mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

No need to check the subadmin again 

The user needs to be a subadmin of the group,
otherwise they are not allowed to remove anyone from the group

Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2017-01-18 11:43:52 +01:00
parent 4bbd52b3f9
commit ae77067a07
No known key found for this signature in database
GPG Key ID: E166FD8976B3BAC8
2 changed files with 11 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
apps/provisioning_api/lib/Controller/UsersController.php
View File

@ -33,10 +33,10 @@ use \OC_Helper;
use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController; use OCP\AppFramework\OCSController;
use OCP\Files\NotFoundException; use OCP\Files\NotFoundException;
use OCP\IConfig; use OCP\IConfig;
use OCP\IGroup;
use OCP\IGroupManager; use OCP\IGroupManager;
use OCP\ILogger; use OCP\ILogger;
use OCP\IRequest; use OCP\IRequest;
@ -275,9 +275,9 @@ class UsersController extends OCSController {
break; break;
case 'quota': case 'quota':
$quota = $value; $quota = $value;
if($quota !== 'none' and $quota !== 'default') { if($quota !== 'none' && $quota !== 'default') {
if (is_numeric($quota)) { if (is_numeric($quota)) {
$quota = floatval($quota); $quota = (float) $quota;
} else { } else {
$quota = \OCP\Util::computerFileSize($quota); $quota = \OCP\Util::computerFileSize($quota);
} }
@ -421,6 +421,7 @@ class UsersController extends OCSController {
// Looking up someone else // Looking up someone else
if($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) { if($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) {
// Return the group that the method caller is subadmin of for the user in question // Return the group that the method caller is subadmin of for the user in question
/** @var IGroup[] $getSubAdminsGroups */
$getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser); $getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
foreach ($getSubAdminsGroups as $key => $group) { foreach ($getSubAdminsGroups as $key => $group) {
$getSubAdminsGroups[$key] = $group->getGID(); $getSubAdminsGroups[$key] = $group->getGID();
@ -492,27 +493,21 @@ class UsersController extends OCSController {
// If they're not an admin, check they are a subadmin of the group in question // If they're not an admin, check they are a subadmin of the group in question
$subAdminManager = $this->groupManager->getSubAdmin(); $subAdminManager = $this->groupManager->getSubAdmin();
if(!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminofGroup($loggedInUser, $group)) { if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) {
throw new OCSException('', 104); throw new OCSException('', 104);
} }
// Check they aren't removing themselves from 'admin' or their 'subadmin; group // Check they aren't removing themselves from 'admin' or their 'subadmin; group
if($userId === $loggedInUser->getUID()) { if ($userId === $loggedInUser->getUID()) {
if($this->groupManager->isAdmin($loggedInUser->getUID())) { if ($this->groupManager->isAdmin($loggedInUser->getUID())) {
if($group->getGID() === 'admin') { if ($group->getGID() === 'admin') {
throw new OCSException('Cannot remove yourself from the admin group', 105); throw new OCSException('Cannot remove yourself from the admin group', 105);
} }
} else { } else {
// Not an admin, check they are not removing themself from their subadmin group // Not an admin, so the user must be a subadmin of this group, but that is not allowed.
$subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
foreach ($subAdminGroups as $key => $group) {
$subAdminGroups[$key] = $group->getGID();
}
if(in_array($group->getGID(), $subAdminGroups, true)) {
throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105); throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105);
} }
} }
}
// Remove user from group // Remove user from group
$group->removeUser($targetUser); $group->removeUser($targetUser);

5
apps/provisioning_api/tests/Controller/UsersControllerTest.php
View File

@ -1813,11 +1813,6 @@ class UsersControllerTest extends OriginalTest {
->method('isSubAdminofGroup') ->method('isSubAdminofGroup')
->with($loggedInUser, $targetGroup) ->with($loggedInUser, $targetGroup)
->will($this->returnValue(true)); ->will($this->returnValue(true));
$subAdminManager
->expects($this->once())
->method('getSubAdminsGroups')
->with($loggedInUser)
->will($this->returnValue([$targetGroup]));
$this->groupManager $this->groupManager
->expects($this->once()) ->expects($this->once())
->method('getSubAdmin') ->method('getSubAdmin')