open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Drop OC_SubAdmin and replace usages

Browse Source
remotes/origin/exclude_directories_III
Lukas Reschke 9 years ago
parent f428d31a5d
commit c6f6a8758b
25 changed files with 2538 additions and 1793 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      apps/provisioning_api/appinfo/routes.php
  2. 24
      apps/provisioning_api/lib/groups.php
  3. 259
      apps/provisioning_api/lib/users.php
  4. 12
      apps/provisioning_api/tests/groupstest.php
  5. 2990
      apps/provisioning_api/tests/userstest.php
  6. 8
      lib/private/api.php
  7. 7
      lib/private/app.php
  8. 53
      lib/private/group/metadata.php
  9. 8
      lib/private/json.php
  10. 166
      lib/private/legacy/subadmin.php
  11. 19
      lib/private/subadmin.php
  12. 8
      lib/private/util.php
  13. 10
      settings/ajax/changedisplayname.php
  14. 7
      settings/ajax/geteveryonecount.php
  15. 9
      settings/ajax/setquota.php
  16. 14
      settings/ajax/togglegroups.php
  17. 17
      settings/ajax/togglesubadmins.php
  18. 15
      settings/application.php
  19. 9
      settings/changepassword/controller.php
  20. 8
      settings/controller/groupscontroller.php
  21. 56
      settings/controller/userscontroller.php
  22. 57
      settings/factory/subadminfactory.php
  23. 18
      settings/users.php
  24. 76
      tests/lib/group/metadata.php
  25. 477
      tests/settings/controller/userscontrollertest.php

4
apps/provisioning_api/appinfo/routes.php
Unescape View File

@ -1,6 +1,7 @@
<?php
/**
* @author Joas Schilling <nickvergessen@owncloud.com>
* @author Lukas Reschke <lukas@owncloud.com>
* @author michag86 <micha_g@arcor.de>
* @author Morris Jobke <hey@morrisjobke.de>
* @author Roeland Jago Douma <rullzer@owncloud.com>
@ -32,7 +33,8 @@ $users = new \OCA\Provisioning_API\Users(
\OC::$server->getUserManager(),
\OC::$server->getConfig(),
\OC::$server->getGroupManager(),
\OC::$server->getUserSession()
\OC::$server->getUserSession(),
\OC::$server->getLogger()
);
API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::ADMIN_AUTH);

24
apps/provisioning_api/lib/groups.php
Unescape View File

@ -26,7 +26,6 @@
namespace OCA\Provisioning_API;
use \OC_OCS_Result;
use \OC_SubAdmin;
use OCP\IGroup;
use OCP\IUser;
@ -85,9 +84,16 @@ class Groups{
if(!$this->groupManager->groupExists($parameters['groupid'])) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested group could not be found');
}
$isSubadminOfGroup = false;
$targetGroupObject =$this->groupManager->get($parameters['groupid']);
if($targetGroupObject !== null) {
$isSubadminOfGroup =$this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $targetGroupObject);
}
// Check subadmin has access to this group
if($this->groupManager->isAdmin($user->getUID())
|| in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups($user->getUID()))){
|| $isSubadminOfGroup) {
$users = $this->groupManager->get($parameters['groupid'])->getUsers();
$users = array_map(function($user) {
/** @var IUser $user */
@ -144,11 +150,21 @@ class Groups{
public function getSubAdminsOfGroup($parameters) {
$group = $parameters['groupid'];
// Check group exists
if(!$this->groupManager->groupExists($group)) {
$targetGroup = $this->groupManager->get($group);
if($targetGroup === null) {
return new OC_OCS_Result(null, 101, 'Group does not exist');
}
$subadmins = $this->groupManager->getSubAdmin()->getGroupsSubAdmins($targetGroup);
// New class returns IUser[] so convert back
$uids = [];
foreach ($subadmins as $user) {
$uids[] = $user->getUID();
}
$subadmins = $uids;
// Go
if(!$subadmins = OC_Subadmin::getGroupsSubAdmins($group)) {
if(!$subadmins) {
return new OC_OCS_Result(null, 102, 'Unknown error occured');
} else {
return new OC_OCS_Result($subadmins);

