From e95863822153e6b88a365e6db83444bdf1c4c0ce Mon Sep 17 00:00:00 2001
From: michag86 <micha_g@arcor.de>
Date: Tue, 18 Aug 2015 17:43:16 +0200
Subject: [PATCH] enable api getUsers for subadmins

Now subadmins can get a list of users they are subadmins of.
---
 apps/provisioning_api/appinfo/routes.php |  2 +-
 apps/provisioning_api/lib/users.php      | 27 +++++++++++++++++++++++-
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php
index 2ee3a185da..77a44cd85b 100644
--- a/apps/provisioning_api/appinfo/routes.php
+++ b/apps/provisioning_api/appinfo/routes.php
@@ -32,7 +32,7 @@ $users = new \OCA\Provisioning_API\Users(
 	\OC::$server->getGroupManager(),
 	\OC::$server->getUserSession()
 );
-API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::ADMIN_AUTH);
+API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::SUBADMIN_AUTH);
 API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::ADMIN_AUTH);
 API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
 API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
diff --git a/apps/provisioning_api/lib/users.php b/apps/provisioning_api/lib/users.php
index f5b201a55e..63cc39550d 100644
--- a/apps/provisioning_api/lib/users.php
+++ b/apps/provisioning_api/lib/users.php
@@ -28,6 +28,7 @@ namespace OCA\Provisioning_API;
 use \OC_OCS_Result;
 use \OC_SubAdmin;
 use \OC_Helper;
+use \OC_Group;
 use OCP\Files\NotFoundException;
 
 class Users {
@@ -68,7 +69,31 @@ class Users {
 		$limit = !empty($_GET['limit']) ? $_GET['limit'] : null;
 		$offset = !empty($_GET['offset']) ? $_GET['offset'] : null;
 
-		$users = $this->userManager->search($search, $limit, $offset);
+		// Check if user is logged in
+		$user = $this->userSession->getUser();
+		if ($user === null) {
+			return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
+		}
+
+		// Admin? Or SubAdmin?
+		if($this->groupManager->isAdmin($user->getUID())){
+			$users = $this->userManager->search($search, $limit, $offset);
+		} else if (\OC_SubAdmin::isSubAdmin($user->getUID())) {
+			$subAdminOfGroups = \OC_SubAdmin::getSubAdminsGroups($user->getUID());
+
+			if($offset === null) {
+				$offset = 0; 
+			}
+
+			$users = [];
+			foreach ($subAdminOfGroups as $group) {
+				$users = array_merge($users, $this->groupManager->displayNamesInGroup($group, $search));
+			}
+
+			$users = array_slice($users, $offset, $limit);
+		} else {
+			return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
+		}
 		$users = array_keys($users);
 
 		return new OC_OCS_Result([