Merge pull request #12618 from owncloud/initial-work-migrate-to-appframework

Add REST route for managing groups and users
This commit is contained in:
Lukas Reschke 2014-12-08 21:37:41 +01:00
commit f219f5a7a6
26 changed files with 1332 additions and 397 deletions

View File

@ -37,6 +37,7 @@ class OC_Group {
/**
* @return \OC\Group\Manager
* @deprecated Use \OC::$server->getGroupManager();
*/
public static function getManager() {
return \OC::$server->getGroupManager();
@ -44,6 +45,7 @@ class OC_Group {
/**
* @return \OC\User\Manager
* @deprecated Use \OC::$server->getUserManager()
*/
private static function getUserManager() {
return \OC::$server->getUserManager();
@ -73,12 +75,10 @@ class OC_Group {
*
* Tries to create a new group. If the group name already exists, false will
* be returned. Basic checking of Group name
* @deprecated Use \OC::$server->getGroupManager()->createGroup() instead
*/
public static function createGroup($gid) {
OC_Hook::emit("OC_Group", "pre_createGroup", array("run" => true, "gid" => $gid));
if (self::getManager()->createGroup($gid)) {
OC_Hook::emit("OC_User", "post_createGroup", array("gid" => $gid));
return true;
} else {
return false;
@ -91,19 +91,12 @@ class OC_Group {
* @return bool
*
* Deletes a group and removes it from the group_user-table
* @deprecated Use \OC::$server->getGroupManager()->delete() instead
*/
public static function deleteGroup($gid) {
// Prevent users from deleting group admin
if ($gid == "admin") {
return false;
}
OC_Hook::emit("OC_Group", "pre_deleteGroup", array("run" => true, "gid" => $gid));
$group = self::getManager()->get($gid);
if ($group) {
if ($group->delete()) {
OC_Hook::emit("OC_User", "post_deleteGroup", array("gid" => $gid));
return true;
}
}
@ -117,6 +110,7 @@ class OC_Group {
* @return bool
*
* Checks whether the user is member of a group or not.
* @deprecated Use \OC::$server->getGroupManager->inGroup($user);
*/
public static function inGroup($uid, $gid) {
$group = self::getManager()->get($gid);
@ -134,14 +128,13 @@ class OC_Group {
* @return bool
*
* Adds a user to a group.
* @deprecated Use \OC::$server->getGroupManager->addUser();
*/
public static function addToGroup($uid, $gid) {
$group = self::getManager()->get($gid);
$user = self::getUserManager()->get($uid);
if ($group and $user) {
OC_Hook::emit("OC_Group", "pre_addToGroup", array("run" => true, "uid" => $uid, "gid" => $gid));
$group->addUser($user);
OC_Hook::emit("OC_User", "post_addToGroup", array("uid" => $uid, "gid" => $gid));
return true;
} else {
return false;
@ -176,6 +169,7 @@ class OC_Group {
*
* This function fetches all groups a user belongs to. It does not check
* if the user exists at all.
* @deprecated Use \OC::$server->getGroupManager->getuserGroupIds($user)
*/
public static function getUserGroups($uid) {
$user = self::getUserManager()->get($uid);
@ -209,6 +203,7 @@ class OC_Group {
*
* @param string $gid
* @return bool
* @deprecated Use \OC::$server->getGroupManager->groupExists($gid)
*/
public static function groupExists($gid) {
return self::getManager()->groupExists($gid);
@ -260,6 +255,7 @@ class OC_Group {
* @param int $limit
* @param int $offset
* @return array an array of display names (value) and user ids(key)
* @deprecated Use \OC::$server->getGroupManager->displayNamesInGroup($gid, $search, $limit, $offset)
*/
public static function displayNamesInGroup($gid, $search = '', $limit = -1, $offset = 0) {
return self::getManager()->displayNamesInGroup($gid, $search, $limit, $offset);

View File

@ -229,6 +229,11 @@ class Group implements IGroup {
* @return bool
*/
public function delete() {
// Prevent users from deleting group admin
if ($this->getGID() === 'admin') {
return false;
}
$result = false;
if ($this->emitter) {
$this->emitter->emit('\OC\Group', 'preDelete', array($this));

View File

@ -29,7 +29,7 @@ class MetaData {
protected $metaData = array();
/**
* @var \OC\Group\Manager $groupManager
* @var \OCP\IGroupManager $groupManager
*/
protected $groupManager;
@ -41,12 +41,12 @@ class MetaData {
/**
* @param string $user the uid of the current user
* @param bool $isAdmin whether the current users is an admin
* @param \OC\Group\Manager $groupManager
* @param \OCP\IGroupManager $groupManager
*/
public function __construct(
$user,
$isAdmin,
\OC\Group\Manager $groupManager
\OCP\IGroupManager $groupManager
) {
$this->user = $user;
$this->isAdmin = (bool)$isAdmin;
@ -168,6 +168,7 @@ class MetaData {
if($this->isAdmin) {
return $this->groupManager->search($search);
} else {
// FIXME: Remove static method call
$groupIds = \OC_SubAdmin::getSubAdminsGroups($this->user);
/* \OC_SubAdmin::getSubAdminsGroups() returns an array of GIDs, but this

View File

@ -104,8 +104,26 @@ class Server extends SimpleContainer implements IServerContainer {
return new \OC\User\Manager($config);
});
$this->registerService('GroupManager', function (Server $c) {
$userManager = $c->getUserManager();
return new \OC\Group\Manager($userManager);
$groupManager = new \OC\Group\Manager($this->getUserManager());
$groupManager->listen('\OC\Group', 'preCreate', function ($gid) {
\OC_Hook::emit('OC_Group', 'pre_createGroup', array('run' => true, 'gid' => $gid));
});
$groupManager->listen('\OC\Group', 'postCreate', function (\OC\Group\Group $gid) {
\OC_Hook::emit('OC_User', 'post_createGroup', array('gid' => $gid->getGID()));
});
$groupManager->listen('\OC\Group', 'preDelete', function (\OC\Group\Group $group) {
\OC_Hook::emit('OC_Group', 'pre_deleteGroup', array('run' => true, 'gid' => $group->getGID()));
});
$groupManager->listen('\OC\Group', 'postDelete', function (\OC\Group\Group $group) {
\OC_Hook::emit('OC_User', 'post_deleteGroup', array('gid' => $group->getGID()));
});
$groupManager->listen('\OC\Group', 'preAddUser', function (\OC\Group\Group $group, \OC\User\User $user) {
\OC_Hook::emit('OC_Group', 'pre_addToGroup', array('run' => true, 'uid' => $user->getUID(), 'gid' => $group->getGID()));
});
$groupManager->listen('\OC\Group', 'postAddUser', function (\OC\Group\Group $group, \OC\User\User $user) {
\OC_Hook::emit('OC_Group', 'post_addToGroup', array('uid' => $user->getUID(), 'gid' => $group->getGID()));
});
return $groupManager;
});
$this->registerService('UserSession', function (Server $c) {
$manager = $c->getUserManager();