259
apps/provisioning_api/lib/users.php
Unescape View File

@ -28,39 +28,40 @@
namespace OCA\Provisioning_API;
use \OC_OCS_Result;
use \OC_SubAdmin;
use \OC_Helper;
use \OC_Group;
use OCP\Files\NotFoundException;
use OCP\ILogger;
class Users {
/** @var \OCP\IUserManager */
private $userManager;
/** @var \OCP\IConfig */
private $config;
/** @var \OCP\IGroupManager */
private $groupManager;
/** @var \OCP\IUserSession */
private $userSession;
/** @var ILogger */
private $logger;
/**
* @param \OCP\IUserManager $userManager
* @param \OCP\IConfig $config
* @param \OCP\IGroupManager $groupManager
* @param \OCP\IUserSession $userSession
* @param ILogger $logger
*/
public function __construct(\OCP\IUserManager $userManager,
\OCP\IConfig $config,
\OCP\IGroupManager $groupManager,
\OCP\IUserSession $userSession) {
\OCP\IUserSession $userSession,
ILogger $logger) {
$this->userManager = $userManager;
$this->config = $config;
$this->groupManager = $groupManager;
$this->userSession = $userSession;
$this->logger = $logger;
}
/**
@ -80,10 +81,15 @@ class Users {
}
// Admin? Or SubAdmin?
if($this->groupManager->isAdmin($user->getUID())){
$uid = $user->getUID();
$subAdminManager = $this->groupManager->getSubAdmin();
if($this->groupManager->isAdmin($uid)){
$users = $this->userManager->search($search, $limit, $offset);
} else if (\OC_SubAdmin::isSubAdmin($user->getUID())) {
$subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID());
} else if ($subAdminManager->isSubAdmin($user)) {
$subAdminOfGroups = $subAdminManager->getSubAdminsGroups($user);
foreach ($subAdminOfGroups as $key => $group) {
$subAdminOfGroups[$key] = $group->getGID();
}
if($offset === null) {
$offset = 0;
@ -112,15 +118,15 @@ class Users {
$userId = isset($_POST['userid']) ? $_POST['userid'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
if($this->userManager->userExists($userId)) {
\OCP\Util::writeLog('ocs_api', 'Failed addUser attempt: User already exists.', \OCP\Util::ERROR);
$this->logger->error('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']);
return new OC_OCS_Result(null, 102, 'User already exists');
} else {
try {
$this->userManager->createUser($userId, $password);
\OCP\Util::writeLog('ocs_api', 'Successful addUser call with userid: '.$_POST['userid'], \OCP\Util::INFO);
$this->logger->info('Successful addUser call with userid: '.$_POST['userid'], ['app' => 'ocs_api']);
return new OC_OCS_Result(null, 100);
} catch (\Exception $e) {
\OCP\Util::writeLog('ocs_api', 'Failed addUser attempt with exception: '.$e->getMessage(), \OCP\Util::ERROR);
$this->logger->error('Failed addUser attempt with exception: '.$e->getMessage(), ['app' => 'ocs_api']);
return new OC_OCS_Result(null, 101, 'Bad request');
}
}
@ -132,35 +138,38 @@ class Users {
* @param array $parameters
* @return OC_OCS_Result
*/
public function getUser($parameters){
public function getUser($parameters) {
$userId = $parameters['userid'];
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
$currentLoggedInUser = $this->userSession->getUser();
if ($currentLoggedInUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
$data = [];
// Check if the target user exists
$targetUserObject = $this->userManager->get($userId);
if($targetUserObject === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested user could not be found');
}
// Admin? Or SubAdmin?
if($this->groupManager->isAdmin($user->getUID()) || OC_SubAdmin::isUserAccessible($user->getUID(), $userId)) {
// Check they exist
if(!$this->userManager->userExists($userId)) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested user could not be found');
}
if($this->groupManager->isAdmin($currentLoggedInUser->getUID())
|| $this->groupManager->getSubAdmin()->isUserAccessible($currentLoggedInUser, $targetUserObject)) {
$data['enabled'] = $this->config->getUserValue($userId, 'core', 'enabled', 'true');
} else {
// Check they are looking up themselves
if($user->getUID() !== $userId) {
if($currentLoggedInUser->getUID() !== $userId) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
}
// Find the data
$data['quota'] = self::fillStorageInfo($userId);
$data['quota'] = $this->fillStorageInfo($userId);
$data['email'] = $this->config->getUserValue($userId, 'settings', 'email');
$data['displayname'] = $this->userManager->get($userId)->getDisplayName();
$data['displayname'] = $targetUserObject->getDisplayName();
return new OC_OCS_Result($data);
}
@ -172,27 +181,34 @@ class Users {
* @return OC_OCS_Result
*/
public function editUser($parameters) {
$userId = $parameters['userid'];
/** @var string $targetUserId */
$targetUserId = $parameters['userid'];
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
$currentLoggedInUser = $this->userSession->getUser();
if ($currentLoggedInUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
if($userId === $user->getUID()) {
$targetUser = $this->userManager->get($targetUserId);
if($targetUser === null) {
return new OC_OCS_Result(null, 997);
}
if($targetUserId === $currentLoggedInUser->getUID()) {
// Editing self (display, email)
$permittedFields[] = 'display';
$permittedFields[] = 'email';
$permittedFields[] = 'password';
// If admin they can edit their own quota
if($this->groupManager->isAdmin($user->getUID())) {
if($this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
$permittedFields[] = 'quota';
}
} else {
// Check if admin / subadmin
if(OC_SubAdmin::isUserAccessible($user->getUID(), $userId)
|| $this->groupManager->isAdmin($user->getUID())) {
$subAdminManager = $this->groupManager->getSubAdmin();
if($subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)
|| $this->groupManager->isAdmin($currentLoggedInUser->getUID())) {
// They have permissions over the user
$permittedFields[] = 'display';
$permittedFields[] = 'quota';
@ -208,9 +224,9 @@ class Users {
return new OC_OCS_Result(null, 997);
}
// Process the edit
switch($parameters['_put']['key']){
switch($parameters['_put']['key']) {
case 'display':
$this->userManager->get($userId)->setDisplayName($parameters['_put']['value']);
$targetUser->setDisplayName($parameters['_put']['value']);
break;
case 'quota':
$quota = $parameters['_put']['value'];
@ -225,20 +241,20 @@ class Users {
}
if($quota === 0) {
$quota = 'default';
}else if($quota === -1){
}else if($quota === -1) {
$quota = 'none';
} else {
$quota = \OCP\Util::humanFileSize($quota);
}
}
$this->config->setUserValue($userId, 'files', 'quota', $quota);
$this->config->setUserValue($targetUserId, 'files', 'quota', $quota);
break;
case 'password':
$this->userManager->get($userId)->setPassword($parameters['_put']['value']);
$targetUser->setPassword($parameters['_put']['value']);
break;
case 'email':
if(filter_var($parameters['_put']['value'], FILTER_VALIDATE_EMAIL)) {
$this->config->setUserValue($userId, 'settings', 'email', $parameters['_put']['value']);
$this->config->setUserValue($targetUserId, 'settings', 'email', $parameters['_put']['value']);
} else {
return new OC_OCS_Result(null, 102);
}
@ -256,21 +272,25 @@ class Users {
*/
public function deleteUser($parameters) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
$currentLoggedInUser = $this->userSession->getUser();
if ($currentLoggedInUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
if(!$this->userManager->userExists($parameters['userid'])
|| $parameters['userid'] === $user->getUID()) {
$targetUser = $this->userManager->get($parameters['userid']);
if($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
return new OC_OCS_Result(null, 101);
}
// If not permitted
if(!$this->groupManager->isAdmin($user->getUID()) && !OC_SubAdmin::isUserAccessible($user->getUID(), $parameters['userid'])) {
$subAdminManager = $this->groupManager->getSubAdmin();
if(!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
return new OC_OCS_Result(null, 997);
}
// Go ahead with the delete
if($this->userManager->get($parameters['userid'])->delete()) {
if($targetUser->delete()) {
return new OC_OCS_Result(null, 100);
} else {
return new OC_OCS_Result(null, 101);
@ -283,27 +303,34 @@ class Users {
*/
public function getUsersGroups($parameters) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
$loggedInUser = $this->userSession->getUser();
if ($loggedInUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
if($parameters['userid'] === $user->getUID() || $this->groupManager->isAdmin($user->getUID())) {
$targetUser = $this->userManager->get($parameters['userid']);
if($targetUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND);
}
if($targetUser->getUID() === $loggedInUser->getUID() || $this->groupManager->isAdmin($loggedInUser->getUID())) {
// Self lookup or admin lookup
return new OC_OCS_Result([
'groups' => $this->groupManager->getUserGroupIds(
$this->userManager->get($parameters['userid'])
)
'groups' => $this->groupManager->getUserGroupIds($targetUser)
]);
} else {
$subAdminManager = $this->groupManager->getSubAdmin();
// Looking up someone else
if(OC_SubAdmin::isUserAccessible($user->getUID(), $parameters['userid'])) {
if($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) {
// Return the group that the method caller is subadmin of for the user in question
$getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
foreach ($getSubAdminsGroups as $key => $group) {
$getSubAdminsGroups[$key] = $group->getGID();
}
$groups = array_intersect(
OC_SubAdmin::getSubAdminsGroups($user->getUID()),
$this->groupManager->getUserGroupIds(
$this->userManager->get($parameters['userid'])
)
$getSubAdminsGroups,
$this->groupManager->getUserGroupIds($targetUser)
);
return new OC_OCS_Result(array('groups' => $groups));
} else {
@ -325,27 +352,28 @@ class Users {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
$group = !empty($_POST['groupid']) ? $_POST['groupid'] : null;
if(is_null($group)){
return new OC_OCS_Result(null, 101);
}
// Check they're an admin
if(!$this->groupManager->isInGroup($user->getUID(), 'admin')){
if(!$this->groupManager->isAdmin($user->getUID())) {
// This user doesn't have rights to add a user to this group
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Check if the group exists
if(!$this->groupManager->groupExists($group)){
$groupId = !empty($_POST['groupid']) ? $_POST['groupid'] : null;
if($groupId === null) {
return new OC_OCS_Result(null, 101);
}
$group = $this->groupManager->get($groupId);
$targetUser = $this->userManager->get($parameters['userid']);
if($group === null) {
return new OC_OCS_Result(null, 102);
}
// Check if the user exists
if(!$this->userManager->userExists($parameters['userid'])){
if($targetUser === null) {
return new OC_OCS_Result(null, 103);
}
// Add user to group
$this->groupManager->get($group)->addUser(
$this->userManager->get($parameters['userid'])
);
$group->addUser($targetUser);
return new OC_OCS_Result(null, 100);
}
@ -355,44 +383,47 @@ class Users {
*/
public function removeFromGroup($parameters) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
$loggedInUser = $this->userSession->getUser();
if ($loggedInUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
$group = !empty($parameters['_delete']['groupid']) ? $parameters['_delete']['groupid'] : null;
if(is_null($group)){
$group = $this->groupManager->get(!empty($parameters['_delete']['groupid']) ? $parameters['_delete']['groupid'] : null);
if($group === null) {
return new OC_OCS_Result(null, 101);
}
$targetUser = $this->userManager->get($parameters['userid']);
if($targetUser === null) {
return new OC_OCS_Result(null, 103);
}
// If they're not an admin, check they are a subadmin of the group in question
if(!$this->groupManager->isInGroup($user->getUID(), 'admin') && !OC_SubAdmin::isSubAdminofGroup($user->getUID(), $group)){
$subAdminManager = $this->groupManager->getSubAdmin();
if(!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminofGroup($loggedInUser, $group)) {
return new OC_OCS_Result(null, 104);
}
// Check they aren't removing themselves from 'admin' or their 'subadmin; group
if($parameters['userid'] === $user->getUID()){
if($this->groupManager->isInGroup($user->getUID(), 'admin')){
if($group === 'admin'){
if($parameters['userid'] === $loggedInUser->getUID()) {
if($this->groupManager->isAdmin($loggedInUser->getUID())) {
if($group->getGID() === 'admin') {
return new OC_OCS_Result(null, 105, 'Cannot remove yourself from the admin group');
}
} else {
// Not an admin, check they are not removing themself from their subadmin group
if(in_array($group, OC_SubAdmin::getSubAdminsGroups($user->getUID()))){
$subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
foreach ($subAdminGroups as $key => $group) {
$subAdminGroups[$key] = $group->getGID();
}
if(in_array($group->getGID(), $subAdminGroups, true)) {
return new OC_OCS_Result(null, 105, 'Cannot remove yourself from this group as you are a SubAdmin');
}
}
}
// Check if the group exists
if(!$this->groupManager->groupExists($group)){
return new OC_OCS_Result(null, 102);
}
// Check if the user exists
if(!$this->userManager->userExists($parameters['userid'])){
return new OC_OCS_Result(null, 103);
}
// Remove user from group
$this->groupManager->get($group)->removeUser(
$this->userManager->get($parameters['userid'])
);
$group->removeUser($targetUser);
return new OC_OCS_Result(null, 100);
}
@ -403,31 +434,34 @@ class Users {
* @return OC_OCS_Result
*/
public function addSubAdmin($parameters) {
$group = $_POST['groupid'];
$user = $parameters['userid'];
$group = $this->groupManager->get($_POST['groupid']);
$user = $this->userManager->get($parameters['userid']);
// Check if the user exists
if(!$this->userManager->userExists($user)) {
if($user === null) {
return new OC_OCS_Result(null, 101, 'User does not exist');
}
// Check if group exists
if(!$this->groupManager->groupExists($group)) {
return new OC_OCS_Result(null, 102, 'Group:'.$group.' does not exist');
if($group === null) {
return new OC_OCS_Result(null, 102, 'Group:'.$_POST['groupid'].' does not exist');
}
// Check if trying to make subadmin of admin group
if(strtolower($group) === 'admin') {
if(strtolower($_POST['groupid']) === 'admin') {
return new OC_OCS_Result(null, 103, 'Cannot create subadmins for admin group');
}
$subAdminManager = $this->groupManager->getSubAdmin();
// We cannot be subadmin twice
if (OC_Subadmin::isSubAdminOfGroup($user, $group)) {
if ($subAdminManager->isSubAdminofGroup($user, $group)) {
return new OC_OCS_Result(null, 100);
}
// Go
if(OC_Subadmin::createSubAdmin($user, $group)) {
if($subAdminManager->createSubAdmin($user, $group)) {
return new OC_OCS_Result(null, 100);
} else {
return new OC_OCS_Result(null, 103, 'Unknown error occured');
return new OC_OCS_Result(null, 103, 'Unknown error occurred');
}
}
/**
@ -437,18 +471,25 @@ class Users {
* @return OC_OCS_Result
*/
public function removeSubAdmin($parameters) {
$group = $parameters['_delete']['groupid'];
$user = $parameters['userid'];
$group = $this->groupManager->get($parameters['_delete']['groupid']);
$user = $this->userManager->get($parameters['userid']);
$subAdminManager = $this->groupManager->getSubAdmin();
// Check if the user exists
if(!$this->userManager->userExists($user)) {
if($user === null) {
return new OC_OCS_Result(null, 101, 'User does not exist');
}
// Check if the group exists
if($group === null) {
return new OC_OCS_Result(null, 101, 'Group does not exist');
}
// Check if they are a subadmin of this said group
if(!OC_SubAdmin::isSubAdminofGroup($user, $group)) {
if(!$subAdminManager->isSubAdminofGroup($user, $group)) {
return new OC_OCS_Result(null, 102, 'User is not a subadmin of this group');
}
// Go
if(OC_Subadmin::deleteSubAdmin($user, $group)) {
if($subAdminManager->deleteSubAdmin($user, $group)) {
return new OC_OCS_Result(null, 100);
} else {
return new OC_OCS_Result(null, 103, 'Unknown error occurred');
@ -462,13 +503,19 @@ class Users {
* @return OC_OCS_Result
*/
public function getUserSubAdminGroups($parameters) {
$user = $parameters['userid'];
$user = $this->userManager->get($parameters['userid']);
// Check if the user exists
if(!$this->userManager->userExists($user)) {
if($user === null) {
return new OC_OCS_Result(null, 101, 'User does not exist');
}
// Get the subadmin groups
if(!$groups = OC_SubAdmin::getSubAdminsGroups($user)) {
$groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($user);
foreach ($groups as $key => $group) {
$groups[$key] = $group->getGID();
}
if(!$groups) {
return new OC_OCS_Result(null, 102, 'Unknown error occurred');
} else {
return new OC_OCS_Result($groups);
@ -477,12 +524,10 @@ class Users {
/**
* @param string $userId
* @param array $data
* @return mixed
* @return array
* @throws \OCP\Files\NotFoundException
*/
private static function fillStorageInfo($userId) {
$data = [];
protected function fillStorageInfo($userId) {
try {
\OC_Util::tearDownFS();
\OC_Util::setupFS($userId);

