public static function checkGroupRightsForPrincipal($uid)
{
$appConfig = \OC::$server->getAppConfig();
$isEnabled = $appConfig->getValue(self::$appname, 'enabled');
$bEnabled = false;
if ($isEnabled === 'yes') {
$bEnabled = true;
} else {
if ($isEnabled === 'no') {
$bEnabled = false;
} else {
if ($isEnabled !== 'no') {
$groups = json_decode($isEnabled);
if (is_array($groups)) {
foreach ($groups as $group) {
if (\OC_Group::inGroup($uid, $group)) {
$bEnabled = true;
break;
}
}
}
}
}
}
if ($bEnabled == false) {
throw new \Sabre\DAV\Exception\Forbidden();
return false;
} else {
return true;
}
}
/**
* Check if the user is a admin, send json error msg if not
*/
public static function checkAdminUser()
{
self::checkLoggedIn();
if (!OC_Group::inGroup(OC_User::getUser(), 'admin')) {
$l = new OC_L10N('core');
self::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
}
/**
* Check if the user is a subadmin, send json error msg if not
*/
public static function checkSubAdminUser() {
self::checkLoggedIn();
self::verifyUser();
if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
function testSingleBackend()
{
OC_Group::useBackend(new OCA\user_ldap\GROUP_LDAP());
$group_ldap = new OCA\user_ldap\GROUP_LDAP();
$this->assertIsA(OC_Group::getGroups(), gettype(array()));
$this->assertIsA($group_ldap->getGroups(), gettype(array()));
$this->assertFalse(OC_Group::inGroup('john', 'dosers'), gettype(false));
$this->assertFalse($group_ldap->inGroup('john', 'dosers'), gettype(false));
//TODO: check also for expected true result. This backend won't be able to do any modifications, maybe use a dummy for this.
$this->assertIsA(OC_Group::getUserGroups('john doe'), gettype(array()));
$this->assertIsA($group_ldap->getUserGroups('john doe'), gettype(array()));
$this->assertIsA(OC_Group::usersInGroup('campers'), gettype(array()));
$this->assertIsA($group_ldap->usersInGroup('campers'), gettype(array()));
}
/**
* Gets an array of groups and will try to add the group to OC and then add the user to the groups.
*
*/
function update_groups($uid, $groups, $protected_groups = array(), $just_created = false)
{
if (!$just_created) {
$old_groups = OC_Group::getUserGroups($uid);
foreach ($old_groups as $group) {
if (!in_array($group, $protected_groups) && !in_array($group, $groups)) {
\OC_Group::removeFromGroup($uid, $group);
\OCP\Util::writeLog('cas', 'Removed "' . $uid . '" from the group "' . $group . '"', \OCP\Util::DEBUG);
}
}
}
foreach ($groups as $group) {
if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $group)) {
\OCP\Util::writeLog('cas', 'Invalid group "' . $group . '", allowed chars "a-zA-Z0-9" and "_.@-" ', \OCP\Util::DEBUG);
} else {
if (!\OC_Group::inGroup($uid, $group)) {
if (!OC_Group::groupExists($group)) {
\OC_Group::createGroup($group);
\OCP\Util::writeLog('cas', 'New group created: ' . $group, \OCP\Util::DEBUG);
}
\OC_Group::addToGroup($uid, $group);
\OCP\Util::writeLog('cas', 'Added "' . $uid . '" to the group "' . $group . '"', \OCP\Util::DEBUG);
}
}
}
}
/**
* Share an item, adds an entry into the database
* @param $source The source location of the item
* @param $uid_shared_with The user or group to share the item with
* @param $permissions The permissions, use the constants WRITE and DELETE
*/
public function __construct($source, $uid_shared_with, $permissions)
{
$uid_owner = OCP\USER::getUser();
$query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?)");
// Check if this is a reshare and use the original source
if ($result = OC_Share::getSource($source)) {
$source = $result;
}
if ($uid_shared_with == self::PUBLICLINK) {
$token = sha1("{$uid_shared_with}-{$source}");
$query->execute(array($uid_owner, self::PUBLICLINK, $source, $token, $permissions));
$this->token = $token;
} else {
if (OC_Group::groupExists($uid_shared_with)) {
$gid = $uid_shared_with;
$uid_shared_with = OC_Group::usersInGroup($gid);
// Remove the owner from the list of users in the group
$uid_shared_with = array_diff($uid_shared_with, array($uid_owner));
} else {
if (OCP\User::userExists($uid_shared_with)) {
$userGroups = OC_Group::getUserGroups($uid_owner);
// Check if the user is in one of the owner's groups
foreach ($userGroups as $group) {
if ($inGroup = OC_Group::inGroup($uid_shared_with, $group)) {
$gid = null;
$uid_shared_with = array($uid_shared_with);
break;
}
}
if (!$inGroup) {
throw new Exception("You can't share with " . $uid_shared_with);
}
} else {
throw new Exception($uid_shared_with . " is not a user");
}
}
foreach ($uid_shared_with as $uid) {
// Check if this item is already shared with the user
$checkSource = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with " . self::getUsersAndGroups($uid, false));
$resultCheckSource = $checkSource->execute(array($source))->fetchAll();
// TODO Check if the source is inside a folder
if (count($resultCheckSource) > 0) {
if (!isset($gid)) {
throw new Exception("This item is already shared with " . $uid);
} else {
// Skip this user if sharing with a group
continue;
}
}
// Check if the target already exists for the user, if it does append a number to the name
$sharedFolder = '/' . $uid . '/files/Shared';
$target = $sharedFolder . "/" . basename($source);
$checkTarget = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with " . self::getUsersAndGroups($uid, false) . " LIMIT 1");
$result = $checkTarget->execute(array($target))->fetchAll();
if (count($result) > 0) {
if ($pos = strrpos($target, ".")) {
$name = substr($target, 0, $pos);
$ext = substr($target, $pos);
} else {
$name = $target;
$ext = "";
}
$counter = 1;
while (count($result) > 0) {
$target = $name . "_" . $counter . $ext;
$result = $checkTarget->execute(array($target))->fetchAll();
$counter++;
}
}
if (isset($gid)) {
$uid = $uid . "@" . $gid;
}
$query->execute(array($uid_owner, $uid, $source, $target, $permissions));
// Update mtime of shared folder to invoke a file cache rescan
$rootView = new OC_FilesystemView('/');
if (!$rootView->is_dir($sharedFolder)) {
if (!$rootView->is_dir('/' . $uid . '/files')) {
OC_Util::tearDownFS();
OC_Util::setupFS($uid);
OC_Util::tearDownFS();
}
$rootView->mkdir($sharedFolder);
}
$rootView->touch($sharedFolder);
}
}
}
/**
* checks if a user is a accessible by a subadmin
* @param string $subadmin uid of the subadmin
* @param string $user uid of the user
* @return bool
*/
public static function isUserAccessible($subadmin, $user)
{
if (!self::isSubAdmin($subadmin)) {
return false;
}
if (OC_User::isAdminUser($user)) {
return false;
}
$accessiblegroups = self::getSubAdminsGroups($subadmin);
foreach ($accessiblegroups as $accessiblegroup) {
if (OC_Group::inGroup($user, $accessiblegroup)) {
return true;
}
}
return false;
}
/**
* Returns apps enabled for the current user.