View File

@ -47,6 +47,7 @@ class OC_User {
/**
* @return \OC\User\Manager
* @deprecated Use \OC::$server->getUserManager()
*/
public static function getManager() {
return OC::$server->getUserManager();
@ -179,6 +180,7 @@ class OC_User {
* itself, not in its subclasses.
*
* Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
* @deprecated Use \OC::$server->getUserManager->createUser($uid, $password)
*/
public static function createUser($uid, $password) {
return self::getManager()->createUser($uid, $password);
@ -190,30 +192,12 @@ class OC_User {
* @return bool
*
* Deletes a user
* @deprecated Use \OC::$server->getUserManager->delete()
*/
public static function deleteUser($uid) {
$user = self::getManager()->get($uid);
if ($user) {
$result = $user->delete();
// if delete was successful we clean-up the rest
if ($result) {
// We have to delete the user from all groups
foreach (OC_Group::getUserGroups($uid) as $i) {
OC_Group::removeFromGroup($uid, $i);
}
// Delete the user's keys in preferences
OC_Preferences::deleteUser($uid);
// Delete user files in /data/
OC_Helper::rmdirr(\OC_User::getHome($uid));
// Delete the users entry in the storage table
\OC\Files\Cache\Storage::remove('home::' . $uid);
}
return true;
return $user->delete();
} else {
return false;
}
@ -525,6 +509,7 @@ class OC_User {
* @return string
*
* returns the path to the users home directory
* @deprecated Use \OC::$server->getUserManager->getHome()
*/
public static function getHome($uid) {
$user = self::getManager()->get($uid);

View File

@ -220,7 +220,7 @@ class Manager extends PublicEmitter implements IUserManager {
* @param string $uid
* @param string $password
* @throws \Exception
* @return bool|\OC\User\User the created user of false
* @return bool|\OC\User\User the created user or false
*/
public function createUser($uid, $password) {
$l = \OC::$server->getL10N('lib');

View File

@ -153,6 +153,24 @@ class User implements IUser {
$this->emitter->emit('\OC\User', 'preDelete', array($this));
}
$result = $this->backend->deleteUser($this->uid);
if ($result) {
// FIXME: Feels like an hack - suggestions?
// We have to delete the user from all groups
foreach (\OC_Group::getUserGroups($this->uid) as $i) {
\OC_Group::removeFromGroup($this->uid, $i);
}
// Delete the user's keys in preferences
\OC_Preferences::deleteUser($this->uid);
// Delete user files in /data/
\OC_Helper::rmdirr(\OC_User::getHome($this->uid));
// Delete the users entry in the storage table
\OC\Files\Cache\Storage::remove('home::' . $this->uid);
}
if ($this->emitter) {
$this->emitter->emit('\OC\User', 'postDelete', array($this));
}

View File

@ -1,21 +0,0 @@
<?php
OCP\JSON::callCheck();
OC_JSON::checkAdminUser();
$groupname = $_POST["groupname"];
$l = \OC::$server->getL10N('settings');
// Does the group exist?
if( in_array( $groupname, OC_Group::getGroups())) {
OC_JSON::error(array("data" => array( "message" => $l->t("Group already exists") )));
exit();
}
// Return Success story
if( OC_Group::createGroup( $groupname )) {
OC_JSON::success(array("data" => array( "groupname" => $groupname )));
}
else{
OC_JSON::error(array("data" => array( "message" => $l->t("Unable to add group") )));
}

View File

@ -1,59 +0,0 @@
<?php
OCP\JSON::callCheck();
OC_JSON::checkSubAdminUser();
if(OC_User::isAdminUser(OC_User::getUser())) {
$groups = array();
if (!empty($_POST["groups"])) {
$groups = $_POST["groups"];
}
}else{
if (isset($_POST["groups"])) {
$groups = array();
if (!empty($_POST["groups"])) {
foreach ($_POST["groups"] as $group) {
if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) {
$groups[] = $group;
}
}
}
if (empty($groups)) {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
}
$username = $_POST["username"];
$password = $_POST["password"];
// Return Success story
try {
// check whether the user's files home exists
$userDirectory = OC_User::getHome($username) . '/files/';
$homeExists = file_exists($userDirectory);
if (!OC_User::createUser($username, $password)) {
OC_JSON::error(array('data' => array( 'message' => 'User creation failed for '.$username )));
exit();
}
foreach( $groups as $i ) {
if(!OC_Group::groupExists($i)) {
OC_Group::createGroup($i);
}
OC_Group::addToGroup( $username, $i );
}
$userManager = \OC_User::getManager();
$user = $userManager->get($username);
OCP\JSON::success(array("data" =>
array(
// returns whether the home already existed
"homeExists" => $homeExists,
"username" => $username,
"groups" => OC_Group::getUserGroups( $username ),
'storageLocation' => $user->getHome())));
} catch (Exception $exception) {
OCP\JSON::error(array("data" => array( "message" => $exception->getMessage())));
}

View File

@ -1,46 +0,0 @@
<?php
/**
* ownCloud
*
* @author Arthur Schiwon
* @copyright 2014 Arthur Schiwon <blizzz@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
OC_JSON::callCheck();
OC_JSON::checkSubAdminUser();
if (isset($_GET['pattern']) && !empty($_GET['pattern'])) {
$pattern = $_GET['pattern'];
} else {
$pattern = '';
}
if (isset($_GET['filterGroups']) && !empty($_GET['filterGroups'])) {
$filterGroups = intval($_GET['filterGroups']) === 1;
} else {
$filterGroups = false;
}
$groupPattern = $filterGroups ? $pattern : '';
$groups = array();
$adminGroups = array();
$groupManager = \OC_Group::getManager();
$isAdmin = OC_User::isAdminUser(OC_User::getUser());
$groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager);
$groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT);
list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern);
OC_JSON::success(
array('data' => array('adminGroups' => $adminGroups, 'groups' => $groups)));

View File

@ -1,14 +0,0 @@
<?php
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
$name = $_POST["groupname"];
// Return Success story
if( OC_Group::deleteGroup( $name )) {
OC_JSON::success(array("data" => array( "groupname" => $name )));
}
else{
OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete group") )));
}

View File

@ -1,26 +0,0 @@
<?php
OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
$username = $_POST["username"];
// A user shouldn't be able to delete his own account
if(OC_User::getUser() === $username) {
exit;
}
if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$l = \OC::$server->getL10N('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
// Return Success story
if( OC_User::deleteUser( $username )) {
OC_JSON::success(array("data" => array( "username" => $username )));
}
else{
$l = \OC::$server->getL10N('core');
OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete user") )));
}

