public function __construct($AppName, IRequest $Request, $CurrentUID, IL10N $L10N)
{
parent::__construct($AppName, $Request);
$this->CurrentUID = $CurrentUID;
$this->L10N = $L10N;
if (strcmp(Config::getSystemValue('dbtype'), 'pgsql') == 0) {
$this->DbType = 1;
}
$this->CanCheckForUpdate = Tools::CanCheckForUpdate();
$this->Settings = new Settings();
$this->Settings->SetKey('WhichDownloader');
$this->WhichDownloader = $this->Settings->GetValue();
$this->WhichDownloader = is_null($this->WhichDownloader) ? 'ARIA2' : $this->WhichDownloader;
$this->Settings->SetKey('AllowProtocolHTTP');
$this->AllowProtocolHTTP = $this->Settings->GetValue();
$this->AllowProtocolHTTP = is_null($this->AllowProtocolHTTP) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolHTTP, 'Y') == 0;
$this->Settings->SetKey('AllowProtocolFTP');
$this->AllowProtocolFTP = $this->Settings->GetValue();
$this->AllowProtocolFTP = is_null($this->AllowProtocolFTP) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolFTP, 'Y') == 0;
$this->Settings->SetKey('AllowProtocolYT');
$this->AllowProtocolYT = $this->Settings->GetValue();
$this->AllowProtocolYT = is_null($this->AllowProtocolYT) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolYT, 'Y') == 0;
$this->Settings->SetKey('AllowProtocolBT');
$this->AllowProtocolBT = $this->Settings->GetValue();
$this->AllowProtocolBT = is_null($this->AllowProtocolBT) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolBT, 'Y') == 0;
}
/**
* Check if the user is a admin, send json error msg if not
*/
public static function checkAdminUser()
{
if (!OC_User::isAdminUser(OC_User::getUser())) {
$l = OC_L10N::get('lib');
self::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
}
/**
* Check if the user is a admin, send json error msg if not.
* @deprecated Use annotation based ACLs from the AppFramework instead
*/
public static function checkAdminUser()
{
if (!OC_User::isAdminUser(OC_User::getUser())) {
$l = \OC::$server->getL10N('lib');
self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error')));
exit;
}
}
public static function Add($URL)
{
try {
self::Load();
$URL = urldecode($URL);
if (Tools::CheckURL($URL)) {
if (preg_match('/^https{0,1}:\\/\\/www\\.youtube\\.com\\/watch\\?v=.*$/', $URL) == 1) {
if (!self::$AllowProtocolYT && !\OC_User::isAdminUser(self::$CurrentUID)) {
return array('ERROR' => true, 'MESSAGE' => 'Notallowedtouseprotocolyt');
}
$YouTube = new YouTube(self::$YTDLBinary, $URL);
if (!is_null(self::$ProxyAddress) && self::$ProxyPort > 0 && self::$ProxyPort <= 65536) {
$YouTube->SetProxy(self::$ProxyAddress, self::$ProxyPort);
}
$VideoData = $YouTube->GetVideoData();
if (!isset($VideoData['VIDEO']) || !isset($VideoData['FULLNAME'])) {
return array('ERROR' => true, 'MESSAGE' => 'UnabletoretrievetrueYouTubevideoURL');
}
$DL = array('URL' => $VideoData['VIDEO'], 'FILENAME' => Tools::CleanString($VideoData['FULLNAME']), 'PROTO' => 'Video');
} else {
if (!self::$AllowProtocolHTTP && !\OC_User::isAdminUser(self::$CurrentUID) && Tools::StartsWith(strtolower($URL), 'http')) {
return array('ERROR' => true, 'MESSAGE' => 'Notallowedtouseprotocolhttp');
} elseif (!self::$AllowProtocolFTP && !\OC_User::isAdminUser(self::$CurrentUID) && Tools::StartsWith(strtolower($URL), 'ftp')) {
return array('ERROR' => true, 'MESSAGE' => 'Notallowedtouseprotocolftp');
}
$DL = array('URL' => $URL, 'FILENAME' => Tools::CleanString(substr($URL, strrpos($URL, '/') + 1)), 'PROTO' => strtoupper(substr($URL, 0, strpos($URL, ':'))));
}
$OPTIONS = array('dir' => self::$AbsoluteDownloadsFolder, 'out' => $DL['FILENAME'], 'follow-torrent' => false);
if (!is_null(self::$ProxyAddress) && self::$ProxyPort > 0 && self::$ProxyPort <= 65536) {
$OPTIONS['all-proxy'] = rtrim(self::$ProxyAddress, '/') . ':' . self::$ProxyPort;
if (!is_null(self::$ProxyUser) && !is_null(self::$ProxyPasswd)) {
$OPTIONS['all-proxy-user'] = self::$ProxyUser;
$OPTIONS['all-proxy-passwd'] = self::$ProxyPasswd;
}
}
$AddURI = self::$WhichDownloader == 0 ? Aria2::AddUri(array($DL['URL']), array('Params' => $OPTIONS)) : CURL::AddUri($DL['URL'], $OPTIONS);
if (isset($AddURI['result']) && !is_null($AddURI['result'])) {
$SQL = 'INSERT INTO `*PREFIX*ocdownloader_queue` (`UID`, `GID`, `FILENAME`, `PROTOCOL`, `IS_CLEANED`, `STATUS`, `TIMESTAMP`) VALUES (?, ?, ?, ?, ?, ?, ?)';
if (self::$DbType == 1) {
$SQL = 'INSERT INTO *PREFIX*ocdownloader_queue ("UID", "GID", "FILENAME", "PROTOCOL", "IS_CLEANED", "STATUS", "TIMESTAMP") VALUES (?, ?, ?, ?, ?, ?, ?)';
}
$Query = \OCP\DB::prepare($SQL);
$Result = $Query->execute(array(self::$CurrentUID, $AddURI['result'], $DL['FILENAME'], strcmp($DL['PROTO'], 'Video') == 0 ? 'YT ' . (string) self::$L10N->t('Video') : $DL['PROTO'], 1, 1, time()));
return array('ERROR' => false, 'FILENAME' => $DL['FILENAME']);
} else {
return array('ERROR' => true, 'MESSAGE' => 'ReturnedGIDisnullIsAria2crunningasadaemon');
}
} else {
return array('ERROR' => true, 'MESSAGE' => 'InvalidURL');
}
} catch (Exception $E) {
return array('ERROR' => true, 'MESSAGE' => 'Unabletolaunchthedownload');
}
}
/**
* returns an array of users in the group specified
*/
public static function getGroup($parameters)
{
// Check the group exists
if (!OC_Group::groupExists($parameters['groupid'])) {
return new OC_OCS_Result(null, \OC_API::RESPOND_NOT_FOUND, 'The requested group could not be found');
}
// Check subadmin has access to this group
if (\OC_User::isAdminUser(\OC_User::getUser()) || in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups(\OC_User::getUser()))) {
return new OC_OCS_Result(array('users' => OC_Group::usersInGroup($parameters['groupid'])));
} else {
return new OC_OCS_Result(null, \OC_API::RESPOND_UNAUTHORISED, 'User does not have access to specified group');
}
}
public static function getUserPrivatekey($parameters)
{
$user = OC_User::getUser();
if (OC_User::isAdminUser($user) or $user == $parameters['user']) {
if (OC_User::userExists($user)) {
// calculate the disc space
$txt = 'this is the private key of ' . $parameters['user'];
echo $txt;
} else {
return new OC_OCS_Result(null, 300, 'User does not exist');
}
} else {
return new OC_OCS_Result('null', 300, 'You don´t have permission to access this ressource.');
}
}
public static function deleteComment($id)
{
if (!USER_CONVERSATIONS_CAN_DELETE) {
return false;
}
$query = OCP\DB::prepare('SELECT author FROM *PREFIX*conversations WHERE id = ?');
$result = $query->execute(array($id))->fetch();
$uid = OC_User::getUser();
