Merge pull request #846 from nextcloud/provisioning_api_ocs
Move Provisioning API to the AppFramework
This commit is contained in:
commit
027069cbae
|
@ -26,53 +26,40 @@
|
|||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Provisioning_API\AppInfo;
|
||||
|
||||
use OCA\Provisioning_API\Apps;
|
||||
use OCA\Provisioning_API\Groups;
|
||||
use OCA\Provisioning_API\Users;
|
||||
use OCP\API;
|
||||
|
||||
// Users
|
||||
$users = new Users(
|
||||
\OC::$server->getUserManager(),
|
||||
\OC::$server->getConfig(),
|
||||
\OC::$server->getGroupManager(),
|
||||
\OC::$server->getUserSession(),
|
||||
\OC::$server->getLogger()
|
||||
);
|
||||
API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
|
||||
API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
|
||||
API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('put', '/cloud/users/{userid}/enable', [$users, 'enableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('put', '/cloud/users/{userid}/disable', [$users, 'disableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('get', '/cloud/users/{userid}/groups', [$users, 'getUsersGroups'], 'provisioning_api', API::USER_AUTH);
|
||||
API::register('post', '/cloud/users/{userid}/groups', [$users, 'addToGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('delete', '/cloud/users/{userid}/groups', [$users, 'removeFromGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('post', '/cloud/users/{userid}/subadmins', [$users, 'addSubAdmin'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('delete', '/cloud/users/{userid}/subadmins', [$users, 'removeSubAdmin'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('get', '/cloud/users/{userid}/subadmins', [$users, 'getUserSubAdminGroups'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
$app = new \OCA\Provisioning_API\AppInfo\Application();
|
||||
$app->registerRoutes($this, [
|
||||
'ocs' => [
|
||||
// Apps
|
||||
['root' => '/cloud', 'name' => 'Apps#getApps', 'url' => '/apps', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Apps#getAppInfo', 'url' => '/apps/{app}', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Apps#enable', 'url' => '/apps/{app}', 'verb' => 'POST'],
|
||||
['root' => '/cloud', 'name' => 'Apps#disable', 'url' => '/apps/{app}', 'verb' => 'DELETE'],
|
||||
|
||||
// Groups
|
||||
$groups = new Groups(
|
||||
\OC::$server->getGroupManager(),
|
||||
\OC::$server->getUserSession(),
|
||||
\OC::$server->getRequest()
|
||||
);
|
||||
API::register('get', '/cloud/groups', [$groups, 'getGroups'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('post', '/cloud/groups', [$groups, 'addGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('get', '/cloud/groups/{groupid}', [$groups, 'getGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('delete', '/cloud/groups/{groupid}', [$groups, 'deleteGroup'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('get', '/cloud/groups/{groupid}/subadmins', [$groups, 'getSubAdminsOfGroup'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
// Groups
|
||||
['root' => '/cloud', 'name' => 'Groups#getGroups', 'url' => '/groups', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Groups#getGroup', 'url' => '/groups/{groupId}', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Groups#addGroup', 'url' => '/groups', 'verb' => 'POST'],
|
||||
['root' => '/cloud', 'name' => 'Groups#deleteGroup', 'url' => '/groups/{groupId}', 'verb' => 'DELETE'],
|
||||
['root' => '/cloud', 'name' => 'Groups#getSubAdminsOfGroup', 'url' => '/groups/{groupId}/subadmins', 'verb' => 'GET'],
|
||||
|
||||
// Apps
|
||||
$apps = new Apps(
|
||||
\OC::$server->getAppManager(),
|
||||
\OC::$server->getOcsClient()
|
||||
);
|
||||
API::register('get', '/cloud/apps', [$apps, 'getApps'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('get', '/cloud/apps/{appid}', [$apps, 'getAppInfo'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('post', '/cloud/apps/{appid}', [$apps, 'enable'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('delete', '/cloud/apps/{appid}', [$apps, 'disable'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
//Users
|
||||
['root' => '/cloud', 'name' => 'Users#getUsers', 'url' => '/users', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Users#addUser', 'url' => '/users', 'verb' => 'POST'],
|
||||
['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Users#editUser', 'url' => '/users/{userId}', 'verb' => 'PUT'],
|
||||
['root' => '/cloud', 'name' => 'Users#deleteUser', 'url' => '/users/{userId}', 'verb' => 'DELETE'],
|
||||
['root' => '/cloud', 'name' => 'Users#enableUser', 'url' => '/users/{userId}/enable', 'verb' => 'PUT'],
|
||||
['root' => '/cloud', 'name' => 'Users#disableUser', 'url' => '/users/{userId}/disable', 'verb' => 'PUT'],
|
||||
['root' => '/cloud', 'name' => 'Users#getUsersGroups', 'url' => '/users/{userId}/groups', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Users#addToGroup', 'url' => '/users/{userId}/groups', 'verb' => 'POST'],
|
||||
['root' => '/cloud', 'name' => 'Users#removeFromGroup', 'url' => '/users/{userId}/groups', 'verb' => 'DELETE'],
|
||||
['root' => '/cloud', 'name' => 'Users#getUserSubAdminGroups', 'url' => '/users/{userId}/subadmins', 'verb' => 'GET'],
|
||||
['root' => '/cloud', 'name' => 'Users#addSubAdmin', 'url' => '/users/{userId}/subadmins', 'verb' => 'POST'],
|
||||
['root' => '/cloud', 'name' => 'Users#removeSubAdmin', 'url' => '/users/{userId}/subadmins', 'verb' => 'DELETE'],
|
||||
|
||||
],
|
||||
]);
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
namespace OCA\Provisioning_API\AppInfo;
|
||||
|
||||
use OC\AppFramework\Utility\SimpleContainer;
|
||||
use OCA\Provisioning_API\Middleware\ProvisioningApiMiddleware;
|
||||
use OCP\AppFramework\App;
|
||||
|
||||
class Application extends App {
|
||||
public function __construct(array $urlParams = array()) {
|
||||
parent::__construct('provisioning_api', $urlParams);
|
||||
|
||||
$container = $this->getContainer();
|
||||
$server = $container->getServer();
|
||||
|
||||
$container->registerService('ProvisioningApiMiddleware', function(SimpleContainer $c) use ($server) {
|
||||
$user = $server->getUserManager()->get($c['UserId']);
|
||||
$isAdmin = $user !== null ? $server->getGroupManager()->isAdmin($user->getUID()) : false;
|
||||
$isSubAdmin = $user !== null ? $server->getGroupManager()->getSubAdmin()->isSubAdmin($user) : false;
|
||||
return new ProvisioningApiMiddleware(
|
||||
$c['ControllerMethodReflector'],
|
||||
$isAdmin,
|
||||
$isSubAdmin
|
||||
);
|
||||
});
|
||||
$container->registerMiddleWare('ProvisioningApiMiddleware');
|
||||
}
|
||||
}
|
|
@ -23,89 +23,101 @@
|
|||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Provisioning_API;
|
||||
namespace OCA\Provisioning_API\Controller;
|
||||
|
||||
use OC\OCSClient;
|
||||
use \OC_App;
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||
use OCP\AppFramework\OCSController;
|
||||
use OCP\IRequest;
|
||||
|
||||
class Apps {
|
||||
class AppsController extends OCSController {
|
||||
/** @var \OCP\App\IAppManager */
|
||||
private $appManager;
|
||||
/** @var OCSClient */
|
||||
private $ocsClient;
|
||||
|
||||
/**
|
||||
* @param \OCP\App\IAppManager $appManager
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param IAppManager $appManager
|
||||
* @param OCSClient $ocsClient
|
||||
*/
|
||||
public function __construct(\OCP\App\IAppManager $appManager,
|
||||
OCSClient $ocsClient) {
|
||||
public function __construct(
|
||||
$appName,
|
||||
IRequest $request,
|
||||
IAppManager $appManager,
|
||||
OCSClient $ocsClient
|
||||
) {
|
||||
parent::__construct($appName, $request);
|
||||
|
||||
$this->appManager = $appManager;
|
||||
$this->ocsClient = $ocsClient;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $filter
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function getApps($parameters) {
|
||||
public function getApps($filter = null) {
|
||||
$apps = OC_App::listAllApps(false, true, $this->ocsClient);
|
||||
$list = [];
|
||||
foreach($apps as $app) {
|
||||
$list[] = $app['id'];
|
||||
}
|
||||
$filter = isset($_GET['filter']) ? $_GET['filter'] : false;
|
||||
if($filter){
|
||||
switch($filter){
|
||||
case 'enabled':
|
||||
return new \OC\OCS\Result(array('apps' => \OC_App::getEnabledApps()));
|
||||
return new DataResponse(['apps' => \OC_App::getEnabledApps()]);
|
||||
break;
|
||||
case 'disabled':
|
||||
$enabled = OC_App::getEnabledApps();
|
||||
return new \OC\OCS\Result(array('apps' => array_diff($list, $enabled)));
|
||||
return new DataResponse(['apps' => array_diff($list, $enabled)]);
|
||||
break;
|
||||
default:
|
||||
// Invalid filter variable
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
break;
|
||||
throw new OCSException('', 101);
|
||||
}
|
||||
|
||||
} else {
|
||||
return new \OC\OCS\Result(array('apps' => $list));
|
||||
return new DataResponse(['apps' => $list]);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $app
|
||||
* @return DataResponse
|
||||
* @throws OCSNotFoundException
|
||||
*/
|
||||
public function getAppInfo($parameters) {
|
||||
$app = $parameters['appid'];
|
||||
public function getAppInfo($app) {
|
||||
$info = \OCP\App::getAppInfo($app);
|
||||
if(!is_null($info)) {
|
||||
return new \OC\OCS\Result(OC_App::getAppInfo($app));
|
||||
