nextcloud/lib/private/subadmin.php

<?php
/**
 * @author Bart Visscher <bartv@thisnet.nl>
 * @author Georg Ehrke <georg@owncloud.com>
 * @author Jörn Friedrich Dreyer <jfd@butonic.de>
 * @author Lukas Reschke <lukas@owncloud.com>
 * @author Morris Jobke <hey@morrisjobke.de>
 * @author Robin McCorkell <rmccorkell@karoshi.org.uk>
 * @author Thomas Müller <thomas.mueller@tmit.eu>
 *
 * @copyright Copyright (c) 2015, ownCloud, Inc.
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */
OC_Hook::connect('OC_User', 'post_deleteUser', 'OC_SubAdmin', 'post_deleteUser');
OC_Hook::connect('OC_User', 'post_deleteGroup', 'OC_SubAdmin', 'post_deleteGroup');
/**
 * This class provides all methods needed for managing groups.
 *
 * Hooks provided:
 *   post_createSubAdmin($gid)
 *   post_deleteSubAdmin($gid)
 */
class OC_SubAdmin{

	/**
	 * add a SubAdmin
	 * @param string $uid uid of the SubAdmin
	 * @param string $gid gid of the group
	 * @return boolean
	 */
	public static function createSubAdmin($uid, $gid) {
		$stmt = OC_DB::prepare('INSERT INTO `*PREFIX*group_admin` (`gid`,`uid`) VALUES(?,?)');
		$result = $stmt->execute(array($gid, $uid));
		OC_Hook::emit( "OC_SubAdmin", "post_createSubAdmin", array( "gid" => $gid ));
		return true;
	}

	/**
	 * delete a SubAdmin
	 * @param string $uid uid of the SubAdmin
	 * @param string $gid gid of the group
	 * @return boolean
	 */
	public static function deleteSubAdmin($uid, $gid) {
		$stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `gid` = ? AND `uid` = ?');
		$result = $stmt->execute(array($gid, $uid));
		OC_Hook::emit( "OC_SubAdmin", "post_deleteSubAdmin", array( "gid" => $gid ));
		return true;
	}

	/**
	 * get groups of a SubAdmin
	 * @param string $uid uid of the SubAdmin
	 * @return array
	 */
	public static function getSubAdminsGroups($uid) {
		$stmt = OC_DB::prepare('SELECT `gid` FROM `*PREFIX*group_admin` WHERE `uid` = ?');
		$result = $stmt->execute(array($uid));
		$gids = array();
		while($row = $result->fetchRow()) {
			$gids[] = $row['gid'];
		}
		return $gids;
	}

	/**
	 * get SubAdmins of a group
	 * @param string $gid gid of the group
	 * @return array
	 */
	public static function getGroupsSubAdmins($gid) {
		$stmt = OC_DB::prepare('SELECT `uid` FROM `*PREFIX*group_admin` WHERE `gid` = ?');
		$result = $stmt->execute(array($gid));
		$uids = array();
		while($row = $result->fetchRow()) {
			$uids[] = $row['uid'];
		}
		return $uids;
	}

	/**
	 * get all SubAdmins
	 * @return array
	 */
	public static function getAllSubAdmins() {
		$stmt = OC_DB::prepare('SELECT * FROM `*PREFIX*group_admin`');
		$result = $stmt->execute();
		$subadmins = array();
		while($row = $result->fetchRow()) {
			$subadmins[] = $row;
		}
		return $subadmins;
	}

	/**
	 * checks if a user is a SubAdmin of a group
	 * @param string $uid uid of the subadmin
	 * @param string $gid gid of the group
	 * @return bool
	 */
	public static function isSubAdminofGroup($uid, $gid) {
		$stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ? AND `gid` = ?');
		$result = $stmt->execute(array($uid, $gid));
		$result = $result->fetchRow();
		if($result['count'] >= 1) {
			return true;
		}
		return false;
	}

	/**
	 * checks if a user is a SubAdmin
	 * @param string $uid uid of the subadmin
	 * @return bool
	 */
	public static function isSubAdmin($uid) {
		// Check if the user is already an admin
		if(OC_Group::inGroup($uid, 'admin' )) {
			return true;
		}

		$stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ?');
		$result = $stmt->execute(array($uid));
		$result = $result->fetchRow();
		if($result['count'] > 0) {
			return true;
		}
		return false;
	}