View File

@ -1,92 +0,0 @@
<?php
/**
* ownCloud
*
* @author Michael Gapczynski
* @copyright 2012 Michael Gapczynski mtgap@owncloud.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
OC_JSON::callCheck();
OC_JSON::checkSubAdminUser();
if (isset($_GET['offset'])) {
$offset = $_GET['offset'];
} else {
$offset = 0;
}
if (isset($_GET['limit'])) {
$limit = $_GET['limit'];
} else {
$limit = 10;
}
if (isset($_GET['gid']) && !empty($_GET['gid'])) {
$gid = $_GET['gid'];
if ($gid === '_everyone') {
$gid = false;
}
} else {
$gid = false;
}
if (isset($_GET['pattern']) && !empty($_GET['pattern'])) {
$pattern = $_GET['pattern'];
} else {
$pattern = '';
}
$users = array();
$userManager = \OC_User::getManager();
if (OC_User::isAdminUser(OC_User::getUser())) {
if($gid !== false) {
$batch = OC_Group::displayNamesInGroup($gid, $pattern, $limit, $offset);
} else {
$batch = OC_User::getDisplayNames($pattern, $limit, $offset);
}
foreach ($batch as $uid => $displayname) {
$user = $userManager->get($uid);
$users[] = array(
'name' => $uid,
'displayname' => $displayname,
'groups' => OC_Group::getUserGroups($uid),
'subadmin' => OC_SubAdmin::getSubAdminsGroups($uid),
'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'),
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin(),
);
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
if($gid !== false && in_array($gid, $groups)) {
$groups = array($gid);
} elseif($gid !== false) {
//don't you try to investigate loops you must not know about
$groups = array();
}
$batch = OC_Group::usersInGroups($groups, $pattern, $limit, $offset);
foreach ($batch as $uid) {
$user = $userManager->get($uid);
// Only add the groups, this user is a subadmin of
$userGroups = array_intersect(OC_Group::getUserGroups($uid), OC_SubAdmin::getSubAdminsGroups(OC_User::getUser()));
$users[] = array(
'name' => $uid,
'displayname' => $user->getDisplayName(),
'groups' => $userGroups,
'quota' => OC_Preferences::getValue($uid, 'files', 'quota', 'default'),
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin(),
);
}
}
OC_JSON::success(array('data' => $users));

View File

@ -10,11 +10,14 @@
namespace OC\Settings;
use OC\AppFramework\Utility\SimpleContainer;
use OC\Settings\Controller\AppSettingsController;
use OC\Settings\Controller\GroupsController;
use OC\Settings\Controller\MailSettingsController;
use OC\Settings\Controller\SecuritySettingsController;
use OC\Settings\Controller\UsersController;
use OC\Settings\Middleware\SubadminMiddleware;
use \OCP\AppFramework\App;
use OCP\IContainer;
use \OCP\Util;
/**
@ -34,7 +37,7 @@ class Application extends App {
/**
* Controllers
*/
$container->registerService('MailSettingsController', function(SimpleContainer $c) {
$container->registerService('MailSettingsController', function(IContainer $c) {
return new MailSettingsController(
$c->query('AppName'),
$c->query('Request'),
@ -46,7 +49,7 @@ class Application extends App {
$c->query('DefaultMailAddress')
);
});
$container->registerService('AppSettingsController', function(SimpleContainer $c) {
$container->registerService('AppSettingsController', function(IContainer $c) {
return new AppSettingsController(
$c->query('AppName'),
$c->query('Request'),
@ -54,33 +57,81 @@ class Application extends App {
$c->query('Config')
);
});
$container->registerService('SecuritySettingsController', function(SimpleContainer $c) {
$container->registerService('SecuritySettingsController', function(IContainer $c) {
return new SecuritySettingsController(
$c->query('AppName'),
$c->query('Request'),
$c->query('Config')
);
});
$container->registerService('GroupsController', function(IContainer $c) {
return new GroupsController(
$c->query('AppName'),
$c->query('Request'),
$c->query('GroupManager'),
$c->query('UserSession'),
$c->query('IsAdmin'),
$c->query('L10N')
);
});
$container->registerService('UsersController', function(IContainer $c) {
return new UsersController(
$c->query('AppName'),
$c->query('Request'),
$c->query('UserManager'),
$c->query('GroupManager'),
$c->query('UserSession'),
$c->query('Config'),
$c->query('IsAdmin'),
$c->query('L10N')
);
});
/**
* Middleware
*/
$container->registerService('SubadminMiddleware', function(IContainer $c){
return new SubadminMiddleware(
$c->query('ControllerMethodReflector'),
$c->query('IsSubAdmin')
);
});
// Execute middlewares
$container->registerMiddleware('SubadminMiddleware');
/**
* Core class wrappers
*/
$container->registerService('Config', function(SimpleContainer $c) {
$container->registerService('Config', function(IContainer $c) {
return $c->query('ServerContainer')->getConfig();
});
$container->registerService('L10N', function(SimpleContainer $c) {
$container->registerService('L10N', function(IContainer $c) {
return $c->query('ServerContainer')->getL10N('settings');
});
$container->registerService('UserSession', function(SimpleContainer $c) {
$container->registerService('GroupManager', function(IContainer $c) {
return $c->query('ServerContainer')->getGroupManager();
});
$container->registerService('UserManager', function(IContainer $c) {
return $c->query('ServerContainer')->getUserManager();
});
$container->registerService('UserSession', function(IContainer $c) {
return $c->query('ServerContainer')->getUserSession();
});
$container->registerService('Mail', function(SimpleContainer $c) {
/** FIXME: Remove once OC_User is non-static and mockable */
$container->registerService('IsAdmin', function(IContainer $c) {
return \OC_User::isAdminUser(\OC_User::getUser());
});
/** FIXME: Remove once OC_SubAdmin is non-static and mockable */
$container->registerService('IsSubAdmin', function(IContainer $c) {
return \OC_Subadmin::isSubAdmin(\OC_User::getUser());
});
$container->registerService('Mail', function(IContainer $c) {
return new \OC_Mail;
});
$container->registerService('Defaults', function(SimpleContainer $c) {
$container->registerService('Defaults', function(IContainer $c) {
return new \OC_Defaults;
});
$container->registerService('DefaultMailAddress', function(SimpleContainer $c) {
$container->registerService('DefaultMailAddress', function(IContainer $c) {
return Util::getDefaultEmailAddress('no-reply');
});
}

View File

@ -0,0 +1,140 @@
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OC\Settings\Controller;
use OC\AppFramework\Http;
use \OCP\AppFramework\Controller;
use OCP\AppFramework\Http\DataResponse;
use OCP\IGroupManager;
use OCP\IL10N;
use OCP\IRequest;
use OCP\IUserSession;
/**
* @package OC\Settings\Controller
*/
class GroupsController extends Controller {
/** @var IGroupManager */
private $groupManager;
/** @var IL10N */
private $l10n;
/** @var IUserSession */
private $userSession;
/** @var bool */
private $isAdmin;
/**
* @param string $appName
* @param IRequest $request
* @param IGroupManager $groupManager
* @param IUserSession $userSession
* @param bool $isAdmin
* @param IL10N $l10n
*/
public function __construct($appName,
IRequest $request,
IGroupManager $groupManager,
IUserSession $userSession,
$isAdmin,
IL10N $l10n) {
parent::__construct($appName, $request);
$this->groupManager = $groupManager;
$this->userSession = $userSession;
$this->isAdmin = $isAdmin;
$this->l10n = $l10n;
}
/**
* @NoAdminRequired
*
* @param string $pattern
* @param bool $filterGroups
* @return DataResponse
*/
public function index($pattern = '', $filterGroups = false) {
$groupPattern = $filterGroups ? $pattern : '';
$groupsInfo = new \OC\Group\MetaData($this->userSession->getUser()->getUID(),
$this->isAdmin, $this->groupManager);
$groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT);
list($adminGroups, $groups) = $groupsInfo->get($groupPattern, $pattern);
return new DataResponse(
array(
'data' => array('adminGroups' => $adminGroups, 'groups' => $groups)
)
);
}
/**
* @param string $id
* @return DataResponse
*/
public function create($id) {
if($this->groupManager->groupExists($id)) {
return new DataResponse(
array(
'message' => (string)$this->l10n->t('Group already exists.')
),
Http::STATUS_CONFLICT
);
}
if($this->groupManager->createGroup($id)) {
return new DataResponse(
array(
'groupname' => $id
),
Http::STATUS_CREATED
);
}
return new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => (string)$this->l10n->t('Unable to add group.')
)
),
Http::STATUS_FORBIDDEN
);
}
/**
* @param string $id
* @return DataResponse
*/
public function destroy($id) {
$group = $this->groupManager->get($id);
if ($group) {
if ($group->delete()) {
return new DataResponse(
array(
'status' => 'success',
'data' => array(
'groupname' => $id
)
),
Http::STATUS_NO_CONTENT
);
}
}
return new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => (string)$this->l10n->t('Unable to delete group.')
),
),
Http::STATUS_FORBIDDEN
);
}
}

