Add provisioning api to enable and disable users

2016-04-07 17:22:21 +02:00 · 2016-04-07 17:22:21 +02:00 · 8486926a14
parent 9c9fec36dd
commit 8486926a14
3 changed files with 128 additions and 19 deletions
--- a/apps/provisioning_api/appinfo/routes.php
+++ b/apps/provisioning_api/appinfo/routes.php
@ -26,10 +26,13 @@

 namespace OCA\Provisioning_API\AppInfo;

+use OCA\Provisioning_API\Apps;
+use OCA\Provisioning_API\Groups;
+use OCA\Provisioning_API\Users;
 use OCP\API;

 // Users
-$users = new \OCA\Provisioning_API\Users(
+$users = new Users(
 	\OC::$server->getUserManager(),
 	\OC::$server->getConfig(),
 	\OC::$server->getGroupManager(),
@ -41,6 +44,8 @@ API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', A
 API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
 API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
 API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH);
+API::register('put', '/cloud/users/{userid}/enable', [$users, 'enableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
+API::register('put', '/cloud/users/{userid}/disable', [$users, 'disableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
 API::register('get', '/cloud/users/{userid}/groups', [$users, 'getUsersGroups'], 'provisioning_api', API::USER_AUTH);
 API::register('post', '/cloud/users/{userid}/groups', [$users, 'addToGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
 API::register('delete', '/cloud/users/{userid}/groups', [$users, 'removeFromGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
@ -49,7 +54,7 @@ API::register('delete', '/cloud/users/{userid}/subadmins', [$users, 'removeSubAd
 API::register('get', '/cloud/users/{userid}/subadmins', [$users, 'getUserSubAdminGroups'], 'provisioning_api', API::ADMIN_AUTH);

 // Groups
-$groups = new \OCA\Provisioning_API\Groups(
+$groups = new Groups(
 	\OC::$server->getGroupManager(),
 	\OC::$server->getUserSession(),
 	\OC::$server->getRequest()
@ -61,7 +66,7 @@ API::register('delete', '/cloud/groups/{groupid}', [$groups, 'deleteGroup'], 'pr
 API::register('get', '/cloud/groups/{groupid}/subadmins', [$groups, 'getSubAdminsOfGroup'], 'provisioning_api', API::ADMIN_AUTH);

 // Apps
-$apps = new \OCA\Provisioning_API\Apps(
+$apps = new Apps(
 	\OC::$server->getAppManager(),
 	\OC::$server->getOcsClient()
 );
--- a/apps/provisioning_api/lib/users.php
+++ b/apps/provisioning_api/lib/users.php
@ -31,32 +31,36 @@ namespace OCA\Provisioning_API;
 use \OC_OCS_Result;
 use \OC_Helper;
 use OCP\Files\NotFoundException;
+use OCP\IConfig;
+use OCP\IGroupManager;
 use OCP\ILogger;
+use OCP\IUserManager;
+use OCP\IUserSession;

 class Users {

-	/** @var \OCP\IUserManager */
+	/** @var IUserManager */
 	private $userManager;
-	/** @var \OCP\IConfig */
+	/** @var IConfig */
 	private $config;
-	/** @var \OCP\IGroupManager */
+	/** @var IGroupManager */
 	private $groupManager;
-	/** @var \OCP\IUserSession */
+	/** @var IUserSession */
 	private $userSession;
 	/** @var ILogger */
 	private $logger;

 	/**
-	 * @param \OCP\IUserManager $userManager
-	 * @param \OCP\IConfig $config
-	 * @param \OCP\IGroupManager $groupManager
-	 * @param \OCP\IUserSession $userSession
+	 * @param IUserManager $userManager
+	 * @param IConfig $config
+	 * @param IGroupManager $groupManager
+	 * @param IUserSession $userSession
 	 * @param ILogger $logger
 	 */
-	public function __construct(\OCP\IUserManager $userManager,
-								\OCP\IConfig $config,
-								\OCP\IGroupManager $groupManager,
-								\OCP\IUserSession $userSession,
+	public function __construct(IUserManager $userManager,
+								IConfig $config,
+								IGroupManager $groupManager,
+								IUserSession $userSession,
 								ILogger $logger) {
 		$this->userManager = $userManager;
 		$this->config = $config;
@ -329,6 +333,50 @@ class Users {
 		}
 	}

