Merge pull request #17865 from rullzer/less_static_prov_api

Move Provisioning API to OCP
This commit is contained in:
Thomas Müller 2015-08-12 12:16:55 +02:00
commit 33727131ac
8 changed files with 1128 additions and 458 deletions

View File

@ -21,30 +21,45 @@
*
*/
// Users
namespace OCA\Provisioning_API\AppInfo;
use OCP\API;
API::register('get', '/cloud/users', array('OCA\Provisioning_API\Users', 'getUsers'), 'provisioning_api', API::ADMIN_AUTH);
API::register('post', '/cloud/users', array('OCA\Provisioning_API\Users', 'addUser'), 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/users/{userid}', array('OCA\Provisioning_API\Users', 'getUser'), 'provisioning_api', API::USER_AUTH);
API::register('put', '/cloud/users/{userid}', array('OCA\Provisioning_API\Users', 'editUser'), 'provisioning_api', API::USER_AUTH);
API::register('delete', '/cloud/users/{userid}', array('OCA\Provisioning_API\Users', 'deleteUser'), 'provisioning_api', API::SUBADMIN_AUTH);
API::register('get', '/cloud/users/{userid}/groups', array('OCA\Provisioning_API\Users', 'getUsersGroups'), 'provisioning_api', API::USER_AUTH);
API::register('post', '/cloud/users/{userid}/groups', array('OCA\Provisioning_API\Users', 'addToGroup'), 'provisioning_api', API::SUBADMIN_AUTH);
API::register('delete', '/cloud/users/{userid}/groups', array('OCA\Provisioning_API\Users', 'removeFromGroup'), 'provisioning_api', API::SUBADMIN_AUTH);
API::register('post', '/cloud/users/{userid}/subadmins', array('OCA\Provisioning_API\Users', 'addSubAdmin'), 'provisioning_api', API::ADMIN_AUTH);
API::register('delete', '/cloud/users/{userid}/subadmins', array('OCA\Provisioning_API\Users', 'removeSubAdmin'), 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/users/{userid}/subadmins', array('OCA\Provisioning_API\Users', 'getUserSubAdminGroups'), 'provisioning_api', API::ADMIN_AUTH);
// Users
$users = new \OCA\Provisioning_API\Users(
\OC::$server->getUserManager(),
\OC::$server->getConfig(),
\OC::$server->getGroupManager(),
\OC::$server->getUserSession()
);
API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::ADMIN_AUTH);
API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('get', '/cloud/users/{userid}/groups', [$users, 'getUsersGroups'], 'provisioning_api', API::USER_AUTH);
API::register('post', '/cloud/users/{userid}/groups', [$users, 'addToGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('delete', '/cloud/users/{userid}/groups', [$users, 'removeFromGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('post', '/cloud/users/{userid}/subadmins', [$users, 'addSubAdmin'], 'provisioning_api', API::ADMIN_AUTH);
API::register('delete', '/cloud/users/{userid}/subadmins', [$users, 'removeSubAdmin'], 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/users/{userid}/subadmins', [$users, 'getUserSubAdminGroups'], 'provisioning_api', API::ADMIN_AUTH);
// Groups
API::register('get', '/cloud/groups', array('OCA\Provisioning_API\Groups', 'getGroups'), 'provisioning_api', API::SUBADMIN_AUTH);
API::register('post', '/cloud/groups', array('OCA\Provisioning_API\Groups', 'addGroup'), 'provisioning_api', API::SUBADMIN_AUTH);
API::register('get', '/cloud/groups/{groupid}', array('OCA\Provisioning_API\Groups', 'getGroup'), 'provisioning_api', API::SUBADMIN_AUTH);
API::register('delete', '/cloud/groups/{groupid}', array('OCA\Provisioning_API\Groups', 'deleteGroup'), 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/groups/{groupid}/subadmins', array('OCA\Provisioning_API\Groups', 'getSubAdminsOfGroup'), 'provisioning_api', API::ADMIN_AUTH);
$groups = new \OCA\Provisioning_API\Groups(
\OC::$server->getGroupManager(),
\OC::$server->getUserSession()
);
API::register('get', '/cloud/groups', [$groups, 'getGroups'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('post', '/cloud/groups', [$groups, 'addGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('get', '/cloud/groups/{groupid}', [$groups, 'getGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('delete', '/cloud/groups/{groupid}', [$groups, 'deleteGroup'], 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/groups/{groupid}/subadmins', [$groups, 'getSubAdminsOfGroup'], 'provisioning_api', API::ADMIN_AUTH);
// Apps
API::register('get', '/cloud/apps', array('OCA\Provisioning_API\Apps', 'getApps'), 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/apps/{appid}', array('OCA\Provisioning_API\Apps', 'getAppInfo'), 'provisioning_api', API::ADMIN_AUTH);
API::register('post', '/cloud/apps/{appid}', array('OCA\Provisioning_API\Apps', 'enable'), 'provisioning_api', API::ADMIN_AUTH);
API::register('delete', '/cloud/apps/{appid}', array('OCA\Provisioning_API\Apps', 'disable'), 'provisioning_api', API::ADMIN_AUTH);
$apps = new \OCA\Provisioning_API\Apps(
\OC::$server->getAppManager()
);
API::register('get', '/cloud/apps', [$apps, 'getApps'], 'provisioning_api', API::ADMIN_AUTH);
API::register('get', '/cloud/apps/{appid}', [$apps, 'getAppInfo'], 'provisioning_api', API::ADMIN_AUTH);
API::register('post', '/cloud/apps/{appid}', [$apps, 'enable'], 'provisioning_api', API::ADMIN_AUTH);
API::register('delete', '/cloud/apps/{appid}', [$apps, 'disable'], 'provisioning_api', API::ADMIN_AUTH);