View File

@ -0,0 +1,253 @@
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OC\Settings\Controller;
use OC\AppFramework\Http;
use OC\User\User;
use \OCP\AppFramework\Controller;
use OCP\AppFramework\Http\DataResponse;
use OCP\IConfig;
use OCP\IGroupManager;
use OCP\IL10N;
use OCP\IRequest;
use OCP\IUserManager;
use OCP\IUserSession;
/**
* @package OC\Settings\Controller
*/
class UsersController extends Controller {
/** @var IL10N */
private $l10n;
/** @var IUserSession */
private $userSession;
/** @var bool */
private $isAdmin;
/** @var IUserManager */
private $userManager;
/** @var IGroupManager */
private $groupManager;
/** @var IConfig */
private $config;
/**
* @param string $appName
* @param IRequest $request
* @param IUserManager $userManager
* @param IGroupManager $groupManager
* @param IUserSession $userSession
* @param IConfig $config
* @param bool $isAdmin
* @param IL10N $l10n
*/
public function __construct($appName,
IRequest $request,
IUserManager $userManager,
IGroupManager $groupManager,
IUserSession $userSession,
IConfig $config,
$isAdmin,
IL10N $l10n) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->groupManager = $groupManager;
$this->userSession = $userSession;
$this->config = $config;
$this->isAdmin = $isAdmin;
$this->l10n = $l10n;
}
/**
* @NoAdminRequired
* @NoCSRFRequired
* @param int $offset
* @param int $limit
* @param string $gid
* @param string $pattern
* @return DataResponse
*
* TODO: Tidy up and write unit tests - code is mainly static method calls
*/
public function index($offset = 0, $limit = 10, $gid = '', $pattern = '') {
// FIXME: The JS sends the group '_everyone' instead of no GID for the "all users" group.
if($gid === '_everyone') {
$gid = '';
}
$users = array();
if ($this->isAdmin) {
if($gid !== '') {
$batch = $this->groupManager->displayNamesInGroup($gid, $pattern, $limit, $offset);
} else {
// FIXME: Remove static method call
$batch = \OC_User::getDisplayNames($pattern, $limit, $offset);
}
foreach ($batch as $uid => $displayname) {
$user = $this->userManager->get($uid);
$users[] = array(
'name' => $uid,
'displayname' => $displayname,
'groups' => $this->groupManager->getUserGroupIds($user),
'subadmin' => \OC_SubAdmin::getSubAdminsGroups($uid),
'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'),
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin(),
);
}
} else {
$groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID());
if($gid !== '' && in_array($gid, $groups)) {
$groups = array($gid);
} elseif($gid !== '') {
//don't you try to investigate loops you must not know about
$groups = array();
}
$batch = \OC_Group::usersInGroups($groups, $pattern, $limit, $offset);
foreach ($batch as $uid) {
$user = $this->userManager->get($uid);
// Only add the groups, this user is a subadmin of
$userGroups = array_intersect($this->groupManager->getUserGroupIds($user), \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID()));
$users[] = array(
'name' => $uid,
'displayname' => $user->getDisplayName(),
'groups' => $userGroups,
'quota' => $this->config->getUserValue($uid, 'files', 'quota', 'default'),
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin(),
);
}
}
// FIXME: That assignment on "data" is uneeded here - JS should be adjusted
return new DataResponse(array('data' => $users, 'status' => 'success'));
}
/**
* @NoAdminRequired
*
* @param string $username
* @param string $password
* @param array $groups
* @return DataResponse
*
* TODO: Tidy up and write unit tests - code is mainly static method calls
*/
public function create($username, $password, array $groups) {
if (!$this->isAdmin) {
if (!empty($groups)) {
foreach ($groups as $key => $group) {
if (!\OC_SubAdmin::isGroupAccessible($this->userSession->getUser()->getUID(), $group)) {
unset($groups[$key]);
}
}
}
if (empty($groups)) {
$groups = \OC_SubAdmin::getSubAdminsGroups($this->userSession->getUser()->getUID());
}
}
try {
$user = $this->userManager->createUser($username, $password);
} catch (\Exception $exception) {
return new DataResponse(
array(
'message' => (string)$this->l10n->t('Unable to create user.')
),
Http::STATUS_FORBIDDEN
);
}
if($user instanceof User) {
foreach( $groups as $groupName ) {
$group = $this->groupManager->get($groupName);
if(empty($group)) {
$group = $this->groupManager->createGroup($groupName);
}
$group->addUser($user);
}
}
return new DataResponse(
array(
'username' => $username,
'groups' => $this->groupManager->getUserGroupIds($user),
'storageLocation' => $user->getHome()
),
Http::STATUS_CREATED
);
}
/**
* @NoAdminRequired
*
* @param string $id
* @return DataResponse
*
* TODO: Tidy up and write unit tests - code is mainly static method calls
*/
public function destroy($id) {
if($this->userSession->getUser()->getUID() === $id) {
return new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => (string)$this->l10n->t('Unable to delete user.')
)
),
Http::STATUS_FORBIDDEN
);
}
// FIXME: Remove this static function call at some point…
if(!$this->isAdmin && !\OC_SubAdmin::isUserAccessible($this->userSession->getUser()->getUID(), $id)) {
return new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => (string)$this->l10n->t('Authentication error')
)
),
Http::STATUS_FORBIDDEN
);
}
$user = $this->userManager->get($id);
if($user) {
if($user->delete()) {
return new DataResponse(
array(
'status' => 'success',
'data' => array(
'username' => $id
)
),
Http::STATUS_NO_CONTENT
);
}
}
return new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => (string)$this->l10n->t('Unable to delete user.')
)
),
Http::STATUS_FORBIDDEN
);
}
}

View File

@ -41,7 +41,7 @@ OC.Settings = _.extend(OC.Settings, {
};
}
$.ajax({
url: OC.generateUrl('/settings/ajax/grouplist'),
url: OC.generateUrl('/settings/users/groups'),
data: queryData,
dataType: 'json',
success: function(data) {

View File

@ -189,11 +189,10 @@ DeleteHandler.prototype.deleteEntry = function(keepNotification) {
var payload = {};
payload[dh.ajaxParamID] = dh.oidToDelete;
$.ajax({
type: 'POST',
url: OC.filePath('settings', 'ajax', dh.ajaxEndpoint),
type: 'DELETE',
url: OC.generateUrl(dh.ajaxEndpoint+'/'+this.oidToDelete),
// FIXME: do not use synchronous ajax calls as they block the browser !
async: false,
data: payload,
success: function (result) {
if (result.status === 'success') {
// Remove undo option, & remove user from table

