|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc. |
|
4
|
|
|
* |
|
5
|
|
|
* @author Arthur Schiwon <[email protected]> |
|
6
|
|
|
* @author Bart Visscher <[email protected]> |
|
7
|
|
|
* @author Georg Ehrke <[email protected]> |
|
8
|
|
|
* @author Lukas Reschke <[email protected]> |
|
9
|
|
|
* @author Morris Jobke <[email protected]> |
|
10
|
|
|
* @author Roeland Jago Douma <[email protected]> |
|
11
|
|
|
* |
|
12
|
|
|
* @license AGPL-3.0 |
|
13
|
|
|
* |
|
14
|
|
|
* This code is free software: you can redistribute it and/or modify |
|
15
|
|
|
* it under the terms of the GNU Affero General Public License, version 3, |
|
16
|
|
|
* as published by the Free Software Foundation. |
|
17
|
|
|
* |
|
18
|
|
|
* This program is distributed in the hope that it will be useful, |
|
19
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
20
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
21
|
|
|
* GNU Affero General Public License for more details. |
|
22
|
|
|
* |
|
23
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3, |
|
24
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/> |
|
25
|
|
|
* |
|
26
|
|
|
*/ |
|
27
|
|
|
|
|
28
|
|
|
namespace OC; |
|
29
|
|
|
|
|
30
|
|
|
use OC\Hooks\PublicEmitter; |
|
31
|
|
|
use OCP\IUser; |
|
32
|
|
|
use OCP\IUserManager; |
|
33
|
|
|
use OCP\IGroup; |
|
34
|
|
|
use OCP\IGroupManager; |
|
35
|
|
|
use OCP\IDBConnection; |
|
36
|
|
|
|
|
37
|
|
|
class SubAdmin extends PublicEmitter { |
|
38
|
|
|
|
|
39
|
|
|
/** @var IUserManager */ |
|
40
|
|
|
private $userManager; |
|
41
|
|
|
|
|
42
|
|
|
/** @var IGroupManager */ |
|
43
|
|
|
private $groupManager; |
|
44
|
|
|
|
|
45
|
|
|
/** @var IDBConnection */ |
|
46
|
|
|
private $dbConn; |
|
47
|
|
|
|
|
48
|
|
|
/** |
|
49
|
|
|
* @param IUserManager $userManager |
|
50
|
|
|
* @param IGroupManager $groupManager |
|
51
|
|
|
* @param IDBConnection $dbConn |
|
52
|
|
|
*/ |
|
53
|
|
|
public function __construct(IUserManager $userManager, |
|
54
|
|
|
IGroupManager $groupManager, |
|
55
|
|
|
IDBConnection $dbConn) { |
|
56
|
|
|
$this->userManager = $userManager; |
|
57
|
|
|
$this->groupManager = $groupManager; |
|
58
|
|
|
$this->dbConn = $dbConn; |
|
59
|
|
|
|
|
60
|
|
|
$this->userManager->listen('\OC\User', 'postDelete', function($user) { |
|
61
|
|
|
$this->post_deleteUser($user); |
|
62
|
|
|
}); |
|
63
|
|
|
$this->groupManager->listen('\OC\Group', 'postDelete', function($group) { |
|
64
|
|
|
$this->post_deleteGroup($group); |
|
65
|
|
|
}); |
|
66
|
|
|
} |
|
67
|
|
|
|
|
68
|
|
|
/** |
|
69
|
|
|
* add a SubAdmin |
|
70
|
|
|
* @param IUser $user user to be SubAdmin |
|
71
|
|
|
* @param IGroup $group group $user becomes subadmin of |
|
72
|
|
|
* @return bool |
|
73
|
|
|
*/ |
|
74
|
|
|
public function createSubAdmin(IUser $user, IGroup $group) { |
|
75
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
76
|
|
|
|
|
77
|
|
|
$qb->insert('group_admin') |
|
78
|
|
|
->values([ |
|
79
|
|
|
'gid' => $qb->createNamedParameter($group->getGID()), |
|
80
|
|
|
'uid' => $qb->createNamedParameter($user->getUID()) |
|
81
|
|
|
]) |
|
82
|
|
|
->execute(); |
|
83
|
|
|
|
|
84
|
|
|
$this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]); |
|
85
|
|
|
\OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]); |
|
86
|
|
|
return true; |
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
/** |
|
90
|
|
|
* delete a SubAdmin |
|
91
|
|
|
* @param IUser $user the user that is the SubAdmin |
|
92
|
|
|