*
* @param bool $forceRefresh whether to refresh the cache
* @param bool $all whether to return apps for all users, not only the
* currently logged in one
* @return array
*/
public static function getEnabledApps($forceRefresh = false, $all = false)
{
if (!OC_Config::getValue('installed', false)) {
return array();
}
// in incognito mode or when logged out, $user will be false,
// which is also the case during an upgrade
$user = null;
if (!$all) {
$user = \OC_User::getUser();
}
if (is_string($user) && !$forceRefresh && !empty(self::$enabledAppsCache)) {
return self::$enabledAppsCache;
}
$apps = array();
$appConfig = \OC::$server->getAppConfig();
$appStatus = $appConfig->getValues(false, 'enabled');
foreach ($appStatus as $app => $enabled) {
if ($app === 'files') {
continue;
}
if ($enabled === 'yes') {
$apps[] = $app;
} else {
if ($enabled !== 'no') {
$groups = json_decode($enabled);
if (is_array($groups)) {
if (is_string($user)) {
foreach ($groups as $group) {
if (\OC_Group::inGroup($user, $group)) {
$apps[] = $app;
break;
}
}
} else {
// global, consider app as enabled
$apps[] = $app;
}
}
}
}
}
sort($apps);
array_unshift($apps, 'files');
// Only cache the app list, when the user is logged in.
// Otherwise we cache the list with disabled apps, although
// the apps are enabled for the user after he logged in.
if ($user) {
self::$enabledAppsCache = $apps;
}
return $apps;
}
/**
* Returns the mount points for the given user.
* The mount point is relative to the data directory.
*
* @param string $user user
* @return array of mount point string as key, mountpoint config as value
*/
public static function getAbsoluteMountPoints($user)
{
$mountPoints = array();
$datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data");
$mount_file = \OC_Config::getValue("mount_file", $datadir . "/mount.json");
$backends = self::getBackends();
//move config file to it's new position
if (is_file(\OC::$SERVERROOT . '/config/mount.json')) {
rename(\OC::$SERVERROOT . '/config/mount.json', $mount_file);
}
// Load system mount points
$mountConfig = self::readData();
// Global mount points (is this redundant?)
if (isset($mountConfig[self::MOUNT_TYPE_GLOBAL])) {
foreach ($mountConfig[self::MOUNT_TYPE_GLOBAL] as $mountPoint => $options) {
$options['personal'] = false;
$options['options'] = self::decryptPasswords($options['options']);
if (!isset($options['priority'])) {
$options['priority'] = $backends[$options['class']]['priority'];
}
// Override if priority greater
if (!isset($mountPoints[$mountPoint]) || $options['priority'] >= $mountPoints[$mountPoint]['priority']) {
$options['priority_type'] = self::MOUNT_TYPE_GLOBAL;
$options['backend'] = $backends[$options['class']]['backend'];
$mountPoints[$mountPoint] = $options;
}
}
}
// All user mount points
if (isset($mountConfig[self::MOUNT_TYPE_USER]) && isset($mountConfig[self::MOUNT_TYPE_USER]['all'])) {
$mounts = $mountConfig[self::MOUNT_TYPE_USER]['all'];
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
$options['personal'] = false;
$options['options'] = self::decryptPasswords($options['options']);
if (!isset($options['priority'])) {
$options['priority'] = $backends[$options['class']]['priority'];
}
// Override if priority greater
if (!isset($mountPoints[$mountPoint]) || $options['priority'] >= $mountPoints[$mountPoint]['priority']) {
$options['priority_type'] = self::MOUNT_TYPE_GLOBAL;
$options['backend'] = $backends[$options['class']]['backend'];
$mountPoints[$mountPoint] = $options;
}
}
}
// Group mount points
if (isset($mountConfig[self::MOUNT_TYPE_GROUP])) {
foreach ($mountConfig[self::MOUNT_TYPE_GROUP] as $group => $mounts) {
if (\OC_Group::inGroup($user, $group)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
$options['personal'] = false;
$options['options'] = self::decryptPasswords($options['options']);
if (!isset($options['priority'])) {
$options['priority'] = $backends[$options['class']]['priority'];
}
// Override if priority greater or if priority type different
if (!isset($mountPoints[$mountPoint]) || $options['priority'] >= $mountPoints[$mountPoint]['priority'] || $mountPoints[$mountPoint]['priority_type'] !== self::MOUNT_TYPE_GROUP) {
$options['priority_type'] = self::MOUNT_TYPE_GROUP;
$options['backend'] = $backends[$options['class']]['backend'];
$mountPoints[$mountPoint] = $options;
}
}
}
}
}
// User mount points
if (isset($mountConfig[self::MOUNT_TYPE_USER])) {
foreach ($mountConfig[self::MOUNT_TYPE_USER] as $mountUser => $mounts) {
if (strtolower($mountUser) === strtolower($user)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
$options['personal'] = false;
$options['options'] = self::decryptPasswords($options['options']);
if (!isset($options['priority'])) {
$options['priority'] = $backends[$options['class']]['priority'];
}
// Override if priority greater or if priority type different
if (!isset($mountPoints[$mountPoint]) || $options['priority'] >= $mountPoints[$mountPoint]['priority'] || $mountPoints[$mountPoint]['priority_type'] !== self::MOUNT_TYPE_USER) {