View File

@ -28,7 +28,14 @@ use \OC_App;
class Apps {
public static function getApps($parameters){
/** @var \OCP\App\IAppManager */
private $appManager;
public function __construct(\OCP\App\IAppManager $appManager) {
$this->appManager = $appManager;
}
public function getApps($parameters){
$apps = OC_App::listAllApps();
$list = array();
foreach($apps as $app) {
@ -55,9 +62,9 @@ class Apps {
}
}
public static function getAppInfo($parameters){
public function getAppInfo($parameters){
$app = $parameters['appid'];
$info = OC_App::getAppInfo($app);
$info = \OCP\App::getAppInfo($app);
if(!is_null($info)) {
return new OC_OCS_Result(OC_App::getAppInfo($app));
} else {
@ -65,15 +72,15 @@ class Apps {
}
}
public static function enable($parameters){
public function enable($parameters){
$app = $parameters['appid'];
OC_App::enable($app);
$this->appManager->enableApp($app);
return new OC_OCS_Result(null, 100);
}
public static function disable($parameters){
public function disable($parameters){
$app = $parameters['appid'];
OC_App::disable($app);
$this->appManager->disableApp($app);
return new OC_OCS_Result(null, 100);
}

View File

@ -24,33 +24,65 @@
namespace OCA\Provisioning_API;
use \OC_OCS_Result;
use \OC_Group;
use \OC_SubAdmin;
class Groups{
/** @var \OCP\IGroupManager */
private $groupManager;
/** @var \OCP\IUserSession */
private $userSession;
/**
* @param \OCP\IGroupManager $groupManager
* @param \OCP\IUserSession $userSession
*/
public function __construct(\OCP\IGroupManager $groupManager,
\OCP\IUserSession $userSession) {
$this->groupManager = $groupManager;
$this->userSession = $userSession;
}
/**
* returns a list of groups
*/
public static function getGroups($parameters){
public function getGroups($parameters){
$search = !empty($_GET['search']) ? $_GET['search'] : '';
$limit = !empty($_GET['limit']) ? $_GET['limit'] : null;
$offset = !empty($_GET['offset']) ? $_GET['offset'] : null;
return new OC_OCS_Result(array('groups' => OC_Group::getGroups($search, $limit, $offset)));
$groups = $this->groupManager->search($search, $limit, $offset);
$groups = array_map(function($group) {
return $group->getGID();
}, $groups);
return new OC_OCS_Result(['groups' => $groups]);
}
/**
* returns an array of users in the group specified
*/
public static function getGroup($parameters){
public function getGroup($parameters) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Check the group exists
if(!OC_Group::groupExists($parameters['groupid'])){
if(!$this->groupManager->groupExists($parameters['groupid'])){
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested group could not be found');
}
// Check subadmin has access to this group
if(\OC_User::isAdminUser(\OC_User::getUser())
|| in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups(\OC_User::getUser()))){
return new OC_OCS_Result(array('users' => OC_Group::usersInGroup($parameters['groupid'])));
if($this->groupManager->isAdmin($user->getUID())
|| in_array($parameters['groupid'], \OC_SubAdmin::getSubAdminsGroups($user->getUID()))){
$users = $this->groupManager->get($parameters['groupid'])->getUsers();
$users = array_map(function($user) {
return $user->getUID();
}, $users);
$users = array_values($users);
return new OC_OCS_Result(['users' => $users]);
} else {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED, 'User does not have access to specified group');
}
@ -59,7 +91,7 @@ class Groups{
/**
* creates a new group
*/
public static function addGroup($parameters){
public function addGroup($parameters){
// Validate name
$groupid = isset($_POST['groupid']) ? $_POST['groupid'] : '';
if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $groupid ) || empty($groupid)){
@ -67,21 +99,18 @@ class Groups{
return new OC_OCS_Result(null, 101, 'Invalid group name');
}
// Check if it exists
if(OC_Group::groupExists($groupid)){
if($this->groupManager->groupExists($groupid)){
return new OC_OCS_Result(null, 102);
}
if(OC_Group::createGroup($groupid)){
$this->groupManager->createGroup($groupid);
return new OC_OCS_Result(null, 100);
} else {
return new OC_OCS_Result(null, 103);
}
}
public static function deleteGroup($parameters){
public function deleteGroup($parameters){
// Check it exists
if(!OC_Group::groupExists($parameters['groupid'])){
if(!$this->groupManager->groupExists($parameters['groupid'])){
return new OC_OCS_Result(null, 101);
} else if($parameters['groupid'] == 'admin' || !OC_Group::deleteGroup($parameters['groupid'])){
} else if($parameters['groupid'] === 'admin' || !$this->groupManager->get($parameters['groupid'])->delete()){
// Cannot delete admin group
return new OC_OCS_Result(null, 102);
} else {
@ -89,10 +118,10 @@ class Groups{
}
}
public static function getSubAdminsOfGroup($parameters) {
public function getSubAdminsOfGroup($parameters) {
$group = $parameters['groupid'];
// Check group exists
if(!OC_Group::groupExists($group)) {
if(!$this->groupManager->groupExists($group)) {
return new OC_OCS_Result(null, 101, 'Group does not exist');
}
// Go