if ($result['author'] == $uid || OC_User::isAdminUser($uid)) {
$query = OCP\DB::prepare('DELETE FROM *PREFIX*conversations WHERE id = ?');
$query->execute(array($id));
return true;
} else {
return false;
}
}
/**
* gets user info
*
* exposes the quota of an user:
* <data>
* <quota>
* <free>1234</free>
* <used>4321</used>
* <total>5555</total>
* <ralative>0.78</ralative>
* </quota>
* </data>
*
* @param array $parameters should contain parameter 'userid' which identifies
* the user from whom the information will be returned
*/
public static function getUser($parameters)
{
$return = array();
// Check if they are viewing information on themselves
if ($parameters['userid'] === OC_User::getUser()) {
// Self lookup
$storage = OC_Helper::getStorageInfo('/');
$return['quota'] = array('free' => $storage['free'], 'used' => $storage['used'], 'total' => $storage['total'], 'relative' => $storage['relative']);
}
if (OC_User::isAdminUser(OC_User::getUser()) || OC_Subadmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) {
if (OC_User::userExists($parameters['userid'])) {
// Is an admin/subadmin so can see display name
$return['displayname'] = OC_User::getDisplayName($parameters['userid']);
} else {
return new OC_OCS_Result(null, 101);
}
}
if (count($return)) {
return new OC_OCS_Result($return);
} else {
// No permission to view this user data
return new OC_OCS_Result(null, 997);
}
}
// Set the content type to Javascript
header("Content-type: text/javascript");
// Disallow caching
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Enable l10n support
$l = \OC::$server->getL10N('core');
// Enable OC_Defaults support
$defaults = new OC_Defaults();
// Get the config
$apps_paths = array();
foreach (OC_App::getEnabledApps() as $app) {
$apps_paths[$app] = OC_App::getAppWebPath($app);
}
$config = \OC::$server->getConfig();
$value = $config->getAppValue('core', 'shareapi_default_expire_date', 'no');
$defaultExpireDateEnabled = $value === 'yes' ? true : false;
$defaultExpireDate = $enforceDefaultExpireDate = null;
if ($defaultExpireDateEnabled) {
$defaultExpireDate = (int) $config->getAppValue('core', 'shareapi_expire_after_n_days', '7');
$value = $config->getAppValue('core', 'shareapi_enforce_expire_date', 'no');
$enforceDefaultExpireDate = $value === 'yes' ? true : false;
}
$outgoingServer2serverShareEnabled = $config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes';
$array = array("oc_debug" => defined('DEBUG') && DEBUG ? 'true' : 'false', "oc_isadmin" => OC_User::isAdminUser(OC_User::getUser()) ? 'true' : 'false', "oc_webroot" => "\"" . OC::$WEBROOT . "\"", "oc_appswebroots" => str_replace('\\/', '/', json_encode($apps_paths)), "datepickerFormatDate" => json_encode($l->getDateFormat()), "dayNames" => json_encode(array((string) $l->t('Sunday'), (string) $l->t('Monday'), (string) $l->t('Tuesday'), (string) $l->t('Wednesday'), (string) $l->t('Thursday'), (string) $l->t('Friday'), (string) $l->t('Saturday'))), "monthNames" => json_encode(array((string) $l->t('January'), (string) $l->t('February'), (string) $l->t('March'), (string) $l->t('April'), (string) $l->t('May'), (string) $l->t('June'), (string) $l->t('July'), (string) $l->t('August'), (string) $l->t('September'), (string) $l->t('October'), (string) $l->t('November'), (string) $l->t('December'))), "firstDay" => json_encode($l->getFirstWeekDay()), "oc_config" => json_encode(array('session_lifetime' => min(\OCP\Config::getSystemValue('session_lifetime', ini_get('session.gc_maxlifetime')), ini_get('session.gc_maxlifetime')), 'session_keepalive' => \OCP\Config::getSystemValue('session_keepalive', true), 'version' => implode('.', OC_Util::getVersion()), 'versionstring' => OC_Util::getVersionString(), 'enable_avatars' => \OC::$server->getConfig()->getSystemValue('enable_avatars', true))), "oc_appconfig" => json_encode(array("core" => array('defaultExpireDateEnabled' => $defaultExpireDateEnabled, 'defaultExpireDate' => $defaultExpireDate, 'defaultExpireDateEnforced' => $enforceDefaultExpireDate, 'enforcePasswordForPublicLink' => \OCP\Util::isPublicLinkPasswordRequired(), 'sharingDisabledForUser' => \OCP\Util::isSharingDisabledForUser(), 'resharingAllowed' => \OCP\Share::isResharingAllowed(), 'remoteShareAllowed' => $outgoingServer2serverShareEnabled, 'federatedCloudShareDoc' => \OC::$server->getURLGenerator()->linkToDocs('user-sharing-federated')))), "oc_defaults" => json_encode(array('entity' => $defaults->getEntity(), 'name' => $defaults->getName(), 'title' => $defaults->getTitle(), 'baseUrl' => $defaults->getBaseUrl(), 'syncClientUrl' => $defaults->getSyncClientUrl(), 'docBaseUrl' => $defaults->getDocBaseUrl(), 'slogan' => $defaults->getSlogan(), 'logoClaim' => $defaults->getLogoClaim(), 'shortFooter' => $defaults->getShortFooter(), 'longFooter' => $defaults->getLongFooter())));
// Allow hooks to modify the output values
OC_Hook::emit('\\OCP\\Config', 'js', array('array' => &$array));
// Echo it
foreach ($array as $setting => $value) {
echo "var " . $setting . "=" . $value . ";\n";
}
/**
* @return boolean
*/
function isAdminUser()
{
$uid = $this->getUserId();
return \OC_User::isAdminUser($uid);
}
/**
* @param array $urlParams
*/
public function __construct(array $urlParams = [])
{
parent::__construct('settings', $urlParams);
$container = $this->getContainer();
/**
* Controllers
*/
$container->registerService('MailSettingsController', function (IContainer $c) {
return new MailSettingsController($c->query('AppName'), $c->query('Request'), $c->query('L10N'), $c->query('Config'), $c->query('UserSession'), $c->query('Defaults'), $c->query('Mailer'), $c->query('DefaultMailAddress'));
});
$container->registerService('EncryptionController', function (IContainer $c) {
return new EncryptionController($c->query('AppName'), $c->query('Request'), $c->query('L10N'), $c->query('Config'), $c->query('DatabaseConnection'), $c->query('UserManager'), new View(), $c->query('Logger'));
});
$container->registerService('AppSettingsController', function (IContainer $c) {
return new AppSettingsController($c->query('AppName'), $c->query('Request'), $c->query('L10N'), $c->query('Config'), $c->query('ICacheFactory'), $c->query('INavigationManager'), $c->query('IAppManager'), $c->query('OcsClient'));
});
$container->registerService('AuthSettingsController', function (IContainer $c) {
