aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/SubAdmin.php
blob: 90756e2d3fdc6ee644b3038cf82055f7817f9138 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281

<?php

/**
 * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
 * SPDX-License-Identifier: AGPL-3.0-only
 */
namespace OC;

use OC\Hooks\PublicEmitter;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\Group\Events\SubAdminAddedEvent;
use OCP\Group\Events\SubAdminRemovedEvent;
use OCP\Group\ISubAdmin;
use OCP\IDBConnection;
use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IUser;
use OCP\IUserManager;

class SubAdmin extends PublicEmitter implements ISubAdmin {
	public function __construct(
		private IUserManager $userManager,
		private IGroupManager $groupManager,
		private IDBConnection $dbConn,
		private IEventDispatcher $eventDispatcher,
	) {
		$this->userManager->listen('\OC\User', 'postDelete', function ($user) {
			$this->post_deleteUser($user);
		});
		$this->groupManager->listen('\OC\Group', 'postDelete', function ($group) {
			$this->post_deleteGroup($group);
		});
	}

	/**
	 * add a SubAdmin
	 * @param IUser $user user to be SubAdmin
	 * @param IGroup $group group $user becomes subadmin of
	 */
	public function createSubAdmin(IUser $user, IGroup $group): void {
		$qb = $this->dbConn->getQueryBuilder();

		$qb->insert('group_admin')
			->values([
				'gid' => $qb->createNamedParameter($group->getGID()),
				'uid' => $qb->createNamedParameter($user->getUID())
			])
			->executeStatement();

		/** @deprecated 21.0.0 - use type SubAdminAddedEvent instead  */
		$this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
		$event = new SubAdminAddedEvent($group, $user);
		$this->eventDispatcher->dispatchTyped($event);
	}

	/**
	 * delete a SubAdmin
	 * @param IUser $user the user that is the SubAdmin
	 * @param IGroup $group the group
	 */
	public function deleteSubAdmin(IUser $user, IGroup $group): void {
		$qb = $this->dbConn->getQueryBuilder();

		$qb->delete('group_admin')
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->executeStatement();

		/** @deprecated 21.0.0 - use type SubAdminRemovedEvent instead  */
		$this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
		$event = new SubAdminRemovedEvent($group, $user);
		$this->eventDispatcher->dispatchTyped($event);
	}

	/**
	 * get groups of a SubAdmin
	 * @param IUser $user the SubAdmin
	 * @return IGroup[]
	 */
	public function getSubAdminsGroups(IUser $user): array {
		$groupIds = $this->getSubAdminsGroupIds($user);

		$groups = [];
		foreach ($groupIds as $groupId) {
			$group = $this->groupManager->get($groupId);
			if ($group !== null) {
				$groups[$group->getGID()] = $group;
			}
		}

		return $groups;
	}

	/**
	 * Get group ids of a SubAdmin
	 * @param IUser $user the SubAdmin
	 * @return string[]
	 */
	public function getSubAdminsGroupIds(IUser $user): array {
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('gid')
			->from('group_admin')
			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->executeQuery();

		$groups = [];
		while ($row = $result->fetch()) {
			$groups[] = $row['gid'];
		}
		$result->closeCursor();

		return $groups;
	}

	/**
	 * get an array of groupid and displayName for a user
	 * @param IUser $user
	 * @return array ['displayName' => displayname]
	 */
	public function getSubAdminsGroupsName(IUser $user): array {
		return array_map(function ($group) {
			return ['displayName' => $group->getDisplayName()];
		}, $this->getSubAdminsGroups($user));
	}

	/**
	 * get SubAdmins of a group
	 * @param IGroup $group the group
	 * @return IUser[]
	 */
	public function getGroupsSubAdmins(IGroup $group): array {
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('uid')
			->from('group_admin')
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->executeQuery();

		$users = [];
		while ($row = $result->fetch()) {
			$user = $this->userManager->get($row['uid']);
			if (!is_null($user)) {
				$users[] = $user;
			}
		}
		$result->closeCursor();

		return $users;
	}

	/**
	 * get all SubAdmins
	 * @return array
	 */
	public function getAllSubAdmins(): array {
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('*')
			->from('group_admin')
			->executeQuery();