return new DataResponse(OC_App::getAppInfo($app));
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The request app was not found');
|
||||
throw new OCSException('The request app was not found', \OCP\API::RESPOND_NOT_FOUND);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $app
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function enable($parameters) {
|
||||
$app = $parameters['appid'];
|
||||
public function enable($app) {
|
||||
$this->appManager->enableApp($app);
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $app
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function disable($parameters) {
|
||||
$app = $parameters['appid'];
|
||||
public function disable($app) {
|
||||
$this->appManager->disableApp($app);
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
}
|
|
@ -23,46 +23,54 @@
|
|||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Provisioning_API;
|
||||
namespace OCA\Provisioning_API\Controller;
|
||||
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\OCSController;
|
||||
use OCP\IGroup;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\IRequest;
|
||||
use OCP\IUserSession;
|
||||
use OCP\IUser;
|
||||
|
||||
class Groups{
|
||||
|
||||
/** @var \OCP\IGroupManager */
|
||||
class GroupsController extends OCSController {
|
||||
|
||||
/** @var IGroupManager */
|
||||
private $groupManager;
|
||||
|
||||
/** @var \OCP\IUserSession */
|
||||
/** @var IUserSession */
|
||||
private $userSession;
|
||||
|
||||
/** @var \OCP\IRequest */
|
||||
private $request;
|
||||
|
||||
/**
|
||||
* @param \OCP\IGroupManager $groupManager
|
||||
* @param \OCP\IUserSession $userSession
|
||||
* @param \OCP\IRequest $request
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param IGroupManager $groupManager
|
||||
* @param IUserSession $userSession
|
||||
*/
|
||||
public function __construct(\OCP\IGroupManager $groupManager,
|
||||
\OCP\IUserSession $userSession,
|
||||
\OCP\IRequest $request) {
|
||||
public function __construct(
|
||||
$appName,
|
||||
IRequest $request,
|
||||
IGroupManager $groupManager,
|
||||
IUserSession $userSession) {
|
||||
parent::__construct($appName, $request);
|
||||
|
||||
$this->groupManager = $groupManager;
|
||||
$this->userSession = $userSession;
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* returns a list of groups
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $search
|
||||
* @param int $limit
|
||||
* @param int $offset
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function getGroups($parameters) {
|
||||
$search = $this->request->getParam('search', '');
|
||||
$limit = $this->request->getParam('limit');
|
||||
$offset = $this->request->getParam('offset');
|
||||
|
||||
public function getGroups($search = '', $limit = null, $offset = null) {
|
||||
if ($limit !== null) {
|
||||
$limit = (int)$limit;
|
||||
}
|
||||
|
@ -76,27 +84,24 @@ class Groups{
|
|||
return $group->getGID();
|
||||
}, $groups);
|
||||
|
||||
return new \OC\OCS\Result(['groups' => $groups]);
|
||||
return new DataResponse(['groups' => $groups]);
|
||||
}
|
||||
|
||||
/**
|
||||
* returns an array of users in the group specified
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $groupId
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function getGroup($parameters) {
|
||||
// Check if user is logged in
|
||||
public function getGroup($groupId) {
|
||||
$user = $this->userSession->getUser();
|
||||
if ($user === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$groupId = $parameters['groupid'];
|
||||
|
||||
// Check the group exists
|
||||
if(!$this->groupManager->groupExists($groupId)) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested group could not be found');
|
||||
throw new OCSException('The requested group could not be found', \OCP\API::RESPOND_NOT_FOUND);
|
||||
}
|
||||
|
||||
$isSubadminOfGroup = false;
|
||||
|
@ -114,59 +119,62 @@ class Groups{
|
|||
return $user->getUID();
|
||||
}, $users);
|
||||
$users = array_values($users);
|
||||
return new \OC\OCS\Result(['users' => $users]);
|
||||
return new DataResponse(['users' => $users]);
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED, 'User does not have access to specified group');
|
||||
throw new OCSException('User does not have access to specified group', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* creates a new group
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $groupid
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function addGroup($parameters) {
|
||||
public function addGroup($groupid) {
|
||||
// Validate name
|
||||
$groupId = $this->request->getParam('groupid', '');
|
||||
if(empty($groupId)){
|
||||
if(empty($groupid)){
|
||||
\OCP\Util::writeLog('provisioning_api', 'Group name not supplied', \OCP\Util::ERROR);
|
||||
return new \OC\OCS\Result(null, 101, 'Invalid group name');
|
||||
throw new OCSException('Invalid group name', 101);
|
||||
}
|
||||
// Check if it exists
|
||||
if($this->groupManager->groupExists($groupId)){
|
||||
return new \OC\OCS\Result(null, 102);
|
||||
if($this->groupManager->groupExists($groupid)){
|
||||
throw new OCSException('', 102);
|
||||
}
|
||||
$this->groupManager->createGroup($groupId);
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
$this->groupManager->createGroup($groupid);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $groupId
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function deleteGroup($parameters) {
|
||||
public function deleteGroup($groupId) {
|
||||
// Check it exists
|
||||
if(!$this->groupManager->groupExists($parameters['groupid'])){
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
} else if($parameters['groupid'] === 'admin' || !$this->groupManager->get($parameters['groupid'])->delete()){
|
||||
if(!$this->groupManager->groupExists($groupId)){
|
||||
throw new OCSException('', 101);
|
||||
} else if($groupId === 'admin' || !$this->groupManager->get($groupId)->delete()){
|
||||
// Cannot delete admin group
|
||||
return new \OC\OCS\Result(null, 102);
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
throw new OCSException('', 102);
|
||||
}
|
||||
|
||||
return new DataResponse(null, 100);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $groupId
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function getSubAdminsOfGroup($parameters) {
|
||||
$group = $parameters['groupid'];
|
||||
public function getSubAdminsOfGroup($groupId) {
|
||||
// Check group exists
|
||||
$targetGroup = $this->groupManager->get($group);
|
||||
$targetGroup = $this->groupManager->get($groupId);
|
||||
if($targetGroup === null) {
|
||||
return new \OC\OCS\Result(null, 101, 'Group does not exist');
|
||||
throw new OCSException('Group does not exist', 101);
|
||||
}
|
||||
|
||||
$subadmins = $this->groupManager->getSubAdmin()->getGroupsSubAdmins($targetGroup);
|
||||
|
@ -176,7 +184,7 @@ class Groups{
|
|||
$uids[] = $user->getUID();
|
||||
}
|
||||
|
||||
return new \OC\OCS\Result($uids);
|
||||
return new DataResponse($uids);
|
||||
}
|
||||
|
||||
}
|
|
@ -27,17 +27,23 @@
|
|||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Provisioning_API;
|
||||
namespace OCA\Provisioning_API\Controller;
|
||||
|
||||
use \OC_Helper;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\OCS\OCSForbiddenException;
|
||||
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||
use OCP\AppFramework\OCSController;
|
||||
use OCP\Files\NotFoundException;
|
||||
use OCP\IConfig;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\ILogger;
|
||||
use OCP\IRequest;
|
||||
use OCP\IUserManager;
|
||||
use OCP\IUserSession;
|
||||
|
||||
class Users {
|
||||
class UsersController extends OCSController {
|
||||
|
||||
/** @var IUserManager */
|
||||
private $userManager;
|
||||
|
@ -51,17 +57,23 @@ class Users {
|
|||
private $logger;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param IUserManager $userManager
|
||||
* @param IConfig $config
|
||||
* @param IGroupManager $groupManager
|
||||
* @param IUserSession $userSession
|
||||
* @param ILogger $logger
|
||||
*/
|
||||
public function __construct(IUserManager $userManager,
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
IUserManager $userManager,
|
||||
IConfig $config,
|
||||
IGroupManager $groupManager,
|
||||
IUserSession $userSession,
|
||||
ILogger $logger) {
|
||||
parent::__construct($appName, $request);
|
||||
|
||||
$this->userManager = $userManager;
|
||||
$this->config = $config;
|
||||
$this->groupManager = $groupManager;
|
||||
|
@ -70,20 +82,17 @@ class Users {
|
|||
}
|
||||
|
||||
/**
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* returns a list of users
|
||||
*
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $search
|
||||
* @param int $limit
|
||||
* @param int $offset
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function getUsers() {
|
||||
$search = !empty($_GET['search']) ? $_GET['search'] : '';
|
||||
$limit = !empty($_GET['limit']) ? $_GET['limit'] : null;
|
||||
$offset = !empty($_GET['offset']) ? $_GET['offset'] : null;
|
||||
|
||||
// Check if user is logged in
|
||||
public function getUsers($search = '', $limit = null, $offset = null) {
|
||||
$user = $this->userSession->getUser();
|
||||
if ($user === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
// Admin? Or SubAdmin?