View File

@ -84,29 +84,24 @@ GroupList = {
createGroup: function (groupname) {
$.post(
OC.filePath('settings', 'ajax', 'creategroup.php'),
OC.generateUrl('/settings/users/groups'),
{
groupname: groupname
id: groupname
},
function (result) {
if (result.status !== 'success') {
OC.dialogs.alert(result.data.message,
t('settings', 'Error creating group'));
}
else {
if (result.data.groupname) {
var addedGroup = result.data.groupname;
UserList.availableGroups = $.unique($.merge(UserList.availableGroups, [addedGroup]));
GroupList.addGroup(result.data.groupname);
if (result.groupname) {
var addedGroup = result.groupname;
UserList.availableGroups = $.unique($.merge(UserList.availableGroups, [addedGroup]));
GroupList.addGroup(result.groupname);
$('.groupsselect, .subadminsselect')
.append($('<option>', { value: result.data.groupname })
.text(result.data.groupname));
}
GroupList.toggleAddGroup();
$('.groupsselect, .subadminsselect')
.append($('<option>', { value: result.groupname })
.text(result.groupname));
}
}
);
GroupList.toggleAddGroup();
}).fail(function(result, textStatus, errorThrown) {
OC.dialogs.alert(result.responseJSON.message, t('settings', 'Error creating group'));
});
},
update: function () {
@ -115,7 +110,7 @@ GroupList = {
}
GroupList.updating = true;
$.get(
OC.generateUrl('/settings/ajax/grouplist'),
OC.generateUrl('/settings/users/groups'),
{
pattern: filter.getPattern(),
filterGroups: filter.filterGroups ? 1 : 0
@ -221,7 +216,7 @@ GroupList = {
},
initDeleteHandling: function () {
//set up handler
GroupDeleteHandler = new DeleteHandler('removegroup.php', 'groupname',
GroupDeleteHandler = new DeleteHandler('/settings/users/groups', 'groupname',
GroupList.hide, GroupList.remove);
//configure undo

View File

@ -292,7 +292,7 @@ var UserList = {
},
initDeleteHandling: function() {
//set up handler
UserDeleteHandler = new DeleteHandler('removeuser.php', 'username',
UserDeleteHandler = new DeleteHandler('/settings/users/users', 'username',
UserList.markRemove, UserList.remove);
//configure undo
@ -326,7 +326,7 @@ var UserList = {
UserList.currentGid = gid;
var pattern = filter.getPattern();
$.get(
OC.generateUrl('/settings/ajax/userlist'),
OC.generateUrl('/settings/users/users'),
{ offset: UserList.offset, limit: UserList.usersToLoad, gid: gid, pattern: pattern },
function (result) {
var loadedUsers = 0;
@ -667,49 +667,44 @@ $(document).ready(function () {
var groups = $('#newusergroups').val();
$('#newuser').get(0).reset();
$.post(
OC.filePath('settings', 'ajax', 'createuser.php'),
OC.generateUrl('/settings/users/users'),
{
username: username,
password: password,
groups: groups
},
function (result) {
if (result.status !== 'success') {
OC.dialogs.alert(result.data.message,
t('settings', 'Error creating user'));
} else {
if (result.data.groups) {
var addedGroups = result.data.groups;
for (var i in result.data.groups) {
var gid = result.data.groups[i];
if(UserList.availableGroups.indexOf(gid) === -1) {
UserList.availableGroups.push(gid);
}
$li = GroupList.getGroupLI(gid);
userCount = GroupList.getUserCount($li);
GroupList.setUserCount($li, userCount + 1);
if (result.groups) {
for (var i in result.groups) {
var gid = result.groups[i];
if(UserList.availableGroups.indexOf(gid) === -1) {
UserList.availableGroups.push(gid);
}
$li = GroupList.getGroupLI(gid);
userCount = GroupList.getUserCount($li);
GroupList.setUserCount($li, userCount + 1);
}
if (result.data.homeExists){
OC.Notification.hide();
OC.Notification.show(t('settings', 'Warning: Home directory for user "{user}" already exists', {user: result.data.username}));
if (UserList.notificationTimeout){
window.clearTimeout(UserList.notificationTimeout);
}
UserList.notificationTimeout = window.setTimeout(
function(){
OC.Notification.hide();
UserList.notificationTimeout = null;
}, 10000);
}
if(!UserList.has(username)) {
UserList.add(username, username, result.data.groups, null, 'default', result.data.storageLocation, 0, true);
}
$('#newusername').focus();
GroupList.incEveryoneCount();
}
}
);
if (result.homeExists){
OC.Notification.hide();
OC.Notification.show(t('settings', 'Warning: Home directory for user "{user}" already exists', {user: result.username}));
if (UserList.notificationTimeout){
window.clearTimeout(UserList.notificationTimeout);
}
UserList.notificationTimeout = window.setTimeout(
function(){
OC.Notification.hide();
UserList.notificationTimeout = null;
}, 10000);
}
if(!UserList.has(username)) {
UserList.add(username, username, result.groups, null, 'default', result.storageLocation, 0, true);
}
$('#newusername').focus();
GroupList.incEveryoneCount();
}).fail(function(result, textStatus, errorThrown) {
OC.dialogs.alert(result.responseJSON.message, t('settings', 'Error creating user'));
});
});
// Option to display/hide the "Storage location" column

View File

@ -0,0 +1,65 @@
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OC\Settings\Middleware;
use OC\AppFramework\Http;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Middleware;
/**
* Verifies whether an user has at least subadmin rights.
* To bypass use the `@NoSubadminRequired` annotation
*
* @package OC\Settings\Middleware
*/
class SubadminMiddleware extends Middleware {
/** @var bool */
protected $isSubAdmin;
/** @var ControllerMethodReflector */
protected $reflector;
/**
* @param ControllerMethodReflector $reflector
* @param bool $isSubAdmin
*/
public function __construct(ControllerMethodReflector $reflector,
$isSubAdmin) {
$this->reflector = $reflector;
$this->isSubAdmin = $isSubAdmin;
}
/**
* Check if sharing is enabled before the controllers is executed
* @param \OCP\AppFramework\Controller $controller
* @param string $methodName
* @throws \Exception
*/
public function beforeController($controller, $methodName) {
if(!$this->reflector->hasAnnotation('NoSubadminRequired')) {
if(!$this->isSubAdmin) {
throw new \Exception('Logged in user must be a subadmin');
}
}
}
/**
* Return 403 page in case of an exception
* @param \OCP\AppFramework\Controller $controller
* @param string $methodName
* @param \Exception $exception
* @return TemplateResponse
*/
public function afterException($controller, $methodName, \Exception $exception) {
return new TemplateResponse('core', '403', array(), 'guest');
}
}

