mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add provisioning api to enable and disable users

This commit is contained in:
Thomas Müller 2016-04-07 17:22:21 +02:00
parent 9c9fec36dd
commit 8486926a14
No known key found for this signature in database
GPG Key ID: A943788A3BBEC44C
3 changed files with 128 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/provisioning_api/appinfo/routes.php
View File

@ -26,10 +26,13 @@
namespace OCA\Provisioning_API\AppInfo; namespace OCA\Provisioning_API\AppInfo;
use OCA\Provisioning_API\Apps;
use OCA\Provisioning_API\Groups;
use OCA\Provisioning_API\Users;
use OCP\API; use OCP\API;
// Users // Users
$users = new \OCA\Provisioning_API\Users( $users = new Users(
\OC::$server->getUserManager(), \OC::$server->getUserManager(),
\OC::$server->getConfig(), \OC::$server->getConfig(),
\OC::$server->getGroupManager(), \OC::$server->getGroupManager(),
@ -41,6 +44,8 @@ API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', A
API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH); API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH); API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH); API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('put', '/cloud/users/{userid}/enable', [$users, 'enableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('put', '/cloud/users/{userid}/disable', [$users, 'disableUser'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('get', '/cloud/users/{userid}/groups', [$users, 'getUsersGroups'], 'provisioning_api', API::USER_AUTH); API::register('get', '/cloud/users/{userid}/groups', [$users, 'getUsersGroups'], 'provisioning_api', API::USER_AUTH);
API::register('post', '/cloud/users/{userid}/groups', [$users, 'addToGroup'], 'provisioning_api', API::SUBADMIN_AUTH); API::register('post', '/cloud/users/{userid}/groups', [$users, 'addToGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
API::register('delete', '/cloud/users/{userid}/groups', [$users, 'removeFromGroup'], 'provisioning_api', API::SUBADMIN_AUTH); API::register('delete', '/cloud/users/{userid}/groups', [$users, 'removeFromGroup'], 'provisioning_api', API::SUBADMIN_AUTH);
@ -49,7 +54,7 @@ API::register('delete', '/cloud/users/{userid}/subadmins', [$users, 'removeSubAd
API::register('get', '/cloud/users/{userid}/subadmins', [$users, 'getUserSubAdminGroups'], 'provisioning_api', API::ADMIN_AUTH); API::register('get', '/cloud/users/{userid}/subadmins', [$users, 'getUserSubAdminGroups'], 'provisioning_api', API::ADMIN_AUTH);
// Groups // Groups
$groups = new \OCA\Provisioning_API\Groups( $groups = new Groups(
\OC::$server->getGroupManager(), \OC::$server->getGroupManager(),
\OC::$server->getUserSession(), \OC::$server->getUserSession(),
\OC::$server->getRequest() \OC::$server->getRequest()
@ -61,7 +66,7 @@ API::register('delete', '/cloud/groups/{groupid}', [$groups, 'deleteGroup'], 'pr
API::register('get', '/cloud/groups/{groupid}/subadmins', [$groups, 'getSubAdminsOfGroup'], 'provisioning_api', API::ADMIN_AUTH); API::register('get', '/cloud/groups/{groupid}/subadmins', [$groups, 'getSubAdminsOfGroup'], 'provisioning_api', API::ADMIN_AUTH);
// Apps // Apps
$apps = new \OCA\Provisioning_API\Apps( $apps = new Apps(
\OC::$server->getAppManager(), \OC::$server->getAppManager(),
\OC::$server->getOcsClient() \OC::$server->getOcsClient()
); );

