From ae77067a073992938a541be7ac6cc966e8e2f00c Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 18 Jan 2017 11:43:52 +0100 Subject: No need to check the subadmin again The user needs to be a subadmin of the group, otherwise they are not allowed to remove anyone from the group Signed-off-by: Joas Schilling --- .../lib/Controller/UsersController.php | 27 +++++++++------------- 1 file changed, 11 insertions(+), 16 deletions(-) (limited to 'apps/provisioning_api/lib/Controller/UsersController.php') diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index cc1d63d2d34..eb09210275d 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -33,10 +33,10 @@ use \OC_Helper; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSForbiddenException; -use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\AppFramework\OCSController; use OCP\Files\NotFoundException; use OCP\IConfig; +use OCP\IGroup; use OCP\IGroupManager; use OCP\ILogger; use OCP\IRequest; @@ -275,9 +275,9 @@ class UsersController extends OCSController { break; case 'quota': $quota = $value; - if($quota !== 'none' and $quota !== 'default') { + if($quota !== 'none' && $quota !== 'default') { if (is_numeric($quota)) { - $quota = floatval($quota); + $quota = (float) $quota; } else { $quota = \OCP\Util::computerFileSize($quota); } @@ -421,6 +421,7 @@ class UsersController extends OCSController { // Looking up someone else if($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) { // Return the group that the method caller is subadmin of for the user in question + /** @var IGroup[] $getSubAdminsGroups */ $getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser); foreach ($getSubAdminsGroups as $key => $group) { $getSubAdminsGroups[$key] = $group->getGID(); @@ -492,25 +493,19 @@ class UsersController extends OCSController { // If they're not an admin, check they are a subadmin of the group in question $subAdminManager = $this->groupManager->getSubAdmin(); - if(!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminofGroup($loggedInUser, $group)) { + if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) { throw new OCSException('', 104); } + // Check they aren't removing themselves from 'admin' or their 'subadmin; group - if($userId === $loggedInUser->getUID()) { - if($this->groupManager->isAdmin($loggedInUser->getUID())) { - if($group->getGID() === 'admin') { + if ($userId === $loggedInUser->getUID()) { + if ($this->groupManager->isAdmin($loggedInUser->getUID())) { + if ($group->getGID() === 'admin') { throw new OCSException('Cannot remove yourself from the admin group', 105); } } else { - // Not an admin, check they are not removing themself from their subadmin group - $subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser); - foreach ($subAdminGroups as $key => $group) { - $subAdminGroups[$key] = $group->getGID(); - } - - if(in_array($group->getGID(), $subAdminGroups, true)) { - throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105); - } + // Not an admin, so the user must be a subadmin of this group, but that is not allowed. + throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105); } } -- cgit v1.2.3 From d80a4453af8271040026b781edb3c915468f6d52 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 18 Jan 2017 11:56:24 +0100 Subject: Make sure subadmins can not delete users from their last subadmin group Signed-off-by: Joas Schilling --- .../lib/Controller/UsersController.php | 14 +++++ .../tests/Controller/UsersControllerTest.php | 62 ++++++++++++++++++++++ 2 files changed, 76 insertions(+) (limited to 'apps/provisioning_api/lib/Controller/UsersController.php') diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index eb09210275d..022cbf92814 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -507,6 +507,20 @@ class UsersController extends OCSController { // Not an admin, so the user must be a subadmin of this group, but that is not allowed. throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105); } + + } else if (!