		$subadmins = [];
		while ($row = $result->fetch()) {
			$user = $this->userManager->get($row['uid']);
			$group = $this->groupManager->get($row['gid']);
			if (!is_null($user) && !is_null($group)) {
				$subadmins[] = [
					'user' => $user,
					'group' => $group
				];
			}
		}
		$result->closeCursor();

		return $subadmins;
	}

	/**
	 * checks if a user is a SubAdmin of a group
	 * @param IUser $user
	 * @param IGroup $group
	 * @return bool
	 */
	public function isSubAdminOfGroup(IUser $user, IGroup $group): bool {
		$qb = $this->dbConn->getQueryBuilder();

		/*
		 * Primary key is ('gid', 'uid') so max 1 result possible here
		 */
		$result = $qb->select('*')
			->from('group_admin')
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->executeQuery();

		$fetch = $result->fetch();
		$result->closeCursor();
		$result = !empty($fetch) ? true : false;

		return $result;
	}

	/**
	 * checks if a user is a SubAdmin
	 * @param IUser $user
	 * @return bool
	 */
	public function isSubAdmin(IUser $user): bool {
		// Check if the user is already an admin
		if ($this->groupManager->isAdmin($user->getUID())) {
			return true;
		}

		// Check if the user is already an admin
		if ($this->groupManager->isDelegatedAdmin($user->getUID())) {
			return true;
		}

		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('gid')
			->from('group_admin')
			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->setMaxResults(1)
			->executeQuery();

		$isSubAdmin = $result->fetch();
		$result->closeCursor();

		return $isSubAdmin !== false;
	}

	/**
	 * checks if a user is a accessible by a subadmin
	 * @param IUser $subadmin
	 * @param IUser $user
	 * @return bool
	 */
	public function isUserAccessible(IUser $subadmin, IUser $user): bool {
		if ($subadmin->getUID() === $user->getUID()) {
			return true;
		}
		if (!$this->isSubAdmin($subadmin)) {
			return false;
		}
		if ($this->groupManager->isAdmin($user->getUID())) {
			return false;
		}

		$accessibleGroups = $this->getSubAdminsGroupIds($subadmin);
		$userGroups = $this->groupManager->getUserGroupIds($user);

		return !empty(array_intersect($accessibleGroups, $userGroups));
	}

	/**
	 * delete all SubAdmins by $user
	 * @param IUser $user
	 */
	private function post_deleteUser(IUser $user) {
		$qb = $this->dbConn->getQueryBuilder();

		$qb->delete('group_admin')
			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->executeStatement();
	}

	/**
	 * delete all SubAdmins by $group
	 * @param IGroup $group
	 */
	private function post_deleteGroup(IGroup $group) {
		$qb = $this->dbConn->getQueryBuilder();