12
apps/provisioning_api/tests/groupstest.php
Unescape View File

@ -1,6 +1,7 @@
<?php
/**
* @author Joas Schilling <nickvergessen@owncloud.com>
* @author Lukas Reschke <lukas@owncloud.com>
* @author Morris Jobke <hey@morrisjobke.de>
* @author Roeland Jago Douma <rullzer@owncloud.com>
* @author Tom Needham <tom@owncloud.com>
@ -29,15 +30,14 @@ use OCP\IGroupManager;
use OCP\IUserSession;
class GroupsTest extends TestCase {
/** @var IUserManager */
protected $userManager;
/** @var IGroupManager */
protected $groupManager;
/** @var IUserSession */
protected $userSession;
/** @var \OCA\Provisioning_API\Groups */
protected $api;
protected function setup() {
parent::setup();
@ -114,7 +114,7 @@ class GroupsTest extends TestCase {
$group->addUser($users[0]);
$group->addUser($users[1]);
\OC_SubAdmin::createSubAdmin($users[0]->getUID(), $group->getGID());
$this->groupManager->getSubAdmin()->createSubAdmin($users[0], $group);
$result = $this->api->getGroup([
'groupid' => $group->getGID(),
@ -147,7 +147,7 @@ class GroupsTest extends TestCase {
$group1->addUser($users[1]);
$group2->addUser($users[0]);
\OC_SubAdmin::createSubAdmin($users[0]->getUID(), $group2->getGID());
$this->groupManager->getSubAdmin()->createSubAdmin($users[0], $group2);
$result = $this->api->getGroup([
'groupid' => $group1->getGID(),
@ -196,7 +196,7 @@ class GroupsTest extends TestCase {
$this->userSession->setUser($user1);
$this->groupManager->get('admin')->addUser($user1);
$group1 = $this->groupManager->createGroup($this->getUniqueID());
\OC_SubAdmin::createSubAdmin($user2->getUID(), $group1->getGID());
$this->groupManager->getSubAdmin()->createSubAdmin($user2, $group1);
$result = $this->api->getSubAdminsOfGroup([
'groupid' => $group1->getGID(),
]);

2990
apps/provisioning_api/tests/userstest.php
View File

File diff suppressed because it is too large Load Diff

8
lib/private/api.php
Unescape View File

@ -303,9 +303,13 @@ class OC_API {
if(!$user) {
return false;
} else {
$subAdmin = OC_SubAdmin::isSubAdmin($user);
$userObject = \OC::$server->getUserSession()->getUser();
if($userObject === null) {
return false;
}
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
$admin = OC_User::isAdminUser($user);
if($subAdmin || $admin) {
if($isSubAdmin || $admin) {
return true;
} else {
return false;

7
lib/private/app.php
Unescape View File

@ -430,7 +430,12 @@ class OC_App {
);
//SubAdmins are also allowed to access user management
if (OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
$userObject = \OC::$server->getUserSession()->getUser();
$isSubAdmin = false;
if($userObject !== null) {
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
}
if ($isSubAdmin) {
// admin users menu
$settings[] = array(
"id" => "core_users",

53
lib/private/group/metadata.php
Unescape View File

@ -26,49 +26,42 @@
namespace OC\Group;
use OCP\IUserSession;
class MetaData {
const SORT_NONE = 0;
const SORT_USERCOUNT = 1; // May have performance issues on LDAP backends
const SORT_GROUPNAME = 2;
/**
* @var string $user
*/
/** @var string */
protected $user;
/**
* @var bool $isAdmin
*/
/** @var bool */
protected $isAdmin;
/**
* @var array $metaData
*/
/** @var array */
protected $metaData = array();
/**
* @var \OCP\IGroupManager $groupManager
*/
/** @var \OCP\IGroupManager */
protected $groupManager;
/**
* @var int $sorting
*/
/** @var bool */
protected $sorting = false;
/** @var IUserSession */
protected $userSession;
/**
* @param string $user the uid of the current user
* @param bool $isAdmin whether the current users is an admin
* @param \OCP\IGroupManager $groupManager
* @param IUserSession $userSession
*/
public function __construct(
$user,
$isAdmin,
\OCP\IGroupManager $groupManager
\OCP\IGroupManager $groupManager,
IUserSession $userSession
) {
$this->user = $user;
$this->isAdmin = (bool)$isAdmin;
$this->groupManager = $groupManager;
$this->userSession = $userSession;
}
/**
@ -190,23 +183,15 @@ class MetaData {
* @param string $search a search string
* @return \OCP\IGroup[]
*/
private function getGroups($search = '') {
protected function getGroups($search = '') {
if($this->isAdmin) {
return $this->groupManager->search($search);
} else {
// FIXME: Remove static method call
$groupIds = \OC_SubAdmin::getSubAdminsGroups($this->user);
/* \OC_SubAdmin::getSubAdminsGroups() returns an array of GIDs, but this
* method is expected to return an array with the GIDs as keys and group objects as
* values, so we need to convert this information.
*/
$groups = array();
foreach($groupIds as $gid) {
$group = $this->groupManager->get($gid);
if (!is_null($group)) {
$groups[$gid] = $group;
}
$userObject = $this->userSession->getUser();
if($userObject !== null) {
$groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($userObject);
} else {
$groups = [];
}
return $groups;