return new AuthSettingsController($c->query('AppName'), $c->query('Request'), $c->query('ServerContainer')->query('OC\\Authentication\\Token\\IProvider'), $c->query('UserManager'), $c->query('ServerContainer')->getSession(), $c->query('ServerContainer')->getSecureRandom(), $c->query('UserId'));
});
$container->registerService('SecuritySettingsController', function (IContainer $c) {
return new SecuritySettingsController($c->query('AppName'), $c->query('Request'), $c->query('Config'));
});
$container->registerService('CertificateController', function (IContainer $c) {
return new CertificateController($c->query('AppName'), $c->query('Request'), $c->query('CertificateManager'), $c->query('SystemCertificateManager'), $c->query('L10N'), $c->query('IAppManager'));
});
$container->registerService('GroupsController', function (IContainer $c) {
return new GroupsController($c->query('AppName'), $c->query('Request'), $c->query('GroupManager'), $c->query('UserSession'), $c->query('IsAdmin'), $c->query('L10N'));
});
$container->registerService('UsersController', function (IContainer $c) {
return new UsersController($c->query('AppName'), $c->query('Request'), $c->query('UserManager'), $c->query('GroupManager'), $c->query('UserSession'), $c->query('Config'), $c->query('IsAdmin'), $c->query('L10N'), $c->query('Logger'), $c->query('Defaults'), $c->query('Mailer'), $c->query('DefaultMailAddress'), $c->query('URLGenerator'), $c->query('OCP\\App\\IAppManager'), $c->query('OCP\\IAvatarManager'));
});
$container->registerService('LogSettingsController', function (IContainer $c) {
return new LogSettingsController($c->query('AppName'), $c->query('Request'), $c->query('Config'), $c->query('L10N'));
});
$container->registerService('CheckSetupController', function (IContainer $c) {
return new CheckSetupController($c->query('AppName'), $c->query('Request'), $c->query('Config'), $c->query('ClientService'), $c->query('URLGenerator'), $c->query('Util'), $c->query('L10N'), $c->query('Checker'));
});
/**
* Middleware
*/
$container->registerService('SubadminMiddleware', function (IContainer $c) {
return new SubadminMiddleware($c->query('ControllerMethodReflector'), $c->query('IsSubAdmin'));
});
// Execute middlewares
$container->registerMiddleware('SubadminMiddleware');
/**
* Core class wrappers
*/
$container->registerService('Config', function (IContainer $c) {
return $c->query('ServerContainer')->getConfig();
});
$container->registerService('ICacheFactory', function (IContainer $c) {
return $c->query('ServerContainer')->getMemCacheFactory();
});
$container->registerService('L10N', function (IContainer $c) {
return $c->query('ServerContainer')->getL10N('settings');
});
$container->registerService('GroupManager', function (IContainer $c) {
return $c->query('ServerContainer')->getGroupManager();
});
$container->registerService('UserManager', function (IContainer $c) {
return $c->query('ServerContainer')->getUserManager();
});
$container->registerService('UserSession', function (IContainer $c) {
return $c->query('ServerContainer')->getUserSession();
});
/** FIXME: Remove once OC_User is non-static and mockable */
$container->registerService('IsAdmin', function (IContainer $c) {
return \OC_User::isAdminUser(\OC_User::getUser());
});
/** FIXME: Remove once OC_SubAdmin is non-static and mockable */
$container->registerService('IsSubAdmin', function (IContainer $c) {
$userObject = \OC::$server->getUserSession()->getUser();
$isSubAdmin = false;
if ($userObject !== null) {
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
}
return $isSubAdmin;
});
$container->registerService('Mailer', function (IContainer $c) {
return $c->query('ServerContainer')->getMailer();
});
$container->registerService('Defaults', function (IContainer $c) {
return new \OC_Defaults();
});
$container->registerService('DefaultMailAddress', function (IContainer $c) {
return Util::getDefaultEmailAddress('no-reply');
});
$container->registerService('Logger', function (IContainer $c) {
return $c->query('ServerContainer')->getLogger();
});
$container->registerService('URLGenerator', function (IContainer $c) {
return $c->query('ServerContainer')->getURLGenerator();
});
$container->registerService('ClientService', function (IContainer $c) {
return $c->query('ServerContainer')->getHTTPClientService();
});
$container->registerService('INavigationManager', function (IContainer $c) {
return $c->query('ServerContainer')->getNavigationManager();
});
$container->registerService('IAppManager', function (IContainer $c) {
return $c->query('ServerContainer')->getAppManager();
});
$container->registerService('OcsClient', function (IContainer $c) {
return $c->query('ServerContainer')->getOcsClient();
});
$container->registerService('Util', function (IContainer $c) {
return new \OC_Util();
});
$container->registerService('DatabaseConnection', function (IContainer $c) {
return $c->query('ServerContainer')->getDatabaseConnection();
});
$container->registerService('CertificateManager', function (IContainer $c) {
return $c->query('ServerContainer')->getCertificateManager();
});
$container->registerService('SystemCertificateManager', function (IContainer $c) {
return $c->query('ServerContainer')->getCertificateManager(null);
});
$container->registerService('Checker', function (IContainer $c) {
/** @var Server $server */
$server = $c->query('ServerContainer');
return $server->getIntegrityCodeChecker();
});
}
/**
* authenticate the api call
* @param array $action the action details as supplied to OC_API::register()
* @return bool
*/
private static function isAuthorised($action)
{
$level = $action['authlevel'];
switch ($level) {
case API::GUEST_AUTH:
// Anyone can access
return true;
case API::USER_AUTH:
// User required
return self::loginUser();
case API::SUBADMIN_AUTH:
// Check for subadmin
$user = self::loginUser();
if (!$user) {
return false;
} else {
$userObject = \OC::$server->getUserSession()->getUser();
if ($userObject === null) {
return false;
}
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
$admin = OC_User::isAdminUser($user);
if ($isSubAdmin || $admin) {
return true;
} else {
return false;
}
}
case API::ADMIN_AUTH:
// Check for admin
$user = self::loginUser();
if (!$user) {
return false;
} else {
return OC_User::isAdminUser($user);
}
default:
// oops looks like invalid level supplied
return false;
}
}
/**
* Returns the Settings Navigation
* @return string
*
* This function returns an array containing all settings pages added. The
* entries are sorted by the key 'order' ascending.
