public function __construct($AppName, IRequest $Request, $CurrentUID, IL10N $L10N) { parent::__construct($AppName, $Request); $this->CurrentUID = $CurrentUID; $this->L10N = $L10N; if (strcmp(Config::getSystemValue('dbtype'), 'pgsql') == 0) { $this->DbType = 1; } $this->CanCheckForUpdate = Tools::CanCheckForUpdate(); $this->Settings = new Settings(); $this->Settings->SetKey('WhichDownloader'); $this->WhichDownloader = $this->Settings->GetValue(); $this->WhichDownloader = is_null($this->WhichDownloader) ? 'ARIA2' : $this->WhichDownloader; $this->Settings->SetKey('AllowProtocolHTTP'); $this->AllowProtocolHTTP = $this->Settings->GetValue(); $this->AllowProtocolHTTP = is_null($this->AllowProtocolHTTP) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolHTTP, 'Y') == 0; $this->Settings->SetKey('AllowProtocolFTP'); $this->AllowProtocolFTP = $this->Settings->GetValue(); $this->AllowProtocolFTP = is_null($this->AllowProtocolFTP) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolFTP, 'Y') == 0; $this->Settings->SetKey('AllowProtocolYT'); $this->AllowProtocolYT = $this->Settings->GetValue(); $this->AllowProtocolYT = is_null($this->AllowProtocolYT) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolYT, 'Y') == 0; $this->Settings->SetKey('AllowProtocolBT'); $this->AllowProtocolBT = $this->Settings->GetValue(); $this->AllowProtocolBT = is_null($this->AllowProtocolBT) || \OC_User::isAdminUser($this->CurrentUID) ? true : strcmp($this->AllowProtocolBT, 'Y') == 0; }
/** * Check if the user is a admin, send json error msg if not */ public static function checkAdminUser() { if (!OC_User::isAdminUser(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } }
/** * Check if the user is a admin, send json error msg if not. * @deprecated Use annotation based ACLs from the AppFramework instead */ public static function checkAdminUser() { if (!OC_User::isAdminUser(OC_User::getUser())) { $l = \OC::$server->getL10N('lib'); self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error'))); exit; } }
public static function Add($URL) { try { self::Load(); $URL = urldecode($URL); if (Tools::CheckURL($URL)) { if (preg_match('/^https{0,1}:\\/\\/www\\.youtube\\.com\\/watch\\?v=.*$/', $URL) == 1) { if (!self::$AllowProtocolYT && !\OC_User::isAdminUser(self::$CurrentUID)) { return array('ERROR' => true, 'MESSAGE' => 'Notallowedtouseprotocolyt'); } $YouTube = new YouTube(self::$YTDLBinary, $URL); if (!is_null(self::$ProxyAddress) && self::$ProxyPort > 0 && self::$ProxyPort <= 65536) { $YouTube->SetProxy(self::$ProxyAddress, self::$ProxyPort); } $VideoData = $YouTube->GetVideoData(); if (!isset($VideoData['VIDEO']) || !isset($VideoData['FULLNAME'])) { return array('ERROR' => true, 'MESSAGE' => 'UnabletoretrievetrueYouTubevideoURL'); } $DL = array('URL' => $VideoData['VIDEO'], 'FILENAME' => Tools::CleanString($VideoData['FULLNAME']), 'PROTO' => 'Video'); } else { if (!self::$AllowProtocolHTTP && !\OC_User::isAdminUser(self::$CurrentUID) && Tools::StartsWith(strtolower($URL), 'http')) { return array('ERROR' => true, 'MESSAGE' => 'Notallowedtouseprotocolhttp'); } elseif (!self::$AllowProtocolFTP && !\OC_User::isAdminUser(self::$CurrentUID) && Tools::StartsWith(strtolower($URL), 'ftp')) { return array('ERROR' => true, 'MESSAGE' => 'Notallowedtouseprotocolftp'); } $DL = array('URL' => $URL, 'FILENAME' => Tools::CleanString(substr($URL, strrpos($URL, '/') + 1)), 'PROTO' => strtoupper(substr($URL, 0, strpos($URL, ':')))); } $OPTIONS = array('dir' => self::$AbsoluteDownloadsFolder, 'out' => $DL['FILENAME'], 'follow-torrent' => false); if (!is_null(self::$ProxyAddress) && self::$ProxyPort > 0 && self::$ProxyPort <= 65536) { $OPTIONS['all-proxy'] = rtrim(self::$ProxyAddress, '/') . ':' . self::$ProxyPort; if (!is_null(self::$ProxyUser) && !is_null(self::$ProxyPasswd)) { $OPTIONS['all-proxy-user'] = self::$ProxyUser; $OPTIONS['all-proxy-passwd'] = self::$ProxyPasswd; } } $AddURI = self::$WhichDownloader == 0 ? Aria2::AddUri(array($DL['URL']), array('Params' => $OPTIONS)) : CURL::AddUri($DL['URL'], $OPTIONS); if (isset($AddURI['result']) && !is_null($AddURI['result'])) { $SQL = 'INSERT INTO `*PREFIX*ocdownloader_queue` (`UID`, `GID`, `FILENAME`, `PROTOCOL`, `IS_CLEANED`, `STATUS`, `TIMESTAMP`) VALUES (?, ?, ?, ?, ?, ?, ?)'; if (self::$DbType == 1) { $SQL = 'INSERT INTO *PREFIX*ocdownloader_queue ("UID", "GID", "FILENAME", "PROTOCOL", "IS_CLEANED", "STATUS", "TIMESTAMP") VALUES (?, ?, ?, ?, ?, ?, ?)'; } $Query = \OCP\DB::prepare($SQL); $Result = $Query->execute(array(self::$CurrentUID, $AddURI['result'], $DL['FILENAME'], strcmp($DL['PROTO'], 'Video') == 0 ? 'YT ' . (string) self::$L10N->t('Video') : $DL['PROTO'], 1, 1, time())); return array('ERROR' => false, 'FILENAME' => $DL['FILENAME']); } else { return array('ERROR' => true, 'MESSAGE' => 'ReturnedGIDisnullIsAria2crunningasadaemon'); } } else { return array('ERROR' => true, 'MESSAGE' => 'InvalidURL'); } } catch (Exception $E) { return array('ERROR' => true, 'MESSAGE' => 'Unabletolaunchthedownload'); } }
/** * returns an array of users in the group specified */ public static function getGroup($parameters) { // Check the group exists if (!OC_Group::groupExists($parameters['groupid'])) { return new OC_OCS_Result(null, \OC_API::RESPOND_NOT_FOUND, 'The requested group could not be found'); } // Check subadmin has access to this group if (\OC_User::isAdminUser(\OC_User::getUser()) || in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups(\OC_User::getUser()))) { return new OC_OCS_Result(array('users' => OC_Group::usersInGroup($parameters['groupid']))); } else { return new OC_OCS_Result(null, \OC_API::RESPOND_UNAUTHORISED, 'User does not have access to specified group'); } }
public static function getUserPrivatekey($parameters) { $user = OC_User::getUser(); if (OC_User::isAdminUser($user) or $user == $parameters['user']) { if (OC_User::userExists($user)) { // calculate the disc space $txt = 'this is the private key of ' . $parameters['user']; echo $txt; } else { return new OC_OCS_Result(null, 300, 'User does not exist'); } } else { return new OC_OCS_Result('null', 300, 'You don´t have permission to access this ressource.'); } }