View File

@ -9,17 +9,22 @@
namespace OC\Settings;
$application = new Application();
$application->registerRoutes($this, array('routes' =>array(
array('name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'),
array('name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'),
array('name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'),
array('name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'),
array('name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'),
array('name' => 'SecuritySettings#enforceSSL', 'url' => '/settings/admin/security/ssl', 'verb' => 'POST'),
array('name' => 'SecuritySettings#enforceSSLForSubdomains', 'url' => '/settings/admin/security/ssl/subdomains', 'verb' => 'POST'),
array('name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'),
)));
$application->registerRoutes($this, array(
'resources' => array(
'groups' => array('url' => '/settings/users/groups'),
'users' => array('url' => '/settings/users/users')
),
'routes' =>array(
array('name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'),
array('name' => 'MailSettings#storeCredentials', 'url' => '/settings/admin/mailsettings/credentials', 'verb' => 'POST'),
array('name' => 'MailSettings#sendTestMail', 'url' => '/settings/admin/mailtest', 'verb' => 'POST'),
array('name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'),
array('name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'),
array('name' => 'SecuritySettings#enforceSSL', 'url' => '/settings/admin/security/ssl', 'verb' => 'POST'),
array('name' => 'SecuritySettings#enforceSSLForSubdomains', 'url' => '/settings/admin/security/ssl/subdomains', 'verb' => 'POST'),
array('name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'),
)
));
/** @var $this \OCP\Route\IRouter */
@ -38,26 +43,14 @@ $this->create('settings_admin', '/settings/admin')
->actionInclude('settings/admin.php');
// Settings ajax actions
// users
$this->create('settings_ajax_userlist', '/settings/ajax/userlist')
->actionInclude('settings/ajax/userlist.php');
$this->create('settings_ajax_grouplist', '/settings/ajax/grouplist')
->actionInclude('settings/ajax/grouplist.php');
$this->create('settings_ajax_everyonecount', '/settings/ajax/geteveryonecount')
->actionInclude('settings/ajax/geteveryonecount.php');
$this->create('settings_ajax_createuser', '/settings/ajax/createuser.php')
->actionInclude('settings/ajax/createuser.php');
$this->create('settings_ajax_removeuser', '/settings/ajax/removeuser.php')
->actionInclude('settings/ajax/removeuser.php');
$this->create('settings_ajax_setquota', '/settings/ajax/setquota.php')
->actionInclude('settings/ajax/setquota.php');
$this->create('settings_ajax_creategroup', '/settings/ajax/creategroup.php')
->actionInclude('settings/ajax/creategroup.php');
$this->create('settings_ajax_togglegroups', '/settings/ajax/togglegroups.php')
->actionInclude('settings/ajax/togglegroups.php');
$this->create('settings_ajax_togglesubadmins', '/settings/ajax/togglesubadmins.php')
->actionInclude('settings/ajax/togglesubadmins.php');
$this->create('settings_ajax_removegroup', '/settings/ajax/removegroup.php')
->actionInclude('settings/ajax/removegroup.php');
$this->create('settings_users_changepassword', '/settings/users/changepassword')
->post()
->action('OC\Settings\ChangePassword\Controller', 'changeUserPassword');

View File

@ -85,7 +85,7 @@ describe('DeleteHandler tests', function() {
// previous one was delete
expect(fakeServer.requests.length).toEqual(1);
var request = fakeServer.requests[0];
expect(request.url).toEqual(OC.webroot + '/index.php/settings/ajax/dummyendpoint.php');
expect(request.url).toEqual(OC.webroot + '/index.php/dummyendpoint.php/some_uid');
});
it('automatically deletes after timeout', function() {
var handler = init(markCallback, removeCallback, undoCallback);
@ -98,7 +98,7 @@ describe('DeleteHandler tests', function() {
clock.tick(3000);
expect(fakeServer.requests.length).toEqual(1);
var request = fakeServer.requests[0];
expect(request.url).toEqual(OC.webroot + '/index.php/settings/ajax/dummyendpoint.php');
expect(request.url).toEqual(OC.webroot + '/index.php/dummyendpoint.php/some_uid');
});
it('deletes when deleteEntry is called', function() {
var handler = init(markCallback, removeCallback, undoCallback);
@ -107,7 +107,7 @@ describe('DeleteHandler tests', function() {
handler.deleteEntry();
expect(fakeServer.requests.length).toEqual(1);
var request = fakeServer.requests[0];
expect(request.url).toEqual(OC.webroot + '/index.php/settings/ajax/dummyendpoint.php');
expect(request.url).toEqual(OC.webroot + '/index.php/dummyendpoint.php/some_uid');
});
it('cancels deletion when undo is clicked', function() {
var handler = init(markCallback, removeCallback, undoCallback);
@ -135,7 +135,7 @@ describe('DeleteHandler tests', function() {
expect(fakeServer.requests.length).toEqual(0);
});
it('calls removeCallback after successful server side deletion', function() {
fakeServer.respondWith(/\/index\.php\/settings\/ajax\/dummyendpoint.php/, [
fakeServer.respondWith(/\/index\.php\/dummyendpoint.php\/some_uid/, [
200,
{ 'Content-Type': 'application/json' },
JSON.stringify({status: 'success'})
@ -148,7 +148,6 @@ describe('DeleteHandler tests', function() {
expect(fakeServer.requests.length).toEqual(1);
var request = fakeServer.requests[0];
var query = OC.parseQueryString(request.requestBody);
expect(query.paramid).toEqual('some_uid');
expect(removeCallback.calledOnce).toEqual(true);
expect(undoCallback.notCalled).toEqual(true);
@ -157,7 +156,7 @@ describe('DeleteHandler tests', function() {
it('calls undoCallback and shows alert after failed server side deletion', function() {
// stub t to avoid extra calls
var tStub = sinon.stub(window, 't').returns('text');
fakeServer.respondWith(/\/index\.php\/settings\/ajax\/dummyendpoint.php/, [
fakeServer.respondWith(/\/index\.php\/dummyendpoint.php\/some_uid/, [
200,
{ 'Content-Type': 'application/json' },
JSON.stringify({status: 'error', data: {message: 'test error'}})
@ -171,7 +170,6 @@ describe('DeleteHandler tests', function() {
expect(fakeServer.requests.length).toEqual(1);
var request = fakeServer.requests[0];
var query = OC.parseQueryString(request.requestBody);
expect(query.paramid).toEqual('some_uid');
expect(removeCallback.notCalled).toEqual(true);
expect(undoCallback.calledOnce).toEqual(true);