$this->groupManager->isAdmin($loggedInUser->getUID())) { + /** @var IGroup[] $subAdminGroups */ + $subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser); + $subAdminGroups = array_map(function (IGroup $subAdminGroup) { + return $subAdminGroup->getGID(); + }, $subAdminGroups); + $userGroups = $this->groupManager->getUserGroupIds($targetUser); + $userSubAdminGroups = array_intersect($subAdminGroups, $userGroups); + + if (count($userSubAdminGroups) <= 1) { + // Subadmin must not be able to remove a user from all their subadmin groups. + throw new OCSException('Cannot remove user from this group as this is the only remaining group you are a SubAdmin of', 105); + } } // Remove user from group diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 761b5a5b1cc..78dbbfdfc30 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -1826,6 +1826,68 @@ class UsersControllerTest extends OriginalTest { $this->api->removeFromGroup('subadmin', 'subadmin'); } + /** + * @expectedException \OCP\AppFramework\OCS\OCSException + * @expectedExceptionCode 105 + * @expectedExceptionMessage Cannot remove user from this group as this is the only remaining group you are a SubAdmin of + */ + public function testRemoveFromGroupAsSubAdminFromLastSubAdminGroup() { + $loggedInUser = $this->getMockBuilder('\OCP\IUser')->disableOriginalConstructor()->getMock(); + $loggedInUser + ->expects($this->any()) + ->method('getUID') + ->will($this->returnValue('subadmin')); + $targetUser = $this->getMockBuilder('\OCP\IUser')->disableOriginalConstructor()->getMock(); + $targetGroup = $this->getMockBuilder('\OCP\IGroup')->disableOriginalConstructor()->getMock(); + $targetGroup + ->expects($this->any()) + ->method('getGID') + ->will($this->returnValue('subadmin')); + $this->userSession + ->expects($this->once()) + ->method('getUser') + ->will($this->returnValue($loggedInUser)); + $this->groupManager + ->expects($this->once()) + ->method('get') + ->with('subadmin') + ->will($this->returnValue($targetGroup)); + $this->userManager + ->expects($this->once()) + ->method('get') + ->with('AnotherUser') + ->will($this->returnValue($targetUser)); + $subAdminManager = $this->getMockBuilder('OC\SubAdmin') + ->disableOriginalConstructor()->getMock(); + $subAdminManager + ->expects($this->once()) + ->method('isSubAdminofGroup') + ->with($loggedInUser, $targetGroup) + ->will($this->returnValue(true)); + $this->groupManager + ->expects($this->once()) + ->method('getSubAdmin') + ->will($this->returnValue($subAdminManager)); + $subAdminManager + ->expects($this->once()) + ->method('getSubAdminsGroups') + ->with($loggedInUser) + ->will($this->returnValue([$targetGroup])); + + $this->groupManager + ->expects($this->any()) + ->method('isAdmin') + ->with('subadmin') + ->will($this->returnValue(false)); + $this->groupManager + ->expects($this->once()) + ->method('getUserGroupIds') + ->with($targetUser) + ->willReturn(['subadmin', 'other group']); + + $this->api->removeFromGroup('AnotherUser', 'subadmin'); + } + public function testRemoveFromGroupSuccessful() { $loggedInUser = $this->getMockBuilder('\OCP\IUser')->disableOriginalConstructor()->getMock(); $loggedInUser -- cgit v1.2.3 From 5d1f7e5a7be4eba2c1cb0e601c7bc0ac43e1855f Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 18 Jan 2017 14:34:38 +0100 Subject: Allow subadmins to add people to groups via provisioning api Signed-off-by: Joas Schilling --- .../lib/Controller/UsersController.php | 9 ++ .../tests/Controller/UsersControllerTest.php | 149 ++++++++++++++++++++- 2 files changed, 151 insertions(+), 7 deletions(-) (limited to 'apps/provisioning_api/lib/Controller/UsersController.php') diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 022cbf92814..2e8a2ffe5ed 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -441,6 +441,8 @@ class UsersController extends OCSController { /** * @PasswordConfirmationRequired + * @NoAdminRequired + * * @param string $userId * @param string $groupid * @return DataResponse @@ -460,6 +462,13 @@ class UsersController extends OCSController { throw new OCSException('', 103); } + // If they're not an admin, check they are a subadmin of the group in question + $loggedInUser = $this->userSession->getUser(); + $subAdminManager = $this->groupManager->getSubAdmin(); + if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) { + throw new OCSException('', 104); + } + // Add user to group $group->addUser($targetUser); return new DataResponse(); diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 78dbbfdfc30..4d3da5fd33a 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -30,6 +30,9 @@ namespace OCA\Provisioning_API\Tests\Controller; use OCA\Provisioning_API\Controller\UsersController; +use OCP\AppFramework\Http\DataResponse; +use OCP\IGroup; +use OCP\IUser; use OCP\IUserManager; use OCP\IConfig; use OCP\IUserSession; @@ -1598,11 +1601,10 @@ class UsersControllerTest extends OriginalTest { * @expectedExceptionCode 102 */ public function testAddToGroupWithTargetGroupNotExisting() { - $this->groupManager - ->expects($this->once()) + $this->groupManager->expects($this->once()) ->method('get') ->with('GroupToAddTo') - ->will($this->returnValue(null)); + ->willReturn(null); $this->api->addToGroup('TargetUser', 