/**
* returns a list of users
*
* @return OC_OCS_Result
*/
public function getUsers()
{
$search = !empty($_GET['search']) ? $_GET['search'] : '';
$limit = !empty($_GET['limit']) ? $_GET['limit'] : null;
$offset = !empty($_GET['offset']) ? $_GET['offset'] : null;
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Admin? Or SubAdmin?
if ($this->groupManager->isAdmin($user->getUID())) {
$users = $this->userManager->search($search, $limit, $offset);
} else {
if (\OC_SubAdmin::isSubAdmin($user->getUID())) {
$subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID());
if ($offset === null) {
$offset = 0;
}
$users = [];
foreach ($subAdminOfGroups as $group) {
$users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search));
}
$users = array_slice($users, $offset, $limit);
} else {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
}
$users = array_keys($users);
return new OC_OCS_Result(['users' => $users]);
}
/**
* returns an array of users in the group specified
*/
public static function getGroup($parameters)
{
// Check the group exists
if (!OC_Group::groupExists($parameters['groupid'])) {
return new OC_OCS_Result(null, \OC_API::RESPOND_NOT_FOUND, 'The requested group could not be found');
}
// Check subadmin has access to this group
if (\OC_User::isAdminUser(\OC_User::getUser()) || in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups(\OC_User::getUser()))) {
return new OC_OCS_Result(array('users' => OC_Group::usersInGroup($parameters['groupid'])));
} else {
return new OC_OCS_Result(null, \OC_API::RESPOND_UNAUTHORISED, 'User does not have access to specified group');
}
}
private function getAdministeredGroups()
{
$this->requireLogin();
if (class_exists('\\OC_SubAdmin', true)) {
return \OC_SubAdmin::getSubAdminsGroups($this->getUserId());
}
// Nextcloud 9
$subadmin = new \OC\SubAdmin(\OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->getDatabaseConnection());
$ocgroups = $subadmin->getSubAdminsGroups($this->user);
$groups = array();
foreach ($ocgroups as $ocgroup) {
$groups[] = $ocgroup->getGID();
}
return $groups;
}
/**
* returns an array of users in the group specified
*/
public function getGroup($parameters)
{
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Check the group exists
if (!$this->groupManager->groupExists($parameters['groupid'])) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested group could not be found');
}
// Check subadmin has access to this group
if ($this->groupManager->isAdmin($user->getUID()) || in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups($user->getUID()))) {
$users = $this->groupManager->get($parameters['groupid'])->getUsers();
$users = array_map(function ($user) {
return $user->getUID();
}, $users);
$users = array_values($users);
return new OC_OCS_Result(['users' => $users]);
} else {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED, 'User does not have access to specified group');
}
}
if (isset($_POST["groups"])) {
$groups = $_POST["groups"];
}
} else {
if (isset($_POST["groups"])) {
$groups = array();
foreach ($_POST["groups"] as $group) {
if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) {
$groups[] = $group;
}
}
if (count($groups) == 0) {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
}
$username = $_POST["username"];
$password = $_POST["password"];
// Does the group exist?