$options['priority_type'] = self::MOUNT_TYPE_USER;
$options['backend'] = $backends[$options['class']]['backend'];
$mountPoints[$mountPoint] = $options;
}
}
}
}
}
$personalBackends = self::getPersonalBackends();
// Load personal mount points
$mountConfig = self::readData($user);
if (isset($mountConfig[self::MOUNT_TYPE_USER][$user])) {
foreach ($mountConfig[self::MOUNT_TYPE_USER][$user] as $mountPoint => $options) {
if (isset($personalBackends[$options['class']])) {
$options['personal'] = true;
$options['options'] = self::decryptPasswords($options['options']);
// Always override previous config
$options['priority_type'] = self::MOUNT_TYPE_PERSONAL;
$options['backend'] = $backends[$options['class']]['backend'];
$mountPoints[$mountPoint] = $options;
}
}
}
return $mountPoints;
}
/**
* @brief deletes a card
* @param integer $id id of card
* @return boolean true on success, otherwise an exception will be thrown
*/
public static function delete($id)
{
$contact = self::find($id);
if (!$contact) {
\OCP\Util::writeLog(App::$appname, __METHOD__ . ', id: ' . $id . ' not found.', \OCP\Util::DEBUG);
throw new \Exception(App::$l10n->t('Could not find the vCard with ID: ' . $id, 404));
}
$addressbook = Addressbook::find($contact['addressbookid']);
if (!$addressbook) {
throw new \Exception(App::$l10n->t('Could not find the Addressbook with ID: ' . $contact['addressbookid'], 404));
}
if ($addressbook['userid'] != \OCP\User::getUser() && !\OC_Group::inGroup(\OCP\User::getUser(), 'admin')) {
\OCP\Util::writeLog('contacts', __METHOD__ . ', ' . $addressbook['userid'] . ' != ' . \OCP\User::getUser(), \OCP\Util::DEBUG);
$sharedAddressbook = \OCP\Share::getItemSharedWithBySource(App::SHAREADDRESSBOOK, App::SHAREADDRESSBOOKPREFIX . $contact['addressbookid'], \OCP\Share::FORMAT_NONE, null, true);
$sharedContact = \OCP\Share::getItemSharedWithBySource(App::SHARECONTACT, App::SHARECONTACTPREFIX . $id, \OCP\Share::FORMAT_NONE, null, true);
$addressbook_permissions = 0;
$contact_permissions = 0;
if ($sharedAddressbook) {
$addressbook_permissions = $sharedAddressbook['permissions'];
}
if ($sharedContact) {
$contact_permissions = $sharedEvent['permissions'];
}
$permissions = max($addressbook_permissions, $contact_permissions);
if (!($permissions & \OCP\PERMISSION_DELETE)) {
throw new \Exception(App::$l10n->t('You do not have the permissions to delete this contact.', 403));
}
}
$aid = $contact['addressbookid'];
// \OC_Hook::emit('\OCA\ContactsPlus\VCard', 'pre_deleteVCard',
// array('aid' => null, 'id' => $id, 'uri' => null)
// );
$favorites = \OC::$server->getTagManager()->load(App::$appname)->getFavorites();
if (count($favorites) > 0) {
$favorites = \OC::$server->getTagManager()->load(App::$appname)->removeFromFavorites($id);
}
$stmt = \OCP\DB::prepare('DELETE FROM `' . App::ContactsTable . '` WHERE `id` = ?');
try {
$stmt->execute(array($id));
} catch (\Exception $e) {
\OCP\Util::writeLog(App::$appname, __METHOD__ . ', exception: ' . $e->getMessage(), \OCP\Util::ERROR);
\OCP\Util::writeLog(App::$appname, __METHOD__ . ', id: ' . $id, \OCP\Util::DEBUG);
throw new \Exception(App::$l10n->t('There was an error deleting this contact.'));
}
App::updateDBProperties($id);
//App::getVCategories()->purgeObject($id);
Addressbook::touch($addressbook['id']);
\OCP\Share::unshareAll(App::SHARECONTACT, $id);
return true;
}
public function testRemoveFromGroupAsIrelevantSubAdmin()
{
$user1 = $this->generateUsers();
self::loginAsUser($user1);
$user2 = $this->generateUsers();
$group1 = $this->getUniqueID();
$group2 = $this->getUniqueID();
\OC_Group::createGroup($group1);
\OC_Group::createGroup($group2);
\OC_Group::addToGroup($user1, $group1);
\OC_Group::addToGroup($user2, $group2);
\OC_SubAdmin::createSubAdmin($user1, $group1);
$result = \OCA\provisioning_api\Users::removeFromGroup(array('userid' => $user2, '_delete' => array('groupid' => $group2)));
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertTrue(\OC_Group::inGroup($user2, $group2));
\OC_Group::deleteGroup($group1);
\OC_Group::deleteGroup($group2);
}
/**
* Check if the user is a subadmin, redirects to home if not
* @return array $groups where the current user is subadmin
*/
public static function checkSubAdminUser()
{
// Check if we are a user
self::checkLoggedIn();
self::verifyUser();
if (OC_Group::inGroup(OC_User::getUser(), 'admin')) {
return true;
}
if (!OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php'));
exit;
}
return true;
}
<?php
// Init owncloud
require_once '../../lib/base.php';
// Check if we are a user
if (!OC_User::isLoggedIn() || !OC_Group::inGroup(OC_User::getUser(), 'admin')) {
OC_JSON::error(array("data" => array("message" => "Authentication error")));
exit;
}
$groups = array();
if (isset($_POST["groups"])) {
$groups = $_POST["groups"];
}
$username = $_POST["username"];
$password = $_POST["password"];
// Does the group exist?