*/
public static function getSettingsNavigation()
{
$l = \OC::$server->getL10N('lib');
$settings = array();
// by default, settings only contain the help menu
if (OC_Util::getEditionString() === '' && OC_Config::getValue('knowledgebaseenabled', true) == true) {
$settings = array(array("id" => "help", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_help"), "name" => $l->t("Help"), "icon" => OC_Helper::imagePath("settings", "help.svg")));
}
// if the user is logged-in
if (OC_User::isLoggedIn()) {
// personal menu
$settings[] = array("id" => "personal", "order" => 1, "href" => OC_Helper::linkToRoute("settings_personal"), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath("settings", "personal.svg"));
// if there are some settings forms
if (!empty(self::$settingsForms)) {
// settings menu
$settings[] = array("id" => "settings", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_settings"), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath("settings", "settings.svg"));
}
//SubAdmins are also allowed to access user management
if (OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
// admin users menu
$settings[] = array("id" => "core_users", "order" => 2, "href" => OC_Helper::linkToRoute("settings_users"), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath("settings", "users.svg"));
}
// if the user is an admin
if (OC_User::isAdminUser(OC_User::getUser())) {
// admin settings
$settings[] = array("id" => "admin", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_admin"), "name" => $l->t("Admin"), "icon" => OC_Helper::imagePath("settings", "admin.svg"));
}
}
$navigation = self::proceedNavigation($settings);
return $navigation;
}
*/
OC_Util::checkSubAdminUser();
OC_App::setActiveNavigationEntry('core_users');
$userManager = \OC_User::getManager();
$groupManager = \OC_Group::getManager();
// Set the sort option: SORT_USERCOUNT or SORT_GROUPNAME
$sortGroupsBy = \OC\Group\MetaData::SORT_USERCOUNT;
if (\OC_App::isEnabled('user_ldap')) {
$isLDAPUsed = $groupManager->isBackendUsed('\\OCA\\user_ldap\\GROUP_LDAP') || $groupManager->isBackendUsed('\\OCA\\user_ldap\\Group_Proxy');
if ($isLDAPUsed) {
// LDAP user count can be slow, so we sort by group name here
$sortGroupsBy = \OC\Group\MetaData::SORT_GROUPNAME;
}
}
$config = \OC::$server->getConfig();
$isAdmin = OC_User::isAdminUser(OC_User::getUser());
$groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager);
$groupsInfo->setSorting($sortGroupsBy);
list($adminGroup, $groups) = $groupsInfo->get();
$recoveryAdminEnabled = OC_App::isEnabled('encryption') && $config->getAppValue('encryption', 'recoveryAdminEnabled', null);
if ($isAdmin) {
$subadmins = OC_SubAdmin::getAllSubAdmins();
} else {
/* Retrieve group IDs from $groups array, so we can pass that information into OC_Group::displayNamesInGroups() */
$gids = array();
foreach ($groups as $group) {
if (isset($group['id'])) {
$gids[] = $group['id'];
}
}
$subadmins = false;
/**
* authenticate the api call
* @param array $action the action details as supplied to OC_API::register()
* @return bool
*/
private static function isAuthorised($action)
{
$level = $action['authlevel'];
switch ($level) {
case API::GUEST_AUTH:
// Anyone can access
return true;
break;
case API::USER_AUTH:
// User required
return self::loginUser();
break;
case API::SUBADMIN_AUTH:
// Check for subadmin
$user = self::loginUser();
if (!$user) {
return false;
} else {
$subAdmin = OC_SubAdmin::isSubAdmin($user);
$admin = OC_User::isAdminUser($user);
if ($subAdmin || $admin) {
return true;
} else {
return false;
}
}
break;
case API::ADMIN_AUTH:
// Check for admin
$user = self::loginUser();
if (!$user) {
return false;
} else {
return OC_User::isAdminUser($user);
}
break;
default:
// oops looks like invalid level supplied
return false;
break;
}
}
public function __construct(array $urlParams = array())
{
parent::__construct('sharing_group', $urlParams);
$container = $this->getContainer();
$container->registerService('UserHooks', function ($c) {
return new UserHooks($c->query('ServerContainer')->getUserManager());
});
$container->registerService('ActivityApplication', function ($c) {
return new \OCA\Activity\AppInfo\Application();
});
$container->registerService('Hooks', function (IContainer $c) {
return new FilesHooks($c->query('ActivityApplication')->getContainer()->query('ActivityData'), $c->query('ActivityApplication')->getContainer()->query('UserSettings'), $c->query('ActivityApplication')->getContainer()->query('CurrentUID'));
});
$container->registerService('GroupData', function (IContainer $c) {
return new Data();
});
$container->registerService('CurrentUID', function (IContainer $c) {
$server = $c->query('ServerContainer');
$user = $server->getUserSession()->getUser();
return $user ? $user->getUID() : '';
});
$container->registerService('SharingGroupsController', function (IContainer $c) {
return new SharingGroupsController($c->query('AppName'), $c->query('Request'), $c->query('GroupData'), $c->query('CurrentUID'));
});
$container->registerService('SettingsApplication', function (IContainer $c) {
return new \OC\Settings\Application();
});
$container->registerService('SharingGroupL10N', function (IContainer $c) {