if (in_array($username, OC_User::getUsers())) {
OC_JSON::error(array("data" => array("message" => "User already exists")));
exit;
}
// Return Success story
try {
OC_User::createUser($username, $password);
foreach ($groups as $i) {
if (!OC_Group::groupExists($i)) {
OC_Group::createGroup($i);
/**
* @NoAdminRequired
*
* @param string $username
* @param string $password
* @param array $groups
* @param string $email
* @return DataResponse
*
* TODO: Tidy up and write unit tests - code is mainly static method calls
*/
public function create($username, $password, array $groups = array(), $email = '')
{
if ($email !== '' && !$this->mail->validateAddress($email)) {
return new DataResponse(array('message' => (string) $this->l10n->t('Invalid mail address')), Http::STATUS_UNPROCESSABLE_ENTITY);
}
// TODO FIXME get rid of the static calls to OC_Subadmin
if (!$this->isAdmin) {
if (!empty($groups)) {
foreach ($groups as $key => $group) {
if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) {
unset($groups[$key]);
}
}
}
if (empty($groups)) {
$groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID());
}
}
try {
$user = $this->userManager->createUser($username, $password);
} catch (\Exception $exception) {
return new DataResponse(array('message' => (string) $this->l10n->t('Unable to create user.')), Http::STATUS_FORBIDDEN);
}
if ($user instanceof User) {
if ($groups !== null) {
foreach ($groups as $groupName) {
$group = $this->groupManager->get($groupName);
if (empty($group)) {
$group = $this->groupManager->createGroup($groupName);
}
$group->addUser($user);
}
}
/**
* Send new user mail only if a mail is set
*/
if ($email !== '') {
$this->config->setUserValue($username, 'settings', 'email', $email);
// data for the mail template
$mailData = array('username' => $username, 'url' => $this->urlGenerator->getAbsoluteURL('/'));
$mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank');
$mailContent = $mail->render();
$mail = new TemplateResponse('settings', 'email.new_user_plain_text', $mailData, 'blank');
$plainTextMailContent = $mail->render();
$subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]);
try {
$this->mail->send($email, $username, $subject, $mailContent, $this->fromMailAddress, $this->defaults->getName(), 1, $plainTextMailContent);
} catch (\Exception $e) {
$this->log->error("Can't send new user mail to {$email}: " . $e->getMessage(), array('app' => 'settings'));
}
}
// fetch users groups
$userGroups = $this->groupManager->getUserGroupIds($user);
return new DataResponse($this->formatUserForIndex($user, $userGroups), Http::STATUS_CREATED);
}
return new DataResponse(array('message' => (string) $this->l10n->t('Unable to create user.')), Http::STATUS_FORBIDDEN);
}
/**
* @param IUser $user
* @param array $userGroups
* @return array
*/
private function formatUserForIndex(IUser $user, array $userGroups = null)
{
// TODO: eliminate this encryption specific code below and somehow
// hook in additional user info from other apps
// recovery isn't possible if admin or user has it disabled and encryption
// is enabled - so we eliminate the else paths in the conditional tree
// below
$restorePossible = false;
if ($this->isEncryptionAppEnabled) {
if ($this->isRestoreEnabled) {
// check for the users recovery setting
$recoveryMode = $this->config->getUserValue($user->getUID(), 'encryption', 'recoveryEnabled', '0');
// method call inside empty is possible with PHP 5.5+
$recoveryModeEnabled = !empty($recoveryMode);
if ($recoveryModeEnabled) {
// user also has recovery mode enabled
$restorePossible = true;
}
}
} else {
// recovery is possible if encryption is disabled (plain files are
// available)
$restorePossible = true;
}
return ['name' => $user->getUID(), 'displayname' => $user->getDisplayName(), 'groups' => empty($userGroups) ? $this->groupManager->getUserGroupIds($user) : $userGroups, 'subadmin' => \OC_SubAdmin::getSubAdminsGroups($user->getUID()), 'quota' => $this->config->getUserValue($user->getUID(), 'files', 'quota', 'default'), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin() * 1000, 'backend' => $user->getBackendClassName(), 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', ''), 'isRestoreDisabled' => !$restorePossible];
}
$pattern = '';
}
$users = array();
$userManager = \OC_User::getManager();
if (OC_User::isAdminUser(OC_User::getUser())) {
if ($gid !== false) {
