/** * returns a list of users * * @return OC_OCS_Result */ public function getUsers() { $search = !empty($_GET['search']) ? $_GET['search'] : ''; $limit = !empty($_GET['limit']) ? $_GET['limit'] : null; $offset = !empty($_GET['offset']) ? $_GET['offset'] : null; // Check if user is logged in $user = $this->userSession->getUser(); if ($user === null) { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); } // Admin? Or SubAdmin? if ($this->groupManager->isAdmin($user->getUID())) { $users = $this->userManager->search($search, $limit, $offset); } else { if (\OC_SubAdmin::isSubAdmin($user->getUID())) { $subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID()); if ($offset === null) { $offset = 0; } $users = []; foreach ($subAdminOfGroups as $group) { $users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search)); } $users = array_slice($users, $offset, $limit); } else { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); } } $users = array_keys($users); return new OC_OCS_Result(['users' => $users]); }
/** * Check if the user is a subadmin, send json error msg if not */ public static function checkSubAdminUser() { if (!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error'))); exit; } }
/** * Check if the user is a subadmin, send json error msg if not */ public static function checkSubAdminUser() { self::checkLoggedIn(); self::verifyUser(); if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); } }
/** * Returns the Settings Navigation * @return string * * This function returns an array containing all settings pages added. The * entries are sorted by the key 'order' ascending. */ public static function getSettingsNavigation() { $l = \OC::$server->getL10N('lib'); $settings = array(); // by default, settings only contain the help menu if (OC_Util::getEditionString() === '' && OC_Config::getValue('knowledgebaseenabled', true) == true) { $settings = array(array("id" => "help", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_help"), "name" => $l->t("Help"), "icon" => OC_Helper::imagePath("settings", "help.svg"))); } // if the user is logged-in if (OC_User::isLoggedIn()) { // personal menu $settings[] = array("id" => "personal", "order" => 1, "href" => OC_Helper::linkToRoute("settings_personal"), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath("settings", "personal.svg")); // if there are some settings forms if (!empty(self::$settingsForms)) { // settings menu $settings[] = array("id" => "settings", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_settings"), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath("settings", "settings.svg")); } //SubAdmins are also allowed to access user management if (OC_SubAdmin::isSubAdmin(OC_User::getUser())) { // admin users menu $settings[] = array("id" => "core_users", "order" => 2, "href" => OC_Helper::linkToRoute("settings_users"), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath("settings", "users.svg")); } // if the user is an admin if (OC_User::isAdminUser(OC_User::getUser())) { // admin settings $settings[] = array("id" => "admin", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_admin"), "name" => $l->t("Admin"), "icon" => OC_Helper::imagePath("settings", "admin.svg")); } } $navigation = self::proceedNavigation($settings); return $navigation; }
<?php // Init owncloud require_once '../../lib/base.php'; OCP\JSON::callCheck(); // Check if we are a user if (!OC_User::isLoggedIn() || !OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) { OC_JSON::error(array("data" => array("message" => "Authentication error"))); exit; } OCP\JSON::callCheck(); $isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin') ? true : false; if ($isadmin) { $groups = array(); if (isset($_POST["groups"])) { $groups = $_POST["groups"]; } } else { if (isset($_POST["groups"])) { $groups = array(); foreach ($_POST["groups"] as $group) { if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) { $groups[] = $group; } } if (count($groups) == 0) { $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); } } else { $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); }
/** * authenticate the api call * @param array $action the action details as supplied to OC_API::register() * @return bool */ private static function isAuthorised($action) { $level = $action['authlevel']; switch ($level) { case API::GUEST_AUTH: // Anyone can access return true; break; case API::USER_AUTH: // User required return self::loginUser(); break; case API::SUBADMIN_AUTH: // Check for subadmin $user = self::loginUser(); if (!$user) { return false; } else { $subAdmin = OC_SubAdmin::isSubAdmin($user); $admin = OC_User::isAdminUser($user); if ($subAdmin || $admin) { return true; } else { return false; } } break; case API::ADMIN_AUTH: // Check for admin $user = self::loginUser(); if (!$user) { return false; } else { return OC_User::isAdminUser($user); } break; default: // oops looks like invalid level supplied return false; break; } }
/** * Check if the user is a subadmin, redirects to home if not * * @return null|boolean $groups where the current user is subadmin */ public static function checkSubAdminUser() { OC_Util::checkLoggedIn(); if (!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php')); exit; } return true; }
/** * Check if the user is a subadmin, redirects to home if not * @return array $groups where the current user is subadmin */ public static function checkSubAdminUser() { // Check if we are a user self::checkLoggedIn(); self::verifyUser(); if (OC_Group::inGroup(OC_User::getUser(), 'admin')) { return true; } if (!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php')); exit; } return true; }
/** * @brief Returns the Settings Navigation * @return array * * This function returns an array containing all settings pages added. The * entries are sorted by the key 'order' ascending. */ public static function getSettingsNavigation() { $l = OC_L10N::get('lib'); $settings = array(); // by default, settings only contain the help menu if (OC_Config::getValue('knowledgebaseenabled', true) == true) { $settings = array(array("id" => "help", "order" => 1000, "href" => OC_Helper::linkTo("settings", "help.php"), "name" => $l->t("Help"), "icon" => OC_Helper::imagePath("settings", "help.svg"))); } // if the user is logged-in if (OC_User::isLoggedIn()) { // personal menu $settings[] = array("id" => "personal", "order" => 1, "href" => OC_Helper::linkTo("settings", "personal.php"), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath("settings", "personal.svg")); // if there are some settings forms if (!empty(self::$settingsForms)) { // settings menu $settings[] = array("id" => "settings", "order" => 1000, "href" => OC_Helper::linkTo("settings", "settings.php"), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath("settings", "settings.svg")); } //SubAdmins are also allowed to access user management if (OC_SubAdmin::isSubAdmin($_SESSION["user_id"]) || OC_Group::inGroup($_SESSION["user_id"], "admin")) { // admin users menu $settings[] = array("id" => "core_users", "order" => 2, "href" => OC_Helper::linkTo("settings", "users.php"), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath("settings", "users.svg")); } // if the user is an admin if (OC_Group::inGroup($_SESSION["user_id"], "admin")) { // admin apps menu $settings[] = array("id" => "core_apps", "order" => 3, "href" => OC_Helper::linkTo("settings", "apps.php") . '?installed', "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath("settings", "apps.svg")); $settings[] = array("id" => "admin", "order" => 1000, "href" => OC_Helper::linkTo("settings", "admin.php"), "name" => $l->t("Admin"), "icon" => OC_Helper::imagePath("settings", "admin.svg")); } } $navigation = self::proceedNavigation($settings); return $navigation; }
/** * Checks if a user is an subadmin * @param string $userId the id of the user * @return bool true if subadmin */ public function isSubAdminUser($userId) { # TODO: use public api return \OC_SubAdmin::isSubAdmin($userId); }