View File

@ -27,32 +27,64 @@ namespace OCA\Provisioning_API;
use \OC_OCS_Result;
use \OC_SubAdmin;
use \OC_User;
use \OC_Group;
use \OC_Helper;
use OCP\Files\NotFoundException;
class Users {
/** @var \OCP\IUserManager */
private $userManager;
/** @var \OCP\IConfig */
private $config;
/** @var \OCP\IGroupManager */
private $groupManager;
/** @var \OCP\IUserSession */
private $userSession;
/**
* @param \OCP\IUserManager $userManager
* @param \OCP\IConfig $config
* @param \OCP\IGroupManager $groupManager
* @param \OCP\IUserSession $user
*/
public function __construct(\OCP\IUserManager $userManager,
\OCP\IConfig $config,
\OCP\IGroupManager $groupManager,
\OCP\IUserSession $userSession) {
$this->userManager = $userManager;
$this->config = $config;
$this->groupManager = $groupManager;
$this->userSession = $userSession;
}
/**
* returns a list of users
*/
public static function getUsers(){
public function getUsers(){
$search = !empty($_GET['search']) ? $_GET['search'] : '';
$limit = !empty($_GET['limit']) ? $_GET['limit'] : null;
$offset = !empty($_GET['offset']) ? $_GET['offset'] : null;
return new OC_OCS_Result(array('users' => OC_User::getUsers($search, $limit, $offset)));
$users = $this->userManager->search($search, $limit, $offset);
$users = array_keys($users);
return new OC_OCS_Result([
'users' => $users
]);
}
public static function addUser(){
public function addUser(){
$userId = isset($_POST['userid']) ? $_POST['userid'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
if(OC_User::userExists($userId)) {
if($this->userManager->userExists($userId)) {
\OCP\Util::writeLog('ocs_api', 'Failed addUser attempt: User already exists.', \OCP\Util::ERROR);
return new OC_OCS_Result(null, 102, 'User already exists');
} else {
try {
OC_User::createUser($userId, $password);
$this->userManager->createUser($userId, $password);
\OCP\Util::writeLog('ocs_api', 'Successful addUser call with userid: '.$_POST['userid'], \OCP\Util::INFO);
return new OC_OCS_Result(null, 100);
} catch (\Exception $e) {
@ -65,25 +97,32 @@ class Users {
/**
* gets user info
*/
public static function getUser($parameters){
public function getUser($parameters){
$userId = $parameters['userid'];
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Admin? Or SubAdmin?
if(OC_User::isAdminUser(OC_User::getUser()) || OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)) {
if($this->groupManager->isAdmin($user->getUID()) || OC_SubAdmin::isUserAccessible($user->getUID(), $userId)) {
// Check they exist
if(!OC_User::userExists($userId)) {
if(!$this->userManager->userExists($userId)) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_NOT_FOUND, 'The requested user could not be found');
}
// Show all
$return = array(
$return = [
'email',
'enabled',
);
if(OC_User::getUser() != $userId) {
];
if($user->getUID() !== $userId) {
$return[] = 'quota';
}
} else {
// Check they are looking up themselves
if(OC_User::getUser() != $userId) {
if($user->getUID() !== $userId) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Return some additional information compared to the core route
@ -93,14 +132,12 @@ class Users {
);
}
$config = \OC::$server->getConfig();
// Find the data
$data = [];
$data = self::fillStorageInfo($userId, $data);
$data['enabled'] = $config->getUserValue($userId, 'core', 'enabled', 'true');
$data['email'] = $config->getUserValue($userId, 'settings', 'email');
$data['displayname'] = OC_User::getDisplayName($parameters['userid']);
$data['enabled'] = $this->config->getUserValue($userId, 'core', 'enabled', 'true');
$data['email'] = $this->config->getUserValue($userId, 'settings', 'email');
$data['displayname'] = $this->userManager->get($parameters['userid'])->getDisplayName();
// Return the appropriate data
$responseData = array();
@ -114,21 +151,28 @@ class Users {
/**
* edit users
*/
public static function editUser($parameters){
public function editUser($parameters){
$userId = $parameters['userid'];
if($userId === OC_User::getUser()) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
if($userId === $user->getUID()) {
// Editing self (display, email)
$permittedFields[] = 'display';
$permittedFields[] = 'email';
$permittedFields[] = 'password';
// If admin they can edit their own quota
if(OC_User::isAdminUser(OC_User::getUser())) {
if($this->groupManager->isAdmin($user->getUID())) {
$permittedFields[] = 'quota';
}
} else {
// Check if admin / subadmin
if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $userId)