$batch = OC_Group::displayNamesInGroup($gid, $pattern, $limit, $offset);
} else {
$batch = OC_User::getDisplayNames($pattern, $limit, $offset);
}
foreach ($batch as $uid => $displayname) {
$user = $userManager->get($uid);
$users[] = array('name' => $uid, 'displayname' => $displayname, 'groups' => join(', ', OC_Group::getUserGroups($uid)), 'subadmin' => join(', ', OC_SubAdmin::getSubAdminsGroups($uid)), 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin());
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
if ($gid !== false && in_array($gid, $groups)) {
$groups = array($gid);
} elseif ($gid !== false) {
//don't you try to investigate loops you must not know about
$groups = array();
}
$batch = OC_Group::usersInGroups($groups, $pattern, $limit, $offset);
foreach ($batch as $uid) {
$user = $userManager->get($uid);
// Only add the groups, this user is a subadmin of
$userGroups = array_intersect(OC_Group::getUserGroups($uid), OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()));
$users[] = array('name' => $uid, 'displayname' => $user->getDisplayName(), 'groups' => join(', ', $userGroups), 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin());
}
}
OC_JSON::success(array('data' => $users));
OC_Util::addStyle('settings', 'settings');
OC_App::setActiveNavigationEntry('core_users');
$users = array();
$groups = array();
$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin') ? true : false;
if ($isadmin) {
$accessiblegroups = OC_Group::getGroups();
$accessibleusers = OC_User::getUsers('', 30);
$subadmins = OC_SubAdmin::getAllSubAdmins();
} else {
$accessiblegroups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
$accessibleusers = OC_Group::usersInGroups($accessiblegroups, '', 30);
$subadmins = false;
}
foreach ($accessibleusers as $i) {
$users[] = array("name" => $i, "groups" => join(", ", OC_Group::getUserGroups($i)), 'quota' => OC_Preferences::getValue($i, 'files', 'quota', 'default'), 'subadmin' => implode(', ', OC_SubAdmin::getSubAdminsGroups($i)));
}
foreach ($accessiblegroups as $i) {
// Do some more work here soon
$groups[] = array("name" => $i);
}
$quotaPreset = OC_Appconfig::getValue('files', 'quota_preset', 'default,none,1 GB, 5 GB, 10 GB');
$quotaPreset = explode(',', $quotaPreset);
foreach ($quotaPreset as &$preset) {
$preset = trim($preset);
}
$defaultQuota = OC_Appconfig::getValue('files', 'default_quota', 'none');
$tmpl = new OC_Template("settings", "users", "user");
$tmpl->assign("users", $users);
$tmpl->assign("groups", $groups);
$tmpl->assign('isadmin', (int) $isadmin);
/**
* returns the available groups
* @param string $search a search string
* @return \OC\Group\Group[]
*/
private function getGroups($search = '')
{
if ($this->isAdmin) {
return $this->groupManager->search($search);
} else {
// FIXME: Remove static method call
$groupIds = \OC_SubAdmin::getSubAdminsGroups($this->user);
/* \OC_SubAdmin::getSubAdminsGroups() returns an array of GIDs, but this
* method is expected to return an array with the GIDs as keys and group objects as
* values, so we need to convert this information.
*/
$groups = array();
foreach ($groupIds as $gid) {
$group = $this->groupManager->get($gid);
if (!is_null($group)) {
$groups[$gid] = $group;
}
}
return $groups;
}
}
<?php
OC_JSON::callCheck();
OC_JSON::checkSubAdminUser();
$userCount = 0;
$currentUser = \OC::$server->getUserSession()->getUser()->getUID();
if (!OC_User::isAdminUser($currentUser)) {
$groups = OC_SubAdmin::getSubAdminsGroups($currentUser);
foreach ($groups as $group) {
$userCount += count(OC_Group::usersInGroup($group));
}
} else {
$userCountArray = \OC::$server->getUserManager()->countUsers();
if (!empty($userCountArray)) {
foreach ($userCountArray as $classname => $usercount) {
$userCount += $usercount;
}
}
}
OC_JSON::success(array('count' => $userCount));
$quotaPreset = explode(',', $quotaPreset);
foreach ($quotaPreset as &$preset) {
$preset = trim($preset);
}
$quotaPreset = array_diff($quotaPreset, array('default', 'none'));
$defaultQuota = OC_Appconfig::getValue('files', 'default_quota', 'none');
$defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false;
// load users and quota
foreach ($accessibleusers as $uid => $displayName) {
$quota = OC_Preferences::getValue($uid, 'files', 'quota', 'default');
$isQuotaUserDefined = array_search($quota, $quotaPreset) === false && array_search($quota, array('none', 'default')) === false;
$name = $displayName;
