enable api addUser for subadmins
* Fix existing unit tests
This commit is contained in:
michag86
Roeland Jago Douma
parent
aff4aed43c
commit
3b88c469c7
3 changed files with 81 additions and 9 deletions
|
|
@ -37,7 +37,7 @@ $users = new \OCA\Provisioning_API\Users(
|
|||
\OC::$server->getLogger()
|
||||
);
|
||||
API::register('get', '/cloud/users', [$users, 'getUsers'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::ADMIN_AUTH);
|
||||
API::register('post', '/cloud/users', [$users, 'addUser'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
API::register('get', '/cloud/users/{userid}', [$users, 'getUser'], 'provisioning_api', API::USER_AUTH);
|
||||
API::register('put', '/cloud/users/{userid}', [$users, 'editUser'], 'provisioning_api', API::USER_AUTH);
|
||||
API::register('delete', '/cloud/users/{userid}', [$users, 'deleteUser'], 'provisioning_api', API::SUBADMIN_AUTH);
|
||||
|
|
|
|||
|
|
@ -117,18 +117,48 @@ class Users {
|
|||
public function addUser() {
|
||||
$userId = isset($_POST['userid']) ? $_POST['userid'] : null;
|
||||
$password = isset($_POST['password']) ? $_POST['password'] : null;
|
||||
$groups = isset($_POST['groups']) ? $_POST['groups'] : null;
|
||||
$user = $this->userSession->getUser();
|
||||
$isAdmin = $this->groupManager->isAdmin($user->getUID());
|
||||
|
||||
if (!$isAdmin && !$this->groupManager->getSubAdmin()->isSubAdmin($user)) {
|
||||
return new OC_OCS_Result(null, \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
if($this->userManager->userExists($userId)) {
|
||||
$this->logger->error('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']);
|
||||
return new OC_OCS_Result(null, 102, 'User already exists');
|
||||
} else {
|
||||
try {
|
||||
$this->userManager->createUser($userId, $password);
|
||||
$this->logger->info('Successful addUser call with userid: '.$_POST['userid'], ['app' => 'ocs_api']);
|
||||
return new OC_OCS_Result(null, 100);
|
||||
} catch (\Exception $e) {
|
||||
$this->logger->error('Failed addUser attempt with exception: '.$e->getMessage(), ['app' => 'ocs_api']);
|
||||
return new OC_OCS_Result(null, 101, 'Bad request');
|
||||
}
|
||||
|
||||
if(is_array($groups)) {
|
||||
foreach ($groups as $key => $group) {
|
||||
if(!$this->groupManager->groupExists($group)){
|
||||
return new OC_OCS_Result(null, 104, 'group '.$group.' does not exist');
|
||||
}
|
||||
if(!$isAdmin && !$this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $this->groupManager->get($group))) {
|
||||
return new OC_OCS_Result(null, 105, 'insufficient privileges for group '. $group);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if(!$isAdmin) {
|
||||
return new OC_OCS_Result(null, 106, 'no group specified (required for subadmins)');
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
$user = $this->userManager->createUser($userId, $password);
|
||||
$this->logger->info('Successful addUser call with userid: '.$_POST['userid'], ['app' => 'ocs_api']);
|
||||
|
||||
if (is_array($groups)) {
|
||||
foreach ($groups as $group) {
|
||||
$this->groupManager->get($group)->addUser($user);
|
||||
$this->logger->info('Added user (' . $user->getUID() . ') to group ' . $group, ['app' => 'ocs_api']);
|
||||
}
|
||||
}
|
||||
return new OC_OCS_Result(null, 100);
|
||||
} catch (\Exception $e) {
|
||||
$this->logger->error('Failed addUser attempt with exception: '.$e->getMessage(), ['app' => 'ocs_api']);
|
||||
return new OC_OCS_Result(null, 101, 'Bad request');
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -218,6 +218,20 @@ class UsersTest extends OriginalTest {
|
|||
->expects($this->once())
|
||||
->method('error')
|
||||
->with('Failed addUser attempt: User already exists.', ['app' => 'ocs_api']);
|
||||
$loggedInUser = $this->getMock('\OCP\IUser');
|
||||
$loggedInUser
|
||||
->expects($this->once())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('adminUser'));
|
||||
$this->userSession
|
||||
->expects($this->once())
|
||||
->method('getUser')
|
||||
->will($this->returnValue($loggedInUser));
|
||||
$this->groupManager
|
||||
->expects($this->once())
|
||||
->method('isAdmin')
|
||||
->with('adminUser')
|
||||
->willReturn(true);
|
||||
|
||||
$expected = new \OC_OCS_Result(null, 102, 'User already exists');
|
||||
$this->assertEquals($expected, $this->api->addUser());
|
||||
|
|
@ -239,6 +253,20 @@ class UsersTest extends OriginalTest {
|
|||
->expects($this->once())
|
||||
->method('info')
|
||||
->with('Successful addUser call with userid: NewUser', ['app' => 'ocs_api']);
|
||||
$loggedInUser = $this->getMock('\OCP\IUser');
|
||||
$loggedInUser
|
||||
->expects($this->once())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('adminUser'));
|
||||
$this->userSession
|
||||
->expects($this->once())
|
||||
->method('getUser')
|
||||
->will($this->returnValue($loggedInUser));
|
||||
$this->groupManager
|
||||
->expects($this->once())
|
||||
->method('isAdmin')
|
||||
->with('adminUser')
|
||||
->willReturn(true);
|
||||
|
||||
$expected = new \OC_OCS_Result(null, 100);
|
||||
$this->assertEquals($expected, $this->api->addUser());
|
||||
|
|
@ -261,6 +289,20 @@ class UsersTest extends OriginalTest {
|
|||
->expects($this->once())
|
||||
->method('error')
|
||||
->with('Failed addUser attempt with exception: User backend not found.', ['app' => 'ocs_api']);
|
||||
$loggedInUser = $this->getMock('\OCP\IUser');
|
||||
$loggedInUser
|
||||
->expects($this->once())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('adminUser'));
|
||||
$this->userSession
|
||||
->expects($this->once())
|
||||
->method('getUser')
|
||||
->will($this->returnValue($loggedInUser));
|
||||
$this->groupManager
|
||||
->expects($this->once())
|
||||
->method('isAdmin')
|
||||
->with('adminUser')
|
||||
->willReturn(true);
|
||||
|
||||
$expected = new \OC_OCS_Result(null, 101, 'Bad request');
|
||||
$this->assertEquals($expected, $this->api->addUser());
|
||||
|
|
|
|||
Loading…
Reference in a new issue