if (in_array($username, OC_User::getUsers())) {
OC_JSON::error(array("data" => array("message" => "User already exists")));
exit;
}
// Return Success story
try {
OC_User::createUser($username, $password);
foreach ($groups as $i) {
if (!OC_Group::groupExists($i)) {
OC_Group::createGroup($i);
}
OC_Group::addToGroup($username, $i);
}
OC_JSON::success(array("data" => array("username" => $username, "groups" => implode(", ", OC_Group::getUserGroups($username)))));
} catch (Exception $exception) {
/**
* @brief imports a user, or owncloud instance
* @param $path string path to zip
* @param optional $type type of import (user or instance)
* @param optional $uid userid of new user
*/
public static function import($path, $type = 'user', $uid = null)
{
$datadir = OC_Config::getValue('datadirectory');
// Extract the zip
if (!($extractpath = self::extractZip($path))) {
return json_encode(array('success' => false));
}
// Get export_info.json
$scan = scandir($extractpath);
// Check for export_info.json
if (!in_array('export_info.json', $scan)) {
OC_Log::write('migration', 'Invalid import file, export_info.json not found', OC_Log::ERROR);
return json_encode(array('success' => false));
}
$json = json_decode(file_get_contents($extractpath . 'export_info.json'));
if ($json->exporttype != $type) {
OC_Log::write('migration', 'Invalid import file', OC_Log::ERROR);
return json_encode(array('success' => false));
}
self::$exporttype = $type;
$currentuser = OC_User::getUser();
// Have we got a user if type is user
if (self::$exporttype == 'user') {
self::$uid = !is_null($uid) ? $uid : $currentuser;
}
// We need to be an admin if we are not importing our own data
if ($type == 'user' && self::$uid != $currentuser || $type != 'user') {
if (!OC_Group::inGroup(OC_User::getUser(), 'admin')) {
// Naughty.
OC_Log::write('migration', 'Import not permitted.', OC_Log::ERROR);
return json_encode(array('success' => false));
}
}
// Handle export types
switch (self::$exporttype) {
case 'user':
// Check user availability
if (!OC_User::userExists(self::$uid)) {
OC_Log::write('migration', 'User doesn\'t exist', OC_Log::ERROR);
return json_encode(array('success' => false));
}
// Copy data
$userfolder = $extractpath . $json->exporteduser;
$newuserfolder = $datadir . '/' . self::$uid;
foreach (scandir($userfolder) as $file) {
if ($file !== '.' && $file !== '..' && is_dir($file)) {
// Then copy the folder over
OC_Helper::copyr($userfolder . '/' . $file, $newuserfolder . '/' . $file);
}
}
// Import user app data
if (file_exists($extractpath . $json->exporteduser . '/migration.db')) {
if (!($appsimported = self::importAppData($extractpath . $json->exporteduser . '/migration.db', $json, self::$uid))) {
return json_encode(array('success' => false));
}
}
// All done!
if (!self::unlink_r($extractpath)) {
OC_Log::write('migration', 'Failed to delete the extracted zip', OC_Log::ERROR);
}
return json_encode(array('success' => true, 'data' => $appsimported));
break;
case 'instance':
/*
* EXPERIMENTAL
// Check for new data dir and dbexport before doing anything
// TODO
// Delete current data folder.
OC_Log::write( 'migration', "Deleting current data dir", OC_Log::INFO );
if( !self::unlink_r( $datadir, false ) ) {
OC_Log::write( 'migration', 'Failed to delete the current data dir', OC_Log::ERROR );
return json_encode( array( 'success' => false ) );
}
// Copy over data
if( !self::copy_r( $extractpath . 'userdata', $datadir ) ) {
OC_Log::write( 'migration', 'Failed to copy over data directory', OC_Log::ERROR );
return json_encode( array( 'success' => false ) );
}
// Import the db
if( !OC_DB::replaceDB( $extractpath . 'dbexport.xml' ) ) {
return json_encode( array( 'success' => false ) );
}
// Done
return json_encode( array( 'success' => true ) );
*/
break;
}
}
/**
* Share an item with a user, group, or via private link
* @param string $itemType
* @param string $itemSource
* @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
* @param string $shareWith User or group the item is being shared with
* @param int $permissions CRUDS
* @param null $itemSourceName
* @throws \Exception
* @internal param \OCP\Item $string type
* @internal param \OCP\Item $string source
* @internal param \OCP\SHARE_TYPE_USER $int , SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
* @internal param \OCP\User $string or group the item is being shared with
* @internal param \OCP\CRUDS $int permissions
* @return bool|string Returns true on success or false on failure, Returns token on success for links
*/
public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions, $itemSourceName = null)
{
$uidOwner = \OC_User::getUser();
$sharingPolicy = \OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global');
if (is_null($itemSourceName)) {
$itemSourceName = $itemSource;
}
// verify that the file exists before we try to share it
if ($itemType === 'file' or $itemType === 'folder') {
$path = \OC\Files\Filesystem::getPath($itemSource);
if (!$path) {
$message = 'Sharing ' . $itemSourceName . ' failed, because the file does not exist';
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
}
// Verify share type and sharing conditions are met
if ($shareType === self::SHARE_TYPE_USER) {
if ($shareWith == $uidOwner) {
$message = 'Sharing ' . $itemSourceName . ' failed, because the user ' . $shareWith . ' is the item owner';
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
if (!\OC_User::userExists($shareWith)) {
$message = 'Sharing ' . $itemSourceName . ' failed, because the user ' . $shareWith . ' does not exist';
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
if ($sharingPolicy == 'groups_only') {
$inGroup = array_intersect(\OC_Group::getUserGroups($uidOwner), \OC_Group::getUserGroups($shareWith));
if (empty($inGroup)) {
$message = 'Sharing ' . $itemSourceName . ' failed, because the user ' . $shareWith . ' is not a member of any groups that ' . $uidOwner . ' is a member of';
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
}
// Check if the item source is already shared with the user, either from the same owner or a different user
if ($checkExists = self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups, $shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
// Only allow the same share to occur again if it is the same
// owner and is not a user share, this use case is for increasing
// permissions for a specific user
if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