|| OC_User::isAdminUser(OC_User::getUser())) {
if(OC_SubAdmin::isUserAccessible($user->getUID(), $userId)
|| $this->groupManager->isAdmin($user->getUID())) {
// They have permissions over the user
$permittedFields[] = 'display';
$permittedFields[] = 'quota';
@ -146,7 +190,7 @@ class Users {
// Process the edit
switch($parameters['_put']['key']){
case 'display':
OC_User::setDisplayName($userId, $parameters['_put']['value']);
$this->userManager->get($userId)->setDisplayName($parameters['_put']['value']);
break;
case 'quota':
$quota = $parameters['_put']['value'];
@ -154,27 +198,27 @@ class Users {
if (is_numeric($quota)) {
$quota = floatval($quota);
} else {
$quota = OC_Helper::computerFileSize($quota);
$quota = \OCP\Util::computerFileSize($quota);
}
if ($quota === false) {
return new OC_OCS_Result(null, 103, "Invalid quota value {$parameters['_put']['value']}");
}
if($quota == 0) {
if($quota === 0) {
$quota = 'default';
}else if($quota == -1){
}else if($quota === -1){
$quota = 'none';
} else {
$quota = OC_Helper::humanFileSize($quota);
$quota = \OCP\Util::humanFileSize($quota);
}
}
\OC::$server->getConfig()->setUserValue($userId, 'files', 'quota', $quota);
$this->config->setUserValue($userId, 'files', 'quota', $quota);
break;
case 'password':
OC_User::setPassword($userId, $parameters['_put']['value']);
$this->userManager->get($userId)->setPassword($parameters['_put']['value']);
break;
case 'email':
if(filter_var($parameters['_put']['value'], FILTER_VALIDATE_EMAIL)) {
\OC::$server->getConfig()->setUserValue($userId, 'settings', 'email', $parameters['_put']['value']);
$this->config->setUserValue($userId, 'settings', 'email', $parameters['_put']['value']);
} else {
return new OC_OCS_Result(null, 102);
}
@ -186,32 +230,53 @@ class Users {
return new OC_OCS_Result(null, 100);
}
public static function deleteUser($parameters){
if(!OC_User::userExists($parameters['userid'])
|| $parameters['userid'] === OC_User::getUser()) {
public function deleteUser($parameters){
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
if(!$this->userManager->userExists($parameters['userid'])
|| $parameters['userid'] === $user->getUID()) {
return new OC_OCS_Result(null, 101);
}
// If not permitted
if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) {
if(!$this->groupManager->isAdmin($user->getUID()) && !OC_SubAdmin::isUserAccessible($user->getUID(), $parameters['userid'])) {
return new OC_OCS_Result(null, 997);
}
// Go ahead with the delete
if(OC_User::deleteUser($parameters['userid'])) {
if($this->userManager->get($parameters['userid'])->delete()) {
return new OC_OCS_Result(null, 100);
} else {
return new OC_OCS_Result(null, 101);
}
}
public static function getUsersGroups($parameters){
if($parameters['userid'] === OC_User::getUser() || OC_User::isAdminUser(OC_User::getUser())) {
public function getUsersGroups($parameters) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
if($parameters['userid'] === $user->getUID() || $this->groupManager->isAdmin($user->getUID())) {
// Self lookup or admin lookup
return new OC_OCS_Result(array('groups' => OC_Group::getUserGroups($parameters['userid'])));
return new OC_OCS_Result([
'groups' => $this->groupManager->getUserGroupIds(
$this->userManager->get($parameters['userid'])
)
]);
} else {
// Looking up someone else
if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $parameters['userid'])) {
if(OC_SubAdmin::isUserAccessible($user->getUID(), $parameters['userid'])) {
// Return the group that the method caller is subadmin of for the user in question
$groups = array_intersect(OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()), OC_Group::getUserGroups($parameters['userid']));
$groups = array_intersect(
OC_SubAdmin::getSubAdminsGroups($user->getUID()),
$this->groupManager->getUserGroupIds(
$this->userManager->get($parameters['userid'])
)
);
return new OC_OCS_Result(array('groups' => $groups));
} else {
// Not permitted
@ -221,78 +286,96 @@ class Users {
}
public static function addToGroup($parameters){
public function addToGroup($parameters){
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
$group = !empty($_POST['groupid']) ? $_POST['groupid'] : null;
if(is_null($group)){
return new OC_OCS_Result(null, 101);
}
// Check they're an admin
if(!OC_Group::inGroup(OC_User::getUser(), 'admin')){
if(!$this->groupManager->isInGroup($user->getUID(), 'admin')){
// This user doesn't have rights to add a user to this group