return $c->query('ServerContainer')->getL10N('sharing_group');
});
$container->registerService('UserController', function (IContainer $c) {
return new UserController($c->query('AppName'), $c->query('Request'), $c->query('UserManager'), $c->query('GroupManager'), $c->query('UserSession'), $c->query('Config'), $c->query('IsAdmin'), $c->query('L10N'), $c->query('Logger'), $c->query('Defaults'), $c->query('Mailer'), $c->query('DefaultMailAddress'), $c->query('URLGenerator'), $c->query('OCP\\App\\IAppManager'), $c->query('SubAdminFactory'), $c->query('SharingGroupsController'));
});
/**
* Core class wrappers
*/
$container->registerService('Config', function (IContainer $c) {
return $c->query('ServerContainer')->getConfig();
});
$container->registerService('L10N', function (IContainer $c) {
return $c->query('ServerContainer')->getL10N('settings');
});
$container->registerService('GroupManager', function (IContainer $c) {
return $c->query('ServerContainer')->getGroupManager();
});
$container->registerService('UserManager', function (IContainer $c) {
return $c->query('ServerContainer')->getUserManager();
});
$container->registerService('UserSession', function (IContainer $c) {
return $c->query('ServerContainer')->getUserSession();
});
/** FIXME: Remove once OC_User is non-static and mockable */
$container->registerService('IsAdmin', function (IContainer $c) {
return \OC_User::isAdminUser(\OC_User::getUser());
});
/** FIXME: Remove once OC_SubAdmin is non-static and mockable */
$container->registerService('IsSubAdmin', function (IContainer $c) {
return \OC_Subadmin::isSubAdmin(\OC_User::getUser());
});
/** FIXME: Remove once OC_SubAdmin is non-static and mockable */
$container->registerService('SubAdminFactory', function (IContainer $c) {
return new SubAdminFactory();
});
$container->registerService('Mailer', function (IContainer $c) {
return $c->query('ServerContainer')->getMailer();
});
$container->registerService('Defaults', function (IContainer $c) {
return new \OC_Defaults();
});
$container->registerService('DefaultMailAddress', function (IContainer $c) {
return Util::getDefaultEmailAddress('no-reply');
});
$container->registerService('Logger', function (IContainer $c) {
return $c->query('ServerContainer')->getLogger();
});
$container->registerService('URLGenerator', function (IContainer $c) {
return $c->query('ServerContainer')->getURLGenerator();
});
$container->registerService('ClientService', function (IContainer $c) {
return $c->query('ServerContainer')->getHTTPClientService();
});
$container->registerService('INavigationManager', function (IContainer $c) {
return $c->query('ServerContainer')->getNavigationManager();
});
$container->registerService('IAppManager', function (IContainer $c) {
return $c->query('ServerContainer')->getAppManager();
});
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU AFFERO GENERAL PUBLIC
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
* Displays <a href="http://opensource.org/licenses/AGPL-3.0">GNU AFFERO GENERAL PUBLIC LICENSE</a>
* @license http://opensource.org/licenses/AGPL-3.0 GNU AFFERO GENERAL PUBLIC LICENSE
*
*/
include_once "user_otp/lib/utils.php";
$l = OC_L10N::get('settings');
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('user_otp');
OCP\JSON::callCheck();
if ($_POST && $_POST["uid"] && OC_User::isAdminUser(OCP\User::getUser())) {
OC_JSON::checkSubAdminUser();
$uid = $_POST["uid"];
} else {
$uid = OCP\User::getUser();
}
// Get data
$mOtp = new MultiOtpDb(OCP\Config::getAppValue('user_otp', 'EncryptionKey', 'DefaultCliEncryptionKey'));
$mOtp->EnableVerboseLog();
//$mOtp->SetDisplayLogOption(1);
if ($_POST && $_POST["otp_action"] === "delete_otp" && $mOtp->CheckUserExists($uid)) {
if ($mOtp->DeleteUser($uid)) {
OCP\JSON::success(array("data" => array("message" => $l->t("OTP Changed"))));
} else {
OCP\JSON::error(array("data" => array("message" => $l->t("check apps folder rights"))));
}
/**
* @NoAdminRequired
* @NoCSRFRequired
*/
public function Add()
{
\OCP\JSON::setContentTypeHeader('application/json');
if (isset($_POST['FILE']) && strlen($_POST['FILE']) > 0 && Tools::CheckURL($_POST['FILE']) && isset($_POST['OPTIONS'])) {
try {
if (!$this->AllowProtocolYT && !\OC_User::isAdminUser($this->CurrentUID)) {
throw new \Exception((string) $this->L10N->t('You are not allowed to use the YouTube protocol'));
}
$YouTube = new YouTube($this->YTDLBinary, $_POST['FILE']);
if (!is_null($this->ProxyAddress) && $this->ProxyPort > 0 && $this->ProxyPort <= 65536) {
$YouTube->SetProxy($this->ProxyAddress, $this->ProxyPort);
}
if (isset($_POST['OPTIONS']['YTForceIPv4']) && strcmp($_POST['OPTIONS']['YTForceIPv4'], 'false') == 0) {
$YouTube->SetForceIPv4(false);
}
// Extract Audio YES
if (isset($_POST['OPTIONS']['YTExtractAudio']) && strcmp($_POST['OPTIONS']['YTExtractAudio'], 'true') == 0) {
$VideoData = $YouTube->GetVideoData(true);
if (!isset($VideoData['AUDIO']) || !isset($VideoData['FULLNAME'])) {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Unable to retrieve true YouTube audio URL')));
}
$DL = array('URL' => $VideoData['AUDIO'], 'FILENAME' => Tools::CleanString($VideoData['FULLNAME']), 'TYPE' => 'YT Audio');