public static function deleteComment($id) { if (!USER_CONVERSATIONS_CAN_DELETE) { return false; } $query = OCP\DB::prepare('SELECT author FROM *PREFIX*conversations WHERE id = ?'); $result = $query->execute(array($id))->fetch(); $uid = OC_User::getUser(); if ($result['author'] == $uid || OC_User::isAdminUser($uid)) { $query = OCP\DB::prepare('DELETE FROM *PREFIX*conversations WHERE id = ?'); $query->execute(array($id)); return true; } else { return false; } }
/** * gets user info * * exposes the quota of an user: * <data> * <quota> * <free>1234</free> * <used>4321</used> * <total>5555</total> * <ralative>0.78</ralative> * </quota> * </data> * * @param array $parameters should contain parameter 'userid' which identifies * the user from whom the information will be returned */ public static function getUser($parameters) { $return = array(); // Check if they are viewing information on themselves if ($parameters['userid'] === OC_User::getUser()) { // Self lookup $storage = OC_Helper::getStorageInfo('/'); $return['quota'] = array('free' => $storage['free'], 'used' => $storage['used'], 'total' => $storage['total'], 'relative' => $storage['relative']); } if (OC_User::isAdminUser(OC_User::getUser()) || OC_Subadmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) { if (OC_User::userExists($parameters['userid'])) { // Is an admin/subadmin so can see display name $return['displayname'] = OC_User::getDisplayName($parameters['userid']); } else { return new OC_OCS_Result(null, 101); } } if (count($return)) { return new OC_OCS_Result($return); } else { // No permission to view this user data return new OC_OCS_Result(null, 997); } }
// Set the content type to Javascript header("Content-type: text/javascript"); // Disallow caching header("Cache-Control: no-cache, must-revalidate"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Enable l10n support $l = \OC::$server->getL10N('core'); // Enable OC_Defaults support $defaults = new OC_Defaults(); // Get the config $apps_paths = array(); foreach (OC_App::getEnabledApps() as $app) { $apps_paths[$app] = OC_App::getAppWebPath($app); } $config = \OC::$server->getConfig(); $value = $config->getAppValue('core', 'shareapi_default_expire_date', 'no'); $defaultExpireDateEnabled = $value === 'yes' ? true : false; $defaultExpireDate = $enforceDefaultExpireDate = null; if ($defaultExpireDateEnabled) { $defaultExpireDate = (int) $config->getAppValue('core', 'shareapi_expire_after_n_days', '7'); $value = $config->getAppValue('core', 'shareapi_enforce_expire_date', 'no'); $enforceDefaultExpireDate = $value === 'yes' ? true : false; } $outgoingServer2serverShareEnabled = $config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'yes'; $array = array("oc_debug" => defined('DEBUG') && DEBUG ? 'true' : 'false', "oc_isadmin" => OC_User::isAdminUser(OC_User::getUser()) ? 'true' : 'false', "oc_webroot" => "\"" . OC::$WEBROOT . "\"", "oc_appswebroots" => str_replace('\\/', '/', json_encode($apps_paths)), "datepickerFormatDate" => json_encode($l->getDateFormat()), "dayNames" => json_encode(array((string) $l->t('Sunday'), (string) $l->t('Monday'), (string) $l->t('Tuesday'), (string) $l->t('Wednesday'), (string) $l->t('Thursday'), (string) $l->t('Friday'), (string) $l->t('Saturday'))), "monthNames" => json_encode(array((string) $l->t('January'), (string) $l->t('February'), (string) $l->t('March'), (string) $l->t('April'), (string) $l->t('May'), (string) $l->t('June'), (string) $l->t('July'), (string) $l->t('August'), (string) $l->t('September'), (string) $l->t('October'), (string) $l->t('November'), (string) $l->t('December'))), "firstDay" => json_encode($l->getFirstWeekDay()), "oc_config" => json_encode(array('session_lifetime' => min(\OCP\Config::getSystemValue('session_lifetime', ini_get('session.gc_maxlifetime')), ini_get('session.gc_maxlifetime')), 'session_keepalive' => \OCP\Config::getSystemValue('session_keepalive', true), 'version' => implode('.', OC_Util::getVersion()), 'versionstring' => OC_Util::getVersionString(), 'enable_avatars' => \OC::$server->getConfig()->getSystemValue('enable_avatars', true))), "oc_appconfig" => json_encode(array("core" => array('defaultExpireDateEnabled' => $defaultExpireDateEnabled, 'defaultExpireDate' => $defaultExpireDate, 'defaultExpireDateEnforced' => $enforceDefaultExpireDate, 'enforcePasswordForPublicLink' => \OCP\Util::isPublicLinkPasswordRequired(), 'sharingDisabledForUser' => \OCP\Util::isSharingDisabledForUser(), 'resharingAllowed' => \OCP\Share::isResharingAllowed(), 'remoteShareAllowed' => $outgoingServer2serverShareEnabled, 'federatedCloudShareDoc' => \OC::$server->getURLGenerator()->linkToDocs('user-sharing-federated')))), "oc_defaults" => json_encode(array('entity' => $defaults->getEntity(), 'name' => $defaults->getName(), 'title' => $defaults->getTitle(), 'baseUrl' => $defaults->getBaseUrl(), 'syncClientUrl' => $defaults->getSyncClientUrl(), 'docBaseUrl' => $defaults->getDocBaseUrl(), 'slogan' => $defaults->getSlogan(), 'logoClaim' => $defaults->getLogoClaim(), 'shortFooter' => $defaults->getShortFooter(), 'longFooter' => $defaults->getLongFooter()))); // Allow hooks to modify the output values OC_Hook::emit('\\OCP\\Config', 'js', array('array' => &$array)); // Echo it foreach ($array as $setting => $value) { echo "var " . $setting . "=" . $value . ";\n"; }
/** * @return boolean */ function isAdminUser() { $uid = $this->getUserId(); return \OC_User::isAdminUser($uid); }
/** * @param array $urlParams */ public function __construct(array $urlParams = []) { parent::__construct('settings', $urlParams); $container = $this->getContainer(); /** * Controllers */ $container->registerService('MailSettingsController', function (IContainer $c) { return new MailSettingsController($c->query('AppName'), $c->query('Request'), $c->query('L10N'), $c->query('Config'), $c->query('UserSession'), $c->query('Defaults'), $c->query('Mailer'), $c->query('DefaultMailAddress')); }); $container->registerService('EncryptionController', function (IContainer $c) { return new EncryptionController($c->query('AppName'), $c->query('Request'), $c->query('L10N'), $c->query('Config'), $c->query('DatabaseConnection'), $c->query('UserManager'), new View(), $c->query('Logger')); }); $container->registerService('AppSettingsController', function (IContainer $c) { return new