|
||||
$uid = $user->getUID();
|
||||
|
@ -106,89 +115,85 @@ class Users {
|
|||
}
|
||||
|
||||
$users = array_slice($users, $offset, $limit);
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$users = array_keys($users);
|
||||
|
||||
return new \OC\OCS\Result([
|
||||
return new DataResponse([
|
||||
'users' => $users
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $userid
|
||||
* @param string $password
|
||||
* @param array $groups
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function addUser() {
|
||||
$userId = isset($_POST['userid']) ? $_POST['userid'] : null;
|
||||
$password = isset($_POST['password']) ? $_POST['password'] : null;
|
||||
$groups = isset($_POST['groups']) ? $_POST['groups'] : null;
|
||||
public function addUser($userid, $password, $groups = null) {
|
||||
$user = $this->userSession->getUser();
|
||||
$isAdmin = $this->groupManager->isAdmin($user->getUID());
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
|
||||
if (!$isAdmin && !$subAdminManager->isSubAdmin($user)) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
if($this->userManager->userExists($userId)) {
|
||||
if($this->userManager->userExists($userid)) {
|
||||
$this->logger->error('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']);
|
||||
return new \OC\OCS\Result(null, 102, 'User already exists');
|
||||
throw new OCSException('User already exists', 102);
|
||||
}
|
||||
|
||||
if(is_array($groups)) {
|
||||
foreach ($groups as $group) {
|
||||
if(!$this->groupManager->groupExists($group)){
|
||||
return new \OC\OCS\Result(null, 104, 'group '.$group.' does not exist');
|
||||
if(!$this->groupManager->groupExists($group)) {
|
||||
throw new OCSException('group '.$group.' does not exist', 104);
|
||||
}
|
||||
if(!$isAdmin && !$subAdminManager->isSubAdminofGroup($user, $this->groupManager->get($group))) {
|
||||
return new \OC\OCS\Result(null, 105, 'insufficient privileges for group '. $group);
|
||||
throw new OCSException('insufficient privileges for group '. $group, 105);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if(!$isAdmin) {
|
||||
return new \OC\OCS\Result(null, 106, 'no group specified (required for subadmins)');
|
||||
throw new OCSException('no group specified (required for subadmins)', 106);
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
$newUser = $this->userManager->createUser($userId, $password);
|
||||
$this->logger->info('Successful addUser call with userid: '.$userId, ['app' => 'ocs_api']);
|
||||
$newUser = $this->userManager->createUser($userid, $password);
|
||||
$this->logger->info('Successful addUser call with userid: '.$userid, ['app' => 'ocs_api']);
|
||||
|
||||
if (is_array($groups)) {
|
||||
foreach ($groups as $group) {
|
||||
$this->groupManager->get($group)->addUser($newUser);
|
||||
$this->logger->info('Added userid '.$userId.' to group '.$group, ['app' => 'ocs_api']);
|
||||
$this->logger->info('Added userid '.$userid.' to group '.$group, ['app' => 'ocs_api']);
|
||||
}
|
||||
}
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
} catch (\Exception $e) {
|
||||
$this->logger->error('Failed addUser attempt with exception: '.$e->getMessage(), ['app' => 'ocs_api']);
|
||||
return new \OC\OCS\Result(null, 101, 'Bad request');
|
||||
throw new OCSException('Bad request', 101);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @NoAdminRequired
|
||||
* @NoSubAdminRequired
|
||||
*
|
||||
* gets user info
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $userId
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function getUser($parameters) {
|
||||
$userId = $parameters['userid'];
|
||||
|
||||
// Check if user is logged in
|
||||
public function getUser($userId) {
|
||||
$currentLoggedInUser = $this->userSession->getUser();
|
||||
if ($currentLoggedInUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$data = [];
|
||||
|
||||
// Check if the target user exists
|
||||
$targetUserObject = $this->userManager->get($userId);
|
||||
if($targetUserObject === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested user could not be found');
|
||||
throw new OCSException('The requested user could not be found', \OCP\API::RESPOND_NOT_FOUND);
|
||||
}
|
||||
|
||||
// Admin? Or SubAdmin?
|
||||
|
@ -198,7 +203,7 @@ class Users {
|
|||
} else {
|
||||
// Check they are looking up themselves
|
||||
if($currentLoggedInUser->getUID() !== $userId) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -207,32 +212,32 @@ class Users {
|
|||
$data['email'] = $targetUserObject->getEMailAddress();
|
||||
$data['displayname'] = $targetUserObject->getDisplayName();
|
||||
|
||||
return new \OC\OCS\Result($data);
|
||||
return new DataResponse($data);
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* @NoAdminRequired
|
||||
* @NoSubAdminRequired
|
||||
*
|
||||
* edit users
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $userId
|
||||
* @param string $key
|
||||
* @param string $value
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
* @throws OCSForbiddenException
|
||||
*/
|
||||
public function editUser($parameters) {
|
||||
/** @var string $targetUserId */
|
||||
$targetUserId = $parameters['userid'];
|
||||
|
||||
// Check if user is logged in
|
||||
public function editUser($userId, $key, $value) {
|
||||
$currentLoggedInUser = $this->userSession->getUser();
|
||||
if ($currentLoggedInUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$targetUser = $this->userManager->get($targetUserId);
|
||||
$targetUser = $this->userManager->get($userId);
|
||||
if($targetUser === null) {
|
||||
return new \OC\OCS\Result(null, 997);
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$permittedFields = [];
|
||||
if($targetUserId === $currentLoggedInUser->getUID()) {
|
||||
if($userId === $currentLoggedInUser->getUID()) {
|
||||
// Editing self (display, email)
|
||||
$permittedFields[] = 'display';
|
||||
$permittedFields[] = 'email';
|
||||
|
@ -253,20 +258,20 @@ class Users {
|
|||
$permittedFields[] = 'email';
|
||||
} else {
|
||||
// No rights
|
||||
return new \OC\OCS\Result(null, 997);
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
}
|
||||
// Check if permitted to edit this field
|
||||
if(!in_array($parameters['_put']['key'], $permittedFields)) {
|
||||
return new \OC\OCS\Result(null, 997);
|
||||
if(!in_array($key, $permittedFields)) {
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
// Process the edit
|
||||
switch($parameters['_put']['key']) {
|
||||
switch($key) {
|
||||
case 'display':
|
||||
$targetUser->setDisplayName($parameters['_put']['value']);
|
||||
$targetUser->setDisplayName($value);
|
||||
break;
|
||||
case 'quota':
|
||||
$quota = $parameters['_put']['value'];
|
||||
$quota = $value;
|
||||
if($quota !== 'none' and $quota !== 'default') {
|
||||
if (is_numeric($quota)) {
|
||||
$quota = floatval($quota);
|
||||
|
@ -274,7 +279,7 @@ class Users {
|
|||
$quota = \OCP\Util::computerFileSize($quota);
|
||||
}
|
||||
if ($quota === false) {
|
||||
return new \OC\OCS\Result(null, 103, "Invalid quota value {$parameters['_put']['value']}");
|
||||
throw new OCSException('Invalid quota value '.$value, 103);
|
||||
}
|
||||
if($quota === 0) {
|
||||
$quota = 'default';
|
||||
|
@ -287,115 +292,118 @@ class Users {
|
|||
$targetUser->setQuota($quota);
|
||||
break;
|
||||
case 'password':
|
||||
$targetUser->setPassword($parameters['_put']['value']);
|
||||
$targetUser->setPassword($value);
|
||||
break;
|
||||
case 'email':
|
||||
if(filter_var($parameters['_put']['value'], FILTER_VALIDATE_EMAIL)) {
|
||||
$targetUser->setEMailAddress($parameters['_put']['value']);
|
||||
if(filter_var($value, FILTER_VALIDATE_EMAIL)) {
|
||||
$targetUser->setEMailAddress($value);
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, 102);
|
||||
throw new OCSException('', 102);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
return new \OC\OCS\Result(null, 103);
|
||||
throw new OCSException('', 103);
|
||||
}
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $userId
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
* @throws OCSForbiddenException
|
||||
*/
|
||||
public function deleteUser($parameters) {
|
||||
// Check if user is logged in
|
||||
public function deleteUser($userId) {
|
||||
$currentLoggedInUser = $this->userSession->getUser();
|
||||
if ($currentLoggedInUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$targetUser = $this->userManager->get($parameters['userid']);
|
||||
$targetUser = $this->userManager->get($userId);
|
||||
|
||||
if($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
throw new OCSException('', 101);
|
||||
}
|
||||
|
||||
// If not permitted
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
if(!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
|
||||
return new \OC\OCS\Result(null, 997);