$message = 'Sharing ' . $itemSourceName . ' failed, because this item is already shared with ' . $shareWith;
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
}
} else {
if ($shareType === self::SHARE_TYPE_GROUP) {
if (!\OC_Group::groupExists($shareWith)) {
$message = 'Sharing ' . $itemSourceName . ' failed, because the group ' . $shareWith . ' does not exist';
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
if ($sharingPolicy == 'groups_only' && !\OC_Group::inGroup($uidOwner, $shareWith)) {
$message = 'Sharing ' . $itemSourceName . ' failed, because ' . $uidOwner . ' is not a member of the group ' . $shareWith;
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
// Check if the item source is already shared with the group, either from the same owner or a different user
// The check for each user in the group is done inside the put() function
if ($checkExists = self::getItems($itemType, $itemSource, self::SHARE_TYPE_GROUP, $shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
// Only allow the same share to occur again if it is the same
// owner and is not a group share, this use case is for increasing
// permissions for a specific user
if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
$message = 'Sharing ' . $itemSourceName . ' failed, because this item is already shared with ' . $shareWith;
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
}
// Convert share with into an array with the keys group and users
$group = $shareWith;
$shareWith = array();
$shareWith['group'] = $group;
$shareWith['users'] = array_diff(\OC_Group::usersInGroup($group), array($uidOwner));
} else {
if ($shareType === self::SHARE_TYPE_LINK) {
if (\OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes') == 'yes') {
// when updating a link share
if ($checkExists = self::getItems($itemType, $itemSource, self::SHARE_TYPE_LINK, null, $uidOwner, self::FORMAT_NONE, null, 1)) {
// remember old token
$oldToken = $checkExists['token'];
$oldPermissions = $checkExists['permissions'];
//delete the old share
self::delete($checkExists['id']);
}
// Generate hash of password - same method as user passwords
if (isset($shareWith)) {
$forcePortable = CRYPT_BLOWFISH != 1;
$hasher = new \PasswordHash(8, $forcePortable);
$shareWith = $hasher->HashPassword($shareWith . \OC_Config::getValue('passwordsalt', ''));
} else {
// reuse the already set password, but only if we change permissions
// otherwise the user disabled the password protection
if ($checkExists && (int) $permissions !== (int) $oldPermissions) {
$shareWith = $checkExists['share_with'];
}
}
// Generate token
if (isset($oldToken)) {
$token = $oldToken;
} else {
$token = \OC_Util::generateRandomBytes(self::TOKEN_LENGTH);
}
$result = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, null, $token, $itemSourceName);
if ($result) {
return $token;
} else {
return false;
}
}
$message = 'Sharing ' . $itemSourceName . ' failed, because sharing with links is not allowed';
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
return false;
// } else if ($shareType === self::SHARE_TYPE_CONTACT) {
// if (!\OC_App::isEnabled('contacts')) {
// $message = 'Sharing '.$itemSource.' failed, because the contacts app is not enabled';
// \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR);
// return false;
// }
// $vcard = \OC_Contacts_App::getContactVCard($shareWith);
// if (!isset($vcard)) {
// $message = 'Sharing '.$itemSource.' failed, because the contact does not exist';
// \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR);
// throw new \Exception($message);
// }
// $details = \OC_Contacts_VCard::structureContact($vcard);
// // TODO Add ownCloud user to contacts vcard
// if (!isset($details['EMAIL'])) {
// $message = 'Sharing '.$itemSource.' failed, because no email address is associated with the contact';
// \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR);
// throw new \Exception($message);
// }
// return self::shareItem($itemType, $itemSource, self::SHARE_TYPE_EMAIL, $details['EMAIL'], $permissions);
} else {
// Future share types need to include their own conditions
$message = 'Share type ' . $shareType . ' is not valid for ' . $itemSource;
\OC_Log::write('OCP\\Share', $message, \OC_Log::ERROR);
throw new \Exception($message);
}
}
}
// If the item is a folder, scan through the folder looking for equivalent item types
// if ($itemType == 'folder') {
// $parentFolder = self::put('folder', $itemSource, $shareType, $shareWith, $uidOwner, $permissions, true);
// if ($parentFolder && $files = \OC\Files\Filesystem::getDirectoryContent($itemSource)) {
// for ($i = 0; $i < count($files); $i++) {
// $name = substr($files[$i]['name'], strpos($files[$i]['name'], $itemSource) - strlen($itemSource));
// if ($files[$i]['mimetype'] == 'httpd/unix-directory'
// && $children = \OC\Files\Filesystem::getDirectoryContent($name, '/')
// ) {
// // Continue scanning into child folders
// array_push($files, $children);
// } else {
// // Check file extension for an equivalent item type to convert to
// $extension = strtolower(substr($itemSource, strrpos($itemSource, '.') + 1));
// foreach (self::$backends as $type => $backend) {
// if (isset($backend->dependsOn) && $backend->dependsOn == 'file' && isset($backend->supportedFileExtensions) && in_array($extension, $backend->supportedFileExtensions)) {
// $itemType = $type;
// break;
// }
// }
// // Pass on to put() to check if this item should be converted, the item won't be inserted into the database unless it can be converted
// self::put($itemType, $name, $shareType, $shareWith, $uidOwner, $permissions, $parentFolder);
// }
// }
// return true;
// }
// return false;
// } else {
// Put the item into the database
return self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, null, null, $itemSourceName);
// }
}
/**
* @brief removes an address book
* @param integer $id
* @return boolean true on success, otherwise an exception will be thrown
*/
public static function delete($id)
{
$addressbook = self::find($id);
if ($addressbook['userid'] != \OCP\User::getUser() && !\OC_Group::inGroup(OCP\User::getUser(), 'admin')) {
$sharedAddressbook = \OCP\Share::getItemSharedWithBySource('addressbook', $id);
if (!$sharedAddressbook || !($sharedAddressbook['permissions'] & \OCP\PERMISSION_DELETE)) {
throw new Exception(App::$l10n->t('You do not have the permissions to delete this addressbook.'));
}
}
// First delete cards belonging to this addressbook.
