changedisplayname.php +++ /dev/null @@ -1,67 +0,0 @@ -<?php -/** - * @author Bart Visscher <bartv@thisnet.nl> - * @author Christopher Schäpers <kondou@ts.unde.re> - * @author David Reagan <reagand@lanecc.edu> - * @author Jan-Christoph Borchardt <hey@jancborchardt.net> - * @author Lukas Reschke <lukas@owncloud.com> - * @author Robin Appelman <icewind@owncloud.com> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ -// Check if we are a user - -OCP\JSON::callCheck(); -OC_JSON::checkLoggedIn(); - -$l = \OC::$server->getL10N('settings'); - -$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser(); -$displayName = (string)$_POST["displayName"]; - -$userstatus = null; -if(OC_User::isAdminUser(OC_User::getUser())) { - $userstatus = 'admin'; -} - -$isUserAccessible = false; -$subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser()); -$targetUserObject = \OC::$server->getUserManager()->get($username); -if($subadminUserObject !== null && $targetUserObject !== null) { - $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject); -} - -if($isUserAccessible) { - $userstatus = 'subadmin'; -} - -if ($username === OC_User::getUser() && OC_User::canUserChangeDisplayName($username)) { - $userstatus = 'changeOwnDisplayName'; -} - -if(is_null($userstatus)) { - OC_JSON::error( array( "data" => array( "message" => $l->t("Authentication error") ))); - exit(); -} - -// Return Success story -if( OC_User::setDisplayName( $username, $displayName )) { - OC_JSON::success(array("data" => array( "message" => $l->t('Your full name has been changed.'), "username" => $username, 'displayName' => $displayName ))); -} -else{ - OC_JSON::error(array("data" => array( "message" => $l->t("Unable to change full name"), 'displayName' => OC_User::getDisplayName($username) ))); -} diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php index 82483a76245..942319901f3 100644 --- a/settings/controller/userscontroller.php +++ b/settings/controller/userscontroller.php @@ -585,4 +585,58 @@ class UsersController extends Controller { ); } + + /** + * Set the displayName of a user + * + * @NoAdminRequired + * @NoSubadminRequired + * + * @param string $username + * @param string $displayName + * @return DataResponse + */ + public function setDisplayName($username, $displayName) { + $currentUser = $this->userSession->getUser(); + + if ($username === null) { + $username = $currentUser->getUID(); + } + + $user = $this->userManager->get($username); + + if ($user === null || + !$user->canChangeDisplayName() || + ( + !$this->groupManager->isAdmin($currentUser->getUID()) && + !$this->groupManager->getSubAdmin()->isUserAccessible($currentUser, $user) && + $currentUser !== $user) + ) { + return new DataResponse([ + 'status' => 'error', + 'data' => [ + 'message' => $this->l10n->t('Authentication error'), + ], + ]); + } + + if ($user->setDisplayName($displayName)) { + return new DataResponse([ + 'status' => 'success', + 'data' => [ + 'message' => $this->l10n->t('Your full name has been changed.'), + 'username' => $username, + 'displayName' => $displayName, + ], + ]); + } else { + return new DataResponse([ + 'status' => 'error', + 'data' => [ + 'message' => $this->l10n->t('Unable to change full name'), + 'displayName' => $user->getDisplayName(), + ], + ]); + } + } } diff --git a/settings/js/personal.js b/settings/js/personal.js index 3439eba686f..c9280d31353 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -70,7 +70,7 @@ function changeDisplayName () { // Serialize the data var post = $("#displaynameform").serialize(); // Ajax foo - $.post('ajax/changedisplayname.php', post, function (data) { + $.post(OC.generateUrl('/settings/users/{id}/displayName', {id: OC.currentUser}), post, function (data) { if (data.status === "success") { $('#oldDisplayName').val($('#displayName').val()); // update displayName on the top right expand button diff --git a/settings/js/users/users.js b/settings/js/users/users.js index 8ce9cb6ac7c..c20a21b060a 100644 --- a/settings/js/users/users.js +++ b/settings/js/users/users.js @@ -687,7 +687,7 @@ $(document).ready(function () { $div.imageplaceholder(uid, displayName); } $.post( - OC.filePath('settings', 'ajax', 'changedisplayname.php'), + OC.generateUrl('/settings/users/{id}/displayName', {id: uid}), {username: uid, displayName: $(this).val()}, function (result) { if (result && result.status==='success' && $div.length){ diff --git a/settings/routes.php b/settings/routes.php index 6ba38388d3a..95ad234c699 100644 --- a/settings/routes.php +++ b/settings/routes.php @@ -46,6 +46,7 @@ $application->registerRoutes($this, [ ['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'], ['name' => 'AppSettings#changeExperimentalConfigState', 'url' => '/settings/apps/experimental', 'verb' => 'POST'], ['name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'], + ['name' => 'Users#setDisplayName', 'url' => '/settings/users/{username}/displayName', 'verb' => 'POST'], ['name' => 'Users#setMailAddress', 'url' => '/settings/users/{id}/mailAddress', 'verb' => 'PUT'], ['name' => 'Users#stats', 'url' => '/settings/users/stats', 'verb' => 'GET'], ['name' => 'LogSettings#setLogLevel', 'url' => '/settings/admin/log/level', 'verb' => 'POST'], @@ -79,8 +80,6 @@ $this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.p $this->create('settings_users_changepassword', '/settings/users/changepassword') ->post() ->action('OC\Settings\ChangePassword\Controller', 'changeUserPassword'); -$this->create('settings_ajax_changedisplayname', '/settings/ajax/changedisplayname.php') - ->actionInclude('settings/ajax/changedisplayname.php'); $this->create('settings_ajax_changegorupname', '/settings/ajax/changegroupname.php') ->actionInclude('settings/ajax/changegroupname.php'); // personal |