		$qb->delete('group_admin')
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->executeStatement();
	}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-07 19:16:39 +0000
g !== null) { return $this->appConfig; } if (!$this->config->getSystemValueBool('installed', false)) { throw new \Exception('Nextcloud is not installed yet, AppConfig is not available'); } $this->appConfig = \OCP\Server::get(AppConfig::class); return $this->appConfig; } private function getUrlGenerator(): IURLGenerator { if ($this->urlGenerator !== null) { return $this->urlGenerator; } if (!$this->config->getSystemValueBool('installed', false)) { throw new \Exception('Nextcloud is not installed yet, AppConfig is not available'); } $this->urlGenerator = \OCP\Server::get(IURLGenerator::class); return $this->urlGenerator; } /** * For all enabled apps, return the value of their 'enabled' config key. * * @return array<string,string> appId => enabled (may be 'yes', or a json encoded list of group ids) */ private function getEnabledAppsValues(): array { if (!$this->enabledAppsCache) { $values = $this->getAppConfig()->getValues(false, 'enabled'); $alwaysEnabledApps = $this->getAlwaysEnabledApps(); foreach ($alwaysEnabledApps as $appId) { $values[$appId] = 'yes'; } $this->enabledAppsCache = array_filter($values, function ($value) { return $value !== 'no'; }); ksort($this->enabledAppsCache); } return $this->enabledAppsCache; } /** * Deprecated alias * * @return string[] */ public function getInstalledApps() { return $this->getEnabledApps(); } /** * List all enabled apps, either for everyone or for some groups * * @return list<string> */ public function getEnabledApps(): array { return array_keys($this->getEnabledAppsValues()); } /** * Get a list of all apps in the apps folder * * @return list<string> an array of app names (string IDs) */ public function getAllAppsInAppsFolders(): array { $apps = []; foreach (\OC::$APPSROOTS as $apps_dir) { if (!is_readable($apps_dir['path'])) { $this->logger->warning('unable to read app folder : ' . $apps_dir['path'], ['app' => 'core']); continue; } $dh = opendir($apps_dir['path']); if (is_resource($dh)) { while (($file = readdir($dh)) !== false) { if ( $file[0] != '.' && is_dir($apps_dir['path'] . '/' . $file) && is_file($apps_dir['path'] . '/' . $file . '/appinfo/info.xml') ) { $apps[] = $file; } } } } return array_values(array_unique($apps)); } /** * List all apps enabled for a user * * @param \OCP\IUser $user * @return string[] */ public function getEnabledAppsForUser(IUser $user) { $apps = $this->getEnabledAppsValues(); $appsForUser = array_filter($apps, function ($enabled) use ($user) { return $this->checkAppForUser($enabled, $user); }); return array_keys($appsForUser); } public function getEnabledAppsForGroup(IGroup $group): array { $apps = $this->getEnabledAppsValues(); $appsForGroups = array_filter($apps, function ($enabled) use ($group) { return $this->checkAppForGroups($enabled, $group); }); return array_keys($appsForGroups); } /** * Loads all apps * * @param string[] $types * @return bool * * This function walks through the Nextcloud directory and loads all apps * it can find. A directory contains an app if the file /appinfo/info.xml * exists. * * if $types is set to non-empty array, only apps of those types will be loaded */ public function loadApps(array $types = []): bool { if ($this->config->getSystemValueBool('maintenance', false)) { return false; } // Load the enabled apps here $apps = \OC_App::getEnabledApps(); // Add each apps' folder as allowed class path foreach ($apps as $app) { // If the app is already loaded then autoloading it makes no sense if (!$this->isAppLoaded($app)) { $path = \OC_App::getAppPath($app); if ($path !== false) { \OC_App::registerAutoloading($app, $path); } } } // prevent app.php from printing output ob_start(); foreach ($apps as $app) { if (!$this->isAppLoaded($app) && ($types === [] || $this->isType($app, $types))) { try { $this->loadApp($app); } catch (\Throwable $e) { $this->logger->emergency('Error during app loading: ' . $e->getMessage(), [ 'exception' => $e, 'app' => $app, ]); } } } ob_end_clean(); return true; } /** * check if an app is of a specific type * * @param string $app * @param array $types * @return bool */ public function isType(string $app, array $types): bool { $appTypes = $this->getAppTypes($app); foreach ($types as $type) { if (in_array($type, $appTypes, true)) { return true; } } return false; } /** * get the types of an app * * @param string $app * @return string[] */ private function getAppTypes(string $app): array { //load the cache if (count($this->appTypes) === 0) { $this->appTypes = $this->getAppConfig()->getValues(false, 'types') ?: []; } if (isset($this->appTypes[$app])) { return explode(',', $this->appTypes[$app]); } return []; } /** * @return array */ public function getAutoDisabledApps(): array { return $this->autoDisabledApps; } public function getAppRestriction(string $appId): array { $values = $this->getEnabledAppsValues(); if (!isset($values[$appId])) { return []; } if ($values[$appId] === 'yes' || $values[$appId] === 'no') { return []; } return json_decode($values[$appId], true); } /** * Check if an app is enabled for user * * @param string $appId * @param \OCP\IUser|null $user (optional) if not defined, the currently logged in user will be used * @return bool */ public function isEnabledForUser($appId, $user = null) { if ($this->isAlwaysEnabled($appId)) { return true; } if ($user === null) { $user = $this->userSession->getUser(); } $enabledAppsValues = $this->getEnabledAppsValues(); if (isset($enabledAppsValues[$appId])) { return $this->checkAppForUser($enabledAppsValues[$appId], $user); } else { return false; } } private function checkAppForUser(string $enabled, ?IUser $user): bool { if ($enabled === 'yes') { return true; } elseif ($user === null) { return false; } else { if (empty($enabled)) { return false; } $groupIds = json_decode($enabled); if (!is_array($groupIds)) { $jsonError = json_last_error(); $jsonErrorMsg = json_last_error_msg(); // this really should never happen (if it does, the admin should check the `enabled` key value via `occ config:list` because it's bogus for some reason) $this->logger->warning('AppManager::checkAppForUser - can\'t decode group IDs listed in app\'s enabled config key: ' . print_r($enabled, true) . ' - JSON error (' . $jsonError . ') ' . $jsonErrorMsg); return false; } $userGroups = $this->groupManager->getUserGroupIds($user); foreach ($userGroups as $groupId) { if (in_array($groupId, $groupIds, true)) { return true; } } return false; } } private function checkAppForGroups(string $enabled, IGroup $group): bool { if ($enabled === 'yes') { return true; } else { if (empty($enabled)) { return false; } $groupIds = json_decode($enabled); if (!is_array($groupIds)) { $jsonError = json_last_error(); $jsonErrorMsg = json_last_error_msg(); // this really should never happen (if it does, the admin should check the `enabled` key value via `occ config:list` because it's bogus for some reason) $this->logger->warning('AppManager::checkAppForGroups - can\'t decode group IDs listed in app\'s enabled config key: ' . print_r($enabled, true) . ' - JSON error (' . $jsonError . ') ' . $jsonErrorMsg); return false; } return in_array($group->getGID(), $groupIds); } } /** * Check if an app is enabled in the instance * * Notice: This actually checks if the app is enabled and not only if it is installed. * * @param string $appId */ public function isInstalled($appId): bool { return $this->isEnabledForAnyone($appId); } public function isEnabledForAnyone(string $appId): bool { $enabledAppsValues = $this->getEnabledAppsValues(); return isset($enabledAppsValues[$appId]); } /** * Overwrite the `max-version` requirement for this app. */ public function overwriteNextcloudRequirement(string $appId): void { $ignoreMaxApps = $this->config->getSystemValue('app_install_overwrite', []); if (!in_array($appId, $ignoreMaxApps, true)) { $ignoreMaxApps[] = $appId; } $this->config->setSystemValue('app_install_overwrite', $ignoreMaxApps); } /** * Remove the `max-version` overwrite for this app. * This means this app now again can not be enabled if the `max-version` is smaller than the current Nextcloud version. */ public function removeOverwriteNextcloudRequirement(string $appId): void { $ignoreMaxApps = $this->config->getSystemValue('app_install_overwrite', []); $ignoreMaxApps = array_filter($ignoreMaxApps, fn (string $id) => $id !== $appId); $this->config->setSystemValue('app_install_overwrite', $ignoreMaxApps); } public function loadApp(string $app): void { if (isset($this->loadedApps[$app])) { return; } $this->loadedApps[$app] = true; $appPath = \OC_App::getAppPath($app); if ($appPath === false) { return; } $eventLogger = \OC::$server->get(IEventLogger::class); $eventLogger->start("bootstrap:load_app:$app", "Load app: $app"); // in case someone calls loadApp() directly \OC_App::registerAutoloading($app, $appPath); /** @var Coordinator $coordinator */ $coordinator = \OC::$server->get(Coordinator::class); $isBootable = $coordinator->isBootable($app); $hasAppPhpFile = is_file($appPath . '/appinfo/app.php'); if ($isBootable && $hasAppPhpFile) { $this->logger->error('/appinfo/app.php is not loaded when \OCP\AppFramework\Bootstrap\IBootstrap on the application class is used. Migrate everything from app.php to the Application class.', [ 'app' => $app, ]); } elseif ($hasAppPhpFile) { $eventLogger->start("bootstrap:load_app:$app:app.php", "Load legacy app.php app $app"); $this->logger->debug('/appinfo/app.php is deprecated, use \OCP\AppFramework\Bootstrap\IBootstrap on the application class instead.', [ 'app' => $app, ]); try { self::requireAppFile($appPath); } catch (\Throwable $ex) { if ($ex instanceof ServerNotAvailableException) { throw $ex; } if (!