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
// Check if the group exists
if(!OC_Group::groupExists($group)){
if(!$this->groupManager->groupExists($group)){
return new OC_OCS_Result(null, 102);
}
// Check if the user exists
if(!OC_User::userExists($parameters['userid'])){
if(!$this->userManager->userExists($parameters['userid'])){
return new OC_OCS_Result(null, 103);
}
// Add user to group
return OC_Group::addToGroup($parameters['userid'], $group) ? new OC_OCS_Result(null, 100) : new OC_OCS_Result(null, 105);
$this->groupManager->get($group)->addUser(
$this->userManager->get($parameters['userid'])
);
return new OC_OCS_Result(null, 100);
}
public function removeFromGroup($parameters) {
// Check if user is logged in
$user = $this->userSession->getUser();
if ($user === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
public static function removeFromGroup($parameters){
$group = !empty($parameters['_delete']['groupid']) ? $parameters['_delete']['groupid'] : null;
if(is_null($group)){
return new OC_OCS_Result(null, 101);
}
// If they're not an admin, check they are a subadmin of the group in question
if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdminofGroup(OC_User::getUser(), $group)){
if(!$this->groupManager->isInGroup($user->getUID(), 'admin') && !OC_SubAdmin::isSubAdminofGroup($user->getUID(), $group)){
return new OC_OCS_Result(null, 104);
}
// Check they aren't removing themselves from 'admin' or their 'subadmin; group
if($parameters['userid'] === OC_User::getUser()){
if(OC_Group::inGroup(OC_User::getUser(), 'admin')){
if($parameters['userid'] === $user->getUID()){
if($this->groupManager->isInGroup($user->getUID(), 'admin')){
if($group === 'admin'){
return new OC_OCS_Result(null, 105, 'Cannot remove yourself from the admin group');
}
} else {
// Not an admin, check they are not removing themself from their subadmin group
if(in_array($group, OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()))){
if(in_array($group, OC_SubAdmin::getSubAdminsGroups($user->getUID()))){
return new OC_OCS_Result(null, 105, 'Cannot remove yourself from this group as you are a SubAdmin');
}
}
}
// Check if the group exists
if(!OC_Group::groupExists($group)){
if(!$this->groupManager->groupExists($group)){
return new OC_OCS_Result(null, 102);
}
// Check if the user exists
if(!OC_User::userExists($parameters['userid'])){
if(!$this->userManager->userExists($parameters['userid'])){
return new OC_OCS_Result(null, 103);
}
// Remove user from group
return OC_Group::removeFromGroup($parameters['userid'], $group) ? new OC_OCS_Result(null, 100) : new OC_OCS_Result(null, 105);
$this->groupManager->get($group)->removeUser(
$this->userManager->get($parameters['userid'])
);
return new OC_OCS_Result(null, 100);
}
/**
* Creates a subadmin
*/
public static function addSubAdmin($parameters) {
public function addSubAdmin($parameters) {
$group = $_POST['groupid'];
$user = $parameters['userid'];
// Check if the user exists
if(!OC_User::userExists($user)) {
if(!$this->userManager->userExists($user)) {
return new OC_OCS_Result(null, 101, 'User does not exist');
}
// Check if group exists
if(!OC_Group::groupExists($group)) {
if(!$this->groupManager->groupExists($group)) {
return new OC_OCS_Result(null, 102, 'Group:'.$group.' does not exist');
}
// Check if trying to make subadmin of admin group
if(strtolower($group) == 'admin') {
if(strtolower($group) === 'admin') {
return new OC_OCS_Result(null, 103, 'Cannot create subadmins for admin group');
}
// We cannot be subadmin twice
@ -311,11 +394,11 @@ class Users {
/**
* Removes a subadmin from a group
*/
public static function removeSubAdmin($parameters) {
public function removeSubAdmin($parameters) {
$group = $parameters['_delete']['groupid'];
$user = $parameters['userid'];
// Check if the user exists
if(!OC_User::userExists($user)) {
if(!$this->userManager->userExists($user)) {
return new OC_OCS_Result(null, 101, 'User does not exist');
}
// Check if they are a subadmin of this said group
@ -333,10 +416,10 @@ class Users {
/**
* @Get the groups a user is a subadmin of
*/
public static function getUserSubAdminGroups($parameters) {
public function getUserSubAdminGroups($parameters) {
$user = $parameters['userid'];
// Check if the user exists
if(!OC_User::userExists($user)) {
if(!$this->userManager->userExists($user)) {
return new OC_OCS_Result(null, 101, 'User does not exist');
}
// Get the subadmin groups