AppSettingsController($c->query('AppName'), $c->query('Request'), $c->query('L10N'), $c->query('Config'), $c->query('ICacheFactory'), $c->query('INavigationManager'), $c->query('IAppManager'), $c->query('OcsClient')); }); $container->registerService('AuthSettingsController', function (IContainer $c) { return new AuthSettingsController($c->query('AppName'), $c->query('Request'), $c->query('ServerContainer')->query('OC\\Authentication\\Token\\IProvider'), $c->query('UserManager'), $c->query('ServerContainer')->getSession(), $c->query('ServerContainer')->getSecureRandom(), $c->query('UserId')); }); $container->registerService('SecuritySettingsController', function (IContainer $c) { return new SecuritySettingsController($c->query('AppName'), $c->query('Request'), $c->query('Config')); }); $container->registerService('CertificateController', function (IContainer $c) { return new CertificateController($c->query('AppName'), $c->query('Request'), $c->query('CertificateManager'), $c->query('SystemCertificateManager'), $c->query('L10N'), $c->query('IAppManager')); }); $container->registerService('GroupsController', function (IContainer $c) { return new GroupsController($c->query('AppName'), $c->query('Request'), $c->query('GroupManager'), $c->query('UserSession'), $c->query('IsAdmin'), $c->query('L10N')); }); $container->registerService('UsersController', function (IContainer $c) { return new UsersController($c->query('AppName'), $c->query('Request'), $c->query('UserManager'), $c->query('GroupManager'), $c->query('UserSession'), $c->query('Config'), $c->query('IsAdmin'), $c->query('L10N'), $c->query('Logger'), $c->query('Defaults'), $c->query('Mailer'), $c->query('DefaultMailAddress'), $c->query('URLGenerator'), $c->query('OCP\\App\\IAppManager'), $c->query('OCP\\IAvatarManager')); }); $container->registerService('LogSettingsController', function (IContainer $c) { return new LogSettingsController($c->query('AppName'), $c->query('Request'), $c->query('Config'), $c->query('L10N')); }); $container->registerService('CheckSetupController', function (IContainer $c) { return new CheckSetupController($c->query('AppName'), $c->query('Request'), $c->query('Config'), $c->query('ClientService'), $c->query('URLGenerator'), $c->query('Util'), $c->query('L10N'), $c->query('Checker')); }); /** * Middleware */ $container->registerService('SubadminMiddleware', function (IContainer $c) { return new SubadminMiddleware($c->query('ControllerMethodReflector'), $c->query('IsSubAdmin')); }); // Execute middlewares $container->registerMiddleware('SubadminMiddleware'); /** * Core class wrappers */ $container->registerService('Config', function (IContainer $c) { return $c->query('ServerContainer')->getConfig(); }); $container->registerService('ICacheFactory', function (IContainer $c) { return $c->query('ServerContainer')->getMemCacheFactory(); }); $container->registerService('L10N', function (IContainer $c) { return $c->query('ServerContainer')->getL10N('settings'); }); $container->registerService('GroupManager', function (IContainer $c) { return $c->query('ServerContainer')->getGroupManager(); }); $container->registerService('UserManager', function (IContainer $c) { return $c->query('ServerContainer')->getUserManager(); }); $container->registerService('UserSession', function (IContainer $c) { return $c->query('ServerContainer')->getUserSession(); }); /** FIXME: Remove once OC_User is non-static and mockable */ $container->registerService('IsAdmin', function (IContainer $c) { return \OC_User::isAdminUser(\OC_User::getUser()); }); /** FIXME: Remove once OC_SubAdmin is non-static and mockable */ $container->registerService('IsSubAdmin', function (IContainer $c) { $userObject = \OC::$server->getUserSession()->getUser(); $isSubAdmin = false; if ($userObject !== null) { $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); } return $isSubAdmin; }); $container->registerService('Mailer', function (IContainer $c) { return $c->query('ServerContainer')->getMailer(); }); $container->registerService('Defaults', function (IContainer $c) { return new \OC_Defaults(); }); $container->registerService('DefaultMailAddress', function (IContainer $c) { return Util::getDefaultEmailAddress('no-reply'); }); $container->registerService('Logger', function (IContainer $c) { return $c->query('ServerContainer')->getLogger(); }); $container->registerService('URLGenerator', function (IContainer $c) { return $c->query('ServerContainer')->getURLGenerator(); }); $container->registerService('ClientService', function (IContainer $c) { return $c->query('ServerContainer')->getHTTPClientService(); }); $container->registerService('INavigationManager', function (IContainer $c) { return $c->query('ServerContainer')->getNavigationManager(); }); $container->registerService('IAppManager', function (IContainer $c) { return $c->query('ServerContainer')->getAppManager(); }); $container->registerService('OcsClient', function (IContainer $c) { return $c->query('ServerContainer')->getOcsClient(); }); $container->registerService('Util', function (IContainer $c) { return new \OC_Util(); }); $container->registerService('DatabaseConnection', function (IContainer $c) { return $c->query('ServerContainer')->getDatabaseConnection(); }); $container->registerService('CertificateManager', function (IContainer $c) { return $c->query('ServerContainer')->getCertificateManager(); }); $container->registerService('SystemCertificateManager', function (IContainer $c) { return $c->query('ServerContainer')->getCertificateManager(null); }); $container->registerService('Checker', function (IContainer $c) { /** @var Server $server */ $server = $c->query('ServerContainer'); return $server->getIntegrityCodeChecker(); }); }
/** * authenticate the api call * @param array $action the action details as supplied to OC_API::register() * @return bool */ private static function isAuthorised($action) { $level = $action['authlevel']; switch ($level) { case API::GUEST_AUTH: // Anyone can access return true; case API::USER_AUTH: // User required return self::loginUser(); case API::SUBADMIN_AUTH: // Check for subadmin $user = self::loginUser(); if (!$user) { return false; } else { $userObject = \OC::$server->getUserSession()->getUser(); if ($userObject === null) { return false; } $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); $admin = OC_User::isAdminUser($user); if ($isSubAdmin || $admin) { return true; } else { return false; } } case API::ADMIN_AUTH: // Check for admin $user = self::loginUser(); if (!$user) { return false; } else { return OC_User::isAdminUser($user); } default: // oops looks like invalid level supplied return false; } }