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
// Go ahead with the delete
|
||||
if($targetUser->delete()) {
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
throw new OCSException('', 101);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $userId
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function disableUser($parameters) {
|
||||
return $this->setEnabled($parameters, false);
|
||||
public function disableUser($userId) {
|
||||
return $this->setEnabled($userId, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string $userId
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function enableUser($parameters) {
|
||||
return $this->setEnabled($parameters, true);
|
||||
public function enableUser($userId) {
|
||||
return $this->setEnabled($userId, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @param string $userId
|
||||
* @param bool $value
|
||||
* @return \OC\OCS\Result
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
* @throws OCSForbiddenException
|
||||
*/
|
||||
private function setEnabled($parameters, $value) {
|
||||
// Check if user is logged in
|
||||
private function setEnabled($userId, $value) {
|
||||
$currentLoggedInUser = $this->userSession->getUser();
|
||||
if ($currentLoggedInUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$targetUser = $this->userManager->get($parameters['userid']);
|
||||
$targetUser = $this->userManager->get($userId);
|
||||
if($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
throw new OCSException('', 101);
|
||||
}
|
||||
|
||||
// If not permitted
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
if(!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
|
||||
return new \OC\OCS\Result(null, 997);
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
// enable/disable the user now
|
||||
$targetUser->setEnabled($value);
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
* @NoSubAdminRequired
|
||||
*
|
||||
* @param string $userId
|
||||
* @return DataResponse
|
||||
* @throws OCSForbiddenException
|
||||
* @throws OCSNotFoundException
|
||||
*/
|
||||
public function getUsersGroups($parameters) {
|
||||
// Check if user is logged in
|
||||
public function getUsersGroups($userId) {
|
||||
$loggedInUser = $this->userSession->getUser();
|
||||
if ($loggedInUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$targetUser = $this->userManager->get($parameters['userid']);
|
||||
$targetUser = $this->userManager->get($userId);
|
||||
if($targetUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND);
|
||||
throw new OCSException('', \OCP\API::RESPOND_NOT_FOUND);
|
||||
}
|
||||
|
||||
if($targetUser->getUID() === $loggedInUser->getUID() || $this->groupManager->isAdmin($loggedInUser->getUID())) {
|
||||
// Self lookup or admin lookup
|
||||
return new \OC\OCS\Result([
|
||||
return new DataResponse([
|
||||
'groups' => $this->groupManager->getUserGroupIds($targetUser)
|
||||
]);
|
||||
} else {
|
||||
|
@ -412,87 +420,75 @@ class Users {
|
|||
$getSubAdminsGroups,
|
||||
$this->groupManager->getUserGroupIds($targetUser)
|
||||
);
|
||||
return new \OC\OCS\Result(array('groups' => $groups));
|
||||
return new DataResponse(['groups' => $groups]);
|
||||
} else {
|
||||
// Not permitted
|
||||
return new \OC\OCS\Result(null, 997);
|
||||
throw new OCSException('', \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $userId
|
||||
* @param string $groupid
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function addToGroup($parameters) {
|
||||
// Check if user is logged in
|
||||
$user = $this->userSession->getUser();
|
||||
if ($user === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
public function addToGroup($userId, $groupid = '') {
|
||||
if($groupid === '') {
|
||||
throw new OCSException('', 101);
|
||||
}
|
||||
|
||||
// Check they're an admin
|
||||
if(!$this->groupManager->isAdmin($user->getUID())) {
|
||||
// This user doesn't have rights to add a user to this group
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
$groupId = !empty($_POST['groupid']) ? $_POST['groupid'] : null;
|
||||
if($groupId === null) {
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
}
|
||||
|
||||
$group = $this->groupManager->get($groupId);
|
||||
$targetUser = $this->userManager->get($parameters['userid']);
|
||||
$group = $this->groupManager->get($groupid);
|
||||
$targetUser = $this->userManager->get($userId);
|
||||
if($group === null) {
|
||||
return new \OC\OCS\Result(null, 102);
|
||||
throw new OCSException('', 102);
|
||||
}
|
||||
if($targetUser === null) {
|
||||
return new \OC\OCS\Result(null, 103);
|
||||
throw new OCSException('', 103);
|
||||
}
|
||||
|
||||
// Add user to group
|
||||
$group->addUser($targetUser);
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @NoAdminRequired
|
||||
*
|
||||
* @param string userId
|
||||
* @param string $groupid
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function removeFromGroup($parameters) {
|
||||
// Check if user is logged in
|
||||
public function removeFromGroup($userId, $groupid) {
|
||||
$loggedInUser = $this->userSession->getUser();
|
||||
if ($loggedInUser === null) {
|
||||
return new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
|
||||
if($groupid === null) {
|
||||
throw new OCSException('', 101);
|
||||
}
|
||||
|
||||
$group = !empty($parameters['_delete']['groupid']) ? $parameters['_delete']['groupid'] : null;
|
||||
$group = $this->groupManager->get($groupid);
|
||||
if($group === null) {
|
||||
return new \OC\OCS\Result(null, 101);
|
||||
throw new OCSException('', 102);
|
||||
}
|
||||
|
||||
$group = $this->groupManager->get($group);
|
||||
if($group === null) {
|
||||
return new \OC\OCS\Result(null, 102);
|
||||
}
|
||||
|
||||
$targetUser = $this->userManager->get($parameters['userid']);
|
||||
$targetUser = $this->userManager->get($userId);
|
||||
if($targetUser === null) {
|
||||
return new \OC\OCS\Result(null, 103);
|
||||
throw new OCSException('', 103);
|
||||
}
|
||||
|
||||
// If they're not an admin, check they are a subadmin of the group in question
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
if(!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminofGroup($loggedInUser, $group)) {
|
||||
return new \OC\OCS\Result(null, 104);
|
||||
throw new OCSException('', 104);
|
||||
}
|
||||
// Check they aren't removing themselves from 'admin' or their 'subadmin; group
|
||||
if($parameters['userid'] === $loggedInUser->getUID()) {
|
||||
if($userId === $loggedInUser->getUID()) {
|
||||
if($this->groupManager->isAdmin($loggedInUser->getUID())) {
|
||||
if($group->getGID() === 'admin') {
|
||||
return new \OC\OCS\Result(null, 105, 'Cannot remove yourself from the admin group');
|
||||
throw new OCSException('Cannot remove yourself from the admin group', 105);
|
||||
}
|
||||
} else {
|
||||
// Not an admin, check they are not removing themself from their subadmin group
|
||||
|
@ -502,96 +498,101 @@ class Users {
|
|||
}
|
||||
|
||||
if(in_array($group->getGID(), $subAdminGroups, true)) {
|
||||
return new \OC\OCS\Result(null, 105, 'Cannot remove yourself from this group as you are a SubAdmin');
|
||||
throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Remove user from group
|
||||
$group->removeUser($targetUser);
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a subadmin
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $userId
|
||||
* @param string $groupid
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function addSubAdmin($parameters) {
|
||||
$group = $this->groupManager->get($_POST['groupid']);
|
||||
$user = $this->userManager->get($parameters['userid']);
|
||||
public function addSubAdmin($userId, $groupid) {
|
||||
$group = $this->groupManager->get($groupid);
|
||||
$user = $this->userManager->get($userId);
|
||||
|
||||
// Check if the user exists
|
||||
if($user === null) {
|
||||
return new \OC\OCS\Result(null, 101, 'User does not exist');
|
||||
throw new OCSException('User does not exist', 101);
|
||||
}
|
||||
// Check if group exists
|
||||
if($group === null) {
|
||||
return new \OC\OCS\Result(null, 102, 'Group:'.$_POST['groupid'].' does not exist');
|
||||
throw new OCSException('Group:'.$groupid.' does not exist', 102);
|
||||
}
|
||||
// Check if trying to make subadmin of admin group
|
||||
if(strtolower($_POST['groupid']) === 'admin') {
|
||||
return new \OC\OCS\Result(null, 103, 'Cannot create subadmins for admin group');
|
||||
if(strtolower($groupid) === 'admin') {
|
||||
throw new OCSException('Cannot create subadmins for admin group', 103);
|
||||
}
|
||||
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
|
||||
// We cannot be subadmin twice
|
||||
if ($subAdminManager->isSubAdminofGroup($user, $group)) {
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
