/** * returns a list of users * * @return OC_OCS_Result */ public function getUsers() { $search = !empty($_GET['search']) ? $_GET['search'] : ''; $limit = !empty($_GET['limit']) ? $_GET['limit'] : null; $offset = !empty($_GET['offset']) ? $_GET['offset'] : null; // Check if user is logged in $user = $this->userSession->getUser(); if ($user === null) { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); } // Admin? Or SubAdmin? if ($this->groupManager->isAdmin($user->getUID())) { $users = $this->userManager->search($search, $limit, $offset); } else { if (\OC_SubAdmin::isSubAdmin($user->getUID())) { $subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID()); if ($offset === null) { $offset = 0; } $users = []; foreach ($subAdminOfGroups as $group) { $users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search)); } $users = array_slice($users, $offset, $limit); } else { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); } } $users = array_keys($users); return new OC_OCS_Result(['users' => $users]); }
/** * returns an array of users in the group specified */ public static function getGroup($parameters) { // Check the group exists if (!OC_Group::groupExists($parameters['groupid'])) { return new OC_OCS_Result(null, \OC_API::RESPOND_NOT_FOUND, 'The requested group could not be found'); } // Check subadmin has access to this group if (\OC_User::isAdminUser(\OC_User::getUser()) || in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups(\OC_User::getUser()))) { return new OC_OCS_Result(array('users' => OC_Group::usersInGroup($parameters['groupid']))); } else { return new OC_OCS_Result(null, \OC_API::RESPOND_UNAUTHORISED, 'User does not have access to specified group'); } }
private function getAdministeredGroups() { $this->requireLogin(); if (class_exists('\\OC_SubAdmin', true)) { return \OC_SubAdmin::getSubAdminsGroups($this->getUserId()); } // Nextcloud 9 $subadmin = new \OC\SubAdmin(\OC::$server->getUserManager(), \OC::$server->getGroupManager(), \OC::$server->getDatabaseConnection()); $ocgroups = $subadmin->getSubAdminsGroups($this->user); $groups = array(); foreach ($ocgroups as $ocgroup) { $groups[] = $ocgroup->getGID(); } return $groups; }
/** * returns an array of users in the group specified */ public function getGroup($parameters) { // Check if user is logged in $user = $this->userSession->getUser(); if ($user === null) { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED); } // Check the group exists if (!$this->groupManager->groupExists($parameters['groupid'])) { return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested group could not be found'); } // Check subadmin has access to this group if ($this->groupManager->isAdmin($user->getUID()) || in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups($user->getUID()))) { $users = $this->groupManager->get($parameters['groupid'])->getUsers(); $users = array_map(function ($user) { return $user->getUID(); }, $users); $users = array_values($users); return new OC_OCS_Result(['users' => $users]); } else { return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED, 'User does not have access to specified group'); } }
if (isset($_POST["groups"])) { $groups = $_POST["groups"]; } } else { if (isset($_POST["groups"])) { $groups = array(); foreach ($_POST["groups"] as $group) { if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) { $groups[] = $group; } } if (count($groups) == 0) { $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); } } else { $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); } } $username = $_POST["username"]; $password = $_POST["password"]; // Does the group exist? if (in_array($username, OC_User::getUsers())) { OC_JSON::error(array("data" => array("message" => "User already exists"))); exit; } // Return Success story try { OC_User::createUser($username, $password); foreach ($groups as $i) { if (!OC_Group::groupExists($i)) { OC_Group::createGroup($i);
