togglegroups.php 3.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Bart Visscher <bartv@thisnet.nl>
  6. * @author Christopher Schäpers <kondou@ts.unde.re>
  7. * @author Georg Ehrke <georg@owncloud.com>
  8. * @author Jakob Sack <mail@jakobsack.de>
  9. * @author Lukas Reschke <lukas@statuscode.ch>
  10. * @author Robin Appelman <robin@icewind.nl>
  11. * @author Thomas Müller <thomas.mueller@tmit.eu>
  12. *
  13. * @license AGPL-3.0
  14. *
  15. * This code is free software: you can redistribute it and/or modify
  16. * it under the terms of the GNU Affero General Public License, version 3,
  17. * as published by the Free Software Foundation.
  18. *
  19. * This program is distributed in the hope that it will be useful,
  20. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  22. * GNU Affero General Public License for more details.
  23. *
  24. * You should have received a copy of the GNU Affero General Public License, version 3,
  25. * along with this program. If not, see <http://www.gnu.org/licenses/>
  26. *
  27. */
  28. OC_JSON::checkSubAdminUser();
  29. OCP\JSON::callCheck();
  30. $lastConfirm = (int) \OC::$server->getSession()->get('last-password-confirm');
  31. if ($lastConfirm < (time() - 30 * 60 + 15)) { // allow 15 seconds delay
  32. $l = \OC::$server->getL10N('core');
  33. OC_JSON::error(array( 'data' => array( 'message' => $l->t('Password confirmation is required'))));
  34. exit();
  35. }
  36. $success = true;
  37. $username = (string)$_POST['username'];
  38. $group = (string)$_POST['group'];
  39. if($username === OC_User::getUser() && $group === "admin" && OC_User::isAdminUser($username)) {
  40. $l = \OC::$server->getL10N('core');
  41. OC_JSON::error(array( 'data' => array( 'message' => $l->t('Admins can\'t remove themself from the admin group'))));
  42. exit();
  43. }
  44. $isUserAccessible = false;
  45. $isGroupAccessible = false;
  46. $currentUserObject = \OC::$server->getUserSession()->getUser();
  47. $targetUserObject = \OC::$server->getUserManager()->get($username);
  48. $targetGroupObject = \OC::$server->getGroupManager()->get($group);
  49. if($targetUserObject !== null && $currentUserObject !== null && $targetGroupObject !== null) {
  50. $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
  51. $isGroupAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdminofGroup($currentUserObject, $targetGroupObject);
  52. }
  53. if(!OC_User::isAdminUser(OC_User::getUser())
  54. && (!$isUserAccessible
  55. || !$isGroupAccessible)) {
  56. $l = \OC::$server->getL10N('core');
  57. OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
  58. exit();
  59. }
  60. if(!OC_Group::groupExists($group)) {
  61. OC_Group::createGroup($group);
  62. }
  63. $l = \OC::$server->getL10N('settings');
  64. $error = $l->t("Unable to add user to group %s", $group);
  65. $action = "add";
  66. // Toggle group
  67. if( OC_Group::inGroup( $username, $group )) {
  68. $action = "remove";
  69. $error = $l->t("Unable to remove user from group %s", $group);
  70. $success = OC_Group::removeFromGroup( $username, $group );
  71. $usersInGroup=OC_Group::usersInGroup($group);
  72. }
  73. else{
  74. $success = OC_Group::addToGroup( $username, $group );
  75. }
  76. // Return Success story
  77. if( $success ) {
  78. OC_JSON::success(array("data" => array( "username" => $username, "action" => $action, "groupname" => $group )));
  79. }
  80. else{
  81. OC_JSON::error(array("data" => array( "message" => $error )));
  82. }