$cards = VCard::all($id);
foreach ($cards as $card) {
try {
VCard::delete($card['id']);
} catch (Exception $e) {
\OCP\Util::writeLog('contacts', __METHOD__ . ', exception deleting vCard ' . $card['id'] . ': ' . $e->getMessage(), \OCP\Util::ERROR);
}
}
try {
$stmt = \OCP\DB::prepare('DELETE FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?');
$stmt->execute(array($id));
} catch (\Exception $e) {
\OCP\Util::writeLog('contacts', __METHOD__ . ', exception for ' . $id . ': ' . $e->getMessage(), \OCP\Util::ERROR);
throw new Exception(App::$l10n->t('There was an error deleting this addressbook.'));
}
\OCP\Share::unshareAll('addressbook', $id);
if (count(self::all(\OCP\User::getUser())) == 0) {
self::addDefault();
}
return true;
}
/**
* Get data to build the line chart about last 7 days used space evolution
*/
public static function getUsedSpaceOverTime($time)
{
$return = array();
if (OC_Group::inGroup(OCP\User::getUser(), 'admin')) {
foreach (OCP\User::getUsers() as $user) {
if (strcmp($time, 'daily') == 0) {
$return[$user] = self::getDataByUserToLineChart($user);
} else {
$return[$user] = self::getDataByUserToHistoChart($user);
}
}
} else {
if (strcmp($time, 'daily') == 0) {
$return[OCP\User::getUser()] = self::getDataByUserToLineChart(OCP\User::getUser());
} else {
$return[OCP\User::getUser()] = self::getDataByUserToHistoChart(OCP\User::getUser());
}
}
return $return;
}
private static function update_groups($uid, $groups, $protectedGroups = array(), $just_created = false)
{
if (!$just_created) {
$old_groups = OC_Group::getUserGroups($uid);
foreach ($old_groups as $group) {
if (!in_array($group, $protectedGroups) && !in_array($group, $groups)) {
// This does not affect groups from user_group_admin
OC_Group::removeFromGroup($uid, $group);
OC_Log::write('saml', 'Removed "' . $uid . '" from the group "' . $group . '"', OC_Log::DEBUG);
}
}
}
foreach ($groups as $group) {
if (preg_match('/[^a-zA-Z0-9 _\\.@\\-\\/]/', $group)) {
OC_Log::write('saml', 'Invalid group "' . $group . '", allowed chars "a-zA-Z0-9" and "_.@-/" ', OC_Log::DEBUG);
} else {
if (!OC_Group::inGroup($uid, $group)) {
if (!OC_Group::groupExists($group)) {
if (OCP\App::isEnabled('user_group_admin')) {
OC_User_Group_Admin_Util::createHiddenGroup($group);
} else {
OC_Group::createGroup($group);
}
OC_Log::write('saml', 'New group created: ' . $group, OC_Log::DEBUG);
}
if (OCP\App::isEnabled('user_group_admin')) {
OC_User_Group_Admin_Util::addToGroup($uid, $group);
} else {
OC_Group::addToGroup($uid, $group);
}
OC_Log::write('saml', 'Added "' . $uid . '" to the group "' . $group . '"', OC_Log::DEBUG);
}
}
}
}
?>
<div id="<?php
print $sc_sort;
?>
" class="personalblock">
<h3>
<img
src="<?php
print OCP\Util::imagePath('storagecharts2', 'move.png');
?>
" />
<?php
print $l->t($sc_sort_title) . ' ' . $l->t('for');
?>
"<?php
print OC_Group::inGroup(OCP\User::getUser(), 'admin') ? $l->t('all users') : OCP\User::getDisplayName();
?>
"
</h3>
<div id="<?php
print substr($sc_sort, 1);
?>
"
style="max-width: 100%; height: 400px; margin: 0 auto"></div>
<script type="text/javascript">$(document).ready(function(){<?php
print OC_DLStChartsLoader::loadChart($sc_sort, $l);
?>
});</script>
</div>
<?php
}
public static function init($root)
{
if (self::$defaultInstance) {
return false;
}
self::$defaultInstance = new OC_FilesystemView($root);
//load custom mount config
if (is_file(OC::$SERVERROOT . '/config/mount.php')) {
$mountConfig = (include OC::$SERVERROOT . '/config/mount.php');
if (isset($mountConfig['global'])) {
foreach ($mountConfig['global'] as $mountPoint => $options) {
self::mount($options['class'], $options['options'], $mountPoint);
}
}
if (isset($mountConfig['group'])) {
foreach ($mountConfig['group'] as $group => $mounts) {
if (OC_Group::inGroup(OC_User::getUser(), $group)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($option);
}
self::mount($options['class'], $options['options'], $mountPoint);
}
}
}
}
if (isset($mountConfig['user'])) {
foreach ($mountConfig['user'] as $user => $mounts) {
if ($user === 'all' or strtolower($user) === strtolower(OC_User::getUser())) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($option);
}
self::mount($options['class'], $options['options'], $mountPoint);
}
}
}
}
}
self::$loaded = true;
}
/**
* @brief Checks if the member, who is logged in currently, is the creator of the project
* @return boolean (true|false)
*/
public static function isAdmin()
{
//return OC_User::isAdminUser(OC_User::getUser());
$uid = OC_User::getUser();
$gid = "Collaboration Admin";
return OC_Group::inGroup($uid, $gid);
}
/**
* Returns the mount points for the given user.
* The mount point is relative to the data directory.