	/**
	 * checks if a user is a accessible by a subadmin
	 * @param string $subadmin uid of the subadmin
	 * @param string $user uid of the user
	 * @return bool
	 */
	public static function isUserAccessible($subadmin, $user) {
		if(!self::isSubAdmin($subadmin)) {
			return false;
		}
		if(OC_User::isAdminUser($user)) {
			return false;
		}
		$accessiblegroups = self::getSubAdminsGroups($subadmin);
		foreach($accessiblegroups as $accessiblegroup) {
			if(OC_Group::inGroup($user, $accessiblegroup)) {
				return true;
			}
		}
		return false;
	}

	/*
	 * alias for self::isSubAdminofGroup()
	 */
	public static function isGroupAccessible($subadmin, $group) {
		return self::isSubAdminofGroup($subadmin, $group);
	}

	/**
	 * delete all SubAdmins by uid
	 * @param array $parameters
	 * @return boolean
	 */
	public static function post_deleteUser($parameters) {
		$stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `uid` = ?');
		$result = $stmt->execute(array($parameters['uid']));
		return true;
	}

	/**
	 * delete all SubAdmins by gid
	 * @param array $parameters
	 * @return boolean
	 */
	public static function post_deleteGroup($parameters) {
		$stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `gid` = ?');
		$result = $stmt->execute(array($parameters['gid']));
		return true;
	}
}
some work on subadmins 2012-07-09 23:51:19 +04:00			`<?php`
			`/**`
Update license headers 2015-03-26 13:44:34 +03:00			`* @author Bart Visscher <bartv@thisnet.nl>`
			`* @author Georg Ehrke <georg@owncloud.com>`
			`* @author Jörn Friedrich Dreyer <jfd@butonic.de>`
			`* @author Lukas Reschke <lukas@owncloud.com>`
			`* @author Morris Jobke <hey@morrisjobke.de>`
			`* @author Robin McCorkell <rmccorkell@karoshi.org.uk>`
			`* @author Thomas Müller <thomas.mueller@tmit.eu>`
some work on subadmins 2012-07-09 23:51:19 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* @copyright Copyright (c) 2015, ownCloud, Inc.`
			`* @license AGPL-3.0`
some work on subadmins 2012-07-09 23:51:19 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* This code is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License, version 3,`
			`* as published by the Free Software Foundation.`
some work on subadmins 2012-07-09 23:51:19 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* This program is distributed in the hope that it will be useful,`
some work on subadmins 2012-07-09 23:51:19 +04:00			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
Update license headers 2015-03-26 13:44:34 +03:00			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
some work on subadmins 2012-07-09 23:51:19 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* You should have received a copy of the GNU Affero General Public License, version 3,`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>`
some work on subadmins 2012-07-09 23:51:19 +04:00			`*`
			`*/`
add some hooks for subadmins 2012-07-21 18:43:39 +04:00			`OC_Hook::connect('OC_User', 'post_deleteUser', 'OC_SubAdmin', 'post_deleteUser');`
			`OC_Hook::connect('OC_User', 'post_deleteGroup', 'OC_SubAdmin', 'post_deleteGroup');`
some work on subadmins 2012-07-09 23:51:19 +04:00			`/**`
			`* This class provides all methods needed for managing groups.`
			`*`
			`* Hooks provided:`
			`* post_createSubAdmin($gid)`
			`* post_deleteSubAdmin($gid)`
			`*/`
			`class OC_SubAdmin{`

			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* add a SubAdmin`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $uid uid of the SubAdmin`
			`* @param string $gid gid of the group`
some work on subadmins 2012-07-09 23:51:19 +04:00			`* @return boolean`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function createSubAdmin($uid, $gid) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('INSERT INTO `PREFIXgroup_admin` (`gid`,`uid`) VALUES(?,?)');
some work on subadmins 2012-07-09 23:51:19 +04:00			`$result = $stmt->execute(array($gid, $uid));`
			`OC_Hook::emit( "OC_SubAdmin", "post_createSubAdmin", array( "gid" => $gid ));`
			`return true;`
			`}`

			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* delete a SubAdmin`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $uid uid of the SubAdmin`
			`* @param string $gid gid of the group`
some work on subadmins 2012-07-09 23:51:19 +04:00			`* @return boolean`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function deleteSubAdmin($uid, $gid) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('DELETE FROM `PREFIXgroup_admin` WHERE `gid` = ? AND `uid` = ?');
some work on subadmins 2012-07-09 23:51:19 +04:00			`$result = $stmt->execute(array($gid, $uid));`
			`OC_Hook::emit( "OC_SubAdmin", "post_deleteSubAdmin", array( "gid" => $gid ));`
			`return true;`
			`}`