* @param IGroup $group the group |
|
93
|
|
|
* @return bool |
|
94
|
|
|
*/ |
|
95
|
|
|
public function deleteSubAdmin(IUser $user, IGroup $group) { |
|
96
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
97
|
|
|
|
|
98
|
|
|
$qb->delete('group_admin') |
|
99
|
|
|
->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID()))) |
|
100
|
|
|
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) |
|
101
|
|
|
->execute(); |
|
102
|
|
|
|
|
103
|
|
|
$this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]); |
|
104
|
|
|
\OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]); |
|
105
|
|
|
return true; |
|
106
|
|
|
} |
|
107
|
|
|
|
|
108
|
|
|
/** |
|
109
|
|
|
* get groups of a SubAdmin |
|
110
|
|
|
* @param IUser $user the SubAdmin |
|
111
|
|
|
* @return IGroup[] |
|
112
|
|
|
*/ |
|
113
|
|
View Code Duplication |
public function getSubAdminsGroups(IUser $user) { |
|
|
|
|
|
|
114
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
115
|
|
|
|
|
116
|
|
|
$result = $qb->select('gid') |
|
117
|
|
|
->from('group_admin') |
|
118
|
|
|
->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) |
|
119
|
|
|
->execute(); |
|
120
|
|
|
|
|
121
|
|
|
$groups = []; |
|
122
|
|
|
while($row = $result->fetch()) { |
|
123
|
|
|
$group = $this->groupManager->get($row['gid']); |
|
124
|
|
|
if(!is_null($group)) { |
|
125
|
|
|
$groups[] = $group; |
|
126
|
|
|
} |
|
127
|
|
|
} |
|
128
|
|
|
$result->closeCursor(); |
|
129
|
|
|
|
|
130
|
|
|
return $groups; |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
|
|
/** |
|
134
|
|
|
* get SubAdmins of a group |
|
135
|
|
|
* @param IGroup $group the group |
|
136
|
|
|
* @return IUser[] |
|
137
|
|
|
*/ |
|
138
|
|
View Code Duplication |
public function getGroupsSubAdmins(IGroup $group) { |
|
|
|
|
|
|
139
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
140
|
|
|
|
|
141
|
|
|
$result = $qb->select('uid') |
|
142
|
|
|
->from('group_admin') |
|
143
|
|
|
->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID()))) |
|
144
|
|
|
->execute(); |
|
145
|
|
|
|
|
146
|
|
|
$users = []; |
|
147
|
|
|
while($row = $result->fetch()) { |
|
148
|
|
|
$user = $this->userManager->get($row['uid']); |
|
149
|
|
|
if(!is_null($user)) { |
|
150
|
|
|
$users[] = $user; |
|
151
|
|
|
} |
|
152
|
|
|
} |
|
153
|
|
|
$result->closeCursor(); |
|
154
|
|
|
|
|
155
|
|
|
return $users; |
|
156
|
|
|
} |
|
157
|
|
|
|
|
158
|
|
|
/** |
|
159
|
|
|
* get all SubAdmins |
|
160
|
|
|
* @return array |
|
161
|
|
|
*/ |
|
162
|
|
|
public function getAllSubAdmins() { |
|
163
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
164
|
|
|
|
|
165
|
|
|
$result = $qb->select('*') |
|
166
|
|
|
->from('group_admin') |
|
167
|
|
|
->execute(); |
|
168
|
|
|
|
|
169
|
|
|
$subadmins = []; |
|
170
|
|
|
while($row = $result->fetch()) { |
|
171
|
|
|
$user = $this->userManager->get($row['uid']); |
|
172
|
|
|
$group = $this->groupManager->get($row['gid']); |
|
173
|
|
|
if(!is_null($user) && !is_null($group)) { |
|
174
|
|
|
$subadmins[] = [ |
|
175
|
|
|
'user' => $user, |
|
176
|
|
|
'group' => $group |
|
177
|
|
|
]; |
|
178
|
|
|
} |
|
179
|
|
|
} |
|
180
|
|
|
$result->closeCursor(); |
|
181
|
|
|
|
|
182
|
|
|
return $subadmins; |
|
183
|
|
|
} |
|
184
|
|
|
|
|
185
|
|
|
/** |
|
186
|
|
|
* checks if a user is a SubAdmin of a group |
|
187
|
|
|
* @param IUser $user |
|
188
|
|
|
* @param IGroup $group |
|
189
|
|
|
* @return bool |
|
190
|
|
|
*/ |
|
191
|
|
|
public function isSubAdminOfGroup(IUser $user, IGroup $group) { |