/** * Returns the Settings Navigation * @return string * * This function returns an array containing all settings pages added. The * entries are sorted by the key 'order' ascending. */ public static function getSettingsNavigation() { $l = \OC::$server->getL10N('lib'); $settings = array(); // by default, settings only contain the help menu if (OC_Util::getEditionString() === '' && OC_Config::getValue('knowledgebaseenabled', true) == true) { $settings = array(array("id" => "help", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_help"), "name" => $l->t("Help"), "icon" => OC_Helper::imagePath("settings", "help.svg"))); } // if the user is logged-in if (OC_User::isLoggedIn()) { // personal menu $settings[] = array("id" => "personal", "order" => 1, "href" => OC_Helper::linkToRoute("settings_personal"), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath("settings", "personal.svg")); // if there are some settings forms if (!empty(self::$settingsForms)) { // settings menu $settings[] = array("id" => "settings", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_settings"), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath("settings", "settings.svg")); } //SubAdmins are also allowed to access user management if (OC_SubAdmin::isSubAdmin(OC_User::getUser())) { // admin users menu $settings[] = array("id" => "core_users", "order" => 2, "href" => OC_Helper::linkToRoute("settings_users"), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath("settings", "users.svg")); } // if the user is an admin if (OC_User::isAdminUser(OC_User::getUser())) { // admin settings $settings[] = array("id" => "admin", "order" => 1000, "href" => OC_Helper::linkToRoute("settings_admin"), "name" => $l->t("Admin"), "icon" => OC_Helper::imagePath("settings", "admin.svg")); } } $navigation = self::proceedNavigation($settings); return $navigation; }
*/ OC_Util::checkSubAdminUser(); OC_App::setActiveNavigationEntry('core_users'); $userManager = \OC_User::getManager(); $groupManager = \OC_Group::getManager(); // Set the sort option: SORT_USERCOUNT or SORT_GROUPNAME $sortGroupsBy = \OC\Group\MetaData::SORT_USERCOUNT; if (\OC_App::isEnabled('user_ldap')) { $isLDAPUsed = $groupManager->isBackendUsed('\\OCA\\user_ldap\\GROUP_LDAP') || $groupManager->isBackendUsed('\\OCA\\user_ldap\\Group_Proxy'); if ($isLDAPUsed) { // LDAP user count can be slow, so we sort by group name here $sortGroupsBy = \OC\Group\MetaData::SORT_GROUPNAME; } } $config = \OC::$server->getConfig(); $isAdmin = OC_User::isAdminUser(OC_User::getUser()); $groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager); $groupsInfo->setSorting($sortGroupsBy); list($adminGroup, $groups) = $groupsInfo->get(); $recoveryAdminEnabled = OC_App::isEnabled('encryption') && $config->getAppValue('encryption', 'recoveryAdminEnabled', null); if ($isAdmin) { $subadmins = OC_SubAdmin::getAllSubAdmins(); } else { /* Retrieve group IDs from $groups array, so we can pass that information into OC_Group::displayNamesInGroups() */ $gids = array(); foreach ($groups as $group) { if (isset($group['id'])) { $gids[] = $group['id']; } } $subadmins = false;
/** * authenticate the api call * @param array $action the action details as supplied to OC_API::register() * @return bool */ private static function isAuthorised($action) { $level = $action['authlevel']; switch ($level) { case API::GUEST_AUTH: // Anyone can access return true; break; case API::USER_AUTH: // User required return self::loginUser(); break; case API::SUBADMIN_AUTH: // Check for subadmin $user = self::loginUser(); if (!$user) { return false; } else { $subAdmin = OC_SubAdmin::isSubAdmin($user); $admin = OC_User::isAdminUser($user); if ($subAdmin || $admin) { return true; } else { return false; } } break; case API::ADMIN_AUTH: // Check for admin $user = self::loginUser(); if (!$user) { return false; } else { return OC_User::isAdminUser($user); } break; default: // oops looks like invalid level supplied return false; break; } }
public function __construct(array $urlParams = array()) { parent::__construct('sharing_group', $urlParams); $container = $this->getContainer(); $container->registerService('UserHooks', function ($c) { return new UserHooks($c->query('ServerContainer')->getUserManager()); }); $container->registerService('ActivityApplication', function ($c) { return new \OCA\Activity\AppInfo\Application(); }); $container->registerService('Hooks', function (IContainer $c) { return new FilesHooks($c->query('ActivityApplication')->getContainer()->query('ActivityData'), $c->query('ActivityApplication')->getContainer()->query('UserSettings'), $c->query('ActivityApplication')->getContainer()->query('CurrentUID')); }); $container->registerService('GroupData', function (IContainer $c) { return new Data(); }); $container->registerService('CurrentUID', function (IContainer $c) { $server = $c->query('ServerContainer'); $user = $server->getUserSession()->getUser(); return $user ? $user->getUID() : ''; }); $container->registerService('SharingGroupsController', function (IContainer $c) { return new SharingGroupsController($c->query('AppName'), $c->query('Request'), $c->query('GroupData'), $c->query('CurrentUID')); }); $container->registerService('SettingsApplication', function (IContainer $c) { return new \OC\Settings\Application(); }); $container->registerService('SharingGroupL10N', function (IContainer $c) { return $c->query('ServerContainer')->getL10N('sharing_group'); }); $container->registerService('UserController', function (IContainer $c) { return new UserController($c->query('AppName'), $c->query('Request'), $c->query('UserManager'), $c->query('GroupManager'), $c->query('UserSession'), $c->query('Config'), $c->query('IsAdmin'), $c->query('L10N'), $c->query('Logger'), $c->query('Defaults'), $c->query('Mailer'), $c->query('DefaultMailAddress'), $c->query('URLGenerator'), $c->query('OCP\\App\\IAppManager'), $c->query('SubAdminFactory'), $c->query('SharingGroupsController')); }); /** * Core class wrappers */ $container->registerService('Config', function (IContainer $c) { return $c->query('ServerContainer')->getConfig(); }); $container->registerService('L10N', function (IContainer $c) { return $c->query('ServerContainer')->getL10N('settings'); }); $container->registerService('GroupManager', function (IContainer $c) { return $c->query('ServerContainer')->getGroupManager(); }); $container->registerService('UserManager', function (IContainer $c) { return $c->query('ServerContainer')->getUserManager(); }); $container->registerService('UserSession', function (IContainer $c) { return $c->query('ServerContainer')->getUserSession(); }); /** FIXME: Remove once OC_User is non-static and mockable */ $container->registerService('IsAdmin', function (IContainer $c) { return \OC_User::isAdminUser(\OC_User::getUser()); }); /** FIXME: Remove once OC_SubAdmin is non-static and mockable */ $container->registerService('IsSubAdmin', function (IContainer $c) { return \OC_Subadmin::isSubAdmin(\OC_User::getUser()); }); /** FIXME: Remove once OC_SubAdmin is non-static and mockable */ $container->registerService('SubAdminFactory', function (IContainer $c) { return new SubAdminFactory(); }); $container->registerService('Mailer', function (IContainer $c) { return $c->query('ServerContainer')->getMailer(); }); $container->registerService('Defaults', function (IContainer $c) { return new \OC_Defaults(); }); $container->registerService('DefaultMailAddress', function (IContainer $c) { return Util::getDefaultEmailAddress('no-reply'); }); $container->registerService('Logger', function (IContainer $c) { return $c->query('ServerContainer')->getLogger(); }); $container->registerService('URLGenerator', function (IContainer $c) { return $c->query('ServerContainer')->getURLGenerator(); }); $container->registerService('ClientService', function (IContainer $c) { return $c->query('ServerContainer')->getHTTPClientService(); }); $container->registerService('INavigationManager', function (IContainer $c) { return $c->query('ServerContainer')->getNavigationManager(); }); $container->registerService('IAppManager', function (IContainer $c) { return $c->query('ServerContainer')->getAppManager(); }); }
* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU AFFERO GENERAL PUBLIC * License along with this library. If not, see <http://www.gnu.org/licenses/>. * Displays <a href="http://opensource.org/licenses/AGPL-3.0">GNU AFFERO GENERAL PUBLIC LICENSE</a> * @license http://opensource.org/licenses/AGPL-3.0 GNU AFFERO GENERAL PUBLIC LICENSE * */ include_once "user_otp/lib/utils.php"; $l = OC_L10N::get('settings'); OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('user_otp'); OCP\JSON::callCheck(); if ($_POST && $_POST["uid"] && OC_User::isAdminUser(OCP\User::getUser())) { OC_JSON::checkSubAdminUser(); $uid = $_POST["uid"]; } else { $uid = OCP\User::getUser(); } // Get data $mOtp = new MultiOtpDb(OCP\Config::getAppValue('user_otp', 'EncryptionKey', 'DefaultCliEncryptionKey')); $mOtp->EnableVerboseLog(); //$mOtp->SetDisplayLogOption(1); if ($_POST && $_POST["otp_action"] === "delete_otp" && $mOtp->CheckUserExists($uid)) { if ($mOtp->DeleteUser($uid)) { OCP\JSON::success(array("data" => array("message" => $l->t("OTP Changed")))); } else { OCP\JSON::error(array("data" => array("message" => $l->t("check apps folder rights")))); }
/** * @NoAdminRequired * @NoCSRFRequired */ public function Add() { \OCP\JSON::setContentTypeHeader('application/json'); if (isset($_POST['FILE']) && strlen($_POST['FILE']) > 0 && Tools::CheckURL($_POST['FILE']) && isset($_POST['OPTIONS'])) { try { if (!$this->AllowProtocolYT && !\OC_User::isAdminUser($this->CurrentUID)) { throw new \Exception((string) $this->L10N->t('You are not allowed to use the YouTube protocol')); } $YouTube = new YouTube($this->YTDLBinary, $_POST['FILE']); if (!is_null($this->ProxyAddress) && $this->ProxyPort > 0 && $this->ProxyPort <= 65536) { $YouTube->SetProxy($this->ProxyAddress, $this->ProxyPort); } if (isset($_POST['OPTIONS']['YTForceIPv4']) && strcmp($_POST['OPTIONS']['YTForceIPv4'], 'false') == 0) { $YouTube->SetForceIPv4(false); } // Extract Audio YES if (isset($_POST['OPTIONS']['YTExtractAudio']) && strcmp($_POST['OPTIONS']['YTExtractAudio'], 'true') == 0) { $VideoData = $YouTube->GetVideoData(true); if (!isset($VideoData['AUDIO']) || !isset($VideoData['FULLNAME'])) { return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Unable to retrieve true YouTube audio URL'))); } $DL = array('URL' => $VideoData['AUDIO'], 'FILENAME' => Tools::CleanString($VideoData['FULLNAME']), 'TYPE' => 'YT Audio'); } else { $VideoData = $YouTube->GetVideoData(); if (!isset($VideoData['VIDEO']) || !isset($VideoData['FULLNAME'])) { return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Unable to retrieve true YouTube video URL'))); } $DL = array('URL' => $VideoData['VIDEO'], 'FILENAME' => Tools::CleanString($VideoData['FULLNAME']), 'TYPE' => 'YT Video'); } // If target file exists, create a new one if (\OC\Files\Filesystem::file_exists($this->DownloadsFolder . '/' . $DL['FILENAME'])) { $DL['FILENAME'] = time() . '_' . $DL['FILENAME']; } // Create the target file if the downloader is ARIA2 if ($this->WhichDownloader == 0) { \OC\Files\Filesystem::touch($this->DownloadsFolder . '/' . $DL['FILENAME']); } else { if (!\OC\Files\Filesystem::is_dir($this->DownloadsFolder)) { \OC\Files\Filesystem::mkdir($this->DownloadsFolder); } } $OPTIONS = array('dir' => $this->AbsoluteDownloadsFolder, 'out' => $DL['FILENAME']); if (!is_null($this->ProxyAddress) && $this->ProxyPort > 0 && $this->ProxyPort <= 65536) { $OPTIONS['all-proxy'] = rtrim($this->ProxyAddress, '/') . ':' . $this->ProxyPort; if (!is_null($this->ProxyUser) && !is_null($this->ProxyPasswd)) { $OPTIONS['all-proxy-user'] = $this->ProxyUser; $OPTIONS['all-proxy-passwd'] = $this->ProxyPasswd; } } if (!is_null($this->MaxDownloadSpeed) && $this->MaxDownloadSpeed > 0) { $OPTIONS['max-download-limit'] = $this->MaxDownloadSpeed . 