'GroupToAddTo'); } @@ -1620,16 +1622,149 @@ class UsersControllerTest extends OriginalTest { * @expectedExceptionCode 103 */ public function testAddToGroupWithTargetUserNotExisting() { - $targetGroup = $this->getMockBuilder('\OCP\IGroup')->disableOriginalConstructor()->getMock(); - $this->groupManager - ->expects($this->once()) + $targetGroup = $this->createMock(IGroup::class); + $this->groupManager->expects($this->once()) ->method('get') ->with('GroupToAddTo') - ->will($this->returnValue($targetGroup)); + ->willReturn($targetGroup); + + $this->api->addToGroup('TargetUser', 'GroupToAddTo'); + } + + /** + * @expectedException \OCP\AppFramework\OCS\OCSException + * @expectedExceptionCode 104 + */ + public function testAddToGroupNoSubadmin() { + $targetUser = $this->createMock(IUser::class); + $loggedInUser = $this->createMock(IUser::class); + $loggedInUser->expects($this->once()) + ->method('getUID') + ->willReturn('subadmin'); + + $targetGroup = $this->createMock(IGroup::class); + $targetGroup->expects($this->never()) + ->method('addUser') + ->with($targetUser); + + $this->groupManager->expects($this->once()) + ->method('get') + ->with('GroupToAddTo') + ->willReturn($targetGroup); + + + $subAdminManager = $this->createMock(\OC\SubAdmin::class); + $subAdminManager->expects($this->once()) + ->method('isSubAdminOfGroup') + ->with($loggedInUser, $targetGroup) + ->willReturn(false); + + $this->groupManager->expects($this->once()) + ->method('getSubAdmin') + ->willReturn($subAdminManager); + $this->groupManager->expects($this->once()) + ->method('isAdmin') + ->with('subadmin') + ->willReturn(false); + + $this->userManager->expects($this->once()) + ->method('get') + ->with('TargetUser') + ->willReturn($targetUser); + + $this->userSession->expects($this->once()) + ->method('getUser') + ->willReturn($loggedInUser); $this->api->addToGroup('TargetUser', 'GroupToAddTo'); } + public function testAddToGroupSuccessAsSubadmin() { + $targetUser = $this->createMock(IUser::class); + $loggedInUser = $this->createMock(IUser::class); + $loggedInUser->expects($this->once()) + ->method('getUID') + ->willReturn('subadmin'); + + $targetGroup = $this->createMock(IGroup::class); + $targetGroup->expects($this->once()) + ->method('addUser') + ->with($targetUser); + + $this->groupManager->expects($this->once()) + ->method('get') + ->with('GroupToAddTo') + ->willReturn($targetGroup); + + + $subAdminManager = $this->createMock(\OC\SubAdmin::class); + $subAdminManager->expects($this->once()) + ->method('isSubAdminOfGroup') + ->with($loggedInUser, $targetGroup) + ->willReturn(true); + + $this->groupManager->expects($this->once()) + ->method('getSubAdmin') + ->willReturn($subAdminManager); + $this->groupManager->expects($this->once()) + ->method('isAdmin') + ->with('subadmin') + ->willReturn(false); + + $this->userManager->expects($this->once()) + ->method('get') + ->with('TargetUser') + ->willReturn($targetUser); + + $this->userSession->expects($this->once()) + ->method('getUser') + ->willReturn($loggedInUser); + + $this->assertEquals(new DataResponse(), $this->api->addToGroup('TargetUser', 'GroupToAddTo')); + } + + public function testAddToGroupSuccessAsAdmin() { + $targetUser = $this->createMock(IUser::class); + $loggedInUser = $this->createMock(IUser::class); + $loggedInUser->expects($this->once()) + ->method('getUID') + ->willReturn('admin'); + + $targetGroup = $this->createMock(IGroup::class); + $targetGroup->expects($this->once()) + ->method('addUser') + ->with($targetUser); + + $this->groupManager->expects($this->once()) + ->method('get') + ->with('GroupToAddTo') + ->willReturn($targetGroup); + + + $subAdminManager = $this->createMock(\OC\SubAdmin::class); + $subAdminManager->expects($this->never()) + ->method('isSubAdminOfGroup'); + + $this->groupManager->expects($this->once()) + ->method('getSubAdmin') + ->willReturn($subAdminManager); + $this->groupManager->expects($this->once()) + ->method('isAdmin') + ->with('admin') + ->willReturn(true); + + $this->userManager->expects($this->once()) + ->method('get') + ->with('TargetUser') + ->willReturn($targetUser); + + $this->userSession->expects($this->once()) + ->method('getUser') + ->willReturn($loggedInUser); + + $this->assertEquals(new DataResponse(), $this->api->addToGroup('TargetUser', 'GroupToAddTo')); + } + /** * @expectedException \OCP\AppFramework\OCS\OCSException * @expectedExceptionCode 101 -- cgit v1.2.3 From fee42647fb06b30cf35e2b21e2e8b5c8ef72bcc8 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 24 Jan 2017 14:07:52 +0100 Subject: add data from the users profile to the