}
|
||||
// Go
|
||||
if($subAdminManager->createSubAdmin($user, $group)) {
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, 103, 'Unknown error occurred');
|
||||
throw new OCSException('Unknown error occurred', 103);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Removes a subadmin from a group
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $userId
|
||||
* @param string $groupid
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function removeSubAdmin($parameters) {
|
||||
$group = $this->groupManager->get($parameters['_delete']['groupid']);
|
||||
$user = $this->userManager->get($parameters['userid']);
|
||||
public function removeSubAdmin($userId, $groupid) {
|
||||
$group = $this->groupManager->get($groupid);
|
||||
$user = $this->userManager->get($userId);
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
|
||||
// Check if the user exists
|
||||
if($user === null) {
|
||||
return new \OC\OCS\Result(null, 101, 'User does not exist');
|
||||
throw new OCSException('User does not exist', 101);
|
||||
}
|
||||
// Check if the group exists
|
||||
if($group === null) {
|
||||
return new \OC\OCS\Result(null, 101, 'Group does not exist');
|
||||
throw new OCSException('Group does not exist', 101);
|
||||
}
|
||||
// Check if they are a subadmin of this said group
|
||||
if(!$subAdminManager->isSubAdminofGroup($user, $group)) {
|
||||
return new \OC\OCS\Result(null, 102, 'User is not a subadmin of this group');
|
||||
throw new OCSException('User is not a subadmin of this group', 102);
|
||||
}
|
||||
|
||||
// Go
|
||||
if($subAdminManager->deleteSubAdmin($user, $group)) {
|
||||
return new \OC\OCS\Result(null, 100);
|
||||
return new DataResponse();
|
||||
} else {
|
||||
return new \OC\OCS\Result(null, 103, 'Unknown error occurred');
|
||||
throw new OCSException('Unknown error occurred', 103);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the groups a user is a subadmin of
|
||||
*
|
||||
* @param array $parameters
|
||||
* @return \OC\OCS\Result
|
||||
* @param string $userId
|
||||
* @return DataResponse
|
||||
* @throws OCSException
|
||||
*/
|
||||
public function getUserSubAdminGroups($parameters) {
|
||||
$user = $this->userManager->get($parameters['userid']);
|
||||
public function getUserSubAdminGroups($userId) {
|
||||
$user = $this->userManager->get($userId);
|
||||
// Check if the user exists
|
||||
if($user === null) {
|
||||
return new \OC\OCS\Result(null, 101, 'User does not exist');
|
||||
throw new OCSException('User does not exist', 101);
|
||||
}
|
||||
|
||||
// Get the subadmin groups
|
||||
|
@ -601,9 +602,9 @@ class Users {
|
|||
}
|
||||
|
||||
if(!$groups) {
|
||||
return new \OC\OCS\Result(null, 102, 'Unknown error occurred');
|
||||
throw new OCSException('Unknown error occurred', 102);
|
||||
} else {
|
||||
return new \OC\OCS\Result($groups);
|
||||
return new DataResponse($groups);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
<?php
|
||||
|
||||
namespace OCA\Provisioning_API\Middleware\Exceptions;
|
||||
|
||||
use OCP\AppFramework\Http;
|
||||
|
||||
class NotSubAdminException extends \Exception {
|
||||
public function __construct() {
|
||||
parent::__construct('Logged in user must be at least a sub admin', Http::STATUS_FORBIDDEN);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,64 @@
|
|||
<?php
|
||||
|
||||
namespace OCA\Provisioning_API\Middleware;
|
||||
|
||||
use OCA\Provisioning_API\Middleware\Exceptions\NotSubAdminException;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\Utility\IControllerMethodReflector;
|
||||
|
||||
class ProvisioningApiMiddleware extends Middleware {
|
||||
|
||||
/** @var IControllerMethodReflector */
|
||||
private $reflector;
|
||||
|
||||
/** @var bool */
|
||||
private $isAdmin;
|
||||
|
||||
/** @var bool */
|
||||
private $isSubAdmin;
|
||||
|
||||
/**
|
||||
* ProvisioningApiMiddleware constructor.
|
||||
*
|
||||
* @param IControllerMethodReflector $reflector
|
||||
* @param bool $isAdmin
|
||||
* @param bool $isSubAdmin
|
||||
*/
|
||||
public function __construct(
|
||||
IControllerMethodReflector $reflector,
|
||||
$isAdmin,
|
||||
$isSubAdmin) {
|
||||
$this->reflector = $reflector;
|
||||
$this->isAdmin = $isAdmin;
|
||||
$this->isSubAdmin = $isSubAdmin;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param string $methodName
|
||||
*
|
||||
* @throws NotSubAdminException
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
if (!$this->isAdmin && !$this->reflector->hasAnnotation('NoSubAdminRequired') && !$this->isSubAdmin) {
|
||||
throw new NotSubAdminException();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param string $methodName
|
||||
* @param \Exception $exception
|
||||
* @throws \Exception
|
||||
* @return Response
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
if ($exception instanceof NotSubAdminException) {
|
||||
throw new OCSException($exception->getMessage(), \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
throw $exception;
|
||||
}
|
||||
}
|
|
@ -25,11 +25,11 @@
|
|||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Provisioning_API\Tests;
|
||||
namespace OCA\Provisioning_API\Tests\Controller;
|
||||
|
||||
|
||||
use OC\OCSClient;
|
||||
use OCA\Provisioning_API\Apps;
|
||||
use OCA\Provisioning_API\Controller\AppsController;
|
||||
use OCP\API;
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\IUserSession;
|
||||
|
@ -41,10 +41,10 @@ use OCP\IUserSession;
|
|||
*
|
||||
* @package OCA\Provisioning_API\Tests
|
||||
*/
|
||||
class AppsTest extends TestCase {
|
||||
class AppsControllerTest extends \OCA\Provisioning_API\Tests\TestCase {
|
||||
/** @var IAppManager */
|
||||
private $appManager;
|
||||
/** @var Apps */
|
||||
/** @var AppsController */
|
||||
private $api;
|
||||
/** @var IUserSession */
|
||||
private $userSession;
|
||||
|
@ -61,20 +61,30 @@ class AppsTest extends TestCase {
|
|||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
$this->api = new Apps($this->appManager, $this->ocsClient);
|
||||
$request = $this->getMockBuilder('OCP\IRequest')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
$this->api = new AppsController(
|
||||
'provisioning_api',
|
||||
$request,
|
||||
$this->appManager,
|
||||
$this->ocsClient
|
||||
);
|
||||
}
|
||||
|
||||
public function testGetAppInfo() {
|
||||
$result = $this->api->getAppInfo(['appid' => 'provisioning_api']);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$result = $this->api->getAppInfo('provisioning_api');
|
||||
$expected = \OC_App::getAppInfo('provisioning_api');
|
||||
$this->assertEquals($expected, $result->getData());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 998
|
||||
*/
|
||||
public function testGetAppInfoOnBadAppID() {
|
||||
$result = $this->api->getAppInfo(['appid' => 'not_provisioning_api']);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(API::RESPOND_NOT_FOUND, $result->getStatusCode());
|
||||
$this->api->getAppInfo('not_provisioning_api');
|
||||
}
|
||||
|
||||
public function testGetApps() {
|
||||
|
@ -86,17 +96,14 @@ class AppsTest extends TestCase {
|
|||
$this->groupManager->get('admin')->addUser($user);
|
||||
$this->userSession->setUser($user);
|
||||
|
||||
$result = $this->api->getApps([]);
|
||||
$result = $this->api->getApps();
|
||||
|
||||
$this->assertTrue($result->succeeded());
|
||||
$data = $result->getData();
|
||||
$this->assertEquals(count(\OC_App::listAllApps(false, true, $this->ocsClient)), count($data['apps']));
|
||||
}
|
||||
|
||||
public function testGetAppsEnabled() {
|
||||
$_GET['filter'] = 'enabled';
|
||||
$result = $this->api->getApps(['filter' => 'enabled']);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$result = $this->api->getApps('enabled');
|
||||
$data = $result->getData();
|
||||
$this->assertEquals(count(\OC_App::getEnabledApps()), count($data['apps']));
|
||||
}
|
||||
|
@ -106,9 +113,7 @@ class AppsTest extends TestCase {
|
|||
->expects($this->any())
|
||||
->method($this->anything())
|
||||
->will($this->returnValue(null));
|
||||
$_GET['filter'] = 'disabled';
|
||||
$result = $this->api->getApps(['filter' => 'disabled']);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$result = $this->api->getApps('disabled');
|
||||
$data = $result->getData();
|
||||
$apps = \OC_App::listAllApps(false, true, $this->ocsClient);
|
||||
$list = array();
|
||||
|
@ -119,10 +124,11 @@ class AppsTest extends TestCase {
|
|||
$this->assertEquals(count($disabled), count($data['apps']));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 101
|
||||
*/
|
||||
public function testGetAppsInvalidFilter() {
|
||||
$_GET['filter'] = 'foo';
|
||||
$result = $this->api->getApps([]);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(101, $result->getStatusCode());
|
||||