$this->isShipped($app) && !$this->isType($app, ['authentication'])) { $this->logger->error("App $app threw an error during app.php load and will be disabled: " . $ex->getMessage(), [ 'exception' => $ex, ]); // Only disable apps which are not shipped and that are not authentication apps $this->disableApp($app, true); } else { $this->logger->error("App $app threw an error during app.php load: " . $ex->getMessage(), [ 'exception' => $ex, ]); } } $eventLogger->end("bootstrap:load_app:$app:app.php"); } $coordinator->bootApp($app); $eventLogger->start("bootstrap:load_app:$app:info", "Load info.xml for $app and register any services defined in it"); $info = $this->getAppInfo($app); if (!empty($info['activity'])) { $activityManager = \OC::$server->get(IActivityManager::class); if (!empty($info['activity']['filters'])) { foreach ($info['activity']['filters'] as $filter) { $activityManager->registerFilter($filter); } } if (!empty($info['activity']['settings'])) { foreach ($info['activity']['settings'] as $setting) { $activityManager->registerSetting($setting); } } if (!empty($info['activity']['providers'])) { foreach ($info['activity']['providers'] as $provider) { $activityManager->registerProvider($provider); } } } if (!empty($info['settings'])) { $settingsManager = \OC::$server->get(ISettingsManager::class); if (!empty($info['settings']['admin'])) { foreach ($info['settings']['admin'] as $setting) { $settingsManager->registerSetting('admin', $setting); } } if (!empty($info['settings']['admin-section'])) { foreach ($info['settings']['admin-section'] as $section) { $settingsManager->registerSection('admin', $section); } } if (!empty($info['settings']['personal'])) { foreach ($info['settings']['personal'] as $setting) { $settingsManager->registerSetting('personal', $setting); } } if (!empty($info['settings']['personal-section'])) { foreach ($info['settings']['personal-section'] as $section) { $settingsManager->registerSection('personal', $section); } } } if (!empty($info['collaboration']['plugins'])) { // deal with one or many plugin entries $plugins = isset($info['collaboration']['plugins']['plugin']['@value']) ? [$info['collaboration']['plugins']['plugin']] : $info['collaboration']['plugins']['plugin']; $collaboratorSearch = null; $autoCompleteManager = null; foreach ($plugins as $plugin) { if ($plugin['@attributes']['type'] === 'collaborator-search') { $pluginInfo = [ 'shareType' => $plugin['@attributes']['share-type'], 'class' => $plugin['@value'], ]; $collaboratorSearch ??= \OC::$server->get(ICollaboratorSearch::class); $collaboratorSearch->registerPlugin($pluginInfo); } elseif ($plugin['@attributes']['type'] === 'autocomplete-sort') { $autoCompleteManager ??= \OC::$server->get(IAutoCompleteManager::class); $autoCompleteManager->registerSorter($plugin['@value']); } } } $eventLogger->end("bootstrap:load_app:$app:info"); $eventLogger->end("bootstrap:load_app:$app"); } /** * Check if an app is loaded * @param string $app app id * @since 26.0.0 */ public function isAppLoaded(string $app): bool { return isset($this->loadedApps[$app]); } /** * Load app.php from the given app * * @param string $app app name * @throws \Error */ private static function requireAppFile(string $app): void { // encapsulated here to avoid variable scope conflicts require_once $app . '/appinfo/app.php'; } /** * Enable an app for every user * * @param string $appId * @param bool $forceEnable * @throws AppPathNotFoundException */ public function enableApp(string $appId, bool $forceEnable = false): void { // Check if app exists $this->getAppPath($appId); if ($forceEnable) { $this->overwriteNextcloudRequirement($appId); } $this->enabledAppsCache[$appId] = 'yes'; $this->getAppConfig()->setValue($appId, 'enabled', 'yes'); $this->dispatcher->dispatchTyped(new AppEnableEvent($appId)); $this->dispatcher->dispatch(ManagerEvent::EVENT_APP_ENABLE, new ManagerEvent( ManagerEvent::EVENT_APP_ENABLE, $appId )); $this->clearAppsCache(); } /** * Whether a list of types contains a protected app type * * @param string[] $types * @return bool */ public function hasProtectedAppType($types) { if (empty($types)) { return