} else {
$VideoData = $YouTube->GetVideoData();
if (!isset($VideoData['VIDEO']) || !isset($VideoData['FULLNAME'])) {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Unable to retrieve true YouTube video URL')));
}
$DL = array('URL' => $VideoData['VIDEO'], 'FILENAME' => Tools::CleanString($VideoData['FULLNAME']), 'TYPE' => 'YT Video');
}
// If target file exists, create a new one
if (\OC\Files\Filesystem::file_exists($this->DownloadsFolder . '/' . $DL['FILENAME'])) {
$DL['FILENAME'] = time() . '_' . $DL['FILENAME'];
}
// Create the target file if the downloader is ARIA2
if ($this->WhichDownloader == 0) {
\OC\Files\Filesystem::touch($this->DownloadsFolder . '/' . $DL['FILENAME']);
} else {
if (!\OC\Files\Filesystem::is_dir($this->DownloadsFolder)) {
\OC\Files\Filesystem::mkdir($this->DownloadsFolder);
}
}
$OPTIONS = array('dir' => $this->AbsoluteDownloadsFolder, 'out' => $DL['FILENAME']);
if (!is_null($this->ProxyAddress) && $this->ProxyPort > 0 && $this->ProxyPort <= 65536) {
$OPTIONS['all-proxy'] = rtrim($this->ProxyAddress, '/') . ':' . $this->ProxyPort;
if (!is_null($this->ProxyUser) && !is_null($this->ProxyPasswd)) {
$OPTIONS['all-proxy-user'] = $this->ProxyUser;
$OPTIONS['all-proxy-passwd'] = $this->ProxyPasswd;
}
}
if (!is_null($this->MaxDownloadSpeed) && $this->MaxDownloadSpeed > 0) {
$OPTIONS['max-download-limit'] = $this->MaxDownloadSpeed . 'K';
}
$AddURI = $this->WhichDownloader == 0 ? Aria2::AddUri(array($DL['URL']), array('Params' => $OPTIONS)) : CURL::AddUri($DL['URL'], $OPTIONS);
if (isset($AddURI['result']) && !is_null($AddURI['result'])) {
$SQL = 'INSERT INTO `*PREFIX*ocdownloader_queue` (`UID`, `GID`, `FILENAME`, `PROTOCOL`, `STATUS`, `TIMESTAMP`) VALUES (?, ?, ?, ?, ?, ?)';
if ($this->DbType == 1) {
$SQL = 'INSERT INTO *PREFIX*ocdownloader_queue ("UID", "GID", "FILENAME", "PROTOCOL", "STATUS", "TIMESTAMP") VALUES (?, ?, ?, ?, ?, ?)';
}
$Query = \OCP\DB::prepare($SQL);
$Result = $Query->execute(array($this->CurrentUID, $AddURI['result'], $DL['FILENAME'], $DL['TYPE'], 1, time()));
sleep(1);
$Status = Aria2::TellStatus($AddURI['result']);
$Progress = 0;
if ($Status['result']['totalLength'] > 0) {
$Progress = $Status['result']['completedLength'] / $Status['result']['totalLength'];
}
$ProgressString = Tools::GetProgressString($Status['result']['completedLength'], $Status['result']['totalLength'], $Progress);
return new JSONResponse(array('ERROR' => false, 'MESSAGE' => (string) $this->L10N->t('Download started'), 'GID' => $AddURI['result'], 'PROGRESSVAL' => round($Progress * 100, 2) . '%', 'PROGRESS' => is_null($ProgressString) ? (string) $this->L10N->t('N/A') : $ProgressString, 'STATUS' => isset($Status['result']['status']) ? (string) $this->L10N->t(ucfirst($Status['result']['status'])) : (string) $this->L10N->t('N/A'), 'STATUSID' => Tools::GetDownloadStatusID($Status['result']['status']), 'SPEED' => isset($Status['result']['downloadSpeed']) ? Tools::FormatSizeUnits($Status['result']['downloadSpeed']) . '/s' : (string) $this->L10N->t('N/A'), 'FILENAME' => strlen($DL['FILENAME']) > 40 ? substr($DL['FILENAME'], 0, 40) . '...' : $DL['FILENAME'], 'PROTO' => $DL['TYPE'], 'ISTORRENT' => false));
} else {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Returned GID is null ! Is Aria2c running as a daemon ?')));
}
} catch (Exception $E) {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => $E->getMessage()));
}
} else {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Please check the URL you\'ve just provided')));
}
}
<?php
OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
$success = true;
$username = $_POST["username"];
$group = $_POST["group"];
if ($username == OC_User::getUser() && $group == "admin" && OC_User::isAdminUser($username)) {
$l = OC_L10N::get('core');
OC_JSON::error(array('data' => array('message' => $l->t('Admins can\'t remove themself from the admin group'))));
exit;
}
if (!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
$l = OC_L10N::get('core');
OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
if (!OC_Group::groupExists($group)) {
OC_Group::createGroup($group);
}
$l = OC_L10N::get('settings');
$error = $l->t("Unable to add user to group %s", $group);
$action = "add";
// Toggle group
if (OC_Group::inGroup($username, $group)) {
$action = "remove";
$error = $l->t("Unable to remove user from group %s", $group);
$success = OC_Group::removeFromGroup($username, $group);
$usersInGroup = OC_Group::usersInGroup($group);
if (count($usersInGroup) == 0) {
OC_Group::deleteGroup($group);
/**
* @param array $calendar
* @param string $userId
* @return boolean
*/
private static function isAllowedToDeleteCalendar($calendar)
{
$userId = OCP\User::getUser();
//in case it is called by command line or cron
if ($userId == '') {
return true;
}
if ($calendar['userid'] === $userId) {
return true;
}
if (OC_User::isAdminUser($userId)) {
return true;
}
if (OC_SubAdmin::isUserAccessible($userId, $calendar['userid'])) {
return true;
}
return false;
}
/**
* @param string $renderAs
* @param string $appId application id
*/
public function __construct($renderAs, $appId = '')
{
// yes - should be injected ....