provisioning api Signed-off-by: Bjoern Schiessle --- .../lib/Controller/UsersController.php | 18 ++++++-- .../tests/Controller/UsersControllerTest.php | 51 +++++++++++++++++++++- 2 files changed, 65 insertions(+), 4 deletions(-) (limited to 'apps/provisioning_api/lib/Controller/UsersController.php') diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 2e8a2ffe5ed..e659b49443b 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -29,6 +29,7 @@ namespace OCA\Provisioning_API\Controller; +use OC\Accounts\AccountManager; use \OC_Helper; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSException; @@ -53,6 +54,8 @@ class UsersController extends OCSController { private $groupManager; /** @var IUserSession */ private $userSession; + /** @var AccountManager */ + private $accountManager; /** @var ILogger */ private $logger; @@ -63,6 +66,7 @@ class UsersController extends OCSController { * @param IConfig $config * @param IGroupManager $groupManager * @param IUserSession $userSession + * @param AccountManager $accountManager * @param ILogger $logger */ public function __construct($appName, @@ -71,6 +75,7 @@ class UsersController extends OCSController { IConfig $config, IGroupManager $groupManager, IUserSession $userSession, + AccountManager $accountManager, ILogger $logger) { parent::__construct($appName, $request); @@ -78,6 +83,7 @@ class UsersController extends OCSController { $this->config = $config; $this->groupManager = $groupManager; $this->userSession = $userSession; + $this->accountManager = $accountManager; $this->logger = $logger; } @@ -107,7 +113,7 @@ class UsersController extends OCSController { } if($offset === null) { - $offset = 0; + $offset = 0; } $users = []; @@ -159,7 +165,7 @@ class UsersController extends OCSController { throw new OCSException('no group specified (required for subadmins)', 106); } } - + try { $newUser = $this->userManager->createUser($userid, $password); $this->logger->info('Successful addUser call with userid: '.$userid, ['app' => 'ocs_api']); @@ -209,10 +215,16 @@ class UsersController extends OCSController { } } + $userAccount = $this->accountManager->getUser($targetUserObject); + // Find the data $data['quota'] = $this->fillStorageInfo($userId); $data['email'] = $targetUserObject->getEMailAddress(); $data['displayname'] = $targetUserObject->getDisplayName(); + $data['phone'] = $userAccount[\OC\Accounts\AccountManager::PROPERTY_PHONE]['value']; + $data['address'] = $userAccount[\OC\Accounts\AccountManager::PROPERTY_ADDRESS]['value']; + $data['webpage'] = $userAccount[\OC\Accounts\AccountManager::PROPERTY_WEBSITE]['value']; + $data['twitter'] = $userAccount[\OC\Accounts\AccountManager::PROPERTY_TWITTER]['value']; return new DataResponse($data); } @@ -436,7 +448,7 @@ class UsersController extends OCSController { throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED); } } - + } /** diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 4d3da5fd33a..1565407b839 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -29,6 +29,7 @@ namespace OCA\Provisioning_API\Tests\Controller; +use OC\Accounts\AccountManager; use OCA\Provisioning_API\Controller\UsersController; use OCP\AppFramework\Http\DataResponse; use OCP\IGroup; @@ -41,7 +42,7 @@ use Test\TestCase as OriginalTest; use OCP\ILogger; class UsersControllerTest extends OriginalTest { - + /** @var IUserManager | PHPUnit_Framework_MockObject_MockObject */ protected $userManager; /** @var IConfig | PHPUnit_Framework_MockObject_MockObject */ @@ -54,6 +55,8 @@ class UsersControllerTest extends OriginalTest { protected $logger; /** @var UsersController | PHPUnit_Framework_MockObject_MockObject */ protected $api; + /** @var AccountManager | PHPUnit_Framework_MockObject_MockObject */ + protected $accountManager; protected function tearDown() { parent::tearDown(); @@ -80,6 +83,9 @@ class UsersControllerTest extends OriginalTest { $request = $this->getMockBuilder('OCP\IRequest') ->disableOriginalConstructor() ->getMock(); + $this->accountManager = $this->getMockBuilder(AccountManager::class) + ->disableOriginalConstructor() + ->getMock(); $this->api = $this->getMockBuilder('OCA\Provisioning_API\Controller\UsersController') ->setConstructorArgs([ 'provisioning_api', @@ -88,6 +94,7 @@ class UsersControllerTest extends OriginalTest { $this->config, $this->groupManager, $this->userSession, + $this->accountManager, $this->logger, ]) ->setMethods(['fillStorageInfo']) @@ -652,6 +659,16 @@ class UsersControllerTest extends OriginalTest { ->method('isAdmin') ->with('admin') ->will($this->returnValue(true)); + $this->accountManager->expects($this->any())->method('getUser') + ->with($targetUser) + ->willReturn( + [ + AccountManager::PROPERTY_ADDRESS => ['value' => 'address'], + AccountManager::PROPERTY_PHONE => ['value' => 'phone'], + AccountManager::PROPERTY_TWITTER => ['value' => 'twitter'], + AccountManager::PROPERTY_WEBSITE => ['value' => 'website'], + ] + ); $this->config ->expects($this->at(0)) ->method('getUserValue') @@ -672,6 +689,10 @@ class UsersControllerTest extends OriginalTest { 'quota' => ['DummyValue'], 'email' => 'demo@owncloud.org', 'displayname' => 'Demo User', + 'phone' => 'phone', + 'address' => 'address', + 'webpage' => 'website', + 'twitter' => 'twitter' ]; $this->assertEquals($expected, $this->api->getUser('UserToGet')->getData()); } @@ -731,12 +752,26 @@ class UsersControllerTest extends OriginalTest { ->expects($this->once()) ->method('getDisplayName') ->will($this->returnValue('Demo User')); + $this->accountManager->expects($this->any())->method('getUser') + ->with($targetUser) + ->willReturn( + [ + AccountManager::PROPERTY_ADDRESS => ['value' => 'address'], + AccountManager::PROPERTY_PHONE => ['value' => 'phone'], + AccountManager::PROPERTY_TWITTER => ['value' => 'twitter'], + AccountManager::PROPERTY_WEBSITE => ['value' => 'website'], + ] + ); $expected = [ 'enabled' => 'true', 'quota' => ['DummyValue'], 'email' => 'demo@owncloud.org', 'displayname' => 'Demo User', + 'phone' => 'phone', + 'address' => 'address', + 'webpage' => 'website', + 'twitter' => 'twitter' ]; $this->assertEquals($expected, $this->api->getUser('UserToGet')->getData()); } @@ -837,11 +872,25 @@ class UsersControllerTest extends OriginalTest { ->expects($this->once()) ->method('getEMailAddress') ->will($this->returnValue('subadmin@owncloud.org')); + $this->accountManager->expects($this->any())->method('getUser') + ->with($targetUser) + ->willReturn( + [ + AccountManager::PROPERTY_ADDRESS => ['value' => 'address'], + AccountManager::PROPERTY_PHONE => ['value' => 'phone'], + AccountManager::PROPERTY_TWITTER => ['value' => 'twitter'], + AccountManager::PROPERTY_WEBSITE => ['value' => 'website'], + ] + ); $expected = [ 'quota' => ['DummyValue'], 'email' => 'subadmin@owncloud.org', 'displayname' => 'Subadmin User', + 'phone' => 'phone', + 'address' => 'address', + 'webpage' => 'website', + 'twitter' => 'twitter' ]; $this->assertEquals($expected, $this->api->getUser('subadmin')->getData()); } -- cgit v1.2.3 From 5086335643b6181284ee50f57b95525002842992 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 24 Jan 2017 15:45:55 +0100 Subject: unify endpoints form core and the the provisioning api Signed-off-by: Bjoern Schiessle --- apps/provisioning_api/appinfo/routes.php | 1 + .../lib/Controller/UsersController.php | 25 ++++++ .../tests/Controller/UsersControllerTest.php | 88 +++++++++++++++++++++- core/Controller/OCSController.php | 14 ---- core/routes.php | 1 - tests/Core/Controller/OCSControllerTest.php | 18 ----- 6 files changed, 112 insertions(+), 35 deletions(-) (limited to 'apps/provisioning_api/lib/Controller/UsersController.php') diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php index 04a34fba903..baa4e475be8 100644 --- a/apps/provisioning_api/appinfo/routes.php +++ b/apps/provisioning_api/appinfo/routes.php @@ -45,6 +45,7 @@ return [ ['root' => '/cloud', 'name' => 'Users#getUsers', 'url' => '/users', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#addUser', 'url' => '/users', 'verb' => 'POST'], ['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'], + ['root' => '/cloud', 'name' => 'Users#getCurrentUser', 'url' => '/user', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Users#editUser', 'url' => '/users/{userId}', 'verb' => 'PUT'], ['root' => '/cloud', 'name' => 'Users#deleteUser', 'url' => '/users/{userId}', 'verb' => 'DELETE'], ['root' => '/cloud', 'name' => 'Users#enableUser', 'url' => '/users/{userId}/enable', 'verb' => 'PUT'], diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index e659b49443b..45839cf4f8d 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -218,6 +218,7 @@ class UsersController extends OCSController { $userAccount = $this->accountManager->getUser($targetUserObject); // Find the data + $data['id'] = $targetUserObject->getUID(); $data['quota'] = $this->fillStorageInfo($userId); $data['email'] = $targetUserObject->getEMailAddress(); $data['displayname'] = $targetUserObject->getDisplayName(); @@ -229,6 +230,30 @@ class UsersController extends OCSController { return new DataResponse($data); } + /** + * @NoAdminRequired + * @NoSubAdminRequired + * + * gets user info from the currently logged in user + * + * @return