'K'; } $AddURI = $this->WhichDownloader == 0 ? Aria2::AddUri(array($DL['URL']), array('Params' => $OPTIONS)) : CURL::AddUri($DL['URL'], $OPTIONS); if (isset($AddURI['result']) && !is_null($AddURI['result'])) { $SQL = 'INSERT INTO `*PREFIX*ocdownloader_queue` (`UID`, `GID`, `FILENAME`, `PROTOCOL`, `STATUS`, `TIMESTAMP`) VALUES (?, ?, ?, ?, ?, ?)'; if ($this->DbType == 1) { $SQL = 'INSERT INTO *PREFIX*ocdownloader_queue ("UID", "GID", "FILENAME", "PROTOCOL", "STATUS", "TIMESTAMP") VALUES (?, ?, ?, ?, ?, ?)'; } $Query = \OCP\DB::prepare($SQL); $Result = $Query->execute(array($this->CurrentUID, $AddURI['result'], $DL['FILENAME'], $DL['TYPE'], 1, time())); sleep(1); $Status = Aria2::TellStatus($AddURI['result']); $Progress = 0; if ($Status['result']['totalLength'] > 0) { $Progress = $Status['result']['completedLength'] / $Status['result']['totalLength']; } $ProgressString = Tools::GetProgressString($Status['result']['completedLength'], $Status['result']['totalLength'], $Progress); return new JSONResponse(array('ERROR' => false, 'MESSAGE' => (string) $this->L10N->t('Download started'), 'GID' => $AddURI['result'], 'PROGRESSVAL' => round($Progress * 100, 2) . '%', 'PROGRESS' => is_null($ProgressString) ? (string) $this->L10N->t('N/A') : $ProgressString, 'STATUS' => isset($Status['result']['status']) ? (string) $this->L10N->t(ucfirst($Status['result']['status'])) : (string) $this->L10N->t('N/A'), 'STATUSID' => Tools::GetDownloadStatusID($Status['result']['status']), 'SPEED' => isset($Status['result']['downloadSpeed']) ? Tools::FormatSizeUnits($Status['result']['downloadSpeed']) . '/s' : (string) $this->L10N->t('N/A'), 'FILENAME' => strlen($DL['FILENAME']) > 40 ? substr($DL['FILENAME'], 0, 40) . '...' : $DL['FILENAME'], 'PROTO' => $DL['TYPE'], 'ISTORRENT' => false)); } else { return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Returned GID is null ! Is Aria2c running as a daemon ?'))); } } catch (Exception $E) { return new JSONResponse(array('ERROR' => true, 'MESSAGE' => $E->getMessage())); } } else { return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Please check the URL you\'ve just provided'))); } }
<?php OC_JSON::checkSubAdminUser(); OCP\JSON::callCheck(); $success = true; $username = $_POST["username"]; $group = $_POST["group"]; if ($username == OC_User::getUser() && $group == "admin" && OC_User::isAdminUser($username)) { $l = OC_L10N::get('core'); OC_JSON::error(array('data' => array('message' => $l->t('Admins can\'t remove themself from the admin group')))); exit; } if (!OC_User::isAdminUser(OC_User::getUser()) && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) { $l = OC_L10N::get('core'); OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } if (!OC_Group::groupExists($group)) { OC_Group::createGroup($group); } $l = OC_L10N::get('settings'); $error = $l->t("Unable to add user to group %s", $group); $action = "add"; // Toggle group if (OC_Group::inGroup($username, $group)) { $action = "remove"; $error = $l->t("Unable to remove user from group %s", $group); $success = OC_Group::removeFromGroup($username, $group); $usersInGroup = OC_Group::usersInGroup($group); if (count($usersInGroup) == 0) { OC_Group::deleteGroup($group);
/** * @param array $calendar * @param string $userId * @return boolean */ private static function isAllowedToDeleteCalendar($calendar) { $userId = OCP\User::getUser(); //in case it is called by command line or cron if ($userId == '') { return true; } if ($calendar['userid'] === $userId) { return true; } if (OC_User::isAdminUser($userId)) { return true; } if (OC_SubAdmin::isUserAccessible($userId, $calendar['userid'])) { return true; } return false; }
/** * @param string $renderAs * @param string $appId application id */ public function __construct($renderAs, $appId = '') { // yes - should be injected .... $this->config = \OC::$server->getConfig(); // Decide which page we show if ($renderAs == 'user') { parent::__construct('core', 'layout.user'); if (in_array(OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) { $this->assign('bodyid', 'body-settings'); } else { $this->assign('bodyid', 'body-user'); } // Update notification if ($this->config->getSystemValue('updatechecker', true) === true && OC_User::isAdminUser(OC_User::getUser())) { $updater = new \OC\Updater(\OC::$server->getHTTPHelper(), \OC::$server->getConfig()); $data = $updater->check(); if (isset($data['version']) && $data['version'] != '' and $data['version'] !== array()) { $this->assign('updateAvailable', true); $this->assign('updateVersion', $data['versionstring']); $this->assign('updateLink', $data['web']); \OCP\Util::addScript('core', 'update-notification'); } else { $this->assign('updateAvailable', false); // No update available or not an admin user } } else { $this->assign('updateAvailable', false); // Update check is disabled } // Add navigation entry $this->assign('application', ''); $this->assign('appid', $appId); $navigation = OC_App::getNavigation(); $this->assign('navigation', $navigation); $settingsNavigation = OC_App::getSettingsNavigation(); $this->assign('settingsnavigation', $settingsNavigation); foreach ($navigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } foreach ($settingsNavigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } $userDisplayName = OC_User::getDisplayName(); $this->assign('user_displayname', $userDisplayName); $this->assign('user_uid', OC_User::getUser()); $this->assign('appsmanagement_active', strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0); $this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true)); $this->assign('userAvatarSet', \OC_Helper::userAvatarSet(OC_User::getUser())); } else { if ($renderAs == 'error') { parent::__construct('core', 'layout.guest', '', false); $this->assign('bodyid', 'body-login'); } else { if ($renderAs == 'guest') { parent::__construct('core', 'layout.guest'); $this->assign('bodyid', 'body-login'); } else { parent::__construct('core', 'layout.base'); } } } // Send the language to our layouts $this->assign('language', OC_L10N::findLanguage()); if (empty(self::$versionHash)) { $v = OC_App::getAppVersions(); $v['core'] = implode('.', \OC_Util::getVersion()); self::$versionHash = md5(implode(',', $v)); } $useAssetPipeline = self::isAssetPipelineEnabled(); if ($useAssetPipeline) { $this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash))); $this->generateAssets(); } else { // Add the js files $jsFiles = self::findJavascriptFiles(OC_Util::$scripts); $this->assign('jsfiles', array(), false); if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') { $this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash))); } foreach ($jsFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash); } // Add the css files $cssFiles = self::findStylesheetFiles(OC_Util::$styles); $this->assign('cssfiles', array()); foreach ($cssFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash); } } }