|
192
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
193
|
|
|
|
|
194
|
|
|
/* |
|
195
|
|
|
* Primary key is ('gid', 'uid') so max 1 result possible here |
|
196
|
|
|
*/ |
|
197
|
|
|
$result = $qb->select('*') |
|
198
|
|
|
->from('group_admin') |
|
199
|
|
|
->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID()))) |
|
200
|
|
|
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) |
|
201
|
|
|
->execute(); |
|
202
|
|
|
|
|
203
|
|
|
$fetch = $result->fetch(); |
|
204
|
|
|
$result->closeCursor(); |
|
205
|
|
|
$result = !empty($fetch) ? true : false; |
|
206
|
|
|
|
|
207
|
|
|
return $result; |
|
208
|
|
|
} |
|
209
|
|
|
|
|
210
|
|
|
/** |
|
211
|
|
|
* checks if a user is a SubAdmin |
|
212
|
|
|
* @param IUser $user |
|
213
|
|
|
* @return bool |
|
214
|
|
|
*/ |
|
215
|
|
|
public function isSubAdmin(IUser $user) { |
|
216
|
|
|
// Check if the user is already an admin |
|
217
|
|
|
if ($this->groupManager->isAdmin($user->getUID())) { |
|
218
|
|
|
return true; |
|
219
|
|
|
} |
|
220
|
|
|
|
|
221
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
222
|
|
|
|
|
223
|
|
|
$result = $qb->select('gid') |
|
224
|
|
|
->from('group_admin') |
|
225
|
|
|
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) |
|
226
|
|
|
->setMaxResults(1) |
|
227
|
|
|
->execute(); |
|
228
|
|
|
|
|
229
|
|
|
$isSubAdmin = $result->fetch(); |
|
230
|
|
|
$result->closeCursor(); |
|
231
|
|
|
|
|
232
|
|
|
$result = $isSubAdmin === false ? false : true; |
|
233
|
|
|
|
|
234
|
|
|
return $result; |
|
235
|
|
|
} |
|
236
|
|
|
|
|
237
|
|
|
/** |
|
238
|
|
|
* checks if a user is a accessible by a subadmin |
|
239
|
|
|
* @param IUser $subadmin |
|
240
|
|
|
* @param IUser $user |
|
241
|
|
|
* @return bool |
|
242
|
|
|
*/ |
|
243
|
|
|
public function isUserAccessible($subadmin, $user) { |
|
244
|
|
|
if(!$this->isSubAdmin($subadmin)) { |
|
245
|
|
|
return false; |
|
246
|
|
|
} |
|
247
|
|
|
if($this->groupManager->isAdmin($user->getUID())) { |
|
248
|
|
|
return false; |
|
249
|
|
|
} |
|
250
|
|
|
$accessibleGroups = $this->getSubAdminsGroups($subadmin); |
|
251
|
|
|
foreach($accessibleGroups as $accessibleGroup) { |
|
252
|
|
|
if($accessibleGroup->inGroup($user)) { |
|
253
|
|
|
return true; |
|
254
|
|
|
} |
|
255
|
|
|
} |
|
256
|
|
|
return false; |
|
257
|
|
|
} |
|
258
|
|
|
|
|
259
|
|
|
/** |
|
260
|
|
|
* delete all SubAdmins by $user |
|
261
|
|
|
* @param IUser $user |
|
262
|
|
|
* @return boolean |
|
263
|
|
|
*/ |
|
264
|
|
View Code Duplication |
private function post_deleteUser($user) { |
|
|
|
|
|
|
265
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
266
|
|
|
|
|
267
|
|
|
$qb->delete('group_admin') |
|
268
|
|
|
->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))) |
|
269
|
|
|
->execute(); |
|
270
|
|
|
|
|
271
|
|
|
return true; |
|
272
|
|
|
} |
|
273
|
|
|
|
|
274
|
|
|
/** |
|
275
|
|
|
* delete all SubAdmins by $group |
|
276
|
|
|
* @param IGroup $group |
|
277
|
|
|
* @return boolean |
|
278
|
|
|
*/ |
|
279
|
|
View Code Duplication |
private function post_deleteGroup($group) { |
|
|
|
|
|
|
280
|
|
|
$qb = $this->dbConn->getQueryBuilder(); |
|
281
|
|
|
|
|
282
|
|
|
$qb->delete('group_admin') |
|
283
|
|
|
->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID()))) |
|
284
|
|
|
->execute(); |
|
285
|
|
|
|
|
286
|
|
|
return true; |
|
287
|
|
|
} |
|
288
|
|
|
} |
|
289
|
|
|
|
nextcloud /
server
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.