SubAdmin.php 7.03 KB
Newer Older
Georg Ehrke's avatar
Georg Ehrke committed
1
2
<?php
/**
Thomas Müller's avatar
Thomas Müller committed
3
 * @author Arthur Schiwon <blizzz@owncloud.com>
Jenkins for ownCloud's avatar
Jenkins for ownCloud committed
4
5
6
7
 * @author Bart Visscher <bartv@thisnet.nl>
 * @author Georg Ehrke <georg@owncloud.com>
 * @author Lukas Reschke <lukas@owncloud.com>
 * @author Morris Jobke <hey@morrisjobke.de>
Lukas Reschke's avatar
Lukas Reschke committed
8
 * @author Roeland Jago Douma <rullzer@owncloud.com>
Georg Ehrke's avatar
Georg Ehrke committed
9
 *
Thomas Müller's avatar
Thomas Müller committed
10
 * @copyright Copyright (c) 2016, ownCloud, Inc.
Jenkins for ownCloud's avatar
Jenkins for ownCloud committed
11
 * @license AGPL-3.0
Georg Ehrke's avatar
Georg Ehrke committed
12
 *
Jenkins for ownCloud's avatar
Jenkins for ownCloud committed
13
14
15
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
Georg Ehrke's avatar
Georg Ehrke committed
16
 *
Jenkins for ownCloud's avatar
Jenkins for ownCloud committed
17
 * This program is distributed in the hope that it will be useful,
Georg Ehrke's avatar
Georg Ehrke committed
18
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
Jenkins for ownCloud's avatar
Jenkins for ownCloud committed
19
20
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
Georg Ehrke's avatar
Georg Ehrke committed
21
 *
Jenkins for ownCloud's avatar
Jenkins for ownCloud committed
22
23
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
Georg Ehrke's avatar
Georg Ehrke committed
24
25
 *
 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

namespace OC;

use OC\Hooks\PublicEmitter;
use OCP\IUser;
use OCP\IUserManager;
use OCP\IGroup;
use OCP\IGroupManager;
use OCP\IDBConnection;

class SubAdmin extends PublicEmitter {

	/** @var IUserManager */
	private $userManager;

	/** @var IGroupManager */
	private $groupManager;

	/** @var IDBConnection */
	private $dbConn;

47
48
49
50
51
	/**
	 * @param IUserManager $userManager
	 * @param IGroupManager $groupManager
	 * @param IDBConnection $dbConn
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
52
53
54
55
56
57
58
59
60
61
62
63
64
65
	public function __construct(IUserManager $userManager,
	                            IGroupManager $groupManager,
								IDBConnection $dbConn) {
		$this->userManager = $userManager;
		$this->groupManager = $groupManager;
		$this->dbConn = $dbConn;

		$this->userManager->listen('\OC\User', 'postDelete', function($user) {
			$this->post_deleteUser($user);
		});
		$this->groupManager->listen('\OC\Group', 'postDelete', function($group) {
			$this->post_deleteGroup($group);	
		});
	}
Georg Ehrke's avatar
Georg Ehrke committed
66
67

	/**
68
	 * add a SubAdmin
Roeland Jago Douma's avatar
Roeland Jago Douma committed
69
70
71
	 * @param IUser $user user to be SubAdmin
	 * @param IGroup $group group $user becomes subadmin of
	 * @return bool
Georg Ehrke's avatar
Georg Ehrke committed
72
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
73
74
75
	public function createSubAdmin(IUser $user, IGroup $group) {
		$qb = $this->dbConn->getQueryBuilder();

76
		$qb->insert('group_admin')
Roeland Jago Douma's avatar
Roeland Jago Douma committed
77
78
79
80
81
82
83
84
			->values([
				'gid' => $qb->createNamedParameter($group->getGID()),
				'uid' => $qb->createNamedParameter($user->getUID())
			])
			->execute();

		$this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
		\OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);
Georg Ehrke's avatar
Georg Ehrke committed
85
86
87
88
		return true;
	}

	/**
89
	 * delete a SubAdmin
Roeland Jago Douma's avatar
Roeland Jago Douma committed
90
91
92
	 * @param IUser $user the user that is the SubAdmin
	 * @param IGroup $group the group
	 * @return bool
Georg Ehrke's avatar
Georg Ehrke committed
93
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
94
95
96
	public function deleteSubAdmin(IUser $user, IGroup $group) {
		$qb = $this->dbConn->getQueryBuilder();

97
		$qb->delete('group_admin')
Roeland Jago Douma's avatar
Roeland Jago Douma committed
98
99
100
101
102
103
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->execute();

