صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
RISCI_ATOM
/
nextcloud-server
mirrorاز https://github.com/nextcloud/server.git
1
0
انشعاب 0
پرونده‌ها مشکلات 23 ویکی
درخت: 8cf41ee8dd
شاخه‌ها تگ‌ها
nextcloud-serve...
/
apps
/
workflowengine
/
lib
/
Check
/
UserGroupMembership.php

UserGroupMembership.php 2.0 KB
تاريخچه خام

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
    4. 

  4.  * SPDX-License-Identifier: AGPL-3.0-or-later
    5. 

  5.  */
    6. 

  6. namespace OCA\WorkflowEngine\Check;
    7. 

  7. 

  8. use OCP\IGroupManager;
    9. 

  9. use OCP\IL10N;
    10. 

  10. use OCP\IUser;
    11. 

  11. use OCP\IUserSession;
    12. 

  12. use OCP\WorkflowEngine\ICheck;
    13. 

  13. use OCP\WorkflowEngine\IManager;
    14. 

  14. 

  15. class UserGroupMembership implements ICheck {
    16. 

  16. 

  17. 	/** @var string */
    18. 

  18. 	protected $cachedUser;
    19. 

  19. 

  20. 	/** @var string[] */
    21. 

  21. 	protected $cachedGroupMemberships;
    22. 

  22. 

  23. 	/**
    24. 

  24. 	 * @param IUserSession $userSession
    25. 

  25. 	 * @param IGroupManager $groupManager
    26. 

  26. 	 * @param IL10N $l
    27. 

  27. 	 */
    28. 

  28. 	public function __construct(
    29. 

  29. 		protected IUserSession $userSession,
    30. 

  30. 		protected IGroupManager $groupManager,
    31. 

  31. 		protected IL10N $l,
    32. 

  32. 	) {
    33. 

  33. 	}
    34. 

  34. 

  35. 	/**
    36. 

  36. 	 * @param string $operator
    37. 

  37. 	 * @param string $value
    38. 

  38. 	 * @return bool
    39. 

  39. 	 */
    40. 

  40. 	public function executeCheck($operator, $value) {
    41. 

  41. 		$user = $this->userSession->getUser();
    42. 

  42. 

  43. 		if ($user instanceof IUser) {
    44. 

  44. 			$groupIds = $this->getUserGroups($user);
    45. 

  45. 			return ($operator === 'is') === in_array($value, $groupIds);
    46. 

  46. 		} else {
    47. 

  47. 			return $operator !== 'is';
    48. 

  48. 		}
    49. 

  49. 	}
    50. 

  50. 

  51. 

  52. 	/**
    53. 

  53. 	 * @param string $operator
    54. 

  54. 	 * @param string $value
    55. 

  55. 	 * @throws \UnexpectedValueException
    56. 

  56. 	 */
    57. 

  57. 	public function validateCheck($operator, $value) {
    58. 

  58. 		if (!in_array($operator, ['is', '!is'])) {
    59. 

  59. 			throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
    60. 

  60. 		}
    61. 

  61. 

  62. 		if (!$this->groupManager->groupExists($value)) {
    63. 

  63. 			throw new \UnexpectedValueException($this->l->t('The given group does not exist'), 2);
    64. 

  64. 		}
    65. 

  65. 	}
    66. 

  66. 

  67. 	/**
    68. 

  68. 	 * @param IUser $user
    69. 

  69. 	 * @return string[]
    70. 

  70. 	 */
    71. 

  71. 	protected function getUserGroups(IUser $user) {
    72. 

  72. 		$uid = $user->getUID();
    73. 

  73. 

  74. 		if ($this->cachedUser !== $uid) {
    75. 

  75. 			$this->cachedUser = $uid;
    76. 

  76. 			$this->cachedGroupMemberships = $this->groupManager->getUserGroupIds($user);
    77. 

  77. 		}
    78. 

  78. 

  79. 		return $this->cachedGroupMemberships;
    80. 

  80. 	}
    81. 

  81. 

  82. 	public function supportedEntities(): array {
    83. 

  83. 		// universal by default
    84. 

  84. 		return [];
    85. 

  85. 	}
    86. 

  86. 

  87. 	public function isAvailableForScope(int $scope): bool {
    88. 

  88. 		// admin only by default
    89. 

  89. 		return $scope === IManager::SCOPE_ADMIN;
    90. 

  90. 	}
    91. 

  91. }
    92.