8
lib/private/json.php
Unescape View File

@ -114,7 +114,13 @@ class OC_JSON{
* @deprecated Use annotation based ACLs from the AppFramework instead
*/
public static function checkSubAdminUser() {
if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
$userObject = \OC::$server->getUserSession()->getUser();
$isSubAdmin = false;
if($userObject !== null) {
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
}
if(!$isSubAdmin) {
$l = \OC::$server->getL10N('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' )));
exit();

166
lib/private/legacy/subadmin.php
Unescape View File

@ -1,166 +0,0 @@
<?php
/**
* @author Roeland Jago Douma <rullzer@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
/**
* This class provides all methods needed for managing groups.
*
* Hooks provided:
* post_createSubAdmin($gid)
* post_deleteSubAdmin($gid)
*/
class OC_SubAdmin{
/**
* add a SubAdmin
* @param string $uid uid of the SubAdmin
* @param string $gid gid of the group
* @return boolean
*/
public static function createSubAdmin($uid, $gid) {
$groupManager = \OC::$server->getGroupManager();
$userManager = \OC::$server->getUserManager();
$subAdmin = $groupManager->getSubAdmin();
return $subAdmin->createSubAdmin($userManager->get($uid), $groupManager->get($gid));
}
/**
* delete a SubAdmin
* @param string $uid uid of the SubAdmin
* @param string $gid gid of the group
* @return boolean
*/
public static function deleteSubAdmin($uid, $gid) {
$groupManager = \OC::$server->getGroupManager();
$userManager = \OC::$server->getUserManager();
$subAdmin = $groupManager->getSubAdmin();
return $subAdmin->deleteSubAdmin($userManager->get($uid), $groupManager->get($gid));
}
/**
* get groups of a SubAdmin
* @param string $uid uid of the SubAdmin
* @return array
*/
public static function getSubAdminsGroups($uid) {
$groupManager = \OC::$server->getGroupManager();
$userManager = \OC::$server->getUserManager();
$subAdmin = $groupManager->getSubAdmin();
$groups = $subAdmin->getSubAdminsGroups($userManager->get($uid));
// New class returns IGroup[] so convert back
$gids = [];
foreach ($groups as $group) {
$gids[] = $group->getGID();
}
return $gids;
}
/**
* get SubAdmins of a group
* @param string $gid gid of the group
* @return array
*/
public static function getGroupsSubAdmins($gid) {
$groupManager = \OC::$server->getGroupManager();
$subAdmin = $groupManager->getSubAdmin();
$users = $subAdmin->getGroupsSubAdmins($groupManager->get($gid));
// New class returns IUser[] so convert back
$uids = [];
foreach ($users as $user) {
$uids[] = $user->getUID();
}
return $uids;
}
/**
* get all SubAdmins
* @return array
*/
public static function getAllSubAdmins() {
$groupManager = \OC::$server->getGroupManager();
$subAdmin = $groupManager->getSubAdmin();
$subAdmins = $subAdmin->getAllSubAdmins();
// New class returns IUser[] so convert back
$result = [];
foreach ($subAdmins as $subAdmin) {
$result[] = [
'gid' => $subAdmin['group']->getGID(),
'uid' => $subAdmin['user']->getUID(),
];
}
return $result;
}
/**
* checks if a user is a SubAdmin of a group
* @param string $uid uid of the subadmin
* @param string $gid gid of the group
* @return bool
*/
public static function isSubAdminofGroup($uid, $gid) {
$groupManager = \OC::$server->getGroupManager();
$userManager = \OC::$server->getUserManager();
$subAdmin = $groupManager->getSubAdmin();
return $subAdmin->isSubAdminOfGroup($userManager->get($uid), $groupManager->get($gid));
}
/**
* checks if a user is a SubAdmin
* @param string $uid uid of the subadmin
* @return bool
*/
public static function isSubAdmin($uid) {
$groupManager = \OC::$server->getGroupManager();
$userManager = \OC::$server->getUserManager();
$subAdmin = $groupManager->getSubAdmin();
return $subAdmin->isSubAdmin($userManager->get($uid));
}
/**
* checks if a user is a accessible by a subadmin
* @param string $subadmin uid of the subadmin
* @param string $user uid of the user
* @return bool
*/
public static function isUserAccessible($subadmin, $user) {
$groupManager = \OC::$server->getGroupManager();
$userManager = \OC::$server->getUserManager();
$subAdmin = $groupManager->getSubAdmin();
return $subAdmin->isUserAccessible($userManager->get($subadmin), $userManager->get($user));
}
/*
* alias for self::isSubAdminofGroup()
*/
public static function isGroupAccessible($subadmin, $group) {
return self::isSubAdminofGroup($subadmin, $group);
}
}

19
lib/private/subadmin.php
Unescape View File

@ -44,6 +44,11 @@ class SubAdmin extends PublicEmitter {
/** @var IDBConnection */
private $dbConn;
/**
* @param IUserManager $userManager
* @param IGroupManager $groupManager
* @param IDBConnection $dbConn
*/
public function __construct(IUserManager $userManager,
IGroupManager $groupManager,
IDBConnection $dbConn) {
@ -68,7 +73,7 @@ class SubAdmin extends PublicEmitter {
public function createSubAdmin(IUser $user, IGroup $group) {
$qb = $this->dbConn->getQueryBuilder();
$result = $qb->insert('group_admin')
$qb->insert('group_admin')
->values([
'gid' => $qb->createNamedParameter($group->getGID()),
'uid' => $qb->createNamedParameter($user->getUID())
@ -89,7 +94,7 @@ class SubAdmin extends PublicEmitter {
public function deleteSubAdmin(IUser $user, IGroup $group) {
$qb = $this->dbConn->getQueryBuilder();
$result = $qb->delete('group_admin')
$qb->delete('group_admin')
->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
->execute();
@ -231,9 +236,9 @@ class SubAdmin extends PublicEmitter {
if($this->groupManager->isAdmin($user->getUID())) {
return false;
}
$accessiblegroups = $this->getSubAdminsGroups($subadmin);
foreach($accessiblegroups as $accessiblegroup) {
if($accessiblegroup->inGroup($user)) {
$accessibleGroups = $this->getSubAdminsGroups($subadmin);
foreach($accessibleGroups as $accessibleGroup) {
if($accessibleGroup->inGroup($user)) {
return true;
}
}
@ -248,7 +253,7 @@ class SubAdmin extends PublicEmitter {
private function post_deleteUser($user) {
$qb = $this->dbConn->getQueryBuilder();
$result = $qb->delete('group_admin')
$qb->delete('group_admin')
->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
->execute();
@ -263,7 +268,7 @@ class SubAdmin extends PublicEmitter {
private function post_deleteGroup($group) {
$qb = $this->dbConn->getQueryBuilder();
$result = $qb->delete('group_admin')
$qb->delete('group_admin')
->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
->execute();

8
lib/private/util.php
Unescape View File

@ -1025,7 +1025,13 @@ class OC_Util {
*/
public static function checkSubAdminUser() {
OC_Util::checkLoggedIn();
if (!OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
$userObject = \OC::$server->getUserSession()->getUser();
$isSubAdmin = false;
if($userObject !== null) {
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
}
if (!$isSubAdmin) {
header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php'));
exit();
}

10
settings/ajax/changedisplayname.php
Unescape View File

@ -37,7 +37,15 @@ $userstatus = null;
if(OC_User::isAdminUser(OC_User::getUser())) {
$userstatus = 'admin';
}
if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$isUserAccessible = false;
$subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser());
$targetUserObject = \OC::$server->getUserManager()->get($username);
if($subadminUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject);
}
if($isUserAccessible) {
$userstatus = 'subadmin';
}

7
settings/ajax/geteveryonecount.php
Unescape View File

@ -29,7 +29,12 @@ $userCount = 0;
$currentUser = \OC::$server->getUserSession()->getUser()->getUID();
if (!OC_User::isAdminUser($currentUser)) {
$groups = OC_SubAdmin::getSubAdminsGroups($currentUser);
$groups = \OC::$server->getGroupManager()->getSubAdmin()->getSubAdminsGroups(\OC::$server->getUserSession()->getUser());
// New class returns IGroup[] so convert back
foreach ($groups as $key => $group) {
$groups[$key] = $group->getGID();
}
foreach ($groups as $group) {
$userCount += count(OC_Group::usersInGroup($group));

