From 432e7c93c6dad564abbaec1e3d374f73653d7ba6 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Thu, 11 Aug 2016 09:46:25 +0200 Subject: Move Groups over to OCSController * Take advantage of the AppFramework * Fix tests --- .../lib/Controller/GroupsController.php | 190 +++++++++++++++++++++ 1 file changed, 190 insertions(+) create mode 100644 apps/provisioning_api/lib/Controller/GroupsController.php (limited to 'apps/provisioning_api/lib/Controller/GroupsController.php') diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php new file mode 100644 index 00000000000..d36d0de8997 --- /dev/null +++ b/apps/provisioning_api/lib/Controller/GroupsController.php @@ -0,0 +1,190 @@ + + * @author Morris Jobke + * @author Roeland Jago Douma + * @author Tom Needham + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Provisioning_API\Controller; + +use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCS\OCSException; +use OCP\AppFramework\OCSController; +use OCP\IGroup; +use OCP\IGroupManager; +use OCP\IRequest; +use OCP\IUserSession; +use OCP\IUser; + + +class GroupsController extends OCSController { + + /** @var IGroupManager */ + private $groupManager; + + /** @var IUserSession */ + private $userSession; + + /** + * @param string $appName + * @param IRequest $request + * @param IGroupManager $groupManager + * @param IUserSession $userSession + */ + public function __construct( + $appName, + IRequest $request, + IGroupManager $groupManager, + IUserSession $userSession) { + parent::__construct($appName, $request); + + $this->groupManager = $groupManager; + $this->userSession = $userSession; + } + + /** + * returns a list of groups + * + * @NoAdminRequired + * + * @param string $search + * @param int $limit + * @param int $offset + * @return DataResponse + */ + public function getGroups($search = '', $limit = null, $offset = null) { + if ($limit !== null) { + $limit = (int)$limit; + } + if ($offset !== null) { + $offset = (int)$offset; + } + + $groups = $this->groupManager->search($search, $limit, $offset); + $groups = array_map(function($group) { + /** @var IGroup $group */ + return $group->getGID(); + }, $groups); + + return new DataResponse(['groups' => $groups]); + } + + /** + * returns an array of users in the group specified + * + * @NoAdminRequired + * + * @param string $groupId + * @return DataResponse + * @throws OCSException + */ + public function getGroup($groupId) { + $user = $this->userSession->getUser(); + + // Check the group exists + if(!$this->groupManager->groupExists($groupId)) { + throw new OCSException('The requested group could not be found', \OCP\API::RESPOND_NOT_FOUND); + } + + $isSubadminOfGroup = false; + $group = $this->groupManager->get($groupId); + if ($group !== null) { + $isSubadminOfGroup =$this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $group); + } + + // Check subadmin has access to this group + if($this->groupManager->isAdmin($user->getUID()) + || $isSubadminOfGroup) { + $users = $this->groupManager->get($groupId)->getUsers(); + $users = array_map(function($user) { + /** @var IUser $user */ + return $user->getUID(); + }, $users); + $users = array_values($users); + return new DataResponse(['users' => $users]); + } else { + throw new OCSException('User does not have access to specified group', \OCP\API::RESPOND_UNAUTHORISED); + } + } + + /** + * creates a new group + * + * @NoAdminRequired + * + * @param string $groupid + * @return DataResponse + * @throws OCSException + */ + public function addGroup($groupid) { + // Validate name + if(empty($groupid)){ + \OCP\Util::writeLog('provisioning_api', 'Group name not supplied', \OCP\Util::ERROR); + throw new OCSException('Invalid group name', 101); + } + // Check if it exists + if($this->groupManager->groupExists($groupid)){ + throw new OCSException('', 102); + } + $this->groupManager->createGroup($groupid); + return new DataResponse(); + } + + /** + * @param string $groupId + * @return DataResponse + * @throws OCSException + */ + public function deleteGroup($groupId) { + // Check it exists + if(!$this->groupManager->groupExists($groupId)){ + throw new OCSException('', 101); + } else if($groupId === 'admin' || !$this->groupManager->get($groupId)->delete()){ + // Cannot delete admin group + throw new OCSException('', 102); + } + + return new DataResponse(null, 100); + } + + /** + * @param string $groupId + * @return DataResponse + * @throws OCSException + */ + public function getSubAdminsOfGroup($groupId) { + // Check group exists + $targetGroup = $this->groupManager->get($groupId); + if($targetGroup === null) { + throw new OCSException('Group does not exist', 101); + } + + $subadmins = $this->groupManager->getSubAdmin()->getGroupsSubAdmins($targetGroup); + // New class returns IUser[] so convert back + $uids = []; + foreach ($subadmins as $user) { + $uids[] = $user->getUID(); + } + + return new DataResponse($uids); + } + +} -- cgit v1.2.3