From 68ae4394f712d884dc4814897cf97986f3cf71b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?John=20Molakvo=C3=A6=20=28skjnldsv=29?= Date: Tue, 20 Mar 2018 19:06:08 +0100 Subject: [PATCH] Api, return users details by groups MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: John Molakvoæ (skjnldsv) --- apps/provisioning_api/appinfo/routes.php | 2 + .../lib/Controller/GroupsController.php | 66 +++++++++++++++++-- .../lib/Controller/UsersController.php | 6 +- .../tests/Controller/UsersControllerTest.php | 4 +- 4 files changed, 69 insertions(+), 9 deletions(-) diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php index c2bbd8025e..5d1d2a6d50 100644 --- a/apps/provisioning_api/appinfo/routes.php +++ b/apps/provisioning_api/appinfo/routes.php @@ -36,6 +36,8 @@ return [ ['root' => '/cloud', 'name' => 'Groups#getGroups', 'url' => '/groups', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Groups#getGroupsDetails', 'url' => '/groups/details', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Groups#getGroup', 'url' => '/groups/{groupId}', 'verb' => 'GET'], + ['root' => '/cloud', 'name' => 'Groups#getGroupUsers', 'url' => '/groups/{groupId}/users', 'verb' => 'GET'], + ['root' => '/cloud', 'name' => 'Groups#getGroupUsersDetails', 'url' => '/groups/{groupId}/users/details', 'verb' => 'GET'], ['root' => '/cloud', 'name' => 'Groups#addGroup', 'url' => '/groups', 'verb' => 'POST'], ['root' => '/cloud', 'name' => 'Groups#deleteGroup', 'url' => '/groups/{groupId}', 'verb' => 'DELETE'], ['root' => '/cloud', 'name' => 'Groups#getSubAdminsOfGroup', 'url' => '/groups/{groupId}/subadmins', 'verb' => 'GET'], diff --git a/apps/provisioning_api/lib/Controller/GroupsController.php b/apps/provisioning_api/lib/Controller/GroupsController.php index d6f2d9f339..dc018fd94a 100644 --- a/apps/provisioning_api/lib/Controller/GroupsController.php +++ b/apps/provisioning_api/lib/Controller/GroupsController.php @@ -36,6 +36,7 @@ use OCP\ILogger; use OCP\IRequest; use OCP\IUserSession; use OCP\IUser; +use OCA\Provisioning_API\Controller\UsersController; class GroupsController extends OCSController { @@ -49,24 +50,30 @@ class GroupsController extends OCSController { /** @var ILogger */ private $logger; + /** @var UsersController */ + private $userController; + /** * @param string $appName * @param IRequest $request * @param IGroupManager $groupManager * @param IUserSession $userSession * @param ILogger $logger + * @param UsersController $userController */ public function __construct( string $appName, IRequest $request, IGroupManager $groupManager, IUserSession $userSession, - ILogger $logger) { + ILogger $logger, + UsersController $userController) { parent::__construct($appName, $request); $this->groupManager = $groupManager; $this->userSession = $userSession; $this->logger = $logger; + $this->userController = $userController; } /** @@ -124,7 +131,20 @@ class GroupsController extends OCSController { } /** - * returns an array of users in the group specified + * @NoAdminRequired + * + * @param string $groupId + * @return DataResponse + * @throws OCSException + * + * @deprecated 14 Use getGroupUsers + */ + public function getGroup(string $groupId): DataResponse { + return $this->getGroup($groupId); + } + + /** + * returns an array of users in the specified group * * @NoAdminRequired * @@ -132,7 +152,7 @@ class GroupsController extends OCSController { * @return DataResponse * @throws OCSException */ - public function getGroup(string $groupId): DataResponse { + public function getGroupUsers(string $groupId): DataResponse { $user = $this->userSession->getUser(); // Check the group exists @@ -143,7 +163,7 @@ class GroupsController extends OCSController { $isSubadminOfGroup = false; $group = $this->groupManager->get($groupId); if ($group !== null) { - $isSubadminOfGroup =$this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $group); + $isSubadminOfGroup =$this->groupManager->getSubAdmin()->isSubAdminOfGroup($user, $group); } // Check subadmin has access to this group @@ -161,6 +181,44 @@ class GroupsController extends OCSController { throw new OCSException('User does not have access to specified group', \OCP\API::RESPOND_UNAUTHORISED); } + /** + * returns an array of users details in the specified group + * + * @NoAdminRequired + * + * @param string $groupId + * @return DataResponse + * @throws OCSException + */ + public function getGroupUsersDetails(string $groupId): DataResponse { + $user = $this->userSession->getUser(); + + // Check the group exists + if(!$this->groupManager->groupExists($groupId)) { + throw new OCSException('The requested group could not be found', \OCP\API::RESPOND_NOT_FOUND); + } + + $isSubadminOfGroup = false; + $group = $this->groupManager->get($groupId); + if ($group !== null) { + $isSubadminOfGroup =$this->groupManager->getSubAdmin()->isSubAdminOfGroup($user, $group); + } + + // Check subadmin has access to this group + if($this->groupManager->isAdmin($user->getUID()) + || $isSubadminOfGroup) { + $users = $this->groupManager->get($groupId)->getUsers(); + $users = array_map(function($user) { + /** @var IUser $user */ + return $this->userController->getUserData($user->getUID()); + }, $users); + $users = array_values($users); + return new DataResponse(['users' => $users]); + } + + throw new OCSException('User does not have access to specified group', \OCP\API::RESPOND_UNAUTHORISED); + } + /** * creates a new group * diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index c8c00fa859..4b45212429 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -225,7 +225,7 @@ class UsersController extends OCSController { if(!$this->groupManager->groupExists($group)) { throw new OCSException('group '.$group.' does not exist', 104); } - if(!$isAdmin && !$subAdminManager->isSubAdminofGroup($user, $this->groupManager->get($group))) { + if(!$isAdmin && !$subAdminManager->isSubAdminOfGroup($user, $this->groupManager->get($group))) { throw new OCSException('insufficient privileges for group '. $group, 105); } } @@ -341,7 +341,7 @@ class UsersController extends OCSController { * @return array * @throws OCSException */ - protected function getUserData(string $userId): array { + public function getUserData(string $userId): array { $currentLoggedInUser = $this->userSession->getUser(); $data = []; @@ -808,7 +808,7 @@ class UsersController extends OCSController { $subAdminManager = $this->groupManager->getSubAdmin(); // We cannot be subadmin twice - if ($subAdminManager->isSubAdminofGroup($user, $group)) { + if ($subAdminManager->isSubAdminOfGroup($user, $group)) { return new DataResponse(); } // Go diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php index 3f2cf3b110..0f53a7e639 100644 --- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php +++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php @@ -2394,7 +2394,7 @@ class UsersControllerTest extends TestCase { ->disableOriginalConstructor()->getMock(); $subAdminManager ->expects($this->once()) - ->method('isSubAdminofGroup') + ->method('isSubAdminOfGroup') ->with($loggedInUser, $targetGroup) ->will($this->returnValue(true)); $this->groupManager @@ -2445,7 +2445,7 @@ class UsersControllerTest extends TestCase { ->disableOriginalConstructor()->getMock(); $subAdminManager ->expects($this->once()) - ->method('isSubAdminofGroup') + ->method('isSubAdminOfGroup') ->with($loggedInUser, $targetGroup) ->will($this->returnValue(true)); $this->groupManager