*
* @param string $user user
* @return array of mount point string as key, mountpoint config as value
*/
public static function getAbsoluteMountPoints($user)
{
$mountPoints = array();
$datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data");
$mount_file = \OC_Config::getValue("mount_file", $datadir . "/mount.json");
//move config file to it's new position
if (is_file(\OC::$SERVERROOT . '/config/mount.json')) {
rename(\OC::$SERVERROOT . '/config/mount.json', $mount_file);
}
// Load system mount points
$mountConfig = self::readData();
if (isset($mountConfig[self::MOUNT_TYPE_GLOBAL])) {
foreach ($mountConfig[self::MOUNT_TYPE_GLOBAL] as $mountPoint => $options) {
$options['options'] = self::decryptPasswords($options['options']);
$mountPoints[$mountPoint] = $options;
}
}
if (isset($mountConfig[self::MOUNT_TYPE_GROUP])) {
foreach ($mountConfig[self::MOUNT_TYPE_GROUP] as $group => $mounts) {
if (\OC_Group::inGroup($user, $group)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
$options['options'] = self::decryptPasswords($options['options']);
$mountPoints[$mountPoint] = $options;
}
}
}
}
if (isset($mountConfig[self::MOUNT_TYPE_USER])) {
foreach ($mountConfig[self::MOUNT_TYPE_USER] as $mountUser => $mounts) {
if ($mountUser === 'all' or strtolower($mountUser) === strtolower($user)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
$options['options'] = self::decryptPasswords($options['options']);
$mountPoints[$mountPoint] = $options;
}
}
}
}
// Load personal mount points
$mountConfig = self::readData($user);
if (isset($mountConfig[self::MOUNT_TYPE_USER][$user])) {
foreach ($mountConfig[self::MOUNT_TYPE_USER][$user] as $mountPoint => $options) {
$options['options'] = self::decryptPasswords($options['options']);
$mountPoints[$mountPoint] = $options;
}
}
return $mountPoints;
}
/**
* Unshare an item shared with the current user
* @param string $itemType
* @param string $itemOrigin Item target or source
* @param boolean $originIsSource true if $itemOrigin is the source, false if $itemOrigin is the target (optional)
* @return boolean true on success or false on failure
*
* Unsharing from self is not allowed for items inside collections
*/
public static function unshareFromSelf($itemType, $itemOrigin, $originIsSource = false)
{
$originType = $originIsSource ? 'source' : 'target';
$uid = \OCP\User::getUser();
if ($itemType === 'file' || $itemType === 'folder') {
$statement = 'SELECT * FROM `*PREFIX*share` WHERE `item_type` = ? and `file_' . $originType . '` = ?';
} else {
$statement = 'SELECT * FROM `*PREFIX*share` WHERE `item_type` = ? and `item_' . $originType . '` = ?';
}
$query = \OCP\DB::prepare($statement);
$result = $query->execute(array($itemType, $itemOrigin));
$shares = $result->fetchAll();
$listOfUnsharedItems = array();
$itemUnshared = false;
foreach ($shares as $share) {
if ((int) $share['share_type'] === \OCP\Share::SHARE_TYPE_USER && $share['share_with'] === $uid) {
$deletedShares = Helper::delete($share['id']);
$shareTmp = array('id' => $share['id'], 'shareWith' => $share['share_with'], 'itemTarget' => $share['item_target'], 'itemType' => $share['item_type'], 'shareType' => (int) $share['share_type']);
if (isset($share['file_target'])) {
$shareTmp['fileTarget'] = $share['file_target'];
}
$listOfUnsharedItems = array_merge($listOfUnsharedItems, $deletedShares, array($shareTmp));
$itemUnshared = true;
break;
} elseif ((int) $share['share_type'] === \OCP\Share::SHARE_TYPE_GROUP) {
if (\OC_Group::inGroup($uid, $share['share_with'])) {
$groupShare = $share;
}
} elseif ((int) $share['share_type'] === self::$shareTypeGroupUserUnique && $share['share_with'] === $uid) {
$uniqueGroupShare = $share;
}
}
if (!$itemUnshared && isset($groupShare) && !isset($uniqueGroupShare)) {
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share`' . ' (`item_type`, `item_source`, `item_target`, `parent`, `share_type`,' . ' `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`)' . ' VALUES (?,?,?,?,?,?,?,?,?,?,?)');
$query->execute(array($groupShare['item_type'], $groupShare['item_source'], $groupShare['item_target'], $groupShare['id'], self::$shareTypeGroupUserUnique, \OC_User::getUser(), $groupShare['uid_owner'], 0, $groupShare['stime'], $groupShare['file_source'], $groupShare['file_target']));
$shareTmp = array('id' => $groupShare['id'], 'shareWith' => $groupShare['share_with'], 'itemTarget' => $groupShare['item_target'], 'itemType' => $groupShare['item_type'], 'shareType' => (int) $groupShare['share_type']);
if (isset($groupShare['file_target'])) {
$shareTmp['fileTarget'] = $groupShare['file_target'];
}
$listOfUnsharedItems = array_merge($listOfUnsharedItems, array($groupShare));
$itemUnshared = true;
} elseif (!$itemUnshared && isset($uniqueGroupShare)) {
$query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = ? WHERE `id` = ?');
$query->execute(array(0, $uniqueGroupShare['id']));
$shareTmp = array('id' => $uniqueGroupShare['id'], 'shareWith' => $uniqueGroupShare['share_with'], 'itemTarget' => $uniqueGroupShare['item_target'], 'itemType' => $uniqueGroupShare['item_type'], 'shareType' => (int) $uniqueGroupShare['share_type']);
if (isset($uniqueGroupShare['file_target'])) {
$shareTmp['fileTarget'] = $uniqueGroupShare['file_target'];
}
$listOfUnsharedItems = array_merge($listOfUnsharedItems, array($uniqueGroupShare));
$itemUnshared = true;
}
if ($itemUnshared) {
\OC_Hook::emit('OCP\\Share', 'post_unshareFromSelf', array('unsharedItems' => $listOfUnsharedItems, 'itemType' => $itemType));
}
return $itemUnshared;
}
/**
* @brief merges two calendars
* @param integer $id1
* @param integer $id2
* @return boolean
*/
public static function mergeCalendar($id1, $id2)
{
$calendar = self::find($id1);
if ($calendar['userid'] != OCP\User::getUser() && !OC_Group::inGroup(OCP\User::getUser(), 'admin')) {