public static function changeUserPassword($args) { // Check if we are an user \OC_JSON::callCheck(); \OC_JSON::checkLoggedIn(); $l = new \OC_L10n('settings'); if (isset($_POST['username'])) { $username = $_POST['username']; } else { \OC_JSON::error(array('data' => array('message' => $l->t('No user supplied')))); exit; } $password = isset($_POST['password']) ? $_POST['password'] : null; $recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null; $isUserAccessible = false; $currentUserObject = \OC::$server->getUserSession()->getUser(); $targetUserObject = \OC::$server->getUserManager()->get($username); if ($currentUserObject !== null && $targetUserObject !== null) { $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject); } if (\OC_User::isAdminUser(\OC_User::getUser())) { $userstatus = 'admin'; } elseif ($isUserAccessible) { $userstatus = 'subadmin'; } else { \OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } if (\OC_App::isEnabled('encryption')) { //handle the recovery case $crypt = new \OCA\Encryption\Crypto\Crypt(\OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getL10N('encryption')); $keyStorage = \OC::$server->getEncryptionKeyStorage(); $util = new \OCA\Encryption\Util(new \OC\Files\View(), $crypt, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getUserManager()); $keyManager = new \OCA\Encryption\KeyManager($keyStorage, $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), new \OCA\Encryption\Session(\OC::$server->getSession()), \OC::$server->getLogger(), $util); $recovery = new \OCA\Encryption\Recovery(\OC::$server->getUserSession(), $crypt, \OC::$server->getSecureRandom(), $keyManager, \OC::$server->getConfig(), $keyStorage, \OC::$server->getEncryptionFilesHelper(), new \OC\Files\View()); $recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled(); $validRecoveryPassword = false; $recoveryEnabledForUser = false; if ($recoveryAdminEnabled) { $validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword); $recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username); } if ($recoveryEnabledForUser && $recoveryPassword === '') { \OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost')))); } elseif ($recoveryEnabledForUser && !$validRecoveryPassword) { \OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.')))); } else { // now we know that everything is fine regarding the recovery password, let's try to change the password $result = \OC_User::setPassword($username, $password, $recoveryPassword); if (!$result && $recoveryEnabledForUser) { \OC_JSON::error(array("data" => array("message" => $l->t("Backend doesn't support password change, but the user's encryption key was successfully updated.")))); } elseif (!$result && !$recoveryEnabledForUser) { \OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password")))); } else { \OC_JSON::success(array("data" => array("username" => $username))); } } } else { // if encryption is disabled, proceed if (!is_null($password) && \OC_User::setPassword($username, $password)) { \OC_JSON::success(array('data' => array('username' => $username))); } else { \OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password')))); } } }
/** * Check if the user is a admin, redirects to home if not * * @return void */ public static function checkAdminUser() { OC_Util::checkLoggedIn(); if (!OC_User::isAdminUser(OC_User::getUser())) { header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php')); exit; } }
* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ OC_Util::checkLoggedIn(); // Load the files we need OC_Util::addStyle("settings", "settings"); \OC::$server->getNavigationManager()->setActiveEntry('help'); if (isset($_GET['mode']) and $_GET['mode'] === 'admin') { $url = \OCP\Util::linkToAbsolute('core', 'doc/admin/index.html'); $style1 = ''; $style2 = ' active'; } else { $url = \OCP\Util::linkToAbsolute('core', 'doc/user/index.html'); $style1 = ' active'; $style2 = ''; } $url1 = \OC::$server->getURLGenerator()->linkToRoute('settings_help') . '?mode=user'; $url2 = \OC::$server->getURLGenerator()->linkToRoute('settings_help') . '?mode=admin'; $tmpl = new OC_Template("settings", "help", "user"); $tmpl->assign("admin", OC_User::isAdminUser(OC_User::getUser())); $tmpl->assign("url", $url); $tmpl->assign("url1", $url1); $tmpl->assign("url2", $url2); $tmpl->assign("style1", $style1); $tmpl->assign("style2", $style2); $tmpl->printPage();
* it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ OC_JSON::checkSubAdminUser(); OCP\JSON::callCheck(); $username = isset($_POST["username"]) ? (string) $_POST["username"] : ''; if ($username === '' && !OC_User::isAdminUser(OC_User::getUser()) || !OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) { $l = \OC::$server->getL10N('core'); OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } //make sure the quota is in the expected format $quota = (string) $_POST["quota"]; if ($quota !== 'none' and $quota !== 'default') { $quota = OC_Helper::computerFileSize($quota); $quota = OC_Helper::humanFileSize($quota); } // Return Success story if ($username) { \OC::$server->getConfig()->setUserValue($username, 'files', 'quota', $quota); } else { //set the default quota when no username is specified
* GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ OC_JSON::checkSubAdminUser(); OCP\JSON::callCheck(); $username = isset($_POST["username"]) ? (string) $_POST["username"] : ''; $isUserAccessible = false; $currentUserObject = \OC::$server->getUserSession()->getUser(); $targetUserObject = \OC::$server->getUserManager()->get($username); if ($targetUserObject !== null && $currentUserObject !== null) { $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject); } if ($username === '' && !OC_User::isAdminUser(OC_User::getUser()) || !OC_User::isAdminUser(OC_User::getUser()) && !$isUserAccessible) { $l = \OC::$server->getL10N('core'); OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } //make sure the quota is in the expected format $quota = (string) $_POST["quota"]; if ($quota !== 'none' and $quota !== 'default') { $quota = OC_Helper::computerFileSize($quota); $quota = OC_Helper::humanFileSize($quota); } // Return Success story if ($username) { $targetUserObject->setQuota($quota); } else { //set the default quota when no username is specified
* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ // Check if we are a user OCP\JSON::callCheck(); OC_JSON::checkLoggedIn(); $l = \OC::$server->getL10N('settings'); $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser(); $displayName = (string) $_POST["displayName"]; $userstatus = null; if (OC_User::isAdminUser(OC_User::getUser())) { $userstatus = 'admin'; } $isUserAccessible = false; $subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser()); $targetUserObject = \OC::$server->getUserManager()->get($username); if ($subadminUserObject !== null && $targetUserObject !== null) { $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject); } if ($isUserAccessible) { $userstatus = 'subadmin'; } if ($username === OC_User::getUser() && OC_User::canUserChangeDisplayName($username)) { $userstatus = 'changeOwnDisplayName'; } if (is_null($userstatus)) {
/** * @param string $renderAs * @param string $appId application id */ public function __construct($renderAs, $appId = '') { // yes - should be injected .... $this->config = \OC::$server->getConfig(); // Decide which page we show if ($renderAs == 'user') { parent::__construct('core', 'layout.user'); if (in_array(\OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) { $this->assign('bodyid', 'body-settings'); } else { $this->assign('bodyid', 'body-user'); } // Code integrity notification $integrityChecker = \OC::$server->getIntegrityCodeChecker(); if (\OC_User::isAdminUser(\OC_User::getUser()) && !$integrityChecker->hasPassedCheck()) { \OCP\Util::addScript('core', 'integritycheck-failed-notification'); } // Add navigation entry $this->assign('application', ''); $this->assign('appid', $appId); $navigation = \OC_App::getNavigation(); $this->assign('navigation', $navigation); $settingsNavigation = \OC_App::getSettingsNavigation(); $this->assign('settingsnavigation', $settingsNavigation); foreach ($navigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } foreach ($settingsNavigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } $userDisplayName = \OC_User::getDisplayName(); $appsMgmtActive = strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0; if ($appsMgmtActive) { $l = \OC::$server->getL10N('lib'); $this->assign('application', $l->t('Apps')); } $this->assign('user_displayname', $userDisplayName); $this->assign('user_uid', \OC_User::getUser()); $this->assign('appsmanagement_active', $appsMgmtActive); $this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true) === true); if (\OC_User::getUser() === false) { $this->assign('userAvatarSet', false); } else { $this->assign('userAvatarSet', \OC::$server->getAvatarManager()->getAvatar(\OC_User::getUser())->exists()); } } else { if ($renderAs == 'error') { parent::__construct('core', 'layout.guest', '', false); $this->assign('bodyid', 'body-login'); } else { if ($renderAs == 'guest') { parent::__construct('core', 'layout.guest'); $this->assign('bodyid', 'body-login'); } else { parent::__construct('core', 'layout.base'); } } } // Send the language to our layouts $this->assign('language', \OC_L10N::findLanguage()); if (\OC::$server->getSystemConfig()->getValue('installed', false)) { if (empty(self::$versionHash)) { $v = \OC_App::getAppVersions(); $v['core'] = implode('.', \OCP\Util::getVersion()); self::$versionHash = md5(implode(',', $v)); } } else { self::$versionHash = md5('not installed'); } $useAssetPipeline = self::isAssetPipelineEnabled(); if ($useAssetPipeline) { $this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash])); $this->generateAssets(); } else { // Add the js files $jsFiles = self::findJavascriptFiles(\OC_Util::$scripts); $this->assign('jsfiles', array()); if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') { $this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash])); } foreach ($jsFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash); } // Add the css files $cssFiles = self::findStylesheetFiles(\OC_Util::$styles); $this->assign('cssfiles', array()); foreach ($cssFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash); } } }
/** * Check if username given is admin * * @param string $username * @return boolean */ public function isAdminUser($username) { return \OC_User::isAdminUser($username); }
/** * Returns the Settings Navigation * * @return string[] * * This function returns an array containing all settings pages added. The * entries are sorted by the key 'order' ascending. */ public static function getSettingsNavigation() { $l = \OC::$server->getL10N('lib'); $urlGenerator = \OC::$server->getURLGenerator(); $settings = array(); // by default, settings only contain the help menu if (OC_Util::getEditionString() === '' && \OC::$server->getSystemConfig()->getValue('knowledgebaseenabled', true) == true) { $settings = array(array("id" => "help", "order" => 1000, "href" => $urlGenerator->linkToRoute('settings_help'), "name" => $l->t("Help"), "icon" => $urlGenerator->imagePath("settings", "help.svg"))); } // if the user is logged-in if (OC_User::isLoggedIn()) { // personal menu $settings[] = array("id" => "personal", "order" => 1, "href" => $urlGenerator->linkToRoute('settings_personal'), "name" => $l->t("Personal"), "icon" => $urlGenerator->imagePath("settings", "personal.svg")); //SubAdmins are also allowed to access user management $userObject = \OC::$server->getUserSession()->getUser(); $isSubAdmin = false; if ($userObject !== null) { $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); } if ($isSubAdmin) { // admin users menu $settings[] = array("id" => "core_users", "order" => 2, "href" => $urlGenerator->linkToRoute('settings_users'), "name" => $l->t("Users"), "icon" => $urlGenerator->imagePath("settings", "users.svg")); } // if the user is an admin if (OC_User::isAdminUser(OC_User::getUser())) { // admin settings $settings[] = array("id" => "admin", "order" => 1000, "href" => $urlGenerator->linkToRoute('settings_admin'), "name" => $l->t("Admin"), "icon" => $urlGenerator->imagePath("settings", "admin.svg")); } } $navigation = self::proceedNavigation($settings); return $navigation; }