$this->config = \OC::$server->getConfig();
// Decide which page we show
if ($renderAs == 'user') {
parent::__construct('core', 'layout.user');
if (in_array(OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) {
$this->assign('bodyid', 'body-settings');
} else {
$this->assign('bodyid', 'body-user');
}
// Update notification
if ($this->config->getSystemValue('updatechecker', true) === true && OC_User::isAdminUser(OC_User::getUser())) {
$updater = new \OC\Updater(\OC::$server->getHTTPHelper(), \OC::$server->getConfig());
$data = $updater->check();
if (isset($data['version']) && $data['version'] != '' and $data['version'] !== array()) {
$this->assign('updateAvailable', true);
$this->assign('updateVersion', $data['versionstring']);
$this->assign('updateLink', $data['web']);
\OCP\Util::addScript('core', 'update-notification');
} else {
$this->assign('updateAvailable', false);
// No update available or not an admin user
}
} else {
$this->assign('updateAvailable', false);
// Update check is disabled
}
// Add navigation entry
$this->assign('application', '');
$this->assign('appid', $appId);
$navigation = OC_App::getNavigation();
$this->assign('navigation', $navigation);
$settingsNavigation = OC_App::getSettingsNavigation();
$this->assign('settingsnavigation', $settingsNavigation);
foreach ($navigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
foreach ($settingsNavigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
$userDisplayName = OC_User::getDisplayName();
$this->assign('user_displayname', $userDisplayName);
$this->assign('user_uid', OC_User::getUser());
$this->assign('appsmanagement_active', strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0);
$this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true));
$this->assign('userAvatarSet', \OC_Helper::userAvatarSet(OC_User::getUser()));
} else {
if ($renderAs == 'error') {
parent::__construct('core', 'layout.guest', '', false);
$this->assign('bodyid', 'body-login');
} else {
if ($renderAs == 'guest') {
parent::__construct('core', 'layout.guest');
$this->assign('bodyid', 'body-login');
} else {
parent::__construct('core', 'layout.base');
}
}
}
// Send the language to our layouts
$this->assign('language', OC_L10N::findLanguage());
if (empty(self::$versionHash)) {
$v = OC_App::getAppVersions();
$v['core'] = implode('.', \OC_Util::getVersion());
self::$versionHash = md5(implode(',', $v));
}
$useAssetPipeline = self::isAssetPipelineEnabled();
if ($useAssetPipeline) {
$this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash)));
$this->generateAssets();
} else {
// Add the js files
$jsFiles = self::findJavascriptFiles(OC_Util::$scripts);
$this->assign('jsfiles', array(), false);
if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') {
$this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash)));
}
foreach ($jsFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
// Add the css files
$cssFiles = self::findStylesheetFiles(OC_Util::$styles);
$this->assign('cssfiles', array());
foreach ($cssFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
}
}
public static function changeUserPassword($args)
{
// Check if we are an user
\OC_JSON::callCheck();
\OC_JSON::checkLoggedIn();
$l = new \OC_L10n('settings');
if (isset($_POST['username'])) {
$username = $_POST['username'];
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('No user supplied'))));
exit;
}
$password = isset($_POST['password']) ? $_POST['password'] : null;
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
$isUserAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
if ($currentUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
}
if (\OC_User::isAdminUser(\OC_User::getUser())) {
$userstatus = 'admin';
} elseif ($isUserAccessible) {
$userstatus = 'subadmin';
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
if (\OC_App::isEnabled('encryption')) {
//handle the recovery case
$crypt = new \OCA\Encryption\Crypto\Crypt(\OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getL10N('encryption'));
$keyStorage = \OC::$server->getEncryptionKeyStorage();
$util = new \OCA\Encryption\Util(new \OC\Files\View(), $crypt, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getUserManager());
$keyManager = new \OCA\Encryption\KeyManager($keyStorage, $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), new \OCA\Encryption\Session(\OC::$server->getSession()), \OC::$server->getLogger(), $util);
$recovery = new \OCA\Encryption\Recovery(\OC::$server->getUserSession(), $crypt, \OC::$server->getSecureRandom(), $keyManager, \OC::$server->getConfig(), $keyStorage, \OC::$server->getEncryptionFilesHelper(), new \OC\Files\View());
$recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled();
$validRecoveryPassword = false;
$recoveryEnabledForUser = false;
if ($recoveryAdminEnabled) {
$validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword);
$recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username);
}
if ($recoveryEnabledForUser && $recoveryPassword === '') {
\OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost'))));
} elseif ($recoveryEnabledForUser && !$validRecoveryPassword) {
\OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.'))));
} else {
// now we know that everything is fine regarding the recovery password, let's try to change the password
$result = \OC_User::setPassword($username, $password, $recoveryPassword);
if (!$result && $recoveryEnabledForUser) {
\OC_JSON::error(array("data" => array("message" => $l->t("Backend doesn't support password change, but the user's encryption key was successfully updated."))));
} elseif (!$result && !$recoveryEnabledForUser) {
\OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password"))));
} else {
\OC_JSON::success(array("data" => array("username" => $username)));
}
}
} else {
// if encryption is disabled, proceed
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
\OC_JSON::success(array('data' => array('username' => $username)));
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password'))));
}
}
}
/**
* Check if the user is a admin, redirects to home if not
*
* @return void
*/
public static function checkAdminUser()
{
OC_Util::checkLoggedIn();
if (!OC_User::isAdminUser(OC_User::getUser())) {
header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php'));
exit;
}
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
OC_Util::checkLoggedIn();
// Load the files we need
OC_Util::addStyle("settings", "settings");
\OC::$server->getNavigationManager()->setActiveEntry('help');
if (isset($_GET['mode']) and $_GET['mode'] === 'admin') {
$url = \OCP\Util::linkToAbsolute('core', 'doc/admin/index.html');
$style1 = '';
$style2 = ' active';
} else {
$url = \OCP\Util::linkToAbsolute('core', 'doc/user/index.html');
$style1 = ' active';
$style2 = '';
}
$url1 = \OC::$server->getURLGenerator()->linkToRoute('settings_help') . '?mode=user';
$url2 = \OC::$server->getURLGenerator()->linkToRoute('settings_help') . '?mode=admin';
$tmpl = new OC_Template("settings", "help", "user");
$tmpl->assign("admin", OC_User::isAdminUser(OC_User::getUser()));
$tmpl->assign("url", $url);
$tmpl->assign("url1", $url1);
$tmpl->assign("url2", $url2);
$tmpl->assign("style1", $style1);
$tmpl->assign("style2", $style2);
$tmpl->printPage();
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
$username = isset($_POST["username"]) ? (string) $_POST["username"] : '';
if ($username === '' && !OC_User::isAdminUser(OC_User::getUser()) || !OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$l = \OC::$server->getL10N('core');
OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
//make sure the quota is in the expected format
$quota = (string) $_POST["quota"];
if ($quota !== 'none' and $quota !== 'default') {
$quota = OC_Helper::computerFileSize($quota);
$quota = OC_Helper::humanFileSize($quota);
}
// Return Success story
if ($username) {
\OC::$server->getConfig()->setUserValue($username, 'files', 'quota', $quota);
} else {
//set the default quota when no username is specified
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
$username = isset($_POST["username"]) ? (string) $_POST["username"] : '';
$isUserAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
if ($targetUserObject !== null && $currentUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
}
if ($username === '' && !OC_User::isAdminUser(OC_User::getUser()) || !OC_User::isAdminUser(OC_User::getUser()) && !$isUserAccessible) {
$l = \OC::$server->getL10N('core');
OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
//make sure the quota is in the expected format
$quota = (string) $_POST["quota"];
if ($quota !== 'none' and $quota !== 'default') {
$quota = OC_Helper::computerFileSize($quota);
$quota = OC_Helper::humanFileSize($quota);
}
// Return Success story
if ($username) {
$targetUserObject->setQuota($quota);
} else {
//set the default quota when no username is specified
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
// Check if we are a user
OCP\JSON::callCheck();
OC_JSON::checkLoggedIn();
$l = \OC::$server->getL10N('settings');
$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
$displayName = (string) $_POST["displayName"];
$userstatus = null;
if (OC_User::isAdminUser(OC_User::getUser())) {
$userstatus = 'admin';
}
$isUserAccessible = false;
$subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser());
$targetUserObject = \OC::$server->getUserManager()->get($username);
if ($subadminUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject);
}
if ($isUserAccessible) {
$userstatus = 'subadmin';
}
if ($username === OC_User::getUser() && OC_User::canUserChangeDisplayName($username)) {
$userstatus = 'changeOwnDisplayName';
}
if (is_null($userstatus)) {
/**
* @param string $renderAs
* @param string $appId application id
*/
public function __construct($renderAs, $appId = '')
{
// yes - should be injected ....