$sharedCalendar = OCP\Share::getItemSharedWithBySource('calendar', $id1);
if (!$sharedCalendar || !($sharedCalendar['permissions'] & OCP\PERMISSION_UPDATE)) {
throw new Exception(OC_Calendar_App::$l10n->t('You do not have the permissions to add to this calendar.'));
}
}
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*clndr_objects` SET `calendarid` = ? WHERE `calendarid` = ?');
$stmt->execute(array($id1, $id2));
self::touchCalendar($id1);
self::deleteCalendar($id2);
}
/**
* Check if the user is an admin user
*
* @param string $uid uid of the admin
* @return bool
*/
public static function isAdminUser($uid)
{
if (OC_Group::inGroup($uid, 'admin') && self::$incognitoMode === false) {
return true;
}
return false;
}
OC_JSON::error(array('data' => array('message' => $l->t('Admins can\'t remove themself from the admin group'))));
exit;
}
if (!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
$l = OC_L10N::get('core');
OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
if (!OC_Group::groupExists($group)) {
OC_Group::createGroup($group);
}
$l = OC_L10N::get('settings');
$error = $l->t("Unable to add user to group %s", $group);
$action = "add";
// Toggle group
if (OC_Group::inGroup($username, $group)) {
$action = "remove";
$error = $l->t("Unable to remove user from group %s", $group);
$success = OC_Group::removeFromGroup($username, $group);
$usersInGroup = OC_Group::usersInGroup($group);
if (count($usersInGroup) == 0) {
OC_Group::deleteGroup($group);
}
} else {
$success = OC_Group::addToGroup($username, $group);
}
// Return Success story
if ($success) {
OC_JSON::success(array("data" => array("username" => $username, "action" => $action, "groupname" => $group)));
} else {
OC_JSON::error(array("data" => array("message" => $error)));
<?php
// Init owncloud
require_once '../../lib/base.php';
OCP\JSON::callCheck();
// Check if we are a user
if (!OC_User::isLoggedIn() || !OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
OC_JSON::error(array("data" => array("message" => "Authentication error")));
exit;
}
OCP\JSON::callCheck();
$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin') ? true : false;
if ($isadmin) {
$groups = array();
if (isset($_POST["groups"])) {
$groups = $_POST["groups"];
}
} else {
if (isset($_POST["groups"])) {
$groups = array();
foreach ($_POST["groups"] as $group) {
if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) {
$groups[] = $group;
}
}
if (count($groups) == 0) {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
/**
* @brief Check if the user is an admin user
* @param $uid uid of the admin
* @returns bool
*/
public static function isAdminUser($uid)
{
if (OC_Group::inGroup($uid, 'admin')) {
return true;
}
return false;
}
/**
* check if mount point is applicable to user
*
* @param array $mount contains $mount['applicable']['users'], $mount['applicable']['groups']
* @return boolean
*/
protected function isMountPointApplicableToUser($mount)
{
$uid = \OCP\User::getUser();
$acceptedUids = array('all', $uid);
// check if mount point is applicable for the user
$intersection = array_intersect($acceptedUids, $mount['applicable']['users']);
if (!empty($intersection)) {
return true;
}
// check if mount point is applicable for group where the user is a member
foreach ($mount['applicable']['groups'] as $gid) {
if (\OC_Group::inGroup($uid, $gid)) {
return true;
}
}
return false;
}
/**
* Initialize system and personal mount points for a user
*
* @param string $user
*/
public static function initMountPoints($user = '')
{
if ($user == '') {
$user = \OC_User::getUser();
}
$parser = new \OC\ArrayParser();
$root = \OC_User::getHome($user);
self::mount('\\OC\\Files\\Storage\\Local', array('datadir' => $root), $user);
$datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data");
//move config file to it's new position
if (is_file(\OC::$SERVERROOT . '/config/mount.json')) {
rename(\OC::$SERVERROOT . '/config/mount.json', $datadir . '/mount.json');
}
// Load system mount points
if (is_file(\OC::$SERVERROOT . '/config/mount.php') or is_file($datadir . '/mount.json')) {
if (is_file($datadir . '/mount.json')) {
$mountConfig = json_decode(file_get_contents($datadir . '/mount.json'), true);
} elseif (is_file(\OC::$SERVERROOT . '/config/mount.php')) {
$mountConfig = $parser->parsePHP(file_get_contents(\OC::$SERVERROOT . '/config/mount.php'));
}
if (isset($mountConfig['global'])) {
foreach ($mountConfig['global'] as $mountPoint => $options) {
self::mount($options['class'], $options['options'], $mountPoint);
}
}
if (isset($mountConfig['group'])) {
foreach ($mountConfig['group'] as $group => $mounts) {
if (\OC_Group::inGroup($user, $group)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
self::mount($options['class'], $options['options'], $mountPoint);
}
}
}
}
if (isset($mountConfig['user'])) {
foreach ($mountConfig['user'] as $mountUser => $mounts) {
if ($mountUser === 'all' or strtolower($mountUser) === strtolower($user)) {
foreach ($mounts as $mountPoint => $options) {
$mountPoint = self::setUserVars($user, $mountPoint);
foreach ($options as &$option) {
$option = self::setUserVars($user, $option);
}
self::mount($options['class'], $options['options'], $mountPoint);
}
}
}
}
}
// Load personal mount points
if (is_file($root . '/mount.php') or is_file($root . '/mount.json')) {
if (is_file($root . '/mount.json')) {
$mountConfig = json_decode(file_get_contents($root . '/mount.json'), true);
} elseif (is_file($root . '/mount.php')) {
$mountConfig = $parser->parsePHP(file_get_contents($root . '/mount.php'));
}
if (isset($mountConfig['user'][$user])) {
foreach ($mountConfig['user'][$user] as $mountPoint => $options) {
self::mount($options['class'], $options['options'], $mountPoint);
}
}
}
// Chance to mount for other storages
\OC_Hook::emit('OC_Filesystem', 'post_initMountPoints', array('user' => $user, 'user_dir' => $root));
}