false; } $protectedTypes = array_intersect($this->protectedAppTypes, $types); return !empty($protectedTypes); } /** * Enable an app only for specific groups * * @param string $appId * @param IGroup[] $groups * @param bool $forceEnable * @throws \InvalidArgumentException if app can't be enabled for groups * @throws AppPathNotFoundException */ public function enableAppForGroups(string $appId, array $groups, bool $forceEnable = false): void { // Check if app exists $this->getAppPath($appId); $info = $this->getAppInfo($appId); if (!empty($info['types']) && $this->hasProtectedAppType($info['types'])) { throw new \InvalidArgumentException("$appId can't be enabled for groups."); } if ($forceEnable) { $this->overwriteNextcloudRequirement($appId); } /** @var string[] $groupIds */ $groupIds = array_map(function ($group) { /** @var IGroup $group */ return ($group instanceof IGroup) ? $group->getGID() : $group; }, $groups); $this->enabledAppsCache[$appId] = json_encode($groupIds); $this->getAppConfig()->setValue($appId, 'enabled', json_encode($groupIds)); $this->dispatcher->dispatchTyped(new AppEnableEvent($appId, $groupIds)); $this->dispatcher->dispatch(ManagerEvent::EVENT_APP_ENABLE_FOR_GROUPS, new ManagerEvent( ManagerEvent::EVENT_APP_ENABLE_FOR_GROUPS, $appId, $groups )); $this->clearAppsCache(); } /** * Disable an app for every user * * @param string $appId * @param bool $automaticDisabled * @throws \Exception if app can't be disabled */ public function disableApp($appId, $automaticDisabled = false): void { if ($this->isAlwaysEnabled($appId)) { throw new \Exception("$appId can't be disabled."); } if ($automaticDisabled) { $previousSetting = $this->getAppConfig()->getValue($appId, 'enabled', 'yes'); if ($previousSetting !== 'yes' && $previousSetting !== 'no') { $previousSetting = json_decode($previousSetting, true); } $this->autoDisabledApps[$appId] = $previousSetting; } unset($this->enabledAppsCache[$appId]); $this->getAppConfig()->setValue($appId, 'enabled', 'no'); // run uninstall steps $appData = $this->getAppInfo($appId); if (!is_null($appData)) { \OC_App::executeRepairSteps($appId, $appData['repair-steps']['uninstall']); } $this->dispatcher->dispatchTyped(new AppDisableEvent($appId)); $this->dispatcher->dispatch(ManagerEvent::EVENT_APP_DISABLE, new ManagerEvent( ManagerEvent::EVENT_APP_DISABLE, $appId )); $this->clearAppsCache(); } /** * Get the directory for the given app. * * @throws AppPathNotFoundException if app folder can't be found */ public function getAppPath(string $appId): string { $appPath = \OC_App::getAppPath($appId); if ($appPath === false) { throw new AppPathNotFoundException('Could not find path for ' . $appId); } return $appPath; } /** * Get the web path for the given app. * * @param string $appId * @return string * @throws AppPathNotFoundException if app path can't be found */ public function getAppWebPath(string $appId): string { $appWebPath = \OC_App::getAppWebPath($appId); if ($appWebPath === false) { throw new AppPathNotFoundException('Could not find web path for ' . $appId); } return $appWebPath; } /** * Clear the cached list of apps when enabling/disabling an app */ public function clearAppsCache(): void { $this->appInfos = []; } /** * Returns a list of apps that need upgrade * * @param string $version Nextcloud version as array of version components * @return array list of app info from apps that need an upgrade * * @internal */ public function getAppsNeedingUpgrade($version) { $appsToUpgrade = []; $apps = $this->getEnabledApps(); foreach ($apps as $appId) { $appInfo = $this->getAppInfo($appId); $appDbVersion = $this->getAppConfig()->getValue($appId, 'installed_version'); if ($appDbVersion && isset($appInfo['version']) && version_compare($appInfo['version'], $appDbVersion, '>') && \OC_App::isAppCompatible($version, $appInfo) ) { $appsToUpgrade[] = $appInfo; } } return $appsToUpgrade; } /** * Returns the app information from "appinfo/info.xml". * * @param string|null $lang * @return array|null app info */ public function getAppInfo(string $appId, bool $path = false, $lang = null) { if ($path) { throw new \InvalidArgumentException('Calling IAppManager::getAppInfo() with a path is no longer supported. Please call IAppManager::getAppInfoByPath() instead and verify that the path is good before calling.'); } if ($lang === null && isset($this->appInfos[$appId])) { return $this->appInfos[$appId]; } try { $appPath = $this->getAppPath($appId); } catch (AppPathNotFoundException) { return null; } $file = $appPath . '/appinfo/info.xml'; $data = $this->getAppInfoByPath($file, $lang); if ($lang === null) { $this->appInfos[$appId] = $data; } return $data; } public function getAppInfoByPath(string $path, ?string $lang = null): ?array { if (!str_ends_with($path, '/appinfo/info.xml')) { return null; } $parser = new InfoParser($this->memCacheFactory->createLocal('core.appinfo')); $data = $parser->parse($path); if (is_array($data)) { $data = \OC_App::parseAppInfo($data, $lang); } return $data; } public function getAppVersion(string $appId, bool $useCache = true): string { if (!