$this->api->getApps('foo');
|
||||
}
|
||||
}
|
|
@ -24,24 +24,20 @@
|
|||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Provisioning_API\Tests;
|
||||
namespace OCA\Provisioning_API\Tests\Controller;
|
||||
|
||||
use OCA\Provisioning_API\Groups;
|
||||
use OCP\API;
|
||||
use OCA\Provisioning_API\Controller\GroupsController;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\IUserSession;
|
||||
use OCP\IRequest;
|
||||
|
||||
class GroupsTest extends \Test\TestCase {
|
||||
class GroupsControllerTest extends \Test\TestCase {
|
||||
/** @var IGroupManager|\PHPUnit_Framework_MockObject_MockObject */
|
||||
protected $groupManager;
|
||||
/** @var IUserSession|\PHPUnit_Framework_MockObject_MockObject */
|
||||
protected $userSession;
|
||||
/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
|
||||
protected $request;
|
||||
/** @var \OC\SubAdmin|\PHPUnit_Framework_MockObject_MockObject */
|
||||
protected $subAdminManager;
|
||||
/** @var Groups */
|
||||
/** @var GroupsController */
|
||||
protected $api;
|
||||
|
||||
protected function setUp() {
|
||||
|
@ -61,13 +57,14 @@ class GroupsTest extends \Test\TestCase {
|
|||
$this->userSession = $this->getMockBuilder('OCP\IUserSession')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
$this->request = $this->getMockBuilder('OCP\IRequest')
|
||||
$request = $this->getMockBuilder('OCP\IRequest')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
$this->api = new Groups(
|
||||
$this->api = new GroupsController(
|
||||
'provisioning_api',
|
||||
$request,
|
||||
$this->groupManager,
|
||||
$this->userSession,
|
||||
$this->request
|
||||
$this->userSession
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -148,15 +145,6 @@ class GroupsTest extends \Test\TestCase {
|
|||
* @param int|null $offset
|
||||
*/
|
||||
public function testGetGroups($search, $limit, $offset) {
|
||||
$this->request
|
||||
->expects($this->exactly(3))
|
||||
->method('getParam')
|
||||
->will($this->returnValueMap([
|
||||
['search', '', $search],
|
||||
['limit', null, $limit],
|
||||
['offset', null, $offset],
|
||||
]));
|
||||
|
||||
$groups = [$this->createGroup('group1'), $this->createGroup('group2')];
|
||||
|
||||
$search = $search === null ? '' : $search;
|
||||
|
@ -167,19 +155,8 @@ class GroupsTest extends \Test\TestCase {
|
|||
->with($search, $limit, $offset)
|
||||
->willReturn($groups);
|
||||
|
||||
$result = $this->api->getGroups([]);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$this->assertEquals(['group1', 'group2'], $result->getData()['groups']);
|
||||
}
|
||||
|
||||
public function testGetGroupAsUser() {
|
||||
$result = $this->api->getGroup([]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(API::RESPOND_UNAUTHORISED, $result->getStatusCode());
|
||||
|
||||
$result = $this->api->getGroups($search, $limit, $offset);
|
||||
$this->assertEquals(['groups' => ['group1', 'group2']], $result->getData());
|
||||
}
|
||||
|
||||
public function testGetGroupAsSubadmin() {
|
||||
|
@ -201,17 +178,15 @@ class GroupsTest extends \Test\TestCase {
|
|||
$this->createUser('user2')
|
||||
]);
|
||||
|
||||
$result = $this->api->getGroup([
|
||||
'groupid' => 'group',
|
||||
]);
|
||||
$result = $this->api->getGroup('group');
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$this->assertEquals(1, sizeof($result->getData()), 'Asserting the result data array only has the "users" key');
|
||||
$this->assertArrayHasKey('users', $result->getData());
|
||||
$this->assertEquals(['user1', 'user2'], $result->getData()['users']);
|
||||
$this->assertEquals(['users' => ['user1', 'user2']], $result->getData());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 997
|
||||
*/
|
||||
public function testGetGroupAsIrrelevantSubadmin() {
|
||||
$group = $this->createGroup('group');
|
||||
$otherGroup = $this->createGroup('otherGroup');
|
||||
|
@ -226,13 +201,7 @@ class GroupsTest extends \Test\TestCase {
|
|||
->with('group')
|
||||
->willReturn(true);
|
||||
|
||||
$result = $this->api->getGroup([
|
||||
'groupid' => 'group',
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(API::RESPOND_UNAUTHORISED, $result->getStatusCode());
|
||||
$this->api->getGroup('group');
|
||||
}
|
||||
|
||||
public function testGetGroupAsAdmin() {
|
||||
|
@ -254,39 +223,29 @@ class GroupsTest extends \Test\TestCase {
|
|||
$this->createUser('user2')
|
||||
]);
|
||||
|
||||
$result = $this->api->getGroup([
|
||||
'groupid' => 'group',
|
||||
]);
|
||||
$result = $this->api->getGroup('group');
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$this->assertEquals(1, sizeof($result->getData()), 'Asserting the result data array only has the "users" key');
|
||||
$this->assertArrayHasKey('users', $result->getData());
|
||||
$this->assertEquals(['user1', 'user2'], $result->getData()['users']);
|
||||
$this->assertEquals(['users' => ['user1', 'user2']], $result->getData());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 998
|
||||
* @expectedExceptionMessage The requested group could not be found
|
||||
*/
|
||||
public function testGetGroupNonExisting() {
|
||||
$this->asUser();
|
||||
|
||||
$result = $this->api->getGroup([
|
||||
'groupid' => $this->getUniqueID()
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(API::RESPOND_NOT_FOUND, $result->getStatusCode());
|
||||
$this->assertEquals('The requested group could not be found', $result->getMeta()['message']);
|
||||
$this->api->getGroup($this->getUniqueID());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 101
|
||||
* @expectedExceptionMessage Group does not exist
|
||||
*/
|
||||
public function testGetSubAdminsOfGroupsNotExists() {
|
||||
$result = $this->api->getSubAdminsOfGroup([
|
||||
'groupid' => 'NonExistingGroup',
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(101, $result->getStatusCode());
|
||||
$this->assertEquals('Group does not exist', $result->getMeta()['message']);
|
||||
$this->api->getSubAdminsOfGroup('NonExistingGroup');
|
||||
}
|
||||
|
||||
public function testGetSubAdminsOfGroup() {
|
||||
|
@ -305,12 +264,7 @@ class GroupsTest extends \Test\TestCase {
|
|||
$this->createUser('SubAdmin2'),
|
||||
]);
|
||||
|
||||
$result = $this->api->getSubAdminsOfGroup([
|
||||
'groupid' => 'GroupWithSubAdmins',
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$result = $this->api->getSubAdminsOfGroup('GroupWithSubAdmins');
|
||||
$this->assertEquals(['SubAdmin1', 'SubAdmin2'], $result->getData());
|
||||
}
|
||||
|
||||
|
@ -328,53 +282,33 @@ class GroupsTest extends \Test\TestCase {
|
|||
->willReturn([
|
||||
]);
|
||||
|
||||
$result = $this->api->getSubAdminsOfGroup([
|
||||
'groupid' => 'GroupWithOutSubAdmins',
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$result = $this->api->getSubAdminsOfGroup('GroupWithOutSubAdmins');
|
||||
$this->assertEquals([], $result->getData());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 101
|
||||
* @expectedExceptionMessage Invalid group name
|
||||
*/
|
||||
public function testAddGroupEmptyGroup() {
|
||||
$this->request
|
||||
->method('getParam')
|
||||
->with('groupid')
|
||||
->willReturn('');
|
||||
|
||||
$result = $this->api->addGroup([]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(101, $result->getStatusCode());
|
||||
$this->assertEquals('Invalid group name', $result->getMeta()['message']);
|
||||
$this->api->addGroup('');
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 102
|
||||
*/
|
||||
public function testAddGroupExistingGroup() {
|
||||
$this->request
|
||||
->method('getParam')
|
||||
->with('groupid')
|
||||
->willReturn('ExistingGroup');
|
||||
|
||||
$this->groupManager
|
||||
->method('groupExists')
|
||||
->with('ExistingGroup')
|
||||
->willReturn(true);
|
||||
|
||||
$result = $this->api->addGroup([]);
|
||||
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(102, $result->getStatusCode());
|
||||
$this->api->addGroup('ExistingGroup');
|
||||
}
|
||||
|
||||
public function testAddGroup() {
|
||||
$this->request
|
||||
->method('getParam')
|
||||
->with('groupid')
|
||||
->willReturn('NewGroup');
|
||||
|
||||
$this->groupManager
|
||||
->method('groupExists')
|
||||
->with('NewGroup')
|
||||
|
@ -385,17 +319,10 @@ class GroupsTest extends \Test\TestCase {
|
|||
->method('createGroup')
|
||||
->with('NewGroup');
|
||||
|
||||
$result = $this->api->addGroup([]);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$this->api->addGroup('NewGroup');
|
||||
}
|
||||
|
||||
public function testAddGroupWithSpecialChar() {
|
||||
$this->request
|
||||
->method('getParam')
|
||||
->with('groupid')
|
||||
->willReturn('Iñtërnâtiônàlizætiøn');
|
||||
|
||||
$this->groupManager
|
||||
->method('groupExists')
|
||||
->with('Iñtërnâtiônàlizætiøn')
|
||||
|
@ -406,32 +333,28 @@ class GroupsTest extends \Test\TestCase {