View File

@ -0,0 +1,246 @@
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OC\Settings\Controller;
use OC\Group\Group;
use \OC\Settings\Application;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
/**
* @package OC\Settings\Controller
*/
class GroupsControllerTest extends \Test\TestCase {
/** @var \OCP\AppFramework\IAppContainer */
private $container;
/** @var GroupsController */
private $groupsController;
protected function setUp() {
$app = new Application();
$this->container = $app->getContainer();
$this->container['AppName'] = 'settings';
$this->container['GroupManager'] = $this->getMockBuilder('\OCP\IGroupManager')
->disableOriginalConstructor()->getMock();
$this->container['UserSession'] = $this->getMockBuilder('\OC\User\Session')
->disableOriginalConstructor()->getMock();
$this->container['L10N'] = $this->getMockBuilder('\OCP\IL10N')
->disableOriginalConstructor()->getMock();
$this->container['IsAdmin'] = true;
$this->container['L10N']
->expects($this->any())
->method('t')
->will($this->returnCallback(function($text, $parameters = array()) {
return vsprintf($text, $parameters);
}));
$this->groupsController = $this->container['GroupsController'];
}
/**
* TODO: Since GroupManager uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testIndex() {
$firstGroup = $this->getMockBuilder('\OC\Group\Group')
->disableOriginalConstructor()->getMock();
$firstGroup
->method('getGID')
->will($this->returnValue('firstGroup'));
$firstGroup
->method('count')
->will($this->returnValue(12));
$secondGroup = $this->getMockBuilder('\OC\Group\Group')
->disableOriginalConstructor()->getMock();
$secondGroup
->method('getGID')
->will($this->returnValue('secondGroup'));
$secondGroup
->method('count')
->will($this->returnValue(25));
$thirdGroup = $this->getMockBuilder('\OC\Group\Group')
->disableOriginalConstructor()->getMock();
$thirdGroup
->method('getGID')
->will($this->returnValue('thirdGroup'));
$thirdGroup
->method('count')
->will($this->returnValue(14));
$fourthGroup = $this->getMockBuilder('\OC\Group\Group')
->disableOriginalConstructor()->getMock();
$fourthGroup
->method('getGID')
->will($this->returnValue('admin'));
$fourthGroup
->method('count')
->will($this->returnValue(18));
/** @var \OC\Group\Group[] $groups */
$groups = array();
$groups[] = $firstGroup;
$groups[] = $secondGroup;
$groups[] = $thirdGroup;
$groups[] = $fourthGroup;
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$this->container['UserSession']
->expects($this->once())
->method('getUser')
->will($this->returnValue($user));
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('MyAdminUser'));
$this->container['GroupManager']
->method('search')
->will($this->returnValue($groups));
$expectedResponse = new DataResponse(
array(
'data' => array(
'adminGroups' => array(
0 => array(
'id' => 'admin',
'name' => 'admin',
'usercount' => 18
)
),
'groups' =>
array(
0 => array(
'id' => 'secondGroup',
'name' => 'secondGroup',
'usercount' => 25
),
1 => array(
'id' => 'thirdGroup',
'name' => 'thirdGroup',
'usercount' => 14
),
2 => array(
'id' => 'firstGroup',
'name' => 'firstGroup',
'usercount' => 12
)
)
)
)
);
$response = $this->groupsController->index();
$this->assertEquals($expectedResponse, $response);
}
public function testCreateWithExistingGroup() {
$this->container['GroupManager']
->expects($this->once())
->method('groupExists')
->with('ExistingGroup')
->will($this->returnValue(true));
$expectedResponse = new DataResponse(
array(
'message' => 'Group already exists.'
),
Http::STATUS_CONFLICT
);
$response = $this->groupsController->create('ExistingGroup');
$this->assertEquals($expectedResponse, $response);
}
public function testCreateSuccessful() {
$this->container['GroupManager']
->expects($this->once())
->method('groupExists')
->with('NewGroup')
->will($this->returnValue(false));
$this->container['GroupManager']
->expects($this->once())
->method('createGroup')
->with('NewGroup')
->will($this->returnValue(true));
$expectedResponse = new DataResponse(
array(
'groupname' => 'NewGroup'
),
Http::STATUS_CREATED
);
$response = $this->groupsController->create('NewGroup');
$this->assertEquals($expectedResponse, $response);
}
public function testCreateUnsuccessful() {
$this->container['GroupManager']
->expects($this->once())
->method('groupExists')
->with('NewGroup')
->will($this->returnValue(false));
$this->container['GroupManager']
->expects($this->once())
->method('createGroup')
->with('NewGroup')
->will($this->returnValue(false));
$expectedResponse = new DataResponse(
array(
'status' => 'error',
'data' => array('message' => 'Unable to add group.')
),
Http::STATUS_FORBIDDEN
);
$response = $this->groupsController->create('NewGroup');
$this->assertEquals($expectedResponse, $response);
}
public function testDestroySuccessful() {
$group = $this->getMockBuilder('\OC\Group\Group')
->disableOriginalConstructor()->getMock();
$this->container['GroupManager']
->expects($this->once())
->method('get')
->with('ExistingGroup')
->will($this->returnValue($group));
$group
->expects($this->once())
->method('delete')
->will($this->returnValue(true));
$expectedResponse = new DataResponse(
array(
'status' => 'success',
'data' => array('groupname' => 'ExistingGroup')
),
Http::STATUS_NO_CONTENT
);
$response = $this->groupsController->destroy('ExistingGroup');
$this->assertEquals($expectedResponse, $response);
}
public function testDestroyUnsuccessful() {
$this->container['GroupManager']
->expects($this->once())
->method('get')
->with('ExistingGroup')
->will($this->returnValue(null));
$expectedResponse = new DataResponse(
array(
'status' => 'error',
'data' => array('message' => 'Unable to delete group.')
),
Http::STATUS_FORBIDDEN
);
$response = $this->groupsController->destroy('ExistingGroup');
$this->assertEquals($expectedResponse, $response);
}
}

