SubAdmin.php 7.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  6. * @author Bart Visscher <bartv@thisnet.nl>
  7. * @author Georg Ehrke <georg@owncloud.com>
  8. * @author Lukas Reschke <lukas@statuscode.ch>
  9. * @author Morris Jobke <hey@morrisjobke.de>
  10. * @author Roeland Jago Douma <roeland@famdouma.nl>
  11. *
  12. * @license AGPL-3.0
  13. *
  14. * This code is free software: you can redistribute it and/or modify
  15. * it under the terms of the GNU Affero General Public License, version 3,
  16. * as published by the Free Software Foundation.
  17. *
  18. * This program is distributed in the hope that it will be useful,
  19. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  20. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. * GNU Affero General Public License for more details.
  22. *
  23. * You should have received a copy of the GNU Affero General Public License, version 3,
  24. * along with this program. If not, see <http://www.gnu.org/licenses/>
  25. *
  26. */
  27. namespace OC;
  28. use OC\Hooks\PublicEmitter;
  29. use OCP\IUser;
  30. use OCP\IUserManager;
  31. use OCP\IGroup;
  32. use OCP\IGroupManager;
  33. use OCP\IDBConnection;
  34. class SubAdmin extends PublicEmitter {
  35. /** @var IUserManager */
  36. private $userManager;
  37. /** @var IGroupManager */
  38. private $groupManager;
  39. /** @var IDBConnection */
  40. private $dbConn;
  41. /**
  42. * @param IUserManager $userManager
  43. * @param IGroupManager $groupManager
  44. * @param IDBConnection $dbConn
  45. */
  46. public function __construct(IUserManager $userManager,
  47. IGroupManager $groupManager,
  48. IDBConnection $dbConn) {
  49. $this->userManager = $userManager;
  50. $this->groupManager = $groupManager;
  51. $this->dbConn = $dbConn;
  52. $this->userManager->listen('\OC\User', 'postDelete', function($user) {
  53. $this->post_deleteUser($user);
  54. });
  55. $this->groupManager->listen('\OC\Group', 'postDelete', function($group) {
  56. $this->post_deleteGroup($group);
  57. });
  58. }
  59. /**
  60. * add a SubAdmin
  61. * @param IUser $user user to be SubAdmin
  62. * @param IGroup $group group $user becomes subadmin of
  63. * @return bool
  64. */
  65. public function createSubAdmin(IUser $user, IGroup $group) {
  66. $qb = $this->dbConn->getQueryBuilder();
  67. $qb->insert('group_admin')
  68. ->values([
  69. 'gid' => $qb->createNamedParameter($group->getGID()),
  70. 'uid' => $qb->createNamedParameter($user->getUID())
  71. ])
  72. ->execute();
  73. $this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
  74. \OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);
  75. return true;
  76. }
  77. /**
  78. * delete a SubAdmin
  79. * @param IUser $user the user that is the SubAdmin
  80. * @param IGroup $group the group
  81. * @return bool
  82. */
  83. public function deleteSubAdmin(IUser $user, IGroup $group) {
  84. $qb = $this->dbConn->getQueryBuilder();
  85. $qb->delete('group_admin')
  86. ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
  87. ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
  88. ->execute();
  89. $this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
  90. \OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);
  91. return true;
  92. }
  93. /**
  94. * get groups of a SubAdmin
  95. * @param IUser $user the SubAdmin
  96. * @return IGroup[]
  97. */
  98. public function getSubAdminsGroups(IUser $user) {
  99. $qb = $this->dbConn->getQueryBuilder();
  100. $result = $qb->select('gid')
  101. ->from('group_admin')
  102. ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
  103. ->execute();
  104. $groups = [];
  105. while($row = $result->fetch()) {
  106. $group = $this->groupManager->get($row['gid']);
  107. if(!is_null($group)) {
  108. $groups[] = $group;
  109. }
  110. }
  111. $result->closeCursor();
  112. return $groups;
  113. }
  114. /**