DataResponse + * @throws OCSException + */ + public function getCurrentUser() { + $user = $this->userSession->getUser(); + if ($user) { + $result = $this->getUser($user->getUID()); + // rename "displayname" to "display-name" only for this call to keep + // the API stable. + $result['display-name'] = $result['displayname']; + unset($result['displayname']); + return $result; + + } + + throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED); + } + /** * @NoAdminRequired * @NoSubAdminRequired diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 1565407b839..52f7f391c97 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -33,6 +33,7 @@ use OC\Accounts\AccountManager; use OCA\Provisioning_API\Controller\UsersController; use OCP\AppFramework\Http\DataResponse; use OCP\IGroup; +use OCP\IRequest; use OCP\IUser; use OCP\IUserManager; use OCP\IConfig; @@ -57,6 +58,8 @@ class UsersControllerTest extends OriginalTest { protected $api; /** @var AccountManager | PHPUnit_Framework_MockObject_MockObject */ protected $accountManager; + /** @var IRequest | PHPUnit_Framework_MockObject_MockObject */ + protected $request; protected function tearDown() { parent::tearDown(); @@ -80,7 +83,7 @@ class UsersControllerTest extends OriginalTest { $this->logger = $this->getMockBuilder('OCP\ILogger') ->disableOriginalConstructor() ->getMock(); - $request = $this->getMockBuilder('OCP\IRequest') + $this->request = $this->getMockBuilder('OCP\IRequest') ->disableOriginalConstructor() ->getMock(); $this->accountManager = $this->getMockBuilder(AccountManager::class) @@ -89,7 +92,7 @@ class UsersControllerTest extends OriginalTest { $this->api = $this->getMockBuilder('OCA\Provisioning_API\Controller\UsersController') ->setConstructorArgs([ 'provisioning_api', - $request, + $this->request, $this->userManager, $this->config, $this->groupManager, @@ -683,8 +686,13 @@ class UsersControllerTest extends OriginalTest { ->expects($this->once()) ->method('getDisplayName') ->will($this->returnValue('Demo User')); + $targetUser + ->expects($this->once()) + ->method('getUID') + ->will($this->returnValue('UID')); $expected = [ + 'id' => 'UID', 'enabled' => 'true', 'quota' => ['DummyValue'], 'email' => 'demo@owncloud.org', @@ -752,6 +760,10 @@ class UsersControllerTest extends OriginalTest { ->expects($this->once()) ->method('getDisplayName') ->will($this->returnValue('Demo User')); + $targetUser + ->expects($this->once()) + ->method('getUID') + ->will($this->returnValue('UID')); $this->accountManager->expects($this->any())->method('getUser') ->with($targetUser) ->willReturn( @@ -764,6 +776,7 @@ class UsersControllerTest extends OriginalTest { ); $expected = [ + 'id' => 'UID', 'enabled' => 'true', 'quota' => ['DummyValue'], 'email' => 'demo@owncloud.org', @@ -872,6 +885,10 @@ class UsersControllerTest extends OriginalTest { ->expects($this->once()) ->method('getEMailAddress') ->will($this->returnValue('subadmin@owncloud.org')); + $targetUser + ->expects($this->once()) + ->method('getUID') + ->will($this->returnValue('UID')); $this->accountManager->expects($this->any())->method('getUser') ->with($targetUser) ->willReturn( @@ -884,6 +901,7 @@ class UsersControllerTest extends OriginalTest { ); $expected = [ + 'id' => 'UID', 'quota' => ['DummyValue'], 'email' => 'subadmin@owncloud.org', 'displayname' => 'Subadmin User', @@ -2534,4 +2552,70 @@ class UsersControllerTest extends OriginalTest { $this->assertEquals([], $this->api->disableUser('RequestedUser')->getData()); } + + public function testGetCurrentUserLoggedIn() { + + $user = $this->getMock(IUser::class); + $user->expects($this->once())->method('getUID')->willReturn('UID'); + + $this->userSession->expects($this->once())->method('getUser') + ->willReturn($user); + + /** @var UsersController | PHPUnit_Framework_MockObject_MockObject $api */ + $api = $this->getMockBuilder('OCA\Provisioning_API\Controller\UsersController') + ->setConstructorArgs([ + 'provisioning_api', + $this->request, + $this->userManager, + $this->config, + $this->groupManager, + $this->userSession, + $this->accountManager, + $this->logger, + ]) + ->setMethods(['getUser']) + ->getMock(); + + $api->expects($this->once())->method('getUser')->with('UID') + ->willReturn( + [ + 'id' => 'UID', + 'enabled' => 'true', + 'quota' => ['DummyValue'], + 'email' => 'demo@owncloud.org', + 'displayname' => 'Demo User', + 'phone' => 'phone', + 'address' => 'address', + 'webpage' => 'website', + 'twitter' => 'twitter' + ] + ); + + $expected = [ + 'id' => 'UID', + 'enabled' => 'true', + 'quota' => ['DummyValue'], + 'email' => 'demo@owncloud.org', + 'phone' => 