View File

@ -0,0 +1,344 @@
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OC\Settings\Controller;
use \OC\Settings\Application;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
/**
* @package OC\Settings\Controller
*/
class UsersControllerTest extends \Test\TestCase {
/** @var \OCP\AppFramework\IAppContainer */
private $container;
/** @var UsersController */
private $usersController;
protected function setUp() {
$app = new Application();
$this->container = $app->getContainer();
$this->container['AppName'] = 'settings';
$this->container['GroupManager'] = $this->getMockBuilder('\OCP\IGroupManager')
->disableOriginalConstructor()->getMock();
$this->container['UserManager'] = $this->getMockBuilder('\OCP\IUserManager')
->disableOriginalConstructor()->getMock();
$this->container['UserSession'] = $this->getMockBuilder('\OC\User\Session')
->disableOriginalConstructor()->getMock();
$this->container['L10N'] = $this->getMockBuilder('\OCP\IL10N')
->disableOriginalConstructor()->getMock();
$this->container['Config'] = $this->getMockBuilder('\OCP\IConfig')
->disableOriginalConstructor()->getMock();
$this->container['IsAdmin'] = true;
$this->container['L10N']
->expects($this->any())
->method('t')
->will($this->returnCallback(function($text, $parameters = array()) {
return vsprintf($text, $parameters);
}));
$this->usersController = $this->container['UsersController'];
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testIndex() {
$admin = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$admin
->method('getLastLogin')
->will($this->returnValue(12));
$admin
->method('getHome')
->will($this->returnValue('/home/admin'));
$foo = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$foo
->method('getLastLogin')
->will($this->returnValue(500));
$foo
->method('getHome')
->will($this->returnValue('/home/foo'));
$bar = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$bar
->method('getLastLogin')
->will($this->returnValue(3999));
$bar
->method('getHome')
->will($this->returnValue('/home/bar'));
$this->container['GroupManager']
->expects($this->once())
->method('displayNamesInGroup')
->will($this->returnValue(array('foo' => 'M. Foo', 'admin' => 'S. Admin', 'bar' => 'B. Ar')));
$this->container['GroupManager']
->expects($this->exactly(3))
->method('getUserGroupIds')
->will($this->onConsecutiveCalls(array('Users', 'Support'), array('admins', 'Support'), array('External Users')));
$this->container['UserManager']
->expects($this->exactly(3))
->method('get')
->will($this->onConsecutiveCalls($foo, $admin, $bar));
$this->container['Config']
->expects($this->exactly(3))
->method('getUserValue')
->will($this->onConsecutiveCalls(1024, 404, 2323));
$expectedResponse = new DataResponse(
array(
'status' => 'success',
'data' => array(
0 => array(
'name' => 'foo',
'displayname' => 'M. Foo',
'groups' => array('Users', 'Support'),
'subadmin' => array(),
'quota' => 1024,
'storageLocation' => '/home/foo',
'lastLogin' => 500
),
1 => array(
'name' => 'admin',
'displayname' => 'S. Admin',
'groups' => array('admins', 'Support'),
'subadmin' => array(),
'quota' => 404,
'storageLocation' => '/home/admin',
'lastLogin' => 12
),
2 => array(
'name' => 'bar',
'displayname' => 'B. Ar',
'groups' => array('External Users'),
'subadmin' => array(),
'quota' => 2323,
'storageLocation' => '/home/bar',
'lastLogin' => 3999
),
)
)
);
$response = $this->usersController->index(0, 10, 'pattern');
$this->assertEquals($expectedResponse, $response);
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testCreateSuccessfulWithoutGroup() {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->method('getHome')
->will($this->returnValue('/home/user'));
$this->container['UserManager']
->expects($this->once())
->method('createUser')
->will($this->onConsecutiveCalls($user));
$expectedResponse = new DataResponse(
array(
'username' => 'foo',
'groups' => null,
'storageLocation' => '/home/user'
),
Http::STATUS_CREATED
);
$response = $this->usersController->create('foo', 'password', array());
$this->assertEquals($expectedResponse, $response);
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testCreateSuccessfulWithGroup() {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->method('getHome')
->will($this->returnValue('/home/user'));
$user
->method('getHome')
->will($this->returnValue('/home/user'));
$existingGroup = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()->getMock();
$existingGroup
->expects($this->once())
->method('addUser')
->with($user);
$newGroup = $this->getMockBuilder('\OCP\IGroup')
->disableOriginalConstructor()->getMock();
$newGroup
->expects($this->once())
->method('addUser')
->with($user);
$this->container['UserManager']
->expects($this->once())
->method('createUser')
->will($this->onConsecutiveCalls($user));
$this->container['GroupManager']
->expects($this->exactly(2))
->method('get')
->will($this->onConsecutiveCalls(null, $existingGroup));
$this->container['GroupManager']
->expects($this->once())
->method('createGroup')
->with('NewGroup')
->will($this->onConsecutiveCalls($newGroup));
$this->container['GroupManager']
->expects($this->once())
->method('getUserGroupIds')
->with($user)
->will($this->onConsecutiveCalls(array('NewGroup', 'ExistingGroup')));
$expectedResponse = new DataResponse(
array(
'username' => 'foo',
'groups' => array('NewGroup', 'ExistingGroup'),
'storageLocation' => '/home/user'
),
Http::STATUS_CREATED
);
$response = $this->usersController->create('foo', 'password', array('NewGroup', 'ExistingGroup'));
$this->assertEquals($expectedResponse, $response);
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testCreateUnsuccessful() {
$this->container['UserManager']
->method('createUser')
->will($this->throwException(new \Exception()));
$expectedResponse = new DataResponse(
array(
'message' => 'Unable to create user.'
),
Http::STATUS_FORBIDDEN
);
$response = $this->usersController->create('foo', 'password', array());
$this->assertEquals($expectedResponse, $response);
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testDestroySelf() {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('myself'));
$this->container['UserSession']
->method('getUser')
->will($this->returnValue($user));
$expectedResponse = new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => 'Unable to delete user.'
)
),
Http::STATUS_FORBIDDEN
);
$response = $this->usersController->destroy('myself');
$this->assertEquals($expectedResponse, $response);
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testDestroy() {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('Admin'));
$toDeleteUser = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$toDeleteUser
->expects($this->once())
->method('delete')
->will($this->returnValue(true));
$this->container['UserSession']
->method('getUser')
->will($this->returnValue($user));
$this->container['UserManager']
->method('get')
->with('UserToDelete')
->will($this->returnValue($toDeleteUser));
$expectedResponse = new DataResponse(
array(
'status' => 'success',
'data' => array(
'username' => 'UserToDelete'
)
),
Http::STATUS_NO_CONTENT
);
$response = $this->usersController->destroy('UserToDelete');
$this->assertEquals($expectedResponse, $response);
}
/**
* TODO: Since the function uses the static OC_Subadmin class it can't be mocked
* to test for subadmins. Thus the test always assumes you have admin permissions...
*/
public function testDestroyUnsuccessful() {
$user = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$user
->expects($this->once())
->method('getUID')
->will($this->returnValue('Admin'));
$toDeleteUser = $this->getMockBuilder('\OC\User\User')
->disableOriginalConstructor()->getMock();
$toDeleteUser
->expects($this->once())
->method('delete')
->will($this->returnValue(false));
$this->container['UserSession']
->method('getUser')
->will($this->returnValue($user));
$this->container['UserManager']
->method('get')
->with('UserToDelete')
->will($this->returnValue($toDeleteUser));
$expectedResponse = new DataResponse(
array(
'status' => 'error',
'data' => array(
'message' => 'Unable to delete user.'
)
),
Http::STATUS_FORBIDDEN
);
$response = $this->usersController->destroy('UserToDelete');
$this->assertEquals($expectedResponse, $response);
}
}

View File

@ -0,0 +1,91 @@
<?php
/**
* @author Lukas Reschke
* @copyright 2014 Lukas Reschke lukas@owncloud.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OC\Settings\Middleware;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\TemplateResponse;
/**
* Verifies whether an user has at least subadmin rights.
* To bypass use the `@NoSubadminRequired` annotation
*
* @package OC\Settings\Middleware
*/
class SubadminMiddlewareTest extends \Test\TestCase {
/** @var SubadminMiddleware */
private $subadminMiddlewareAsSubAdmin;
/** @var SubadminMiddleware */
private $subadminMiddleware;
/** @var ControllerMethodReflector */
private $reflector;
/** @var Controller */
private $controller;
protected function setUp() {
$this->reflector = $this->getMockBuilder('\OC\AppFramework\Utility\ControllerMethodReflector')
->disableOriginalConstructor()->getMock();
$this->controller = $this->getMockBuilder('\OCP\AppFramework\Controller')
->disableOriginalConstructor()->getMock();
$this->subadminMiddlewareAsSubAdmin = new SubadminMiddleware($this->reflector, true);
$this->subadminMiddleware = new SubadminMiddleware($this->reflector, false);
}
/**
* @expectedException \Exception
* @expectedExceptionMessage Logged in user must be a subadmin
*/
public function testBeforeControllerAsUserWithExemption() {
$this->reflector
->expects($this->once())
->method('hasAnnotation')
->with('NoSubadminRequired')
->will($this->returnValue(false));
$this->subadminMiddleware->beforeController($this->controller, 'foo');
}
public function testBeforeControllerAsUserWithoutExemption() {
$this->reflector
->expects($this->once())
->method('hasAnnotation')
->with('NoSubadminRequired')
->will($this->returnValue(true));
$this->subadminMiddleware->beforeController($this->controller, 'foo');
}
public function testBeforeControllerAsSubAdminWithoutExemption() {
$this->reflector
->expects($this->once())
->method('hasAnnotation')
->with('NoSubadminRequired')
->will($this->returnValue(false));
$this->subadminMiddlewareAsSubAdmin->beforeController($this->controller, 'foo');
}
public function testBeforeControllerAsSubAdminWithExemption() {
$this->reflector
->expects($this->once())
->method('hasAnnotation')
->with('NoSubadminRequired')
->will($this->returnValue(true));
$this->subadminMiddlewareAsSubAdmin->beforeController($this->controller, 'foo');
}
public function testAfterException() {
$expectedResponse = new TemplateResponse('core', '403', array(), 'guest');
$this->assertEquals($expectedResponse, $this->subadminMiddleware->afterException($this->controller, 'foo', new \Exception()));
}
}