  115. * get SubAdmins of a group
  116. * @param IGroup $group the group
  117. * @return IUser[]
  118. */
  119. public function getGroupsSubAdmins(IGroup $group) {
  120. $qb = $this->dbConn->getQueryBuilder();
  121. $result = $qb->select('uid')
  122. ->from('group_admin')
  123. ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
  124. ->execute();
  125. $users = [];
  126. while($row = $result->fetch()) {
  127. $user = $this->userManager->get($row['uid']);
  128. if(!is_null($user)) {
  129. $users[] = $user;
  130. }
  131. }
  132. $result->closeCursor();
  133. return $users;
  134. }
  135. /**
  136. * get all SubAdmins
  137. * @return array
  138. */
  139. public function getAllSubAdmins() {
  140. $qb = $this->dbConn->getQueryBuilder();
  141. $result = $qb->select('*')
  142. ->from('group_admin')
  143. ->execute();
  144. $subadmins = [];
  145. while($row = $result->fetch()) {
  146. $user = $this->userManager->get($row['uid']);
  147. $group = $this->groupManager->get($row['gid']);
  148. if(!is_null($user) && !is_null($group)) {
  149. $subadmins[] = [
  150. 'user' => $user,
  151. 'group' => $group
  152. ];
  153. }
  154. }
  155. $result->closeCursor();
  156. return $subadmins;
  157. }
  158. /**
  159. * checks if a user is a SubAdmin of a group
  160. * @param IUser $user
  161. * @param IGroup $group
  162. * @return bool
  163. */
  164. public function isSubAdminOfGroup(IUser $user, IGroup $group) {
  165. $qb = $this->dbConn->getQueryBuilder();
  166. /*
  167. * Primary key is ('gid', 'uid') so max 1 result possible here
  168. */
  169. $result = $qb->select('*')
  170. ->from('group_admin')
  171. ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
  172. ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
  173. ->execute();
  174. $fetch = $result->fetch();
  175. $result->closeCursor();
  176. $result = !empty($fetch) ? true : false;
  177. return $result;
  178. }
  179. /**
  180. * checks if a user is a SubAdmin
  181. * @param IUser $user
  182. * @return bool
  183. */
  184. public function isSubAdmin(IUser $user) {
  185. // Check if the user is already an admin
  186. if ($this->groupManager->isAdmin($user->getUID())) {
  187. return true;
  188. }
  189. $qb = $this->dbConn->getQueryBuilder();
  190. $result = $qb->select('gid')
  191. ->from('group_admin')
  192. ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
  193. ->setMaxResults(1)
  194. ->execute();
  195. $isSubAdmin = $result->fetch();
  196. $result->closeCursor();
  197. $result = $isSubAdmin === false ? false : true;
  198. return $result;
  199. }
  200. /**
  201. * checks if a user is a accessible by a subadmin
  202. * @param IUser $subadmin
  203. * @param IUser $user
  204. * @return bool
  205. */
  206. public function isUserAccessible($subadmin, $user) {
  207. if(!$this->isSubAdmin($subadmin)) {
  208. return false;
  209. }
  210. if($this->groupManager->isAdmin($user->getUID())) {
  211. return false;
  212. }
  213. $accessibleGroups = $this->getSubAdminsGroups($subadmin);
  214. foreach($accessibleGroups as $accessibleGroup) {
  215. if($accessibleGroup->inGroup($user)) {
  216. return true;
  217. }
  218. }
  219. return false;
  220. }
  221. /**
  222. * delete all SubAdmins by $user
  223. * @param IUser $user
  224. * @return boolean
  225. */
  226. private function post_deleteUser($user) {
  227. $qb = $this->dbConn->getQueryBuilder();
  228. $qb->delete('group_admin')
  229. ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
  230. ->execute();
  231. return true;
  232. }
  233. /**
  234. * delete all SubAdmins by $group
  235. * @param IGroup $group
  236. * @return boolean
  237. */
  238. private function post_deleteGroup($group) {
  239. $qb = $this->dbConn->getQueryBuilder();
  240. $qb->delete('group_admin')
  241. ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
  242. ->execute();
  243. return true;
  244. }
  245. }