if ($displayName !== $uid) {
$name = $name . ' (' . $uid . ')';
}
$users[] = array("name" => $uid, "displayName" => $displayName, "groups" => OC_Group::getUserGroups($uid), 'quota' => $quota, 'isQuotaUserDefined' => $isQuotaUserDefined, 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid));
}
foreach ($accessiblegroups as $i) {
// Do some more work here soon
$groups[] = array("name" => $i);
}
$tmpl = new OC_Template("settings", "users", "user");
$tmpl->assign('users', $users);
$tmpl->assign('groups', $groups);
$tmpl->assign('isadmin', (int) $isadmin);
$tmpl->assign('subadmins', $subadmins);
$tmpl->assign('numofgroups', count($accessiblegroups));
$tmpl->assign('quota_preset', $quotaPreset);
$tmpl->assign('default_quota', $defaultQuota);
$tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined);
$tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled);
$UserTokenSeed = "";
$UserLocked = "";
$UserAlgorithm = "";
$UserPin = "";
$UserPrefixPin = "";
//get otp information :
$OtpExist = $mOtp->CheckUserExists($uid);
if ($OtpExist) {
$mOtp->SetUser($uid);
$UserTokenSeed = base32_encode(hex2bin($mOtp->GetUserTokenSeed()));
$UserLocked = $mOtp->GetUserLocked();
$UserAlgorithm = $mOtp->GetUserAlgorithm();
$UserPin = $mOtp->GetUserPin();
$UserPrefixPin = $mOtp->GetUserPrefixPin();
}
$users[] = array("name" => $uid, "displayName" => $displayName, "groups" => OC_Group::getUserGroups($uid), 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid), 'OtpExist' => $OtpExist, 'UserTokenSeed' => $UserTokenSeed, 'UserLocked' => $UserLocked, 'UserAlgorithm' => $UserAlgorithm, 'UserPin' => $UserPin, 'UserPrefixPin' => $UserPrefixPin);
}
foreach ($accessiblegroups as $i) {
// Do some more work here soon
$groups[] = array("name" => $i);
}
$tmpl = new OC_Template("user_otp", "list_users", "user");
$tmpl->assign('PrefixPin', OCP\Config::getAppValue('user_otp', 'UserPrefixPin', '0') ? 1 : 0);
$tmpl->assign('users', $users);
$tmpl->assign('groups', $groups);
$tmpl->assign('isadmin', (int) $isadmin);
$tmpl->assign('subadmins', $subadmins);
$tmpl->assign('numofgroups', count($accessiblegroups));
//~ $tmpl->assign( 'quota_preset', $quotaPreset);
//~ $tmpl->assign( 'default_quota', $defaultQuota);
//~ $tmpl->assign( 'defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined);
$quotaPreset = explode(',', $quotaPreset);
foreach ($quotaPreset as &$preset) {
$preset = trim($preset);
}
$quotaPreset = array_diff($quotaPreset, array('default', 'none'));
$defaultQuota = OC_Appconfig::getValue('files', 'default_quota', 'none');
$defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false;
// load users and quota
foreach ($accessibleUsers as $uid => $displayName) {
$quota = OC_Preferences::getValue($uid, 'files', 'quota', 'default');
$isQuotaUserDefined = array_search($quota, $quotaPreset) === false && array_search($quota, array('none', 'default')) === false;
$name = $displayName;
if ($displayName !== $uid) {
$name = $name . ' (' . $uid . ')';
}
$user = $userManager->get($uid);
$users[] = array("name" => $uid, "displayName" => $displayName, "groups" => OC_Group::getUserGroups($uid), 'quota' => $quota, 'isQuotaUserDefined' => $isQuotaUserDefined, 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin());
}
$tmpl = new OC_Template("settings", "users/main", "user");
$tmpl->assign('users', $users);
$tmpl->assign('groups', $groups);
$tmpl->assign('adminGroup', $adminGroup);
$tmpl->assign('isAdmin', (int) $isAdmin);
$tmpl->assign('subadmins', $subadmins);
$tmpl->assign('numofgroups', count($groups) + count($adminGroup));
$tmpl->assign('quota_preset', $quotaPreset);
$tmpl->assign('default_quota', $defaultQuota);
$tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined);
$tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled);
$tmpl->assign('enableAvatars', \OC::$server->getConfig()->getSystemValue('enable_avatars', true));
$tmpl->printPage();
/**
* Get the groups $uid is SubAdmin of
* @param string $uid
* @return array Array of groups that $uid is subadmin of
*/
function getSubAdminsOfGroups($uid)
{
return \OC_SubAdmin::getSubAdminsGroups($uid);
}
/**
* returns the available groups
* @param string $search a search string
* @return \OC\Group\Group[]
*/
private function getGroups($search = '')
{
if ($this->isAdmin) {
return $this->groupManager->search($search);
} else {
return \OC_SubAdmin::getSubAdminsGroups($this->user);
}
}
