setquota.php 2.8 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  6. * @author Bart Visscher <bartv@thisnet.nl>
  7. * @author Björn Schießle <bjoern@schiessle.org>
  8. * @author Christopher Schäpers <kondou@ts.unde.re>
  9. * @author Felix Moeller <mail@felixmoeller.de>
  10. * @author Georg Ehrke <georg@owncloud.com>
  11. * @author Lukas Reschke <lukas@statuscode.ch>
  12. * @author Morris Jobke <hey@morrisjobke.de>
  13. * @author Robin Appelman <robin@icewind.nl>
  14. * @author Thomas Müller <thomas.mueller@tmit.eu>
  15. *
  16. * @license AGPL-3.0
  17. *
  18. * This code is free software: you can redistribute it and/or modify
  19. * it under the terms of the GNU Affero General Public License, version 3,
  20. * as published by the Free Software Foundation.
  21. *
  22. * This program is distributed in the hope that it will be useful,
  23. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  24. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25. * GNU Affero General Public License for more details.
  26. *
  27. * You should have received a copy of the GNU Affero General Public License, version 3,
  28. * along with this program. If not, see <http://www.gnu.org/licenses/>
  29. *
  30. */
  31. OC_JSON::checkSubAdminUser();
  32. OCP\JSON::callCheck();
  33. $lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
  34. if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
  35. $l = \OC::$server->getL10N('core');
  36. OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
  37. exit();
  38. }
  39. $username = isset($_POST["username"]) ? (string)$_POST["username"] : '';
  40. $isUserAccessible = false;
  41. $currentUserObject = \OC::$server->getUserSession()->getUser();
  42. $targetUserObject = \OC::$server->getUserManager()->get($username);
  43. if($targetUserObject !== null && $currentUserObject !== null) {
  44. $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
  45. }
  46. if(($username === '' && !OC_User::isAdminUser(OC_User::getUser()))
  47. || (!OC_User::isAdminUser(OC_User::getUser())
  48. && !$isUserAccessible)) {
  49. $l = \OC::$server->getL10N('core');
  50. OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
  51. exit();
  52. }
  53. //make sure the quota is in the expected format
  54. $quota= (string)$_POST["quota"];
  55. if($quota !== 'none' and $quota !== 'default') {
  56. $quota= OC_Helper::computerFileSize($quota);
  57. $quota=OC_Helper::humanFileSize($quota);
  58. }
  59. // Return Success story
  60. if($username) {
  61. $targetUserObject->setQuota($quota);
  62. }else{//set the default quota when no username is specified
  63. if($quota === 'default') {//'default' as default quota makes no sense
  64. $quota='none';
  65. }
  66. \OC::$server->getAppConfig()->setValue('files', 'default_quota', $quota);
  67. }
  68. OC_JSON::success(array("data" => array( "username" => $username , 'quota' => $quota)));