View File

@ -25,8 +25,17 @@
namespace OCA\Provisioning_API\Tests;
class AppsTest extends TestCase {
public function setup() {
parent::setup();
$this->appManager = \OC::$server->getAppManager();
$this->groupManager = \OC::$server->getGroupManager();
$this->userSession = \OC::$server->getUserSession();
$this->api = new \OCA\Provisioning_API\Apps($this->appManager);
}
public function testGetAppInfo() {
$result = \OCA\provisioning_API\Apps::getAppInfo(array('appid' => 'provisioning_api'));
$result = $this->api->getAppInfo(['appid' => 'provisioning_api']);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
@ -34,7 +43,7 @@ class AppsTest extends TestCase {
public function testGetAppInfoOnBadAppID() {
$result = \OCA\provisioning_API\Apps::getAppInfo(array('appid' => 'not_provisioning_api'));
$result = $this->api->getAppInfo(['appid' => 'not_provisioning_api']);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(\OCP\API::RESPOND_NOT_FOUND, $result->getStatusCode());
@ -44,10 +53,10 @@ class AppsTest extends TestCase {
public function testGetApps() {
$user = $this->generateUsers();
\OC_Group::addToGroup($user, 'admin');
self::loginAsUser($user);
$this->groupManager->get('admin')->addUser($user);
$this->userSession->setUser($user);
$result = \OCA\provisioning_API\Apps::getApps(array());
$result = $this->api->getApps([]);
$this->assertTrue($result->succeeded());
$data = $result->getData();
@ -58,7 +67,7 @@ class AppsTest extends TestCase {
public function testGetAppsEnabled() {
$_GET['filter'] = 'enabled';
$result = \OCA\provisioning_API\Apps::getApps(array('filter' => 'enabled'));
$result = $this->api->getApps(['filter' => 'enabled']);
$this->assertTrue($result->succeeded());
$data = $result->getData();
$this->assertEquals(count(\OC_App::getEnabledApps()), count($data['apps']));
@ -68,7 +77,7 @@ class AppsTest extends TestCase {
public function testGetAppsDisabled() {
$_GET['filter'] = 'disabled';
$result = \OCA\provisioning_API\Apps::getApps(array('filter' => 'disabled'));
$result = $this->api->getApps(['filter' => 'disabled']);
$this->assertTrue($result->succeeded());
$data = $result->getData();
$apps = \OC_App::listAllApps();
@ -78,6 +87,12 @@ class AppsTest extends TestCase {
}
$disabled = array_diff($list, \OC_App::getEnabledApps());
$this->assertEquals(count($disabled), count($data['apps']));
}
public function testGetAppsInvalidFilter() {
$_GET['filter'] = 'foo';
$result = $this->api->getApps([]);
$this->assertFalse($result->succeeded());
$this->assertEquals(101, $result->getStatusCode());
}
}