'phone', + 'address' => 'address', + 'webpage' => 'website', + 'twitter' => 'twitter', + 'display-name' => 'Demo User' + ]; + + $this->assertSame($expected, $api->getCurrentUser()); + } + + /** + * @expectedException \OCP\AppFramework\OCS\OCSException + */ + public function testGetCurrentUserNotLoggedIn() { + + $this->userSession->expects($this->once())->method('getUser') + ->willReturn(null); + + $this->api->getCurrentUser(); + } + + } diff --git a/core/Controller/OCSController.php b/core/Controller/OCSController.php index dc9775f2603..1deb5e958bd 100644 --- a/core/Controller/OCSController.php +++ b/core/Controller/OCSController.php @@ -105,20 +105,6 @@ class OCSController extends \OCP\AppFramework\OCSController { return new DataResponse($result); } - /** - * @NoAdminRequired - * @return DataResponse - */ - public function getCurrentUser() { - $userObject = $this->userSession->getUser(); - $data = [ - 'id' => $userObject->getUID(), - 'display-name' => $userObject->getDisplayName(), - 'email' => $userObject->getEMailAddress(), - ]; - return new DataResponse($data); - } - /** * @PublicPage * diff --git a/core/routes.php b/core/routes.php index 6f1892d19ac..5d61d58e037 100644 --- a/core/routes.php +++ b/core/routes.php @@ -59,7 +59,6 @@ $application->registerRoutes($this, [ ], 'ocs' => [ ['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'], - ['root' => '/cloud', 'name' => 'OCS#getCurrentUser', 'url' => '/user', 'verb' => 'GET'], ['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'], ['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'], ['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'], diff --git a/tests/Core/Controller/OCSControllerTest.php b/tests/Core/Controller/OCSControllerTest.php index 6c47521786f..7241df9317c 100644 --- a/tests/Core/Controller/OCSControllerTest.php +++ b/tests/Core/Controller/OCSControllerTest.php @@ -116,24 +116,6 @@ class OCSControllerTest extends TestCase { $this->assertEquals($expected, $this->controller->getCapabilities()); } - public function testGetCurrentUser() { - $user = $this->createMock(IUser::class); - $user->method('getUID')->willReturn('uid'); - $user->method('getDisplayName')->willReturn('displayName'); - $user->method('getEMailAddress')->willReturn('e@mail.com'); - - - $this->userSession->method('getUser') - ->willReturn($user); - - $expected = new DataResponse([ - 'id' => 'uid', - 'display-name' => 'displayName', - 'email' => 'e@mail.com', - ]); - $this->assertEquals($expected, $this->controller->getCurrentUser()); - } - public function testPersonCheckValid() { $this->request->method('getRemoteAddress') ->willReturn('1.2.3.4'); -- cgit v1.2.3 From 3e6c40eeb4408f3f52bdabad5ae876dc0e5581ff Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Jan 2017 11:31:08 +0100 Subject: make sure that 'getCurrentUser' gets an array in order to manipulate the data to match the old API Signed-off-by: Bjoern Schiessle --- .../lib/Controller/UsersController.php | 62 +++++++++++++--------- .../tests/Controller/UsersControllerTest.php | 57 ++++++++++++++++---- 2 files changed, 83 insertions(+), 36 deletions(-) (limited to 'apps/provisioning_api/lib/Controller/UsersController.php') diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 45839cf4f8d..1e8a767b33a 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -194,6 +194,42 @@ class UsersController extends OCSController { * @throws OCSException */ public function getUser($userId) { + $data = $this->getUserData($userId); + return new DataResponse($data); + } + + /** + * @NoAdminRequired + * @NoSubAdminRequired + * + * gets user info from the currently logged in user + * + * @return DataResponse + * @throws OCSException + */ + public function getCurrentUser() { + $user = $this->userSession->getUser(); + if ($user) { + $data = $this->getUserData($user->getUID()); + // rename "displayname" to "display-name" only for this call to keep + // the API stable. + $data['display-name'] = $data['displayname']; + unset($data['displayname']); + return new DataResponse($data); + + } + + throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED); + } + + /** + * creates a array with all user data + * + * @param $userId + * @return array + * @throws OCSException + */ + protected function getUserData($userId) { $currentLoggedInUser = $this->userSession->getUser(); $data = []; @@ -227,31 +263,7 @@ class UsersController extends OCSController { $data['webpage'] = $userAccount[\OC\Accounts\AccountManager::PROPERTY_WEBSITE]['value']; $data['twitter'] = $userAccount[\OC\Accounts\AccountManager::PROPERTY_TWITTER]['value']; - return new