$useCache || !isset($this->appVersions[$appId])) { if ($appId === 'core') { $this->appVersions[$appId] = $this->serverVersion->getVersionString(); } else { $appInfo = $this->getAppInfo($appId); $this->appVersions[$appId] = ($appInfo !== null && isset($appInfo['version'])) ? $appInfo['version'] : '0'; } } return $this->appVersions[$appId]; } /** * Returns the installed versions of all apps * * @return array<string, string> */ public function getAppInstalledVersions(): array { return $this->getAppConfig()->getAppInstalledVersions(); } /** * Returns a list of apps incompatible with the given version * * @param string $version Nextcloud version as array of version components * * @return array list of app info from incompatible apps * * @internal */ public function getIncompatibleApps(string $version): array { $apps = $this->getEnabledApps(); $incompatibleApps = []; foreach ($apps as $appId) { $info = $this->getAppInfo($appId); if ($info === null) { $incompatibleApps[] = ['id' => $appId, 'name' => $appId]; } elseif (!\OC_App::isAppCompatible($version, $info)) { $incompatibleApps[] = $info; } } return $incompatibleApps; } /** * @inheritdoc * In case you change this method, also change \OC\App\CodeChecker\InfoChecker::isShipped() */ public function isShipped($appId) { $this->loadShippedJson(); return in_array($appId, $this->shippedApps, true); } private function isAlwaysEnabled(string $appId): bool { $alwaysEnabled = $this->getAlwaysEnabledApps(); return in_array($appId, $alwaysEnabled, true); } /** * In case you change this method, also change \OC\App\CodeChecker\InfoChecker::loadShippedJson() * @throws \Exception */ private function loadShippedJson(): void { if ($this->shippedApps === null) { $shippedJson = \OC::$SERVERROOT . '/core/shipped.json'; if (!file_exists($shippedJson)) { throw new \Exception("File not found: $shippedJson"); } $content = json_decode(file_get_contents($shippedJson), true); $this->shippedApps = $content['shippedApps']; $this->alwaysEnabled = $content['alwaysEnabled']; $this->defaultEnabled = $content['defaultEnabled']; } } /** * @inheritdoc */ public function getAlwaysEnabledApps() { $this->loadShippedJson(); return $this->alwaysEnabled; } /** * @inheritdoc */ public function isDefaultEnabled(string $appId): bool { return (in_array($appId, $this->getDefaultEnabledApps())); } /** * @inheritdoc */ public function getDefaultEnabledApps(): array { $this->loadShippedJson(); return $this->defaultEnabled; } /** * @inheritdoc */ public function getDefaultAppForUser(?IUser $user = null, bool $withFallbacks = true): string { $id = $this->getNavigationManager()->getDefaultEntryIdForUser($user, $withFallbacks); $entry = $this->getNavigationManager()->get($id); return (string)$entry['app']; } /** * @inheritdoc */ public function getDefaultApps(): array { $ids = $this->getNavigationManager()->getDefaultEntryIds(); return array_values(array_unique(array_map(function (string $id) { $entry = $this->getNavigationManager()->get($id); return (string)$entry['app']; }, $ids))); } /** * @inheritdoc */ public function setDefaultApps(array $defaultApps): void { $entries = $this->getNavigationManager()->getAll(); $ids = []; foreach ($defaultApps as $defaultApp) { foreach ($entries as $entry) { if ((string)$entry['app'] === $defaultApp) { $ids[] = (string)$entry['id']; break; } } } $this->getNavigationManager()->setDefaultEntryIds($ids); } public function isBackendRequired(string $backend): bool { foreach ($this->appInfos as $appInfo) { foreach ($appInfo['dependencies']['backend'] as $appBackend) { if ($backend === $appBackend) { return true; } } } return false; } /** * Clean the appId from forbidden characters * * @psalm-taint-escape callable * @psalm-taint-escape cookie * @psalm-taint-escape file * @psalm-taint-escape has_quotes * @psalm-taint-escape header * @psalm-taint-escape html * @psalm-taint-escape include * @psalm-taint-escape ldap * @psalm-taint-escape shell * @psalm-taint-escape sql * @psalm-taint-escape unserialize */ public function cleanAppId(string $app): string { /* Only lowercase alphanumeric is allowed */ return preg_replace('/(^[0-9_]|[^a-z0-9_]+|_$)/', '', $app); } }
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-07 19:16:38 +0000