9
settings/ajax/setquota.php
Unescape View File

@ -32,9 +32,16 @@ OCP\JSON::callCheck();
$username = isset($_POST["username"]) ? (string)$_POST["username"] : '';
$isUserAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
if($targetUserObject !== null && $currentUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
}
if(($username === '' && !OC_User::isAdminUser(OC_User::getUser()))
|| (!OC_User::isAdminUser(OC_User::getUser())
&& !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username))) {
&& !$isUserAccessible)) {
$l = \OC::$server->getL10N('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();

14
settings/ajax/togglegroups.php
Unescape View File

@ -37,9 +37,19 @@ if($username === OC_User::getUser() && $group === "admin" && OC_User::isAdminUs
exit();
}
$isUserAccessible = false;
$isGroupAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
$targetGroupObject = \OC::$server->getGroupManager()->get($group);
if($targetUserObject !== null && $currentUserObject !== null && $targetGroupObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
$isGroupAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdminofGroup($currentUserObject, $targetGroupObject);
}
if(!OC_User::isAdminUser(OC_User::getUser())
&& (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)
|| !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
&& (!$isUserAccessible
|| !$isGroupAccessible)) {
$l = \OC::$server->getL10N('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();

17
settings/ajax/togglesubadmins.php
Unescape View File

@ -27,11 +27,20 @@ OCP\JSON::callCheck();
$username = (string)$_POST['username'];
$group = (string)$_POST['group'];
$subAdminManager = \OC::$server->getGroupManager()->getSubAdmin();
$targetUserObject = \OC::$server->getUserManager()->get($username);
$targetGroupObject = \OC::$server->getGroupManager()->get($group);
$isSubAdminOfGroup = false;
if($targetUserObject !== null && $targetUserObject !== null) {
$isSubAdminOfGroup = $subAdminManager->isSubAdminofGroup($targetUserObject, $targetGroupObject);
}
// Toggle group
if(OC_SubAdmin::isSubAdminofGroup($username, $group)) {
OC_SubAdmin::deleteSubAdmin($username, $group);
}else{
OC_SubAdmin::createSubAdmin($username, $group);
if($isSubAdminOfGroup) {
$subAdminManager->deleteSubAdmin($targetUserObject, $targetGroupObject);
} else {
$subAdminManager->createSubAdmin($targetUserObject, $targetGroupObject);
}
OC_JSON::success();

15
settings/application.php
Unescape View File

@ -36,7 +36,6 @@ use OC\Settings\Controller\LogSettingsController;
use OC\Settings\Controller\MailSettingsController;
use OC\Settings\Controller\SecuritySettingsController;
use OC\Settings\Controller\UsersController;
use OC\Settings\Factory\SubAdminFactory;
use OC\Settings\Middleware\SubadminMiddleware;
use \OCP\AppFramework\App;
use OCP\IContainer;
@ -136,8 +135,7 @@ class Application extends App {
$c->query('Mailer'),
$c->query('DefaultMailAddress'),
$c->query('URLGenerator'),
$c->query('OCP\\App\\IAppManager'),
$c->query('SubAdminFactory')
$c->query('OCP\\App\\IAppManager')
);
});
$container->registerService('LogSettingsController', function(IContainer $c) {
@ -199,11 +197,12 @@ class Application extends App {
});
/** FIXME: Remove once OC_SubAdmin is non-static and mockable */
$container->registerService('IsSubAdmin', function(IContainer $c) {
return \OC_Subadmin::isSubAdmin(\OC_User::getUser());
});
/** FIXME: Remove once OC_SubAdmin is non-static and mockable */
$container->registerService('SubAdminFactory', function(IContainer $c) {
return new SubAdminFactory();
$userObject = \OC::$server->getUserSession()->getUser();
$isSubAdmin = false;
if($userObject !== null) {
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
}
return $isSubAdmin;
});
$container->registerService('Mailer', function(IContainer $c) {
return $c->query('ServerContainer')->getMailer();

9
settings/changepassword/controller.php
Unescape View File

@ -66,9 +66,16 @@ class Controller {
$password = isset($_POST['password']) ? $_POST['password'] : null;
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
$isUserAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
if($currentUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
}
if (\OC_User::isAdminUser(\OC_User::getUser())) {
$userstatus = 'admin';
} elseif (\OC_SubAdmin::isUserAccessible(\OC_User::getUser(), $username)) {
} elseif ($isUserAccessible) {
$userstatus = 'subadmin';
} else {
$l = new \OC_L10n('settings');

8
settings/controller/groupscontroller.php
Unescape View File

@ -77,8 +77,12 @@ class GroupsController extends Controller {
public function index($pattern = '', $filterGroups = false, $sortGroups = MetaData::SORT_USERCOUNT) {
$groupPattern = $filterGroups ? $pattern : '';
$groupsInfo = new MetaData($this->userSession->getUser()->getUID(),
$this->isAdmin, $this->groupManager);
$groupsInfo = new MetaData(
$this->userSession->getUser()->getUID(),
$this->isAdmin,
$this->groupManager,
$this->userSession
);
$groupsInfo->setSorting($sortGroups);
list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern);

56
settings/controller/userscontroller.php
Unescape View File

@ -74,8 +74,6 @@ class UsersController extends Controller {
private $isEncryptionAppEnabled;
/** @var bool contains the state of the admin recovery setting */
private $isRestoreEnabled = false;
/** @var SubAdminFactory */
private $subAdminFactory;
/**
* @param string $appName
@ -92,7 +90,6 @@ class UsersController extends Controller {
* @param string $fromMailAddress
* @param IURLGenerator $urlGenerator
* @param IAppManager $appManager
* @param SubAdminFactory $subAdminFactory
*/
public function __construct($appName,
IRequest $request,
@ -107,8 +104,7 @@ class UsersController extends Controller {
IMailer $mailer,
$fromMailAddress,
IURLGenerator $urlGenerator,
IAppManager $appManager,
SubAdminFactory $subAdminFactory) {
IAppManager $appManager) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->groupManager = $groupManager;
@ -121,7 +117,6 @@ class UsersController extends Controller {
$this->mailer = $mailer;
$this->fromMailAddress = $fromMailAddress;
$this->urlGenerator = $urlGenerator;
$this->subAdminFactory = $subAdminFactory;
// check for encryption state - TODO see formatUserForIndex
$this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption');
@ -164,11 +159,16 @@ class UsersController extends Controller {
$restorePossible = true;
}
$subAdminGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($user);
foreach($subAdminGroups as $key => $subAdminGroup) {
$subAdminGroups[$key] = $subAdminGroup->getGID();
}
return [
'name' => $user->getUID(),
'displayname' => $user->getDisplayName(),
'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups,
'subadmin' => $this->subAdminFactory->getSubAdminsOfGroups($user->getUID()),
'subadmin' => $subAdminGroups,
'quota' => $this->config->getUserValue($user->getUID(), 'files', 'quota', 'default'),
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin() * 1000,
@ -234,9 +234,14 @@ class UsersController extends Controller {
}
} else {
$subAdminOfGroups = $this->subAdminFactory->getSubAdminsOfGroups(
$this->userSession->getUser()->getUID()
);
$subAdminOfGroups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($this->userSession->getUser());
// New class returns IGroup[] so convert back
$gids = [];
foreach ($subAdminOfGroups as $group) {
$gids[] = $group->getGID();
}
$subAdminOfGroups = $gids;
// Set the $gid parameter to an empty value if the subadmin has no rights to access a specific group
if($gid !== '' && !in_array($gid, $subAdminOfGroups)) {
$gid = '';
@ -247,6 +252,7 @@ class UsersController extends Controller {
if($gid === '') {
foreach($subAdminOfGroups as $group) {
$groupUsers = $this->groupManager->displayNamesInGroup($group, $pattern, $limit, $offset);
foreach($groupUsers as $uid => $displayName) {
$batch[$uid] = $displayName;
}
@ -288,17 +294,31 @@ class UsersController extends Controller {
);
}
$currentUser = $this->userSession->getUser();
if (!$this->isAdmin) {
$userId = $this->userSession->getUser()->getUID();
if (!empty($groups)) {
foreach ($groups as $key => $group) {
if (!$this->subAdminFactory->isGroupAccessible($userId, $group)) {
$groupObject = $this->groupManager->get($group);
if($groupObject === null) {
unset($groups[$key]);
continue;
}
if (!$this->groupManager->getSubAdmin()->isSubAdminofGroup($currentUser, $groupObject)) {
unset($groups[$key]);
}
}
}
if (empty($groups)) {
$groups = $this->subAdminFactory->getSubAdminsOfGroups($userId);
$groups = $this->groupManager->getSubAdmin()->getSubAdminsGroups($currentUser);
// New class returns IGroup[] so convert back
$gids = [];
foreach ($groups as $group) {
$gids[] = $group->getGID();
}
$groups = $gids;
}
}
@ -391,6 +411,8 @@ class UsersController extends Controller {
*/
public function destroy($id) {
$userId = $this->userSession->getUser()->getUID();
$user = $this->userManager->get($id);
if($userId === $id) {
return new DataResponse(
array(
@ -403,7 +425,7 @@ class UsersController extends Controller {
);
}
if(!$this->isAdmin && !$this->subAdminFactory->isUserAccessible($userId, $id)) {
if(!$this->isAdmin && !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
return new DataResponse(
array(
'status' => 'error',
@ -415,7 +437,6 @@ class UsersController extends Controller {
);
}
$user = $this->userManager->get($id);
if($user) {
if($user->delete()) {
return new DataResponse(
@ -453,9 +474,11 @@ class UsersController extends Controller {
*/
public function setMailAddress($id, $mailAddress) {
$userId = $this->userSession->getUser()->getUID();
$user = $this->userManager->get($id);
if($userId !== $id
&& !$this->isAdmin
&& !$this->subAdminFactory->isUserAccessible($userId, $id)) {
&& !$this->groupManager->getSubAdmin()->isUserAccessible($this->userSession->getUser(), $user)) {
return new DataResponse(
array(
'status' => 'error',
@ -479,7 +502,6 @@ class UsersController extends Controller {
);
}
$user = $this->userManager->get($id);
if(!$user){
return new DataResponse(
array(