$this->config = \OC::$server->getConfig();
// Decide which page we show
if ($renderAs == 'user') {
parent::__construct('core', 'layout.user');
if (in_array(\OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) {
$this->assign('bodyid', 'body-settings');
} else {
$this->assign('bodyid', 'body-user');
}
// Code integrity notification
$integrityChecker = \OC::$server->getIntegrityCodeChecker();
if (\OC_User::isAdminUser(\OC_User::getUser()) && !$integrityChecker->hasPassedCheck()) {
\OCP\Util::addScript('core', 'integritycheck-failed-notification');
}
// Add navigation entry
$this->assign('application', '');
$this->assign('appid', $appId);
$navigation = \OC_App::getNavigation();
$this->assign('navigation', $navigation);
$settingsNavigation = \OC_App::getSettingsNavigation();
$this->assign('settingsnavigation', $settingsNavigation);
foreach ($navigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
foreach ($settingsNavigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
$userDisplayName = \OC_User::getDisplayName();
$appsMgmtActive = strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0;
if ($appsMgmtActive) {
$l = \OC::$server->getL10N('lib');
$this->assign('application', $l->t('Apps'));
}
$this->assign('user_displayname', $userDisplayName);
$this->assign('user_uid', \OC_User::getUser());
$this->assign('appsmanagement_active', $appsMgmtActive);
$this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true) === true);
if (\OC_User::getUser() === false) {
$this->assign('userAvatarSet', false);
} else {
$this->assign('userAvatarSet', \OC::$server->getAvatarManager()->getAvatar(\OC_User::getUser())->exists());
}
} else {
if ($renderAs == 'error') {
parent::__construct('core', 'layout.guest', '', false);
$this->assign('bodyid', 'body-login');
} else {
if ($renderAs == 'guest') {
parent::__construct('core', 'layout.guest');
$this->assign('bodyid', 'body-login');
} else {
parent::__construct('core', 'layout.base');
}
}
}
// Send the language to our layouts
$this->assign('language', \OC_L10N::findLanguage());
if (\OC::$server->getSystemConfig()->getValue('installed', false)) {
if (empty(self::$versionHash)) {
$v = \OC_App::getAppVersions();
$v['core'] = implode('.', \OCP\Util::getVersion());
self::$versionHash = md5(implode(',', $v));
}
} else {
self::$versionHash = md5('not installed');
}
$useAssetPipeline = self::isAssetPipelineEnabled();
if ($useAssetPipeline) {
$this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash]));
$this->generateAssets();
} else {
// Add the js files
$jsFiles = self::findJavascriptFiles(\OC_Util::$scripts);
$this->assign('jsfiles', array());
if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') {
$this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash]));
}
foreach ($jsFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
// Add the css files
$cssFiles = self::findStylesheetFiles(\OC_Util::$styles);
$this->assign('cssfiles', array());
foreach ($cssFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
}
}
/**
* Check if username given is admin
*
* @param string $username
* @return boolean
*/
public function isAdminUser($username)
{
return \OC_User::isAdminUser($username);
}
/**
* Returns the Settings Navigation
*
* @return string[]
*
* This function returns an array containing all settings pages added. The
* entries are sorted by the key 'order' ascending.
*/
public static function getSettingsNavigation()
{
$l = \OC::$server->getL10N('lib');
$urlGenerator = \OC::$server->getURLGenerator();
$settings = array();
// by default, settings only contain the help menu
if (OC_Util::getEditionString() === '' && \OC::$server->getSystemConfig()->getValue('knowledgebaseenabled', true) == true) {
$settings = array(array("id" => "help", "order" => 1000, "href" => $urlGenerator->linkToRoute('settings_help'), "name" => $l->t("Help"), "icon" => $urlGenerator->imagePath("settings", "help.svg")));
}
// if the user is logged-in
if (OC_User::isLoggedIn()) {
// personal menu
$settings[] = array("id" => "personal", "order" => 1, "href" => $urlGenerator->linkToRoute('settings_personal'), "name" => $l->t("Personal"), "icon" => $urlGenerator->imagePath("settings", "personal.svg"));
//SubAdmins are also allowed to access user management
$userObject = \OC::$server->getUserSession()->getUser();
$isSubAdmin = false;
if ($userObject !== null) {
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
}
if ($isSubAdmin) {
// admin users menu
$settings[] = array("id" => "core_users", "order" => 2, "href" => $urlGenerator->linkToRoute('settings_users'), "name" => $l->t("Users"), "icon" => $urlGenerator->imagePath("settings", "users.svg"));
}
// if the user is an admin
if (OC_User::isAdminUser(OC_User::getUser())) {
// admin settings
$settings[] = array("id" => "admin", "order" => 1000, "href" => $urlGenerator->linkToRoute('settings_admin'), "name" => $l->t("Admin"), "icon" => $urlGenerator->imagePath("settings", "admin.svg"));
}
}
$navigation = self::proceedNavigation($settings);
return $navigation;
}