View File

@ -24,18 +24,79 @@
namespace OCA\Provisioning_API\Tests;
use OCP\IUserManager;
use OCP\IGroupManager;
use OCP\IUserSession;
class GroupsTest extends TestCase {
/** @var IUserManager */
protected $userManager;
/** @var IGroupManager */
protected $groupManager;
/** @var IUserSession */
protected $userSession;
protected function setup() {
parent::setup();
$this->userManager = \OC::$server->getUserManager();
$this->groupManager = \OC::$server->getGroupManager();
$this->userSession = \OC::$server->getUserSession();
$this->api = new \OCA\Provisioning_API\Groups(
$this->groupManager,
$this->userSession
);
}
public function testGetGroups() {
$groups = [];
$id = $this->getUniqueID();
for ($i=0; $i < 10; $i++) {
$groups[] = $this->groupManager->createGroup($id . '_' . $i);
}
$_GET = [];
$result = $this->api->getGroups([]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$this->assertCount(count($this->groupManager->search('')), $result->getData()['groups']);
$this->assertContains('admin', $result->getData()['groups']);
foreach ($groups as $group) {
$this->assertContains($group->getGID(), $result->getData()['groups']);
}
$_GET = [
'search' => $id,
'limit' => 5,
'offset' => 2
];
$result = $this->api->getGroups([]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$this->assertCount(5, $result->getData()['groups']);
foreach (array_splice($groups, 2, 5) as $group) {
$this->assertContains($group->getGID(), $result->getData()['groups']);
}
foreach ($groups as $group) {
$group->delete();
}
}
public function testGetGroupAsUser() {
$users = $this->generateUsers(2);
self::loginAsUser($users[0]);
$this->userSession->setUser($users[0]);
$group = $this->getUniqueID();
\OC_Group::createGroup($group);
\OC_Group::addToGroup($users[1], $group);
$group = $this->groupManager->createGroup($this->getUniqueID());
$group->addUser($users[1]);
$result = \OCA\provisioning_api\Groups::getGroup(array(
'groupid' => $group,
$result = $this->api->getGroup(array(
'groupid' => $group->getGID(),
));
$this->assertInstanceOf('OC_OCS_Result', $result);
@ -47,18 +108,17 @@ class GroupsTest extends TestCase {
public function testGetGroupAsSubadmin() {
$users = $this->generateUsers(2);
self::loginAsUser($users[0]);
$this->userSession->setUser($users[0]);
$group = $this->getUniqueID();
\OC_Group::createGroup($group);
\OC_Group::addToGroup($users[0], $group);
\OC_Group::addToGroup($users[1], $group);
$group = $this->groupManager->createGroup($this->getUniqueID());
$group->addUser($users[0]);
$group->addUser($users[1]);
\OC_SubAdmin::createSubAdmin($users[0], $group);
\OC_SubAdmin::createSubAdmin($users[0]->getUID(), $group->getGID());
$result = \OCA\provisioning_api\Groups::getGroup(array(
'groupid' => $group,
));
$result = $this->api->getGroup([
'groupid' => $group->getGID(),
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
@ -67,6 +127,10 @@ class GroupsTest extends TestCase {
$resultData = $result->getData();
$resultData = $resultData['users'];
$users = array_map(function($user) {
return $user->getUID();
}, $users);
sort($users);
sort($resultData);
$this->assertEquals($users, $resultData);
@ -76,20 +140,18 @@ class GroupsTest extends TestCase {
public function testGetGroupAsIrrelevantSubadmin() {
$users = $this->generateUsers(2);
self::loginAsUser($users[0]);
$this->userSession->setUser($users[0]);
$group = $this->getUniqueID();
\OC_Group::createGroup($group);
$group2 = $this->getUniqueID();
\OC_Group::createGroup($group2);
\OC_Group::addToGroup($users[1], $group);
\OC_Group::addToGroup($users[0], $group2);
$group1 = $this->groupManager->createGroup($this->getUniqueID());
$group2 = $this->groupManager->createGroup($this->getUniqueID());
$group1->addUser($users[1]);
$group2->addUser($users[0]);
\OC_SubAdmin::createSubAdmin($users[0], $group2);
\OC_SubAdmin::createSubAdmin($users[0]->getUID(), $group2->getGID());
$result = \OCA\provisioning_api\Groups::getGroup(array(
'groupid' => $group,
));
$result = $this->api->getGroup([
'groupid' => $group1->getGID(),
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
@ -100,49 +162,129 @@ class GroupsTest extends TestCase {
public function testGetGroupAsAdmin() {
$users = $this->generateUsers(2);
self::loginAsUser($users[0]);
$this->userSession->setUser($users[0]);
$group = $this->getUniqueID();
\OC_Group::createGroup($group);
$group = $this->groupManager->createGroup($this->getUniqueID());
\OC_Group::addToGroup($users[1], $group);
\OC_Group::addToGroup($users[0], 'admin');
$group->addUser($users[1]);
$this->groupManager->get('admin')->addUser($users[0]);
$result = \OCA\provisioning_api\Groups::getGroup(array(
'groupid' => $group,
));
$result = $this->api->getGroup([
'groupid' => $group->getGID(),
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$this->assertEquals(array('users' => array($users[1])), $result->getData());
$this->assertEquals(['users' => [$users[1]->getUID()]], $result->getData());
}
public function testGetGroupNonExisting() {
$result = $this->api->getGroup([
'groupid' => $this->getUniqueId()
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(\OCP\API::RESPOND_NOT_FOUND, $result->getStatusCode());
$this->assertEquals('The requested group could not be found', $result->getMeta()['message']);
}
public function testGetSubAdminsOfGroup() {
$user1 = $this->generateUsers();
$user2 = $this->generateUsers();
self::loginAsUser($user1);
\OC_Group::addToGroup($user1, 'admin');
$group1 = $this->getUniqueID();
\OC_Group::createGroup($group1);
\OC_SubAdmin::createSubAdmin($user2, $group1);
$result = \OCA\provisioning_api\Groups::getSubAdminsOfGroup(array(
'groupid' => $group1,
));
$this->userSession->setUser($user1);
$this->groupManager->get('admin')->addUser($user1);
$group1 = $this->groupManager->createGroup($this->getUniqueID());
\OC_SubAdmin::createSubAdmin($user2->getUID(), $group1->getGID());
$result = $this->api->getSubAdminsOfGroup([
'groupid' => $group1->getGID(),
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$data = $result->getData();
$this->assertEquals($user2, reset($data));
\OC_Group::deleteGroup($group1);
$this->assertEquals($user2->getUID(), reset($data));
$group1->delete();
$user1 = $this->generateUsers();
self::loginAsUser($user1);
\OC_Group::addToGroup($user1, 'admin');
$result = \OCA\provisioning_api\Groups::getSubAdminsOfGroup(array(
$this->userSession->setUser($user1);
$this->groupManager->get('admin')->addUser($user1);
$result = $this->api->getSubAdminsOfGroup([
'groupid' => $this->getUniqueID(),
));
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(101, $result->getStatusCode());
}
public function testAddGroupEmptyGroup() {
$_POST = [];
$result = $this->api->addGroup([]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(101, $result->getStatusCode());
$this->assertEquals('Invalid group name', $result->getMeta()['message']);
}
public function testAddGroupExistingGroup() {
$group = $this->groupManager->createGroup($this->getUniqueID());
$_POST = [
'groupid' => $group->getGID()
];
$result = $this->api->addGroup([]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(102, $result->getStatusCode());
$group->delete();
}
public function testAddGroup() {
$group = $this->getUniqueId();
$_POST = [
'groupid' => $group
];
$result = $this->api->addGroup([]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$this->assertTrue($this->groupManager->groupExists($group));
$this->groupManager->get($group)->delete();
}
public function testDeleteGroupNonExisting() {
$group = $this->getUniqueId();
$result = $this->api->deleteGroup([
'groupid' => $group
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(101, $result->getStatusCode());
}
public function testDeleteAdminGroup() {
$result = $this->api->deleteGroup([
'groupid' => 'admin'
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertFalse($result->succeeded());
$this->assertEquals(102, $result->getStatusCode());
}
public function testDeleteGroup() {
$group = $this->groupManager->createGroup($this->getUniqueId());
$result = $this->api->deleteGroup([
'groupid' => $group->getGID()
]);
$this->assertInstanceOf('OC_OCS_Result', $result);
$this->assertTrue($result->succeeded());
$this->assertFalse($this->groupManager->groupExists($group->getGID()));
}
}