+	/**
+	 * @param array $parameters
+	 * @return OC_OCS_Result
+	 */
+	public function disableUser($parameters) {
+		return $this->setEnabled($parameters, false);
+	}
+
+	/**
+	 * @param array $parameters
+	 * @return OC_OCS_Result
+	 */
+	public function enableUser($parameters) {
+		return $this->setEnabled($parameters, true);
+	}
+
+	/**
+	 * @param array $parameters
+	 * @param bool $value
+	 * @return OC_OCS_Result
+	 */
+	private function setEnabled($parameters, $value) {
+		// Check if user is logged in
+		$currentLoggedInUser = $this->userSession->getUser();
+		if ($currentLoggedInUser === null) {
+			return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
+		}
+
+		$targetUser = $this->userManager->get($parameters['userid']);
+		if($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
+			return new OC_OCS_Result(null, 101);
+		}
+
+		// If not permitted
+		$subAdminManager = $this->groupManager->getSubAdmin();
+		if(!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
+			return new OC_OCS_Result(null, 997);
+		}
+
+		// enable/disable the user now
+		$targetUser->setEnabled($value);
+		return new OC_OCS_Result(null, 100);
+	}
+
 	/**
 	 * @param array $parameters
 	 * @return OC_OCS_Result
--- a/apps/provisioning_api/tests/userstest.php
+++ b/apps/provisioning_api/tests/userstest.php
@ -58,8 +58,8 @@ class UsersTest extends OriginalTest {
 		parent::tearDown();
 	}

-	protected function setup() {
-		parent::setup();
+	protected function setUp() {
+		parent::setUp();

 		$this->userManager = $this->getMock('\OCP\IUserManager');
 		$this->config = $this->getMock('\OCP\IConfig');
@ -540,7 +540,7 @@ class UsersTest extends OriginalTest {
 			->expects($this->once())
 			->method('isSubAdminOfGroup')
 			->with($loggedInUser, $existingGroup)
-			->wilLReturn(false);
+			->willReturn(false);
 		$this->groupManager
 			->expects($this->once())
 			->method('getSubAdmin')
@ -642,7 +642,7 @@ class UsersTest extends OriginalTest {
 				[$loggedInUser, $existingGroup1],
 				[$loggedInUser, $existingGroup2]
 			)
-			->wilLReturn(true);
+			->willReturn(true);


 		$expected = new \OC_OCS_Result(null, 100);
@ -2295,4 +2295,60 @@ class UsersTest extends OriginalTest {
 		$expected = new \OC_OCS_Result(null, 102, 'Unknown error occurred');
 		$this->assertEquals($expected, $this->api->getUserSubAdminGroups(['userid' => 'RequestedUser']));
 	}
+
+	public function testEnableUser() {
+		$targetUser = $this->getMock('\OCP\IUser');
+		$targetUser->expects($this->once())
+			->method('setEnabled')
+			->with(true);
+		$this->userManager
+			->expects($this->once())
+			->method('get')
+			->with('RequestedUser')
+			->will($this->returnValue($targetUser));
+		$loggedInUser = $this->getMock('\OCP\IUser');
+		$loggedInUser
+			->expects($this->exactly(2))
+			->method('getUID')
+			->will($this->returnValue('admin'));
+		$this->userSession
+			->expects($this->once())
+			->method('getUser')
+			->will($this->returnValue($loggedInUser));
+		$this->groupManager
+			->expects($this->once())
+			->method('isAdmin')
+			->will($this->returnValue(true));
+
+		$expected = new \OC_OCS_Result(null, 100);
+		$this->assertEquals($expected, $this->api->enableUser(['userid' => 'RequestedUser']));
+	}
+
+	public function testDisableUser() {
+		$targetUser = $this->getMock('\OCP\IUser');
+		$targetUser->expects($this->once())
+			->method('setEnabled')
+			->with(false);
+		$this->userManager
+			->expects($this->once())
+			->method('get')
+			->with('RequestedUser')
+			->will($this->returnValue($targetUser));
+		$loggedInUser = $this->getMock('\OCP\IUser');
+		$loggedInUser
+			->expects($this->exactly(2))
+			->method('getUID')
+			->will($this->returnValue('admin'));
+		$this->userSession
+			->expects($this->once())
+			->method('getUser')
+			->will($this->returnValue($loggedInUser));
+		$this->groupManager
+			->expects($this->once())
+			->method('isAdmin')
+			->will($this->returnValue(true));
+
+		$expected = new \OC_OCS_Result(null, 100);
+		$this->assertEquals($expected, $this->api->disableUser(['userid' => 'RequestedUser']));
+	}
 }