|
|||
->method('createGroup')
|
||||
->with('Iñtërnâtiônàlizætiøn');
|
||||
|
||||
$result = $this->api->addGroup([]);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$this->api->addGroup('Iñtërnâtiônàlizætiøn');
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 101
|
||||
*/
|
||||
public function testDeleteGroupNonExisting() {
|
||||
$result = $this->api->deleteGroup([
|
||||
'groupid' => 'NonExistingGroup'
|
||||
]);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(101, $result->getStatusCode());
|
||||
$this->api->deleteGroup('NonExistingGroup');
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OCP\AppFramework\OCS\OCSException
|
||||
* @expectedExceptionCode 102
|
||||
*/
|
||||
public function testDeleteAdminGroup() {
|
||||
$this->groupManager
|
||||
->method('groupExists')
|
||||
->with('admin')
|
||||
->willReturn('true');
|
||||
|
||||
$result = $this->api->deleteGroup([
|
||||
'groupid' => 'admin'
|
||||
]);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertFalse($result->succeeded());
|
||||
$this->assertEquals(102, $result->getStatusCode());
|
||||
$this->api->deleteGroup('admin');
|
||||
}
|
||||
|
||||
public function testDeleteGroup() {
|
||||
|
@ -450,10 +373,6 @@ class GroupsTest extends \Test\TestCase {
|
|||
->method('delete')
|
||||
->willReturn(true);
|
||||
|
||||
$result = $this->api->deleteGroup([
|
||||
'groupid' => 'ExistingGroup',
|
||||
]);
|
||||
$this->assertInstanceOf('\OC\OCS\Result', $result);
|
||||
$this->assertTrue($result->succeeded());
|
||||
$this->api->deleteGroup('ExistingGroup');
|
||||
}
|
||||
}
|
File diff suppressed because it is too large
Load Diff
|
@ -165,6 +165,13 @@ trait BasicStructure {
|
|||
$options['body'] = $fd;
|
||||
}
|
||||
|
||||
// TODO: Fix this hack!
|
||||
if ($verb === 'PUT' && $body === null) {
|
||||
$options['body'] = [
|
||||
'foo' => 'bar',
|
||||
];
|
||||
}
|
||||
|
||||
try {
|
||||
$this->response = $client->send($client->createRequest($verb, $fullUrl, $options));
|
||||
} catch (\GuzzleHttp\Exception\ClientException $ex) {
|
||||
|
|
|
@ -96,9 +96,12 @@ trait Provisioning {
|
|||
}
|
||||
|
||||
$options['body'] = [
|
||||
'userid' => $user,
|
||||
'password' => '123456'
|
||||
];
|
||||
'userid' => $user,
|
||||
'password' => '123456'
|
||||
];
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->send($client->createRequest("POST", $fullUrl, $options));
|
||||
if ($this->currentServer === 'LOCAL'){
|
||||
|
@ -111,6 +114,9 @@ trait Provisioning {
|
|||
$options2 = [
|
||||
'auth' => [$user, '123456'],
|
||||
];
|
||||
$options2['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
$url = $fullUrl.'/'.$user;
|
||||
$client->send($client->createRequest('GET', $url, $options2));
|
||||
}
|
||||
|
@ -152,6 +158,9 @@ trait Provisioning {
|
|||
$client = new Client();
|
||||
$options = [];
|
||||
$options['auth'] = $this->adminUser;
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true'
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
}
|
||||
|
@ -168,6 +177,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$respondedArray = $this->getArrayOfGroupsResponded($this->response);
|
||||
|
@ -183,6 +195,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$respondedArray = $this->getArrayOfGroupsResponded($this->response);
|
||||
|
@ -223,6 +238,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$groups = array($group);
|
||||
|
@ -244,8 +262,11 @@ trait Provisioning {
|
|||
}
|
||||
|
||||
$options['body'] = [
|
||||
'groupid' => $group,
|
||||
];
|
||||
'groupid' => $group,
|
||||
];
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->send($client->createRequest("POST", $fullUrl, $options));
|
||||
if ($this->currentServer === 'LOCAL'){
|
||||
|
@ -265,6 +286,13 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
// TODO: fix hack
|
||||
$options['body'] = [
|
||||
'foo' => 'bar'
|
||||
];
|
||||
|
||||
$this->response = $client->send($client->createRequest("PUT", $fullUrl, $options));
|
||||
}
|
||||
|
@ -280,6 +308,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->send($client->createRequest("DELETE", $fullUrl, $options));
|
||||
}
|
||||
|
@ -295,6 +326,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->send($client->createRequest("DELETE", $fullUrl, $options));
|
||||
}
|
||||
|
@ -323,10 +357,13 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$options['body'] = [
|
||||
'groupid' => $group,
|
||||
];
|
||||
'groupid' => $group,
|
||||
];
|
||||
|
||||
$this->response = $client->send($client->createRequest("POST", $fullUrl, $options));
|
||||
}
|
||||
|
@ -337,6 +374,9 @@ trait Provisioning {
|
|||
$client = new Client();
|
||||
$options = [];
|
||||
$options['auth'] = $this->adminUser;
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
}
|
||||
|
@ -394,6 +434,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$respondedArray = $this->getArrayOfSubadminsResponded($this->response);
|
||||
|
@ -415,8 +458,11 @@ trait Provisioning {
|
|||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['body'] = [
|
||||
'groupid' => $group
|
||||
];
|
||||
'groupid' => $group
|
||||
];
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
$this->response = $client->send($client->createRequest("POST", $fullUrl, $options));
|
||||
PHPUnit_Framework_Assert::assertEquals(200, $this->response->getStatusCode());
|
||||
}
|
||||
|
@ -433,6 +479,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$respondedArray = $this->getArrayOfSubadminsResponded($this->response);
|
||||
|
@ -561,6 +610,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$respondedArray = $this->getArrayOfAppsResponded($this->response);
|
||||
|
@ -579,6 +631,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
$respondedArray = $this->getArrayOfAppsResponded($this->response);
|
||||
|
@ -597,6 +652,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
PHPUnit_Framework_Assert::assertEquals("false", $this->response->xml()->data[0]->enabled);
|
||||
|
@ -613,6 +671,9 @@ trait Provisioning {
|
|||
if ($this->currentUser === 'admin') {
|
||||
$options['auth'] = $this->adminUser;
|
||||
}
|
||||
$options['headers'] = [
|
||||
'OCS-APIREQUEST' => 'true',
|
||||
];
|
||||
|
||||
$this->response = $client->get($fullUrl, $options);
|
||||
PHPUnit_Framework_Assert::assertEquals("true", $this->response->xml()->data[0]->enabled);
|
||||
|
|
|
@ -408,6 +408,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
|
|||
$this->registerService('MiddlewareDispatcher', function($c) use (&$middleWares) {
|
||||
$dispatcher = new MiddlewareDispatcher();
|
||||
$dispatcher->registerMiddleware($c['CORSMiddleware']);
|
||||
$dispatcher->registerMiddleware($c['OCSMiddleware']);
|
||||
$dispatcher->registerMiddleware($c['SecurityMiddleware']);
|
||||
$dispatcher->registerMiddleWare($c['TwoFactorMiddleware']);
|
||||
|
||||
|
@ -416,7 +417,6 @@ class DIContainer extends SimpleContainer implements IAppContainer {
|
|||
}
|
||||
|
||||
$dispatcher->registerMiddleware($c['SessionMiddleware']);
|
||||
$dispatcher->registerMiddleware($c['OCSMiddleware']);
|
||||
return $dispatcher;
|
||||
});
|
||||
|
||||
|
|
|
@ -23,8 +23,14 @@
|
|||
namespace OC\AppFramework\Middleware;
|
||||
|
||||
use OC\AppFramework\Http;
|
||||
use OCP\API;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\AppFramework\Http\OCSResponse;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\OCS\OCSForbiddenException;
|
||||
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||
use OCP\AppFramework\OCSController;
|
||||
use OCP\IRequest;
|
||||
use OCP\AppFramework\Middleware;
|
||||
|
@ -54,12 +60,35 @@ class OCSMiddleware extends Middleware {
|
|||
|
||||
$code = $exception->getCode();
|
||||
if ($code === 0) {
|
||||
$code = Http::STATUS_INTERNAL_SERVER_ERROR;
|
||||
$code = API::RESPOND_UNKNOWN_ERROR;
|
||||
}
|
||||
|
||||
// Build the response
|
||||
$response = new OCSResponse($format, $code, $exception->getMessage());
|
||||
|
||||
// Forbidden always sets 401 (even on v1.php)
|
||||
if ($exception instanceof OCSForbiddenException || $code === API::RESPOND_UNAUTHORISED) {
|
||||
$response->setStatus(Http::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
// On v2.php we set actual HTTP error codes
|
||||
if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
|
||||
$response->setStatus($code);
|
||||
if ($code === API::RESPOND_NOT_FOUND) {
|
||||
$response->setStatus(Http::STATUS_NOT_FOUND);
|
||||
} else if ($code === API::RESPOND_SERVER_ERROR) {
|
||||
$response->setStatus(Http::STATUS_INTERNAL_SERVER_ERROR);
|
||||
} else if ($code === API::RESPOND_UNKNOWN_ERROR) {
|
||||
$response->setStatus(Http::STATUS_INTERNAL_SERVER_ERROR);
|
||||
} else if ($code === API::RESPOND_UNAUTHORISED) {
|
||||
// Already set
|
||||
}
|
||||
// 4xx and 5xx codes are forwarded as is.
