server/settings/ajax/removeuser.php

26 lines
670 B
PHP
Raw Normal View History

2011-04-16 23:04:23 +00:00
<?php
2012-07-18 15:23:40 +00:00
OC_JSON::checkSubAdminUser();
2012-07-07 13:27:04 +00:00
OCP\JSON::callCheck();
2011-04-16 23:04:23 +00:00
$username = $_POST["username"];
2011-04-16 23:04:23 +00:00
// A user shouldn't be able to delete his own account
if(OC_User::getUser() === $username) {
exit;
}
if(!OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
2012-07-19 14:35:14 +00:00
$l = OC_L10N::get('core');
OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
2012-07-19 14:35:14 +00:00
exit();
2012-07-18 15:23:40 +00:00
}
2011-04-16 23:04:23 +00:00
// Return Success story
if( OC_User::deleteUser( $username )) {
OC_JSON::success(array("data" => array( "username" => $username )));
2011-04-16 23:04:23 +00:00
}
else{
OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete user") )));
2011-04-16 23:04:23 +00:00
}