			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* get groups of a SubAdmin`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $uid uid of the SubAdmin`
some work on subadmins 2012-07-09 23:51:19 +04:00			`* @return array`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function getSubAdminsGroups($uid) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('SELECT `gid` FROM `PREFIXgroup_admin` WHERE `uid` = ?');
subadmins can now add users 2012-07-15 18:31:28 +04:00			`$result = $stmt->execute(array($uid));`
some work on subadmins 2012-07-09 23:51:19 +04:00			`$gids = array();`
adding space between) and { 2012-09-07 17:22:01 +04:00			`while($row = $result->fetchRow()) {`
some work on subadmins 2012-07-09 23:51:19 +04:00			`$gids[] = $row['gid'];`
			`}`
			`return $gids;`
			`}`

			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* get SubAdmins of a group`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $gid gid of the group`
some work on subadmins 2012-07-09 23:51:19 +04:00			`* @return array`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function getGroupsSubAdmins($gid) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('SELECT `uid` FROM `PREFIXgroup_admin` WHERE `gid` = ?');
subadmins can now add users 2012-07-15 18:31:28 +04:00			`$result = $stmt->execute(array($gid));`
some work on subadmins 2012-07-09 23:51:19 +04:00			`$uids = array();`
adding space between) and { 2012-09-07 17:22:01 +04:00			`while($row = $result->fetchRow()) {`
some work on subadmins 2012-07-09 23:51:19 +04:00			`$uids[] = $row['uid'];`
			`}`
			`return $uids;`
			`}`
Whitespace fixes in lib 2012-08-29 10:38:33 +04:00
some work on subadmins 2012-07-09 23:51:19 +04:00			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* get all SubAdmins`
some work on subadmins 2012-07-09 23:51:19 +04:00			`* @return array`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function getAllSubAdmins() {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('SELECT * FROM `PREFIXgroup_admin`');
subadmins can now add users 2012-07-15 18:31:28 +04:00			`$result = $stmt->execute();`
some work on subadmins 2012-07-09 23:51:19 +04:00			`$subadmins = array();`
adding space between) and { 2012-09-07 17:22:01 +04:00			`while($row = $result->fetchRow()) {`
some work on subadmins 2012-07-09 23:51:19 +04:00			`$subadmins[] = $row;`
			`}`
			`return $subadmins;`
			`}`
Whitespace fixes in lib 2012-08-29 10:38:33 +04:00
subadmins can now add users 2012-07-15 18:31:28 +04:00			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* checks if a user is a SubAdmin of a group`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $uid uid of the subadmin`
			`* @param string $gid gid of the group`
add some doc for lib/subadmin.php 2012-07-19 18:43:46 +04:00			`* @return bool`
subadmins can now add users 2012-07-15 18:31:28 +04:00			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function isSubAdminofGroup($uid, $gid) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('SELECT COUNT() AS `count` FROM `PREFIX*group_admin` WHERE `uid` = ? AND `gid` = ?');
subadmins can now add users 2012-07-15 18:31:28 +04:00			`$result = $stmt->execute(array($uid, $gid));`
			`$result = $result->fetchRow();`
adding space between) and { 2012-09-07 17:22:01 +04:00			`if($result['count'] >= 1) {`
subadmins can now add users 2012-07-15 18:31:28 +04:00			`return true;`
			`}`
			`return false;`
			`}`
Whitespace fixes in lib 2012-08-29 10:38:33 +04:00
add some doc for lib/subadmin.php 2012-07-19 18:43:46 +04:00			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* checks if a user is a SubAdmin`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $uid uid of the subadmin`
add some doc for lib/subadmin.php 2012-07-19 18:43:46 +04:00			`* @return bool`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function isSubAdmin($uid) {`
Check if user is admin - bool There was no "isAdminUser()" function which returned bool. This is irritiating as there were a loooooooot of places in the code which checked this itself with `OC_Group::inGroup($uid, 'admin)` - why not use a function for this? (Especially if you consider that we might change the group name in the future, which would lead to problems then) Additionally, @Raydiation needed such a method for his AppFramework :) 2013-01-14 22:45:17 +04:00			`// Check if the user is already an admin`
			`if(OC_Group::inGroup($uid, 'admin' )) {`
			`return true;`
			`}`

add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('SELECT COUNT() AS `count` FROM `PREFIX*group_admin` WHERE `uid` = ?');
subadmins can now add users 2012-07-15 18:31:28 +04:00			`$result = $stmt->execute(array($uid));`
			`$result = $result->fetchRow();`
adding space between) and { 2012-09-07 17:22:01 +04:00			`if($result['count'] > 0) {`
subadmins can now add users 2012-07-15 18:31:28 +04:00			`return true;`
			`}`
			`return false;`
			`}`
Whitespace fixes in lib 2012-08-29 10:38:33 +04:00
add some doc for lib/subadmin.php 2012-07-19 18:43:46 +04:00			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* checks if a user is a accessible by a subadmin`
Add type hinting 2014-04-20 02:55:01 +04:00			`* @param string $subadmin uid of the subadmin`
			`* @param string $user uid of the user`
add some doc for lib/subadmin.php 2012-07-19 18:43:46 +04:00			`* @return bool`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function isUserAccessible($subadmin, $user) {`
			`if(!self::isSubAdmin($subadmin)) {`
add isUserAccessible method to OC_SubAdmin class 2012-07-19 18:30:58 +04:00			`return false;`
			`}`
Check if user is admin - bool There was no "isAdminUser()" function which returned bool. This is irritiating as there were a loooooooot of places in the code which checked this itself with `OC_Group::inGroup($uid, 'admin)` - why not use a function for this? (Especially if you consider that we might change the group name in the future, which would lead to problems then) Additionally, @Raydiation needed such a method for his AppFramework :) 2013-01-14 22:45:17 +04:00			`if(OC_User::isAdminUser($user)) {`
don't allow group admins to change admin's accounts 2012-08-26 18:29:10 +04:00			`return false;`
			`}`
add isUserAccessible method to OC_SubAdmin class 2012-07-19 18:30:58 +04:00			`$accessiblegroups = self::getSubAdminsGroups($subadmin);`
adding space between) and { 2012-09-07 17:22:01 +04:00			`foreach($accessiblegroups as $accessiblegroup) {`
			`if(OC_Group::inGroup($user, $accessiblegroup)) {`
add isUserAccessible method to OC_SubAdmin class 2012-07-19 18:30:58 +04:00			`return true;`
			`}`
			`}`
			`return false;`
			`}`
Whitespace fixes in lib 2012-08-29 10:38:33 +04:00
add isGroupAccessible in OC_SubAdmin 2012-07-19 21:17:01 +04:00			`/*`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* alias for self::isSubAdminofGroup()`
add isGroupAccessible in OC_SubAdmin 2012-07-19 21:17:01 +04:00			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function isGroupAccessible($subadmin, $group) {`
add isGroupAccessible in OC_SubAdmin 2012-07-19 21:17:01 +04:00			`return self::isSubAdminofGroup($subadmin, $group);`
			`}`
add some hooks for subadmins 2012-07-21 18:43:39 +04:00
			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* delete all SubAdmins by uid`
Fix all PHPDoc types and variable names, in /lib 2014-05-12 00:51:30 +04:00			`* @param array $parameters`
add some hooks for subadmins 2012-07-21 18:43:39 +04:00			`* @return boolean`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function post_deleteUser($parameters) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('DELETE FROM `PREFIXgroup_admin` WHERE `uid` = ?');
add some hooks for subadmins 2012-07-21 18:43:39 +04:00			`$result = $stmt->execute(array($parameters['uid']));`
			`return true;`
			`}`

			`/**`
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later 2014-05-19 19:50:53 +04:00			`* delete all SubAdmins by gid`
Fix all PHPDoc types and variable names, in /lib 2014-05-12 00:51:30 +04:00			`* @param array $parameters`
add some hooks for subadmins 2012-07-21 18:43:39 +04:00			`* @return boolean`
			`*/`
adding space between) and { 2012-09-07 17:22:01 +04:00			`public static function post_deleteGroup($parameters) {`
add backticks to SQL, use limit parameter instead of LIMIT SQL 2012-08-25 03:52:27 +04:00			$stmt = OC_DB::prepare('DELETE FROM `PREFIXgroup_admin` WHERE `gid` = ?');
add some hooks for subadmins 2012-07-21 18:43:39 +04:00			`$result = $stmt->execute(array($parameters['gid']));`
			`return true;`
			`}`
some work on subadmins 2012-07-09 23:51:19 +04:00			`}`