57
settings/factory/subadminfactory.php
Unescape View File

@ -1,57 +0,0 @@
<?php
/**
* @author Lukas Reschke <lukas@owncloud.com>
* @author Morris Jobke <hey@morrisjobke.de>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OC\Settings\Factory;
/**
* @package OC\Settings\Factory
*/
class SubAdminFactory {
/**
* Get the groups $uid is SubAdmin of
* @param string $uid
* @return array Array of groups that $uid is subadmin of
*/
function getSubAdminsOfGroups($uid) {
return \OC_SubAdmin::getSubAdminsGroups($uid);
}
/**
* Whether the $group is accessible to $uid as subadmin
* @param string $uid
* @param string $group
* @return bool
*/
function isGroupAccessible($uid, $group) {
return \OC_SubAdmin::isGroupAccessible($uid, $group);
}
/**
* Whether $uid is accessible to $subAdmin
* @param string $subAdmin
* @param string $uid
* @return bool
*/
function isUserAccessible($subAdmin, $uid) {
return \OC_SubAdmin::isUserAccessible($subAdmin, $uid);
}
}

18
settings/users.php
Unescape View File

@ -57,7 +57,12 @@ $config = \OC::$server->getConfig();
$isAdmin = OC_User::isAdminUser(OC_User::getUser());
$groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager);
$groupsInfo = new \OC\Group\MetaData(
OC_User::getUser(),
$isAdmin,
$groupManager,
\OC::$server->getUserSession()
);
$groupsInfo->setSorting($sortGroupsBy);
list($adminGroup, $groups) = $groupsInfo->get();
@ -65,7 +70,16 @@ $recoveryAdminEnabled = OC_App::isEnabled('encryption') &&
$config->getAppValue( 'encryption', 'recoveryAdminEnabled', null );
if($isAdmin) {
$subadmins = OC_SubAdmin::getAllSubAdmins();
$subadmins = \OC::$server->getGroupManager()->getSubAdmin()->getAllSubAdmins();
// New class returns IUser[] so convert back
$result = [];
foreach ($subAdmins as $subAdmin) {
$result[] = [
'gid' => $subAdmin['group']->getGID(),
'uid' => $subAdmin['user']->getUID(),
];
}
$subadmins = $result;
}else{
/* Retrieve group IDs from $groups array, so we can pass that information into OC_Group::displayNamesInGroups() */
$gids = array();

76
tests/lib/group/metadata.php
Unescape View File

@ -1,19 +1,49 @@
<?php
/**
* Copyright (c) 2014 Arthur Schiwon <blizzz@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
* @author Arthur Schiwon <blizzz@owncloud.com>
* @author Lukas Reschke <lukas@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace Test\Group;
class Test_MetaData extends \Test\TestCase {
private function getGroupManagerMock() {
return $this->getMockBuilder('\OC\Group\Manager')
/** @var \OC\Group\Manager */
private $groupManager;
/** @var \OCP\IUserSession */
private $userSession;
/** @var \OC\Group\MetaData */
private $groupMetadata;
/** @var bool */
private $isAdmin = true;
public function setUp() {
parent::setUp();
$this->groupManager = $this->getMockBuilder('\OC\Group\Manager')
->disableOriginalConstructor()
->getMock();
$this->userSession = $this->getMock('\OCP\IUserSession');
$this->groupMetadata = new \OC\Group\MetaData(
'foo',
$this->isAdmin,
$this->groupManager,
$this->userSession
);
}
private function getGroupMock($countCallCount = 0) {
@ -38,17 +68,15 @@ class Test_MetaData extends \Test\TestCase {
public function testGet() {
$groupManager = $this->getGroupManagerMock();
$groupMetaData = new \OC\Group\MetaData('foo', true, $groupManager);
$group = $this->getGroupMock();
$groups = array_fill(0, 3, $group);
$groupManager->expects($this->once())
$this->groupManager->expects($this->once())
->method('search')
->with('')
->will($this->returnValue($groups));
list($adminGroups, $ordinaryGroups) = $groupMetaData->get();
list($adminGroups, $ordinaryGroups) = $this->groupMetadata->get();
$this->assertSame(1, count($adminGroups));
$this->assertSame(2, count($ordinaryGroups));
@ -59,18 +87,16 @@ class Test_MetaData extends \Test\TestCase {
}
public function testGetWithSorting() {
$groupManager = $this->getGroupManagerMock();
$groupMetaData = new \OC\Group\MetaData('foo', true, $groupManager);
$groupMetaData->setSorting($groupMetaData::SORT_USERCOUNT);
$this->groupMetadata->setSorting(1);
$group = $this->getGroupMock(3);
$groups = array_fill(0, 3, $group);
$groupManager->expects($this->once())
$this->groupManager->expects($this->once())
->method('search')
->with('')
->will($this->returnValue($groups));
list($adminGroups, $ordinaryGroups) = $groupMetaData->get();
list($adminGroups, $ordinaryGroups) = $this->groupMetadata->get();
$this->assertSame(1, count($adminGroups));
$this->assertSame(2, count($ordinaryGroups));
@ -80,23 +106,31 @@ class Test_MetaData extends \Test\TestCase {
}
public function testGetWithCache() {
$groupManager = $this->getGroupManagerMock();
$groupMetaData = new \OC\Group\MetaData('foo', true, $groupManager);
$group = $this->getGroupMock();
$groups = array_fill(0, 3, $group);
$groupManager->expects($this->once())
$this->groupManager->expects($this->once())
->method('search')
->with('')
->will($this->returnValue($groups));
//two calls, if caching fails call counts for group and groupmanager
//are exceeded
$groupMetaData->get();
$groupMetaData->get();
$this->groupMetadata->get();
$this->groupMetadata->get();
}
//get() does not need to be tested with search parameters, because they are
//solely and only passed to GroupManager and Group.
public function testGetGroupsAsAdmin() {
$this->groupManager
->expects($this->once())
->method('search')
->with('Foo')
->will($this->returnValue(['DummyValue']));
$expected = ['DummyValue'];
$this->assertSame($expected, $this->invokePrivate($this->groupMetadata, 'getGroups', ['Foo']));
}
}

