diff --git a/lib/app.php b/lib/app.php index 4c2c43ec26..9c3411a76b 100755 --- a/lib/app.php +++ b/lib/app.php @@ -293,16 +293,21 @@ class OC_App{ if (OC_User::isLoggedIn()) { // personal menu $settings[] = array( "id" => "personal", "order" => 1, "href" => OC_Helper::linkTo( "settings", "personal.php" ), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath( "settings", "personal.svg" )); - + // if there're some settings forms if(!empty(self::$settingsForms)) // settings menu $settings[]=array( "id" => "settings", "order" => 1000, "href" => OC_Helper::linkTo( "settings", "settings.php" ), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath( "settings", "settings.svg" )); - - // if the user is an admin - if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { + + //SubAdmins are also allowed to access user management + if(OC_SubAdmin::isSubAdmin($_SESSION["user_id"]) || OC_Group::inGroup( $_SESSION["user_id"], "admin" )){ // admin users menu $settings[] = array( "id" => "core_users", "order" => 2, "href" => OC_Helper::linkTo( "settings", "users.php" ), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath( "settings", "users.svg" )); + } + + + // if the user is an admin + if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { // admin apps menu $settings[] = array( "id" => "core_apps", "order" => 3, "href" => OC_Helper::linkTo( "settings", "apps.php" ).'?installed', "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath( "settings", "apps.svg" )); diff --git a/lib/subadmin.php b/lib/subadmin.php index aad657b024..b6f0b3007f 100644 --- a/lib/subadmin.php +++ b/lib/subadmin.php @@ -38,9 +38,6 @@ class OC_SubAdmin{ public static function createSubAdmin($uid, $gid){ $stmt = OC_DB::prepare('INSERT INTO *PREFIX*group_admin (gid,uid) VALUES(?,?)'); $result = $stmt->execute(array($gid, $uid)); - if(OC_DB::isError($result)){ - return false; - } OC_Hook::emit( "OC_SubAdmin", "post_createSubAdmin", array( "gid" => $gid )); return true; } @@ -54,9 +51,6 @@ class OC_SubAdmin{ public static function deleteSubAdmin($uid, $gid){ $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ? AND uid = ?'); $result = $stmt->execute(array($gid, $uid)); - if(OC_DB::isError($result)){ - return false; - } OC_Hook::emit( "OC_SubAdmin", "post_deleteSubAdmin", array( "gid" => $gid )); return true; } @@ -68,7 +62,7 @@ class OC_SubAdmin{ */ public static function getSubAdminsGroups($uid){ $stmt = OC_DB::prepare('SELECT gid FROM *PREFIX*group_admin WHERE uid = ?'); - $result = $stmt->execute(array($gid, $uid)); + $result = $stmt->execute(array($uid)); $gids = array(); while($row = $result->fetchRow()){ $gids[] = $row['gid']; @@ -83,7 +77,7 @@ class OC_SubAdmin{ */ public static function getGroupsSubAdmins($gid){ $stmt = OC_DB::prepare('SELECT uid FROM *PREFIX*group_admin WHERE gid = ?'); - $result = $stmt->execute(array($gid, $uid)); + $result = $stmt->execute(array($gid)); $uids = array(); while($row = $result->fetchRow()){ $uids[] = $row['uid']; @@ -97,11 +91,35 @@ class OC_SubAdmin{ */ public static function getAllSubAdmins(){ $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*group_admin'); - $result = $stmt->execute(array($gid, $uid)); + $result = $stmt->execute(); $subadmins = array(); while($row = $result->fetchRow()){ $subadmins[] = $row; } return $subadmins; } + + /** + * @brief checks if a user is a SubAdmin of a group + * @return array + */ + public static function isSubAdminofGroup($uid, $gid){ + $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin where uid = ? AND gid = ?'); + $result = $stmt->execute(array($uid, $gid)); + $result = $result->fetchRow(); + if($result['count'] >= 1){ + return true; + } + return false; + } + + public static function isSubAdmin($uid){ + $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin WHERE uid = ?'); + $result = $stmt->execute(array($uid)); + $result = $result->fetchRow(); + if($result['count'] > 0){ + return true; + } + return false; + } } diff --git a/lib/util.php b/lib/util.php index de9171edc8..2eb102dfa6 100755 --- a/lib/util.php +++ b/lib/util.php @@ -328,16 +328,13 @@ class OC_Util { // Check if we are a user self::checkLoggedIn(); if(OC_Group::inGroup(OC_User::getUser(),'admin')){ - return OC_Group::getGroups(); + return true; } - $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin WHERE uid = ?'); - $result = $stmt->execute(array(OC_User::getUser())); - $result = $result->fetchRow(); - if($result['count'] == 0){ + if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())){ header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); exit(); } - return $groups; + return true; } /** diff --git a/settings/ajax/createuser.php b/settings/ajax/createuser.php index c56df4bc15..41bf31a05f 100644 --- a/settings/ajax/createuser.php +++ b/settings/ajax/createuser.php @@ -4,15 +4,36 @@ require_once('../../lib/base.php'); // Check if we are a user -if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )){ +if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && !OC_SubAdmin::isSubAdmin(OC_User::getUser()))){ OC_JSON::error(array("data" => array( "message" => "Authentication error" ))); exit(); } OCP\JSON::callCheck(); -$groups = array(); -if( isset( $_POST["groups"] )){ - $groups = $_POST["groups"]; +$isadmin = OC_Group::inGroup(OC_User::getUser(),'admin')?true:false; + +if($isadmin){ + $groups = array(); + if( isset( $_POST["groups"] )){ + $groups = $_POST["groups"]; + } +}else{ + $accessiblegroups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); + $accessiblegroups = array_flip($accessiblegroups); + if(isset( $_POST["groups"] )){ + $unauditedgroups = $_POST["groups"]; + $groups = array(); + foreach($unauditedgroups as $group){ + if(array_key_exists($group, $accessiblegroups)){ + $groups[] = $group; + } + } + if(count($groups) == 0){ + $groups = array_flip($accessiblegroups); + } + }else{ + $groups = array_flip($accessiblegroups); + } } $username = $_POST["username"]; $password = $_POST["password"]; diff --git a/settings/js/users.js b/settings/js/users.js index dfa28e4c4c..c86949db38 100644 --- a/settings/js/users.js +++ b/settings/js/users.js @@ -84,18 +84,56 @@ $(document).ready(function(){ } function applyMultiplySelect(element){ + console.log(element); var checked=[]; var user=element.data('username'); - if(element.data('userGroups')){ - checked=element.data('userGroups').split(', '); + if($(element).attr('class') == 'groupsselect'){ + if(element.data('userGroups')){ + checked=element.data('userGroups').split(', '); + } + if(user){ + var checkHandeler=function(group){ + if(user==OC.currentUser && group=='admin'){ + return false; + } + $.post( + OC.filePath('settings','ajax','togglegroups.php'), + { + username:user, + group:group + }, + function(){} + ); + }; + }else{ + checkHandeler=false; + } + var addGroup = function(group) { + $('select[multiple]').each(function(index, element) { + if ($(element).find('option[value="'+group +'"]').length == 0) { + $(element).append(''+group+''); + } + }) + }; + element.multiSelect({ + createCallback:addGroup, + createText:'add group', + checked:checked, + oncheck:checkHandeler, + onuncheck:checkHandeler, + minWidth: 100, + }); } - if(user){ + if($(element).attr('class') == 'subadminsselect'){ + if(element.data('subadmin')){ + checked=element.data('subadmin').split(', '); + } var checkHandeler=function(group){ - if(user==OC.currentUser && group=='admin'){ + if(group=='admin'){ return false; } $.post( - OC.filePath('settings','ajax','togglegroups.php'), + OC.filePath('settings','ajax','togglesubadmins.php'), { username:user, group:group @@ -103,24 +141,25 @@ $(document).ready(function(){ function(){} ); }; - }else{ - checkHandeler=false; + + var addSubAdmin = function(group) { + console.log('addSubAdmin called'); + console.log(group); + $('select[multiple]').each(function(index, element) { + if ($(element).find('option[value="'+group +'"]').length == 0) { + $(element).append(''+group+''); + } + }) + }; + element.multiSelect({ + createCallback:addSubAdmin, + createText:null, + checked:checked, + oncheck:checkHandeler, + onuncheck:checkHandeler, + minWidth: 100, + }); } - var addGroup = function(group) { - $('select[multiple]').each(function(index, element) { - if ($(element).find('option[value="'+group +'"]').length == 0) { - $(element).append(''+group+''); - } - }) - }; - element.multiSelect({ - createCallback:addGroup, - createText:'add group', - checked:checked, - oncheck:checkHandeler, - onuncheck:checkHandeler, - minWidth: 100, - }); } $('select[multiple]').each(function(index,element){ applyMultiplySelect($(element)); @@ -255,12 +294,14 @@ $(document).ready(function(){ OC.dialogs.alert(result.data.message, 'Error creating user'); } else { + groups = result.data.groups; + console.log(groups); var tr=$('#content table tbody tr').first().clone(); tr.attr('data-uid',username); tr.find('td.name').text(username); - var select=$(''); + var select=$(''); select.data('username',username); - select.data('userGroups',groups.join(', ')); + select.data('userGroups',groups); tr.find('td.groups').empty(); var allGroups=$('#content table').data('groups').split(', '); for(var i=0;i @@ -16,6 +19,7 @@ $_['subadmingroups'] = $_['groups']; @@ -62,7 +66,7 @@ $_['subadmingroups'] = $_['groups']; t( 'Password' ); ?> t( 'Groups' ); ?> - t('SubAdmins'); ?> + t('SubAdmin'); ?> t( 'Quota' ); ?> @@ -74,9 +78,10 @@ $_['subadmingroups'] = $_['groups']; ●●●●●●● + alt="set new password" title="set new password"/> - - + + diff --git a/settings/users.php b/settings/users.php index e066956291..60ffc337a7 100644 --- a/settings/users.php +++ b/settings/users.php @@ -19,20 +19,20 @@ $groups = array(); $isadmin = OC_Group::inGroup(OC_User::getUser(),'admin')?true:false; if($isadmin){ - $groups = OC_Group::getGroups(); + $accessiblegroups = OC_Group::getGroups(); $accessibleusers = OC_User::getUsers(); $subadmins = OC_SubAdmin::getAllSubAdmins(); }else{ - $groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); - $accessibleusers = OC_Group::usersInGroups($groups); + $accessiblegroups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()); + $accessibleusers = OC_Group::usersInGroups($accessiblegroups); $subadmins = false; } foreach($accessibleusers as $i){ - $users[] = array( "name" => $i, "groups" => join( ", ", /*array_intersect(*/OC_Group::getUserGroups($i)/*, OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()))*/),'quota'=>OC_Preferences::getValue($i,'files','quota','default')); + $users[] = array( "name" => $i, "groups" => join( ", ", /*array_intersect(*/OC_Group::getUserGroups($i)/*, OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()))*/),'quota'=>OC_Preferences::getValue($i,'files','quota','default'),'subadmin'=>implode(', ',OC_SubAdmin::getSubAdminsGroups($i))); } -foreach( $groups as $i ){ +foreach( $accessiblegroups as $i ){ // Do some more work here soon $groups[] = array( "name" => $i ); } @@ -55,7 +55,9 @@ if (\OC_App::isEnabled( "files_sharing" ) ) { $tmpl = new OC_Template( "settings", "users", "user" ); $tmpl->assign( "users", $users ); $tmpl->assign( "groups", $groups ); +$tmpl->assign( 'isadmin', $isadmin); $tmpl->assign( 'subadmins', $subadmins); +$tmpl->assign( 'numofgroups', count($accessiblegroups)); $tmpl->assign( 'quota_preset', $quotaPreset); $tmpl->assign( 'default_quota', $defaultQuota); $tmpl->assign( 'share_notice', $shareNotice);