View File

@ -22,12 +22,24 @@
namespace OCA\Provisioning_API\Tests;
use OCP\IUserManager;
use OCP\IGroupManager;
abstract class TestCase extends \Test\TestCase {
protected $users = array();
/** @var IUserManager */
protected $userManager;
/** @var IGroupManager */
protected $groupManager;
protected function setUp() {
parent::setUp();
\OC_Group::createGroup('admin');
$this->userManager = \OC::$server->getUserManager();
$this->groupManager = \OC::$server->getGroupManager();
$this->groupManager->createGroup('admin');
}
/**
@ -38,8 +50,7 @@ abstract class TestCase extends \Test\TestCase {
protected function generateUsers($num = 1) {
$users = array();
for ($i = 0; $i < $num; $i++) {
$user = $this->getUniqueID();
\OC_User::createUser($user, 'password');
$user = $this->userManager->createUser($this->getUniqueID(), 'password');
$this->users[] = $user;
$users[] = $user;
}
@ -48,11 +59,10 @@ abstract class TestCase extends \Test\TestCase {
protected function tearDown() {
foreach($this->users as $user) {
\OC_User::deleteUser($user);
$user->delete();
}
\OC_Group::deleteGroup('admin');
$this->groupManager->get('admin')->delete();
parent::tearDown();
}
}

File diff suppressed because it is too large Load Diff