/** * @NoAdminRequired * * @param string $username * @param string $password * @param array $groups * @param string $email * @return DataResponse * * TODO: Tidy up and write unit tests - code is mainly static method calls */ public function create($username, $password, array $groups = array(), $email = '') { if ($email !== '' && !$this->mail->validateAddress($email)) { return new DataResponse(array('message' => (string) $this->l10n->t('Invalid mail address')), Http::STATUS_UNPROCESSABLE_ENTITY); } // TODO FIXME get rid of the static calls to OC_Subadmin if (!$this->isAdmin) { if (!empty($groups)) { foreach ($groups as $key => $group) { if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) { unset($groups[$key]); } } } if (empty($groups)) { $groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()); } } try { $user = $this->userManager->createUser($username, $password); } catch (\Exception $exception) { return new DataResponse(array('message' => (string) $this->l10n->t('Unable to create user.')), Http::STATUS_FORBIDDEN); } if ($user instanceof User) { if ($groups !== null) { foreach ($groups as $groupName) { $group = $this->groupManager->get($groupName); if (empty($group)) { $group = $this->groupManager->createGroup($groupName); } $group->addUser($user); } } /** * Send new user mail only if a mail is set */ if ($email !== '') { $this->config->setUserValue($username, 'settings', 'email', $email); // data for the mail template $mailData = array('username' => $username, 'url' => $this->urlGenerator->getAbsoluteURL('/')); $mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank'); $mailContent = $mail->render(); $mail = new TemplateResponse('settings', 'email.new_user_plain_text', $mailData, 'blank'); $plainTextMailContent = $mail->render(); $subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]); try { $this->mail->send($email, $username, $subject, $mailContent, $this->fromMailAddress, $this->defaults->getName(), 1, $plainTextMailContent); } catch (\Exception $e) { $this->log->error("Can't send new user mail to {$email}: " . $e->getMessage(), array('app' => 'settings')); } } // fetch users groups $userGroups = $this->groupManager->getUserGroupIds($user); return new DataResponse($this->formatUserForIndex($user, $userGroups), Http::STATUS_CREATED); } return new DataResponse(array('message' => (string) $this->l10n->t('Unable to create user.')), Http::STATUS_FORBIDDEN); }
/** * @param IUser $user * @param array $userGroups * @return array */ private function formatUserForIndex(IUser $user, array $userGroups = null) { // TODO: eliminate this encryption specific code below and somehow // hook in additional user info from other apps // recovery isn't possible if admin or user has it disabled and encryption // is enabled - so we eliminate the else paths in the conditional tree // below $restorePossible = false; if ($this->isEncryptionAppEnabled) { if ($this->isRestoreEnabled) { // check for the users recovery setting $recoveryMode = $this->config->getUserValue($user->getUID(), 'encryption', 'recoveryEnabled', '0'); // method call inside empty is possible with PHP 5.5+ $recoveryModeEnabled = !empty($recoveryMode); if ($recoveryModeEnabled) { // user also has recovery mode enabled $restorePossible = true; } } } else { // recovery is possible if encryption is disabled (plain files are // available) $restorePossible = true; } return ['name' => $user->getUID(), 'displayname' => $user->getDisplayName(), 'groups' => empty($userGroups) ? $this->groupManager->getUserGroupIds($user) : $userGroups, 'subadmin' => \OC_SubAdmin::getSubAdminsGroups($user->getUID()), 'quota' => $this->config->getUserValue($user->getUID(), 'files', 'quota', 'default'), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin() * 1000, 'backend' => $user->getBackendClassName(), 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', ''), 'isRestoreDisabled' => !$restorePossible]; }