DataResponse($data); - } - - /** - * @NoAdminRequired - * @NoSubAdminRequired - * - * gets user info from the currently logged in user - * - * @return DataResponse - * @throws OCSException - */ - public function getCurrentUser() { - $user = $this->userSession->getUser(); - if ($user) { - $result = $this->getUser($user->getUID()); - // rename "displayname" to "display-name" only for this call to keep - // the API stable. - $result['display-name'] = $result['displayname']; - unset($result['displayname']); - return $result; - - } - - throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED); + return $data; } /** diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 52f7f391c97..a3e5bf6fde6 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -634,7 +634,7 @@ class UsersControllerTest extends OriginalTest { $this->api->getUser('UserToGet'); } - public function testGetUserAsAdmin() { + public function testGetUserDataAsAdmin() { $loggedInUser = $this->getMockBuilder('OCP\IUser') ->disableOriginalConstructor() ->getMock(); @@ -702,10 +702,10 @@ class UsersControllerTest extends OriginalTest { 'webpage' => 'website', 'twitter' => 'twitter' ]; - $this->assertEquals($expected, $this->api->getUser('UserToGet')->getData()); + $this->assertEquals($expected, $this->invokePrivate($this->api, 'getUserData', ['UserToGet'])); } - public function testGetUserAsSubAdminAndUserIsAccessible() { + public function testGetUserDataAsSubAdminAndUserIsAccessible() { $loggedInUser = $this->getMockBuilder('OCP\IUser') ->disableOriginalConstructor() ->getMock(); @@ -786,7 +786,7 @@ class UsersControllerTest extends OriginalTest { 'webpage' => 'website', 'twitter' => 'twitter' ]; - $this->assertEquals($expected, $this->api->getUser('UserToGet')->getData()); + $this->assertEquals($expected, $this->invokePrivate($this->api, 'getUserData', ['UserToGet'])); } @@ -794,7 +794,7 @@ class UsersControllerTest extends OriginalTest { * @expectedException \OCP\AppFramework\OCS\OCSException * @expectedExceptionCode 997 */ - public function testGetUserAsSubAdminAndUserIsNotAccessible() { + public function testGetUserDataAsSubAdminAndUserIsNotAccessible() { $loggedInUser = $this->getMockBuilder('OCP\IUser') ->disableOriginalConstructor() ->getMock(); @@ -832,10 +832,10 @@ class UsersControllerTest extends OriginalTest { ->method('getSubAdmin') ->will($this->returnValue($subAdminManager)); - $this->api->getUser('UserToGet'); + $this->invokePrivate($this->api, 'getUserData', ['UserToGet']); } - public function testGetUserAsSubAdminSelfLookup() { + public function testGetUserDataAsSubAdminSelfLookup() { $loggedInUser = $this->getMockBuilder('OCP\IUser') ->disableOriginalConstructor() ->getMock(); @@ -910,7 +910,7 @@ class UsersControllerTest extends OriginalTest { 'webpage' => 'website', 'twitter' => 'twitter' ]; - $this->assertEquals($expected, $this->api->getUser('subadmin')->getData()); + $this->assertEquals($expected, $this->invokePrivate($this->api, 'getUserData', ['subadmin'])); } public function testEditUserRegularUserSelfEditChangeDisplayName() { @@ -2573,10 +2573,10 @@ class UsersControllerTest extends OriginalTest { $this->accountManager, $this->logger, ]) - ->setMethods(['getUser']) + ->setMethods(['getUserData']) ->getMock(); - $api->expects($this->once())->method('getUser')->with('UID') + $api->expects($this->once())->method('getUserData')->with('UID') ->willReturn( [ 'id' => 'UID', @@ -2603,7 +2603,7 @@ class UsersControllerTest extends OriginalTest { 'display-name' => 'Demo User' ]; - $this->assertSame($expected, $api->getCurrentUser()); + $this->assertSame($expected, $api->getCurrentUser()->getData()); } /** @@ -2618,4 +2618,39 @@ class UsersControllerTest extends OriginalTest { } + public function testGetUser() { + /** @var UsersController | PHPUnit_Framework_MockObject_MockObject $api */ + $api = $this->getMockBuilder('OCA\Provisioning_API\Controller\UsersController') + ->setConstructorArgs([ + 'provisioning_api', + $this->request, + $this->userManager, + $this->config, + $this->groupManager, + $this->userSession, + $this->accountManager, + $this->logger, + ]) + ->setMethods(['getUserData']) + ->getMock(); + + $expected = [ + 'id' => 'UID', + 'enabled' => 'true', + 'quota' => ['DummyValue'], + 'email' => 'demo@owncloud.org', + 'phone' => 'phone', + 'address' => 'address', + 'webpage' => 'website', + 'twitter' => 'twitter', + 'displayname' => 'Demo User' + ]; + + $api->expects($this->once())->method('getUserData') + ->with('uid') + ->willReturn($expected); + + $this->assertSame($expected, $api->getUser('uid')->getData()); + } + } -- cgit v1.2.3