From d96e9d174bf6c5128fca0c8b6ab8320dc3c93dad Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Thu, 9 Apr 2015 13:50:53 +0200
Subject: [PATCH 1/5] block cron when in single user mode

---
 cron.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cron.php b/cron.php
index c623689722..8c02536744 100644
--- a/cron.php
+++ b/cron.php
@@ -41,6 +41,11 @@ try {
 		exit;
 	}
 
+	if (\OC::$server->getSystemConfig()->getValue('singleuser', false)) {
+		\OCP\Util::writeLog('cron', 'We are in admin only mode, skipping cron', \OCP\Util::DEBUG);
+		exit;
+	}
+
 	// load all apps to get all api routes properly setup
 	OC_App::loadApps();
 

From 8af106cc751573e4d27f6a2e576b899415e7260a Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Thu, 9 Apr 2015 15:56:41 +0200
Subject: [PATCH 2/5] block webdav in single user mode

---
 lib/private/connector/sabre/maintenanceplugin.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/private/connector/sabre/maintenanceplugin.php b/lib/private/connector/sabre/maintenanceplugin.php
index 91c48a45d3..c4c9a5340b 100644
--- a/lib/private/connector/sabre/maintenanceplugin.php
+++ b/lib/private/connector/sabre/maintenanceplugin.php
@@ -60,6 +60,9 @@ class MaintenancePlugin extends \Sabre\DAV\ServerPlugin
 	 * @return bool
 	 */
 	public function checkMaintenanceMode() {
+		if (\OC::$server->getSystemConfig()->getValue('singleuser', false)) {
+			throw new \Sabre\DAV\Exception\ServiceUnavailable();
+		}
 		if (\OC_Config::getValue('maintenance', false)) {
 			throw new \Sabre\DAV\Exception\ServiceUnavailable();
 		}

From a7aba07dc13b0942a795a879aed0d5267a5052ba Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Thu, 9 Apr 2015 15:57:27 +0200
Subject: [PATCH 3/5] block ocs in single user mode

---
 ocs/v1.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ocs/v1.php b/ocs/v1.php
index 398a128c64..8002ca602e 100644
--- a/ocs/v1.php
+++ b/ocs/v1.php
@@ -27,7 +27,9 @@
 
 require_once '../lib/base.php';
 
-if (\OCP\Util::needUpgrade() || \OC::$server->getSystemConfig()->getValue('maintenance', false)) {
+if (\OCP\Util::needUpgrade()
+	|| \OC::$server->getSystemConfig()->getValue('maintenance', false)
+	|| \OC::$server->getSystemConfig()->getValue('singleuser', false)) {
 	// since the behavior of apps or remotes are unpredictable during
 	// an upgrade, return a 503 directly
 	OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);

From f05e19348d21c96455adb305328acc7cbfa0f26a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Thu, 9 Apr 2015 23:47:24 +0200
Subject: [PATCH 4/5] Fix single user check in case no user is logged in

---
 lib/base.php | 34 ++++++++++++++++++++--------------
 1 file changed, 20 insertions(+), 14 deletions(-)

diff --git a/lib/base.php b/lib/base.php
index be397e5244..02b55458f1 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -294,27 +294,33 @@ class OC {
 			header('Retry-After: 120');
 
 			// render error page
-			$tmpl = new OC_Template('', 'update.user', 'guest');
+			$template = new OC_Template('', 'update.user', 'guest');
 			OC_Util::addscript('maintenance-check');
-			$tmpl->printPage();
+			$template->printPage();
 			die();
 		}
 	}
 
 	public static function checkSingleUserMode() {
-		$user = OC_User::getUserSession()->getUser();
-		$group = OC_Group::getManager()->get('admin');
-		if ($user && \OC::$server->getSystemConfig()->getValue('singleuser', false) && !$group->inGroup($user)) {
-			// send http status 503
-			header('HTTP/1.1 503 Service Temporarily Unavailable');
-			header('Status: 503 Service Temporarily Unavailable');
-			header('Retry-After: 120');
-
-			// render error page
-			$tmpl = new OC_Template('', 'singleuser.user', 'guest');
-			$tmpl->printPage();
-			die();
+		if (!\OC::$server->getSystemConfig()->getValue('singleuser', false)) {
+			return;
 		}
+		$user = OC_User::getUserSession()->getUser();
+		if ($user) {
+			$group = \OC::$server->getGroupManager()->get('admin');
+			if ($group->inGroup($user)) {
+				return;
+			}
+		}
+		// send http status 503
+		header('HTTP/1.1 503 Service Temporarily Unavailable');
+		header('Status: 503 Service Temporarily Unavailable');
+		header('Retry-After: 120');
+
+		// render error page
+		$template = new OC_Template('', 'singleuser.user', 'guest');
+		$template->printPage();
+		die();
 	}
 
 	/**

From a33edcd2f0a74884f284166d80d23ad22b822b64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Fri, 10 Apr 2015 11:17:33 +0200
Subject: [PATCH 5/5] Fix singe user mode on public.php - take two

---
 lib/base.php | 6 +++++-
 public.php   | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/base.php b/lib/base.php
index 02b55458f1..7deaf271e4 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -301,7 +301,7 @@ class OC {
 		}
 	}
 
-	public static function checkSingleUserMode() {
+	public static function checkSingleUserMode($lockIfNoUserLoggedIn = false) {
 		if (!\OC::$server->getSystemConfig()->getValue('singleuser', false)) {
 			return;
 		}
@@ -311,6 +311,10 @@ class OC {
 			if ($group->inGroup($user)) {
 				return;
 			}
+		} else {
+			if(!$lockIfNoUserLoggedIn) {
+				return;
+			}
 		}
 		// send http status 503
 		header('HTTP/1.1 503 Service Temporarily Unavailable');
diff --git a/public.php b/public.php
index 8f3bc8e6ae..f390166d06 100644
--- a/public.php
+++ b/public.php
@@ -37,7 +37,7 @@ try {
 	}
 
 	OC::checkMaintenanceMode();
-	OC::checkSingleUserMode();
+	OC::checkSingleUserMode(true);
 	$request = \OC::$server->getRequest();
 	$pathInfo = $request->getPathInfo();