477
tests/settings/controller/userscontrollertest.php
Unescape View File

@ -25,7 +25,7 @@ class UsersControllerTest extends \Test\TestCase {
$app = new Application();
$this->container = $app->getContainer();
$this->container['AppName'] = 'settings';
$this->container['GroupManager'] = $this->getMockBuilder('\OCP\IGroupManager')
$this->container['GroupManager'] = $this->getMockBuilder('\OC\Group\Manager')
->disableOriginalConstructor()->getMock();
$this->container['UserManager'] = $this->getMockBuilder('\OCP\IUserManager')
->disableOriginalConstructor()->getMock();
@ -33,8 +33,6 @@ class UsersControllerTest extends \Test\TestCase {
->disableOriginalConstructor()->getMock();
$this->container['L10N'] = $this->getMockBuilder('\OCP\IL10N')
->disableOriginalConstructor()->getMock();
$this->container['SubAdminFactory'] = $this->getMockBuilder('\OC\Settings\Factory\SubAdminFactory')
->disableOriginalConstructor()->getMock();
$this->container['Config'] = $this->getMockBuilder('\OCP\IConfig')
->disableOriginalConstructor()->getMock();
$this->container['L10N']
@ -62,7 +60,7 @@ class UsersControllerTest extends \Test\TestCase {
$foo = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$foo
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('foo'));
$foo
@ -82,7 +80,7 @@ class UsersControllerTest extends \Test\TestCase {
$admin = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$admin
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('admin'));
$admin
@ -104,7 +102,7 @@ class UsersControllerTest extends \Test\TestCase {
$bar = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$bar
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('bar'));
$bar
@ -153,21 +151,29 @@ class UsersControllerTest extends \Test\TestCase {
404, 'admin@bar.com',
2323, 'bar@dummy.com'));
$this->container['SubAdminFactory']
->expects($this->at(0))
->method('getSubAdminsOfGroups')
->with('foo')
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin
->expects($this->any())
->method('getSubAdminsGroups')
->with($foo)
->will($this->returnValue([]));
$this->container['SubAdminFactory']
->expects($this->at(1))
->method('getSubAdminsOfGroups')
->with('admin')
$subadmin
->expects($this->any())
->method('getSubAdminsGroups')
->with($admin)
->will($this->returnValue([]));
$this->container['SubAdminFactory']
->expects($this->at(2))
->method('getSubAdminsOfGroups')
->with('bar')
$subadmin
->expects($this->any())
->method('getSubAdminsGroups')
->with($bar)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -218,10 +224,6 @@ class UsersControllerTest extends \Test\TestCase {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('username'));
$this->container['UserSession']
->expects($this->once())
->method('getUser')
@ -230,7 +232,7 @@ class UsersControllerTest extends \Test\TestCase {
$foo = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$foo
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('foo'));
$foo
@ -250,7 +252,7 @@ class UsersControllerTest extends \Test\TestCase {
$admin = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$admin
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('admin'));
$admin
@ -272,7 +274,7 @@ class UsersControllerTest extends \Test\TestCase {
$bar = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$bar
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('bar'));
$bar
@ -291,59 +293,90 @@ class UsersControllerTest extends \Test\TestCase {
->will($this->returnValue('\Test\Util\User\Dummy'));
$this->container['GroupManager']
->expects($this->at(0))
->expects($this->at(2))
->method('displayNamesInGroup')
->with('SubGroup1', 'pattern')
->with('SubGroup2', 'pattern')
->will($this->returnValue(['foo' => 'M. Foo', 'admin' => 'S. Admin']));
$this->container['GroupManager']
->expects($this->at(1))
->method('displayNamesInGroup')
->with('SubGroup2', 'pattern')
->with('SubGroup1', 'pattern')
->will($this->returnValue(['bar' => 'B. Ar']));
$this->container['GroupManager']
->expects($this->exactly(3))
->method('getUserGroupIds')
->will($this->onConsecutiveCalls(
['admin', 'SubGroup1', 'testGroup'],
['SubGroup2', 'SubGroup1'],
['SubGroup2', 'Foo'],
['admin', 'SubGroup1', 'testGroup']
['SubGroup2', 'Foo']
));
$this->container['UserManager']
->expects($this->at(0))
->method('get')
->with('foo')
->will($this->returnValue($foo));
->with('bar')
->will($this->returnValue($bar));
$this->container['UserManager']
->expects($this->at(1))
->method('get')
->with('admin')
->will($this->returnValue($admin));
->with('foo')
->will($this->returnValue($foo));
$this->container['UserManager']
->expects($this->at(2))
->method('get')
->with('bar')
->will($this->returnValue($bar));
->with('admin')
->will($this->returnValue($admin));
$this->container['Config']
->expects($this->exactly(6))
->method('getUserValue')
->will($this->onConsecutiveCalls(
2323, 'bar@dummy.com',
1024, 'foo@bar.com',
404, 'admin@bar.com',
2323, 'bar@dummy.com'
404, 'admin@bar.com'
));
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->will($this->returnValueMap([
['username' , ['SubGroup1', 'SubGroup2']],
['foo', []],
['admin', []],
['bar', []],
]));
$subgroup1 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()
->getMock();
$subgroup1->expects($this->any())
->method('getGID')
->will($this->returnValue('SubGroup1'));
$subgroup2 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()
->getMock();
$subgroup2->expects($this->any())
->method('getGID')
->will($this->returnValue('SubGroup2'));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin
->expects($this->at(0))
->method('getSubAdminsGroups')
->will($this->returnValue([$subgroup1, $subgroup2]));
$subadmin
->expects($this->any())
->method('getSubAdminsGroups')
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
[
0 => [
'name' => 'bar',
'displayname' => 'B. Ar',
'groups' => ['SubGroup1'],
'subadmin' => [],
'quota' => 2323,
'storageLocation' => '/home/bar',
'lastLogin' => 3999000,
'backend' => '\Test\Util\User\Dummy',
'email' => 'bar@dummy.com',
'isRestoreDisabled' => false,
],
1=> [
'name' => 'foo',
'displayname' => 'M. Foo',
'groups' => ['SubGroup2', 'SubGroup1'],
@ -355,7 +388,7 @@ class UsersControllerTest extends \Test\TestCase {
'email' => 'foo@bar.com',
'isRestoreDisabled' => false,
],
1 => [
2 => [
'name' => 'admin',
'displayname' => 'S. Admin',
'groups' => ['SubGroup2'],
@ -367,18 +400,6 @@ class UsersControllerTest extends \Test\TestCase {
'email' => 'admin@bar.com',
'isRestoreDisabled' => false,
],
2 => [
'name' => 'bar',
'displayname' => 'B. Ar',
'groups' => ['SubGroup1'],
'subadmin' => [],
'quota' => 2323,
'storageLocation' => '/home/bar',
'lastLogin' => 3999000,
'backend' => '\Test\Util\User\Dummy',
'email' => 'bar@dummy.com',
'isRestoreDisabled' => false,
],
]
);
@ -396,7 +417,7 @@ class UsersControllerTest extends \Test\TestCase {
$foo = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$foo
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('foo'));
$foo
@ -416,7 +437,7 @@ class UsersControllerTest extends \Test\TestCase {
$admin = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$admin
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('admin'));
$admin
@ -438,7 +459,7 @@ class UsersControllerTest extends \Test\TestCase {
$bar = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$bar
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('bar'));
$bar
@ -472,22 +493,16 @@ class UsersControllerTest extends \Test\TestCase {
404, 'admin@bar.com',
2323, 'bar@dummy.com'));
$this->container['SubAdminFactory']
->expects($this->at(0))
->method('getSubAdminsOfGroups')
->with('foo')
->will($this->returnValue([]));
$this->container['SubAdminFactory']
->expects($this->at(1))
->method('getSubAdminsOfGroups')
->with('admin')
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->any())
->method('getSubAdminsGroups')
->will($this->returnValue([]));
$this->container['SubAdminFactory']
->expects($this->at(2))
->method('getSubAdminsOfGroups')
->with('bar')
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -539,7 +554,7 @@ class UsersControllerTest extends \Test\TestCase {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->exactly(4))
->expects($this->exactly(3))
->method('getUID')
->will($this->returnValue('foo'));
$user
@ -569,11 +584,16 @@ class UsersControllerTest extends \Test\TestCase {
->with('')
->will($this->returnValue([$user]));
$this->container['SubAdminFactory']
->expects($this->once())
->method('getSubAdminsOfGroups')
->with('foo')
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -634,11 +654,18 @@ class UsersControllerTest extends \Test\TestCase {
->method('createUser')
->will($this->onConsecutiveCalls($user));
$this->container['SubAdminFactory']
->expects($this->once())
->method('getSubAdminsOfGroups')
->with('foo')
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin
->expects($this->any())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -663,47 +690,45 @@ class UsersControllerTest extends \Test\TestCase {
$this->container['IsAdmin'] = false;
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('username'));
$this->container['UserSession']
->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$user = $this->getMockBuilder('\OC\User\User')
$newUser = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
$newUser
->method('getUID')
->will($this->returnValue('foo'));
$newUser
->method('getHome')
->will($this->returnValue('/home/user'));
$user
$newUser
->method('getHome')
->will($this->returnValue('/home/user'));
$user
->method('getUID')
->will($this->returnValue('foo'));
$user
$newUser
->expects($this->once())
->method('getBackendClassName')
->will($this->returnValue('bar'));
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$subGroup1 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()->getMock();
$subGroup1
->expects($this->once())
->method('addUser')
->with($user);
->with($newUser);