$pattern = ''; } $users = array(); $userManager = \OC_User::getManager(); if (OC_User::isAdminUser(OC_User::getUser())) { if ($gid !== false) { $batch = OC_Group::displayNamesInGroup($gid, $pattern, $limit, $offset); } else { $batch = OC_User::getDisplayNames($pattern, $limit, $offset); } foreach ($batch as $uid => $displayname) { $user = $userManager->get($uid); $users[] = array('name' => $uid, 'displayname' => $displayname, 'groups' => join(', ', OC_Group::getUserGroups($uid)), 'subadmin' => join(', ', OC_SubAdmin::getSubAdminsGroups($uid)), 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin()); } } else { $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); if ($gid !== false && in_array($gid, $groups)) { $groups = array($gid); } elseif ($gid !== false) { //don't you try to investigate loops you must not know about $groups = array(); } $batch = OC_Group::usersInGroups($groups, $pattern, $limit, $offset); foreach ($batch as $uid) { $user = $userManager->get($uid); // Only add the groups, this user is a subadmin of $userGroups = array_intersect(OC_Group::getUserGroups($uid), OC_SubAdmin::getSubAdminsGroups(OC_User::getUser())); $users[] = array('name' => $uid, 'displayname' => $user->getDisplayName(), 'groups' => join(', ', $userGroups), 'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin()); } } OC_JSON::success(array('data' => $users));
OC_Util::addStyle('settings', 'settings'); OC_App::setActiveNavigationEntry('core_users'); $users = array(); $groups = array(); $isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin') ? true : false; if ($isadmin) { $accessiblegroups = OC_Group::getGroups(); $accessibleusers = OC_User::getUsers('', 30); $subadmins = OC_SubAdmin::getAllSubAdmins(); } else { $accessiblegroups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); $accessibleusers = OC_Group::usersInGroups($accessiblegroups, '', 30); $subadmins = false; } foreach ($accessibleusers as $i) { $users[] = array("name" => $i, "groups" => join(", ", OC_Group::getUserGroups($i)), 'quota' => OC_Preferences::getValue($i, 'files', 'quota', 'default'), 'subadmin' => implode(', ', OC_SubAdmin::getSubAdminsGroups($i))); } foreach ($accessiblegroups as $i) { // Do some more work here soon $groups[] = array("name" => $i); } $quotaPreset = OC_Appconfig::getValue('files', 'quota_preset', 'default,none,1 GB, 5 GB, 10 GB'); $quotaPreset = explode(',', $quotaPreset); foreach ($quotaPreset as &$preset) { $preset = trim($preset); } $defaultQuota = OC_Appconfig::getValue('files', 'default_quota', 'none'); $tmpl = new OC_Template("settings", "users", "user"); $tmpl->assign("users", $users); $tmpl->assign("groups", $groups); $tmpl->assign('isadmin', (int) $isadmin);
/** * returns the available groups * @param string $search a search string * @return \OC\Group\Group[] */ private function getGroups($search = '') { if ($this->isAdmin) { return $this->groupManager->search($search); } else { // FIXME: Remove static method call $groupIds = \OC_SubAdmin::getSubAdminsGroups($this->user); /* \OC_SubAdmin::getSubAdminsGroups() returns an array of GIDs, but this * method is expected to return an array with the GIDs as keys and group objects as * values, so we need to convert this information. */ $groups = array(); foreach ($groupIds as $gid) { $group = $this->groupManager->get($gid); if (!is_null($group)) { $groups[$gid] = $group; } } return $groups; } }
<?php OC_JSON::callCheck(); OC_JSON::checkSubAdminUser(); $userCount = 0; $currentUser = \OC::$server->getUserSession()->getUser()->getUID(); if (!OC_User::isAdminUser($currentUser)) { $groups = OC_SubAdmin::getSubAdminsGroups($currentUser); foreach ($groups as $group) { $userCount += count(OC_Group::usersInGroup($group)); } } else { $userCountArray = \OC::$server->getUserManager()->countUsers(); if (!empty($userCountArray)) { foreach ($userCountArray as $classname => $usercount) { $userCount += $usercount; } } } OC_JSON::success(array('count' => $userCount));
$quotaPreset = explode(',', $quotaPreset); foreach ($quotaPreset as &$preset) { $preset = trim($preset); } $quotaPreset = array_diff($quotaPreset, array('default', 'none')); $defaultQuota = OC_Appconfig::getValue('files', 'default_quota', 'none'); $defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false; // load users and quota foreach ($accessibleusers as $uid => $displayName) { $quota = OC_Preferences::getValue($uid, 'files', 'quota', 'default'); $isQuotaUserDefined = array_search($quota, $quotaPreset) === false && array_search($quota, array('none', 'default')) === false; $name = $displayName; if ($displayName !== $uid) { $name = $name . ' (' . $uid . ')'; } $users[] = array("name" => $uid, "displayName" => $displayName, "groups" => OC_Group::getUserGroups($uid), 'quota' => $quota, 'isQuotaUserDefined' => $isQuotaUserDefined, 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid)); } foreach ($accessiblegroups as $i) { // Do some more work here soon $groups[] = array("name" => $i); } $tmpl = new OC_Template("settings", "users", "user"); $tmpl->assign('users', $users); $tmpl->assign('groups', $groups); $tmpl->assign('isadmin', (int) $isadmin); $tmpl->assign('subadmins', $subadmins); $tmpl->assign('numofgroups', count($accessiblegroups)); $tmpl->assign('quota_preset', $quotaPreset); $tmpl->assign('default_quota', $defaultQuota); $tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined); $tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled);
$UserTokenSeed = ""; $UserLocked = ""; $UserAlgorithm = ""; $UserPin = ""; $UserPrefixPin = ""; //get otp information : $OtpExist = $mOtp->CheckUserExists($uid); if ($OtpExist) { $mOtp->SetUser($uid); $UserTokenSeed = base32_encode(hex2bin($mOtp->GetUserTokenSeed())); $UserLocked = $mOtp->GetUserLocked(); $UserAlgorithm = $mOtp->GetUserAlgorithm(); $UserPin = $mOtp->GetUserPin(); $UserPrefixPin = $mOtp->GetUserPrefixPin(); } $users[] = array("name" => $uid, "displayName" => $displayName, "groups" => OC_Group::getUserGroups($uid), 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid), 'OtpExist' => $OtpExist, 'UserTokenSeed' => $UserTokenSeed, 'UserLocked' => $UserLocked, 'UserAlgorithm' => $UserAlgorithm, 'UserPin' => $UserPin, 'UserPrefixPin' => $UserPrefixPin); } foreach ($accessiblegroups as $i) { // Do some more work here soon $groups[] = array("name" => $i); } $tmpl = new OC_Template("user_otp", "list_users", "user"); $tmpl->assign('PrefixPin', OCP\Config::getAppValue('user_otp', 'UserPrefixPin', '0') ? 1 : 0); $tmpl->assign('users', $users); $tmpl->assign('groups', $groups); $tmpl->assign('isadmin', (int) $isadmin); $tmpl->assign('subadmins', $subadmins); $tmpl->assign('numofgroups', count($accessiblegroups)); //~ $tmpl->assign( 'quota_preset', $quotaPreset); //~ $tmpl->assign( 'default_quota', $defaultQuota); //~ $tmpl->assign( 'defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined);
$quotaPreset = explode(',', $quotaPreset); foreach ($quotaPreset as &$preset) { $preset = trim($preset); } $quotaPreset = array_diff($quotaPreset, array('default', 'none')); $defaultQuota = OC_Appconfig::getValue('files', 'default_quota', 'none'); $defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false; // load users and quota foreach ($accessibleUsers as $uid => $displayName) { $quota = OC_Preferences::getValue($uid, 'files', 'quota', 'default'); $isQuotaUserDefined = array_search($quota, $quotaPreset) === false && array_search($quota, array('none', 'default')) === false; $name = $displayName; if ($displayName !== $uid) { $name = $name . ' (' . $uid . ')'; } $user = $userManager->get($uid); $users[] = array("name" => $uid, "displayName" => $displayName, "groups" => OC_Group::getUserGroups($uid), 'quota' => $quota, 'isQuotaUserDefined' => $isQuotaUserDefined, 'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid), 'storageLocation' => $user->getHome(), 'lastLogin' => $user->getLastLogin()); } $tmpl = new OC_Template("settings", "users/main", "user"); $tmpl->assign('users', $users); $tmpl->assign('groups', $groups); $tmpl->assign('adminGroup', $adminGroup); $tmpl->assign('isAdmin', (int) $isAdmin); $tmpl->assign('subadmins', $subadmins); $tmpl->assign('numofgroups', count($groups) + count($adminGroup)); $tmpl->assign('quota_preset', $quotaPreset); $tmpl->assign('default_quota', $defaultQuota); $tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined); $tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled); $tmpl->assign('enableAvatars', \OC::$server->getConfig()->getSystemValue('enable_avatars', true)); $tmpl->printPage();
/** * Get the groups $uid is SubAdmin of * @param string $uid * @return array Array of groups that $uid is subadmin of */ function getSubAdminsOfGroups($uid) { return \OC_SubAdmin::getSubAdminsGroups($uid); }
/** * returns the available groups * @param string $search a search string * @return \OC\Group\Group[] */ private function getGroups($search = '') { if ($this->isAdmin) { return $this->groupManager->search($search); } else { return \OC_SubAdmin::getSubAdminsGroups($this->user); } }