No need to check the subadmin again
The user needs to be a subadmin of the group, otherwise they are not allowed to remove anyone from the group Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
4bbd52b3f9
commit
ae77067a07
|
@ -33,10 +33,10 @@ use \OC_Helper;
|
|||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
use OCP\AppFramework\OCS\OCSForbiddenException;
|
||||
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||
use OCP\AppFramework\OCSController;
|
||||
use OCP\Files\NotFoundException;
|
||||
use OCP\IConfig;
|
||||
use OCP\IGroup;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\ILogger;
|
||||
use OCP\IRequest;
|
||||
|
@ -275,9 +275,9 @@ class UsersController extends OCSController {
|
|||
break;
|
||||
case 'quota':
|
||||
$quota = $value;
|
||||
if($quota !== 'none' and $quota !== 'default') {
|
||||
if($quota !== 'none' && $quota !== 'default') {
|
||||
if (is_numeric($quota)) {
|
||||
$quota = floatval($quota);
|
||||
$quota = (float) $quota;
|
||||
} else {
|
||||
$quota = \OCP\Util::computerFileSize($quota);
|
||||
}
|
||||
|
@ -421,6 +421,7 @@ class UsersController extends OCSController {
|
|||
// Looking up someone else
|
||||
if($subAdminManager->isUserAccessible($loggedInUser, $targetUser)) {
|
||||
// Return the group that the method caller is subadmin of for the user in question
|
||||
/** @var IGroup[] $getSubAdminsGroups */
|
||||
$getSubAdminsGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
|
||||
foreach ($getSubAdminsGroups as $key => $group) {
|
||||
$getSubAdminsGroups[$key] = $group->getGID();
|
||||
|
@ -492,9 +493,10 @@ class UsersController extends OCSController {
|
|||
|
||||
// If they're not an admin, check they are a subadmin of the group in question
|
||||
$subAdminManager = $this->groupManager->getSubAdmin();
|
||||
if(!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminofGroup($loggedInUser, $group)) {
|
||||
if (!$this->groupManager->isAdmin($loggedInUser->getUID()) && !$subAdminManager->isSubAdminOfGroup($loggedInUser, $group)) {
|
||||
throw new OCSException('', 104);
|
||||
}
|
||||
|
||||
// Check they aren't removing themselves from 'admin' or their 'subadmin; group
|
||||
if ($userId === $loggedInUser->getUID()) {
|
||||
if ($this->groupManager->isAdmin($loggedInUser->getUID())) {
|
||||
|
@ -502,17 +504,10 @@ class UsersController extends OCSController {
|
|||
throw new OCSException('Cannot remove yourself from the admin group', 105);
|
||||
}
|
||||
} else {
|
||||
// Not an admin, check they are not removing themself from their subadmin group
|
||||
$subAdminGroups = $subAdminManager->getSubAdminsGroups($loggedInUser);
|
||||
foreach ($subAdminGroups as $key => $group) {
|
||||
$subAdminGroups[$key] = $group->getGID();
|
||||
}
|
||||
|
||||
if(in_array($group->getGID(), $subAdminGroups, true)) {
|
||||
// Not an admin, so the user must be a subadmin of this group, but that is not allowed.
|
||||
throw new OCSException('Cannot remove yourself from this group as you are a SubAdmin', 105);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Remove user from group
|
||||
$group->removeUser($targetUser);
|
||||
|
|
|
@ -1813,11 +1813,6 @@ class UsersControllerTest extends OriginalTest {
|
|||
->method('isSubAdminofGroup')
|
||||
->with($loggedInUser, $targetGroup)
|
||||
->will($this->returnValue(true));
|
||||
$subAdminManager
|
||||
->expects($this->once())
|
||||
->method('getSubAdminsGroups')
|
||||
->with($loggedInUser)
|
||||
->will($this->returnValue([$targetGroup]));
|
||||
$this->groupManager
|
||||
->expects($this->once())
|
||||
->method('getSubAdmin')
|
||||
|
|
Loading…
Reference in New Issue