$subGroup2 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()->getMock();
$subGroup2
->expects($this->once())
->method('addUser')
->with($user);
->with($newUser);
$this->container['UserManager']
->expects($this->once())
->method('createUser')
->will($this->onConsecutiveCalls($user));
->will($this->returnValue($newUser));
$this->container['GroupManager']
->expects($this->exactly(2))
->method('get')
@ -714,12 +739,21 @@ class UsersControllerTest extends \Test\TestCase {
->with($user)
->will($this->onConsecutiveCalls(['SubGroup1', 'SubGroup2']));
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->will($this->returnValueMap([
['username', ['SubGroup1', 'SubGroup2']],
['foo', []],
]));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin
->expects($this->at(0))
->method('getSubAdminsGroups')
->will($this->returnValue([$subGroup1, $subGroup2]));
$subadmin
->expects($this->at(1))
->method('getSubAdminsGroups')
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -727,7 +761,7 @@ class UsersControllerTest extends \Test\TestCase {
'groups' => ['SubGroup1', 'SubGroup2'],
'storageLocation' => '/home/user',
'backend' => 'bar',
'lastLogin' => null,
'lastLogin' => 0,
'displayname' => null,
'quota' => null,
'subadmin' => [],
@ -790,11 +824,18 @@ class UsersControllerTest extends \Test\TestCase {
->with($user)
->will($this->onConsecutiveCalls(array('NewGroup', 'ExistingGroup')));
$this->container['SubAdminFactory']
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin
->expects($this->once())
->method('getSubAdminsOfGroups')
->with('foo')
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -819,63 +860,77 @@ class UsersControllerTest extends \Test\TestCase {
$this->container['IsAdmin'] = false;
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('username'));
$this->container['UserSession']
->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
$newUser = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$newUser
->method('getHome')
->will($this->returnValue('/home/user'));
$user
$newUser
->method('getHome')
->will($this->returnValue('/home/user'));
$user
$newUser
->method('getUID')
->will($this->returnValue('foo'));
$user
$newUser
->expects($this->once())
->method('getBackendClassName')
->will($this->returnValue('bar'));
$subGroup1 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()->getMock();
$subGroup1
->expects($this->any())
->method('getGID')
->will($this->returnValue('SubGroup1'));
$subGroup1
->expects($this->once())
->method('addUser')
->with($user);
$subGroup2 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()->getMock();
$subGroup2
->expects($this->once())
->method('addUser')
->with($user);
$this->container['UserManager']
->expects($this->once())
->method('createUser')
->will($this->onConsecutiveCalls($user));
->will($this->returnValue($newUser));
$this->container['GroupManager']
->expects($this->exactly(2))
->expects($this->at(0))
->method('get')
->will($this->onConsecutiveCalls($subGroup1, $subGroup2));
->with('SubGroup1')
->will($this->returnValue($subGroup1));
$this->container['GroupManager']
->expects($this->at(4))
->method('get')
->with('SubGroup1')
->will($this->returnValue($subGroup1));
$this->container['GroupManager']
->expects($this->once())
->method('getUserGroupIds')
->with($user)
->will($this->onConsecutiveCalls(['SubGroup1']));
$this->container['GroupManager']
->expects($this->once())
->method('getUserGroupIds')
->with($newUser)
->will($this->onConsecutiveCalls(['SubGroup1']));
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->will($this->returnValueMap([
['username', ['SubGroup1', 'SubGroup2']],
['foo', []],
]));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->at(1))
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([$subGroup1]));
$subadmin->expects($this->at(2))
->method('getSubAdminsGroups')
->with($newUser)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
array(
@ -883,7 +938,7 @@ class UsersControllerTest extends \Test\TestCase {
'groups' => ['SubGroup1'],
'storageLocation' => '/home/user',
'backend' => 'bar',
'lastLogin' => null,
'lastLogin' => 0,
'displayname' => null,
'quota' => null,
'subadmin' => [],
@ -915,15 +970,10 @@ class UsersControllerTest extends \Test\TestCase {
public function testCreateUnsuccessfulSubAdmin() {
$this->container['IsAdmin'] = false;
$this->container['SubAdminFactory']
->expects($this->once())
->method('getSubAdminsOfGroups')
->with('username')
->will($this->returnValue(['SubGroup1', 'SubGroup2']));
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->expects($this->any())
->method('getUID')
->will($this->returnValue('username'));
$this->container['UserSession']
@ -935,6 +985,30 @@ class UsersControllerTest extends \Test\TestCase {
->method('createUser')
->will($this->throwException(new \Exception()));
$subgroup1 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()
->getMock();
$subgroup1->expects($this->once())
->method('getGID')
->will($this->returnValue('SubGroup1'));
$subgroup2 = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()
->getMock();
$subgroup2->expects($this->once())
->method('getGID')
->will($this->returnValue('SubGroup2'));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([$subgroup1, $subgroup2]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
[
'message' => 'Unable to create user.'
@ -1035,11 +1109,6 @@ class UsersControllerTest extends \Test\TestCase {
public function testDestroySubAdmin() {
$this->container['IsAdmin'] = false;
$this->container['SubAdminFactory']
->expects($this->once())
->method('isUserAccessible')
->with('myself', 'UserToDelete')
->will($this->returnValue(true));
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
@ -1066,6 +1135,18 @@ class UsersControllerTest extends \Test\TestCase {
->with('UserToDelete')
->will($this->returnValue($toDeleteUser));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('isUserAccessible')
->with($user, $toDeleteUser)
->will($this->returnValue(true));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
[
'status' => 'success',
@ -1117,11 +1198,6 @@ class UsersControllerTest extends \Test\TestCase {
public function testDestroyUnsuccessfulSubAdmin() {
$this->container['IsAdmin'] = false;
$this->container['SubAdminFactory']
->expects($this->once())
->method('isUserAccessible')
->with('myself', 'UserToDelete')
->will($this->returnValue(true));
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
@ -1146,6 +1222,18 @@ class UsersControllerTest extends \Test\TestCase {
->with('UserToDelete')
->will($this->returnValue($toDeleteUser));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('isUserAccessible')
->with($user, $toDeleteUser)
->will($this->returnValue(true));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
[
'status' => 'error',
@ -1161,11 +1249,7 @@ class UsersControllerTest extends \Test\TestCase {
public function testDestroyNotAccessibleToSubAdmin() {
$this->container['IsAdmin'] = false;
$this->container['SubAdminFactory']
->expects($this->once())
->method('isUserAccessible')
->with('myself', 'UserToDelete')
->will($this->returnValue(false));
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
@ -1186,6 +1270,18 @@ class UsersControllerTest extends \Test\TestCase {
->with('UserToDelete')
->will($this->returnValue($toDeleteUser));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('isUserAccessible')
->with($user, $toDeleteUser)
->will($this->returnValue(false));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$expectedResponse = new DataResponse(
[
'status' => 'error',
@ -1294,7 +1390,17 @@ class UsersControllerTest extends \Test\TestCase {
->expects($this->once())
->method('createUser')
->will($this->onConsecutiveCalls($user));
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$response = $this->container['UsersController']->create('foo', 'password', [], 'validMail@Adre.ss');
$this->assertEquals(Http::STATUS_CREATED, $response->getStatus());
@ -1344,10 +1450,17 @@ class UsersControllerTest extends \Test\TestCase {
list($user, $expectedResult) = $this->mockUser();
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->with($user->getUID())
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$result = self::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
$this->assertEquals($expectedResult, $result);
@ -1386,10 +1499,17 @@ class UsersControllerTest extends \Test\TestCase {
)
->will($this->returnValue('1'));
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->with($user->getUID())
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$result = self::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
$this->assertEquals($expectedResult, $result);
@ -1409,10 +1529,17 @@ class UsersControllerTest extends \Test\TestCase {
$expectedResult['isRestoreDisabled'] = true;
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->with($user->getUID())
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$result = self::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
$this->assertEquals($expectedResult, $result);
@ -1453,15 +1580,25 @@ class UsersControllerTest extends \Test\TestCase {
$expectedResult['isRestoreDisabled'] = true;
$this->container['SubAdminFactory']
->method('getSubAdminsOfGroups')
->with($user->getUID())
$subadmin = $this->getMockBuilder('\OC\SubAdmin')
->disableOriginalConstructor()
->getMock();
$subadmin->expects($this->once())
->method('getSubAdminsGroups')
->with($user)
->will($this->returnValue([]));
$this->container['GroupManager']
->expects($this->any())
->method('getSubAdmin')
->will($this->returnValue($subadmin));
$result = self::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
$this->assertEquals($expectedResult, $result);
}
/**
* @return array
*/
public function setEmailAddressData() {
return [
/* mailAddress, isValid, expectsUpdate, expectsDelete, canChangeDisplayName, responseCode */

Write Preview
Loading…
Cancel
Save