72
apps/provisioning_api/lib/users.php
View File

@ -31,32 +31,36 @@ namespace OCA\Provisioning_API;
use \OC_OCS_Result; use \OC_OCS_Result;
use \OC_Helper; use \OC_Helper;
use OCP\Files\NotFoundException; use OCP\Files\NotFoundException;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\ILogger; use OCP\ILogger;
use OCP\IUserManager;
use OCP\IUserSession;
class Users { class Users {
/** @var \OCP\IUserManager */ /** @var IUserManager */
private $userManager; private $userManager;
/** @var \OCP\IConfig */ /** @var IConfig */
private $config; private $config;
/** @var \OCP\IGroupManager */ /** @var IGroupManager */
private $groupManager; private $groupManager;
/** @var \OCP\IUserSession */ /** @var IUserSession */
private $userSession; private $userSession;
/** @var ILogger */ /** @var ILogger */
private $logger; private $logger;
/** /**
* @param \OCP\IUserManager $userManager * @param IUserManager $userManager
* @param \OCP\IConfig $config * @param IConfig $config
* @param \OCP\IGroupManager $groupManager * @param IGroupManager $groupManager
* @param \OCP\IUserSession $userSession * @param IUserSession $userSession
* @param ILogger $logger * @param ILogger $logger
*/ */
public function __construct(\OCP\IUserManager $userManager, public function __construct(IUserManager $userManager,
\OCP\IConfig $config, IConfig $config,
\OCP\IGroupManager $groupManager, IGroupManager $groupManager,
\OCP\IUserSession $userSession, IUserSession $userSession,
ILogger $logger) { ILogger $logger) {
$this->userManager = $userManager; $this->userManager = $userManager;
$this->config = $config; $this->config = $config;
@ -329,6 +333,50 @@ class Users {
} }
} }
/**
* @param array $parameters
* @return OC_OCS_Result
*/
public function disableUser($parameters) {
return $this->setEnabled($parameters, false);
}
/**
* @param array $parameters
* @return OC_OCS_Result
*/
public function enableUser($parameters) {
return $this->setEnabled($parameters, true);
}
/**
* @param array $parameters
* @param bool $value
* @return OC_OCS_Result
*/
private function setEnabled($parameters, $value) {
// Check if user is logged in
$currentLoggedInUser = $this->userSession->getUser();
if ($currentLoggedInUser === null) {
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
}
$targetUser = $this->userManager->get($parameters['userid']);
if($targetUser === null || $targetUser->getUID() === $currentLoggedInUser->getUID()) {
return new OC_OCS_Result(null, 101);
}
// If not permitted
$subAdminManager = $this->groupManager->getSubAdmin();
if(!$this->groupManager->isAdmin($currentLoggedInUser->getUID()) && !$subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser)) {
return new OC_OCS_Result(null, 997);
}
// enable/disable the user now
$targetUser->setEnabled($value);
return new OC_OCS_Result(null, 100);
}
/** /**
* @param array $parameters * @param array $parameters
* @return OC_OCS_Result * @return OC_OCS_Result

64
apps/provisioning_api/tests/userstest.php
View File

@ -58,8 +58,8 @@ class UsersTest extends OriginalTest {
parent::tearDown(); parent::tearDown();
} }
protected function setup() { protected function setUp() {
parent::setup(); parent::setUp();
$this->userManager = $this->getMock('\OCP\IUserManager'); $this->userManager = $this->getMock('\OCP\IUserManager');
$this->config = $this->getMock('\OCP\IConfig'); $this->config = $this->getMock('\OCP\IConfig');
@ -540,7 +540,7 @@ class UsersTest extends OriginalTest {
->expects($this->once()) ->expects($this->once())
->method('isSubAdminOfGroup') ->method('isSubAdminOfGroup')
->with($loggedInUser, $existingGroup) ->with($loggedInUser, $existingGroup)
->wilLReturn(false); ->willReturn(false);
$this->groupManager $this->groupManager
->expects($this->once()) ->expects($this->once())
->method('getSubAdmin') ->method('getSubAdmin')
@ -642,7 +642,7 @@ class UsersTest extends OriginalTest {
[$loggedInUser, $existingGroup1], [$loggedInUser, $existingGroup1],
[$loggedInUser, $existingGroup2] [$loggedInUser, $existingGroup2]
) )
->wilLReturn(true); ->willReturn(true);
$expected = new \OC_OCS_Result(null, 100); $expected = new \OC_OCS_Result(null, 100);
@ -2295,4 +2295,60 @@ class UsersTest extends OriginalTest {
$expected = new \OC_OCS_Result(null, 102, 'Unknown error occurred'); $expected = new \OC_OCS_Result(null, 102, 'Unknown error occurred');
$this->assertEquals($expected, $this->api->getUserSubAdminGroups(['userid' => 'RequestedUser'])); $this->assertEquals($expected, $this->api->getUserSubAdminGroups(['userid' => 'RequestedUser']));
} }
public function testEnableUser() {
$targetUser = $this->getMock('\OCP\IUser');
$targetUser->expects($this->once())
->method('setEnabled')
->with(true);
$this->userManager
->expects($this->once())
->method('get')
->with('RequestedUser')
->will($this->returnValue($targetUser));
$loggedInUser = $this->getMock('\OCP\IUser');
$loggedInUser
->expects($this->exactly(2))
->method('getUID')
->will($this->returnValue('admin'));
$this->userSession
->expects($this->once())
->method('getUser')
->will($this->returnValue($loggedInUser));
$this->groupManager
->expects($this->once())
->method('isAdmin')
->will($this->returnValue(true));
$expected = new \OC_OCS_Result(null, 100);
$this->assertEquals($expected, $this->api->enableUser(['userid' => 'RequestedUser']));
}
public function testDisableUser() {
$targetUser = $this->getMock('\OCP\IUser');
$targetUser->expects($this->once())
->method('setEnabled')
->with(false);
$this->userManager
->expects($this->once())
->method('get')
->with('RequestedUser')
->will($this->returnValue($targetUser));
$loggedInUser = $this->getMock('\OCP\IUser');
$loggedInUser
->expects($this->exactly(2))
->method('getUID')
->will($this->returnValue('admin'));
$this->userSession
->expects($this->once())
->method('getUser')
->will($this->returnValue($loggedInUser));
$this->groupManager
->expects($this->once())
->method('isAdmin')
->will($this->returnValue(true));
$expected = new \OC_OCS_Result(null, 100);
$this->assertEquals($expected, $this->api->disableUser(['userid' => 'RequestedUser']));
}
} }