From fe7d9a7ca07bb21905c6483dee49bf37dd131674 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Thu, 4 Dec 2014 14:15:55 +0100 Subject: Add REST route for user & group management First step of a somewhat testable user management. - I know, the JSON returns are in an ugly format but the JS expects it that way. So let's keep it that way until we have time to fix the JS in the future. --- settings/controller/groupscontroller.php | 140 +++++++++++++++++ settings/controller/userscontroller.php | 251 +++++++++++++++++++++++++++++++ 2 files changed, 391 insertions(+) create mode 100644 settings/controller/groupscontroller.php create mode 100644 settings/controller/userscontroller.php (limited to 'settings/controller') diff --git a/settings/controller/groupscontroller.php b/settings/controller/groupscontroller.php new file mode 100644 index 00000000000..6e6ab894605 --- /dev/null +++ b/settings/controller/groupscontroller.php @@ -0,0 +1,140 @@ +groupManager = $groupManager; + $this->userSession = $userSession; + $this->isAdmin = $isAdmin; + $this->l10n = $l10n; + } + + /** + * @NoAdminRequired + * + * @param string $pattern + * @param bool $filterGroups + * @return DataResponse + */ + public function index($pattern = '', $filterGroups = false) { + $groupPattern = $filterGroups ? $pattern : ''; + + $groupsInfo = new \OC\Group\MetaData($this->userSession->getUser()->getUID(), + $this->isAdmin, $this->groupManager); + $groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT); + list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern); + + return new DataResponse( + array( + 'data' => array('adminGroups' => $adminGroups, 'groups' => $groups) + ) + ); + } + + /** + * @param string $id + * @return DataResponse + */ + public function create($id) { + if($this->groupManager->groupExists($id)) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Group already exists.') + ) + ) + ); + } + if($this->groupManager->createGroup($id)) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'groupname' => $id + ) + ) + ); + } + + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to add group.') + ) + ) + ); + } + + /** + * @param string $id + * @return DataResponse + */ + public function destroy($id) { + $group = $this->groupManager->get($id); + if ($group) { + if ($group->delete()) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'groupname' => $id + ) + ) + ); + } + } + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to delete group.') + ) + ) + ); + } + +} diff --git a/settings/controller/userscontroller.php b/settings/controller/userscontroller.php new file mode 100644 index 00000000000..d61d19f8cb4 --- /dev/null +++ b/settings/controller/userscontroller.php @@ -0,0 +1,251 @@ +userManager = $userManager; + $this->groupManager = $groupManager; + $this->userSession = $userSession; + $this->config = $config; + $this->isAdmin = $isAdmin; + $this->l10n = $l10n; + } + + /** + * @NoAdminRequired + * @NoCSRFRequired + * @param int $offset + * @param int $limit + * @param string $gid + * @param string $pattern + * @return DataResponse + * + * TODO: Tidy up and write unit tests - code is mainly static method calls + */ + public function index($offset = 0, $limit = 10, $gid = '', $pattern = '') { + // FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group. + if($gid === '_everyone') { + $gid = ''; + } + $users = array(); + if ($this->isAdmin) { + if($gid !== '') { + $batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset); + } else { + // FIXME: Remove static method call + $batch = \OC_User::getDisplayNames($pattern, $limit, $offset); + } + + foreach ($batch as $uid => $displayname) { + $user = $this->userManager->get($uid); + $users[] = array( + 'name' => $uid, + 'displayname' => $displayname, + 'groups' => $this->groupManager->getUserGroupIds($user), + 'subadmin' => \OC_SubAdmin::getSubAdminsGroups($uid), + 'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'), + 'storageLocation' => $user->getHome(), + 'lastLogin' => $user->getLastLogin(), + ); + } + } else { + $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()); + if($gid !== '' && in_array($gid, $groups)) { + $groups = array($gid); + } elseif($gid !== '') { + //don't you try to investigate loops you must not know about + $groups = array(); + } + $batch = \OC_Group::usersInGroups($groups, $pattern, $limit, $offset); + foreach ($batch as $uid) { + $user = $this->userManager->get($uid); + + // Only add the groups, this user is a subadmin of + $userGroups = array_intersect($this->groupManager->getUserGroupIds($user), \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID())); + $users[] = array( + 'name' => $uid, + 'displayname' => $user->getDisplayName(), + 'groups' => $userGroups, + 'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'), + 'storageLocation' => $user->getHome(), + 'lastLogin' => $user->getLastLogin(), + ); + } + } + + // FIXME: That assignment on "data" is uneeded here - JS should be adjusted + return new DataResponse(array('data' => $users, 'status' => 'success')); + } + + /** + * @NoAdminRequired + * + * @param string $username + * @param string $password + * @param array $groups + * @return DataResponse + * + * TODO: Tidy up and write unit tests - code is mainly static method calls + */ + public function create($username, $password, array $groups) { + + if (!$this->isAdmin) { + if (!empty($groups)) { + foreach ($groups as $key => $group) { + if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) { + unset($groups[$key]); + } + } + } + if (empty($groups)) { + $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()); + } + } + + try { + $user = $this->userManager->createUser($username, $password); + } catch (\Exception $exception) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to create user.') + ) + ) + ); + } + + if($user instanceof User) { + foreach( $groups as $groupName ) { + $group = $this->groupManager->get($groupName); + + if(empty($group)) { + $group = $this->groupManager->createGroup($groupName); + } + $group->addUser($user); + } + } + + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'username' => $username, + 'groups' => $this->groupManager->getUserGroupIds($user), + 'storageLocation' => $user->getHome() + ) + ) + ); + + } + + /** + * @NoAdminRequired + * + * @param string $id + * @return DataResponse + * + * TODO: Tidy up and write unit tests - code is mainly static method calls + */ + public function destroy($id) { + if($this->userSession->getUser()->getUID() === $id) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to delete user.') + ) + ) + ); + } + + // FIXME: Remove this static function call at some point… + if(!$this->isAdmin && !\OC_SubAdmin::isUserAccessible($this->userSession->getUser()->getUID(), $id)) { + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Authentication error')) + ) + ); + } + + $user = $this->userManager->get($id); + if($user) { + if($user->delete()) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'username' => $id + ) + ) + ); + } + } + + return new DataResponse( + array( + 'status' => 'error', + 'data' => array( + 'message' => (string)$this->l10n->t('Unable to delete user.') + ) + ) + ); + + } + +} -- cgit v1.2.3