|
||||
else if ($code >= 400 && $code < 600) {
|
||||
$response->setStatus($code);
|
||||
} else {
|
||||
// All other codes get a bad request
|
||||
$response->setStatus(Http::STATUS_BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
return $response;
|
||||
}
|
||||
|
@ -67,6 +96,35 @@ class OCSMiddleware extends Middleware {
|
|||
throw $exception;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param string $methodName
|
||||
* @param Response $response
|
||||
* @return \OCP\AppFramework\Http\Response
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response) {
|
||||
/*
|
||||
* If a different middleware has detected that a request unauthorized or forbidden
|
||||
* we need to catch the response and convert it to a proper OCS response.
|
||||
*/
|
||||
if ($controller instanceof OCSController && !($response instanceof OCSResponse)) {
|
||||
if ($response->getStatus() === Http::STATUS_UNAUTHORIZED ||
|
||||
$response->getStatus() === Http::STATUS_FORBIDDEN) {
|
||||
$format = $this->getFormat($controller);
|
||||
|
||||
$message = '';
|
||||
if ($response instanceof JSONResponse) {
|
||||
/** @var DataResponse $response */
|
||||
$message = $response->getData()['message'];
|
||||
}
|
||||
$response = new OCSResponse($format, \OCP\API::RESPOND_UNAUTHORISED, $message);
|
||||
$response->setStatus(Http::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @return string
|
||||
|
|
|
@ -27,14 +27,14 @@ use OCP\AppFramework\OCS\OCSBadRequestException;
|
|||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\OCS\OCSForbiddenException;
|
||||
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||
use OC\AppFramework\Http\Request;
|
||||
use OCP\IRequest;
|
||||
use OC\AppFramework\Middleware\OCSMiddleware;
|
||||
|
||||
|
||||
class OCSMiddlewareTest extends \Test\TestCase {
|
||||
|
||||
/**
|
||||
* @var Request
|
||||
* @var IRequest
|
||||
*/
|
||||
private $request;
|
||||
|
||||
|
@ -101,8 +101,18 @@ class OCSMiddlewareTest extends \Test\TestCase {
|
|||
$this->assertInstanceOf('OCP\AppFramework\Http\OCSResponse', $result);
|
||||
|
||||
$this->assertSame($message, $this->invokePrivate($result, 'message'));
|
||||
$this->assertSame($code, $this->invokePrivate($result, 'statuscode'));
|
||||
$this->assertSame(200, $result->getStatus());
|
||||
|
||||
if ($exception->getCode() === 0) {
|
||||
$this->assertSame(\OCP\API::RESPOND_UNKNOWN_ERROR, $this->invokePrivate($result, 'statuscode'));
|
||||
} else {
|
||||
$this->assertSame($code, $this->invokePrivate($result, 'statuscode'));
|
||||
}
|
||||
|
||||
if ($exception instanceof OCSForbiddenException) {
|
||||
$this->assertSame(Http::STATUS_UNAUTHORIZED, $result->getStatus());
|
||||
} else {
|
||||
$this->assertSame(200, $result->getStatus());
|
||||
}
|
||||
} catch (\Exception $e) {
|
||||
$this->assertTrue($forward);
|
||||
$this->assertEquals($exception, $e);
|
||||
|
@ -131,7 +141,11 @@ class OCSMiddlewareTest extends \Test\TestCase {
|
|||
$this->assertInstanceOf('OCP\AppFramework\Http\OCSResponse', $result);
|
||||
|
||||
$this->assertSame($message, $this->invokePrivate($result, 'message'));
|
||||
$this->assertSame($code, $this->invokePrivate($result, 'statuscode'));
|
||||
if ($exception->getCode() === 0) {
|
||||
$this->assertSame(\OCP\API::RESPOND_UNKNOWN_ERROR, $this->invokePrivate($result, 'statuscode'));
|
||||
} else {
|
||||
$this->assertSame($code, $this->invokePrivate($result, 'statuscode'));
|
||||
}
|
||||
$this->assertSame($code, $result->getStatus());
|
||||
} catch (\Exception $e) {
|
||||
$this->assertTrue($forward);
|
||||
|
@ -161,7 +175,11 @@ class OCSMiddlewareTest extends \Test\TestCase {
|
|||
$this->assertInstanceOf('OCP\AppFramework\Http\OCSResponse', $result);
|
||||
|
||||
$this->assertSame($message, $this->invokePrivate($result, 'message'));
|
||||
$this->assertSame($code, $this->invokePrivate($result, 'statuscode'));
|
||||
if ($exception->getCode() === 0) {
|
||||
$this->assertSame(\OCP\API::RESPOND_UNKNOWN_ERROR, $this->invokePrivate($result, 'statuscode'));
|
||||
} else {
|
||||
$this->assertSame($code, $this->invokePrivate($result, 'statuscode'));
|
||||
}
|
||||
$this->assertSame($code, $result->getStatus());
|
||||
} catch (\Exception $e) {
|
||||
$this->assertTrue($forward);
|
||||
|
@ -169,4 +187,50 @@ class OCSMiddlewareTest extends \Test\TestCase {
|
|||
}
|
||||
}
|
||||
|
||||
public function dataAfterController() {
|
||||
$OCSController = $this->getMockBuilder('OCP\AppFramework\OCSController')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
$controller = $this->getMockBuilder('OCP\AppFramework\Controller')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
return [
|
||||
[$OCSController, new Http\Response(), false],
|
||||
[$OCSController, new Http\JSONResponse(), false],
|
||||
[$OCSController, new Http\JSONResponse(['message' => 'foo']), false],
|
||||
[$OCSController, new Http\JSONResponse(['message' => 'foo'], Http::STATUS_UNAUTHORIZED), true],
|
||||
[$OCSController, new Http\JSONResponse(['message' => 'foo'], Http::STATUS_FORBIDDEN), true],
|
||||
|
||||
[$controller, new Http\Response(), false],
|
||||
[$controller, new Http\JSONResponse(), false],
|
||||
[$controller, new Http\JSONResponse(['message' => 'foo']), false],
|
||||
[$controller, new Http\JSONResponse(['message' => 'foo'], Http::STATUS_UNAUTHORIZED), false],
|
||||
[$controller, new Http\JSONResponse(['message' => 'foo'], Http::STATUS_FORBIDDEN), false],
|
||||
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider dataAfterController
|
||||
*
|
||||
* @param Controller $controller
|
||||
* @param Http\Response $response
|
||||
* @param bool $converted
|
||||
*/
|
||||
public function testAfterController($controller, $response, $converted) {
|
||||
$OCSMiddleware = new OCSMiddleware($this->request);
|
||||
$newResponse = $OCSMiddleware->afterController($controller, 'foo', $response);
|
||||
|
||||
if ($converted === false) {
|
||||
$this->assertSame($response, $newResponse);
|
||||
} else {
|
||||
$this->assertInstanceOf('\OCP\AppFramework\Http\OCSResponse', $newResponse);
|
||||
/** @var Http\OCSResponse $newResponse */
|
||||
$this->assertSame($response->getData()['message'], $this->invokePrivate($newResponse, 'message'));
|
||||
$this->assertSame(\OCP\API::RESPOND_UNAUTHORISED, $this->invokePrivate($newResponse, 'statuscode'));
|
||||
$this->assertSame(Http::STATUS_UNAUTHORIZED, $newResponse->getStatus());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue