nextcloud/settings/ajax/togglegroups.php

<?php

OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();

$success = true;
$username = $_POST["username"];
$group = OC_Util::sanitizeHTML($_POST["group"]);

if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) || !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {
	$l = OC_L10N::get('core');
	OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
	exit();
}

if(!OC_Group::groupExists($group)) {
	OC_Group::createGroup($group);
}

$l = OC_L10N::get('settings');

$error = $l->t("Unable to add user to group %s", $group);
$action = "add";

// Toggle group
if( OC_Group::inGroup( $username, $group )) {
	$action = "remove";
    $error = $l->t("Unable to remove user from group %s", $group);
    $success = OC_Group::removeFromGroup( $username, $group );
	$usersInGroup=OC_Group::usersInGroup($group);
	if(count($usersInGroup)==0) {
		OC_Group::deleteGroup($group);
	}
}
else{
	$success = OC_Group::addToGroup( $username, $group );
}

// Return Success story
if( $success ) {
	OC_JSON::success(array("data" => array( "username" => $username, "action" => $action, "groupname" => $group )));
}
else{
	OC_JSON::error(array("data" => array( "message" => $error )));
}
User manager still not perfect but the aim is reachable! 2011-04-17 15:15:55 +04:00			`<?php`

fix tooglegroup for subadmins 2012-07-20 17:13:51 +04:00			`OC_JSON::checkSubAdminUser();`
CSRF check in the settings 2012-07-07 17:27:04 +04:00			`OCP\JSON::callCheck();`
User manager still not perfect but the aim is reachable! 2011-04-17 15:15:55 +04:00
User management works good enough for now. Need to do something else ... 2011-04-17 20:05:49 +04:00			`$success = true;`
			`$username = $_POST["username"];`
use new sanitizeHTML() function 2012-06-21 15:57:18 +04:00			`$group = OC_Util::sanitizeHTML($_POST["group"]);`
User management works good enough for now. Need to do something else ... 2011-04-17 20:05:49 +04:00
Update settings/ajax/togglegroups.php respect coding style 2012-09-04 13:58:07 +04:00			`if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && (!OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username) \|\| !OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group))) {`
fix tooglegroup for subadmins 2012-07-20 17:13:51 +04:00			`$l = OC_L10N::get('core');`
			`OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));`
			`exit();`
			`}`

Update settings/ajax/togglegroups.php respect coding style 2012-09-04 13:58:07 +04:00			`if(!OC_Group::groupExists($group)) {`
work on user management 2011-08-10 22:51:35 +04:00			`OC_Group::createGroup($group);`
			`}`

Adding missing translation 2012-09-04 22:47:15 +04:00			`$l = OC_L10N::get('settings');`

			`$error = $l->t("Unable to add user to group %s", $group);`
			`$action = "add";`

User management works good enough for now. Need to do something else ... 2011-04-17 20:05:49 +04:00			`// Toggle group`
Update settings/ajax/togglegroups.php respect coding style 2012-09-04 13:58:07 +04:00			`if( OC_Group::inGroup( $username, $group )) {`
More error checking in user management 2011-04-18 14:39:28 +04:00			`$action = "remove";`
Adding missing translation 2012-09-04 22:47:15 +04:00			`$error = $l->t("Unable to remove user from group %s", $group);`
			`$success = OC_Group::removeFromGroup( $username, $group );`
remove groups if there are no users in them 2011-08-11 12:12:03 +04:00			`$usersInGroup=OC_Group::usersInGroup($group);`
Update settings/ajax/togglegroups.php respect coding style 2012-09-04 13:58:07 +04:00			`if(count($usersInGroup)==0) {`
remove groups if there are no users in them 2011-08-11 12:12:03 +04:00			`OC_Group::deleteGroup($group);`
			`}`
User management works good enough for now. Need to do something else ... 2011-04-17 20:05:49 +04:00			`}`
			`else{`
Renaming classes :-) 2011-07-29 23:36:03 +04:00			`$success = OC_Group::addToGroup( $username, $group );`
User management works good enough for now. Need to do something else ... 2011-04-17 20:05:49 +04:00			`}`
User manager still not perfect but the aim is reachable! 2011-04-17 15:15:55 +04:00
			`// Return Success story`
Update settings/ajax/togglegroups.php respect coding style 2012-09-04 13:58:07 +04:00			`if( $success ) {`
Use OC_JSON for json responses Create OC_JSON class, for single point of creating json responses. No real logic change, this just cleans up the code a bit. 2011-09-24 00:22:59 +04:00			`OC_JSON::success(array("data" => array( "username" => $username, "action" => $action, "groupname" => $group )));`
User manager still not perfect but the aim is reachable! 2011-04-17 15:15:55 +04:00			`}`
			`else{`
Adding missing translation 2012-09-04 22:47:15 +04:00			`OC_JSON::error(array("data" => array( "message" => $error )));`
User manager still not perfect but the aim is reachable! 2011-04-17 15:15:55 +04:00			`}`