		$this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
		\OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);
Georg Ehrke's avatar
Georg Ehrke committed
104
105
106
107
		return true;
	}

	/**
108
	 * get groups of a SubAdmin
Roeland Jago Douma's avatar
Roeland Jago Douma committed
109
110
	 * @param IUser $user the SubAdmin
	 * @return IGroup[]
Georg Ehrke's avatar
Georg Ehrke committed
111
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
112
113
114
115
116
117
118
119
120
121
	public function getSubAdminsGroups(IUser $user) {
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('gid')
			->from('group_admin')
			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->execute();

		$groups = [];
		while($row = $result->fetch()) {
122
123
124
125
			$group = $this->groupManager->get($row['gid']);
			if(!is_null($group)) {
				$groups[] = $group;
			}
Georg Ehrke's avatar
Georg Ehrke committed
126
		}
127
		$result->closeCursor();
Roeland Jago Douma's avatar
Roeland Jago Douma committed
128
129

		return $groups;
Georg Ehrke's avatar
Georg Ehrke committed
130
131
132
	}

	/**
133
	 * get SubAdmins of a group
Roeland Jago Douma's avatar
Roeland Jago Douma committed
134
135
	 * @param IGroup $group the group
	 * @return IUser[]
Georg Ehrke's avatar
Georg Ehrke committed
136
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
137
138
139
140
141
142
143
144
145
146
	public function getGroupsSubAdmins(IGroup $group) {
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('uid')
			->from('group_admin')
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->execute();

		$users = [];
		while($row = $result->fetch()) {
147
148
149
150
			$user = $this->userManager->get($row['uid']);
			if(!is_null($user)) {
				$users[] = $user;
			}
Georg Ehrke's avatar
Georg Ehrke committed
151
		}
152
		$result->closeCursor();
Roeland Jago Douma's avatar
Roeland Jago Douma committed
153
154

		return $users;
Georg Ehrke's avatar
Georg Ehrke committed
155
	}
Bart Visscher's avatar
Bart Visscher committed
156

Georg Ehrke's avatar
Georg Ehrke committed
157
	/**
158
	 * get all SubAdmins
Georg Ehrke's avatar
Georg Ehrke committed
159
160
	 * @return array
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
161
162
163
164
165
166
167
168
169
	public function getAllSubAdmins() {
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('*')
			->from('group_admin')
			->execute();

		$subadmins = [];
		while($row = $result->fetch()) {
170
171
172
173
174
175
176
177
			$user = $this->userManager->get($row['uid']);
			$group = $this->groupManager->get($row['gid']);
			if(!is_null($user) && !is_null($group)) {
				$subadmins[] = [
					'user'  => $user,
					'group' => $group
				];
			}
Georg Ehrke's avatar
Georg Ehrke committed
178
		}
179
180
		$result->closeCursor();

Georg Ehrke's avatar
Georg Ehrke committed
181
182
		return $subadmins;
	}
Bart Visscher's avatar
Bart Visscher committed
183

Georg Ehrke's avatar
Georg Ehrke committed
184
	/**
185
	 * checks if a user is a SubAdmin of a group
Roeland Jago Douma's avatar
Roeland Jago Douma committed
186
187
	 * @param IUser $user 
	 * @param IGroup $group
188
	 * @return bool
Georg Ehrke's avatar
Georg Ehrke committed
189
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
190
191
192
	public function isSubAdminofGroup(IUser $user, IGroup $group) {
		$qb = $this->dbConn->getQueryBuilder();

193
194
195
		/*
		 * Primary key is ('gid', 'uid') so max 1 result possible here
		 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
196
197
198
199
200
201
		$result = $qb->select('*')
			->from('group_admin')
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->execute();

202
203
204
205
206
		$fetch =  $result->fetch();
		$result->closeCursor();
		$result = !empty($fetch) ? true : false;

		return $result;
Georg Ehrke's avatar
Georg Ehrke committed
207
	}
Bart Visscher's avatar
Bart Visscher committed
208

209
	/**
210
	 * checks if a user is a SubAdmin
Roeland Jago Douma's avatar
Roeland Jago Douma committed
211
	 * @param IUser $user 
212
213
	 * @return bool
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
214
	public function isSubAdmin(IUser $user) {
Lukas Reschke's avatar
Lukas Reschke committed
215
		// Check if the user is already an admin
Roeland Jago Douma's avatar
Roeland Jago Douma committed
216
		if ($this->groupManager->isAdmin($user->getUID())) {
Lukas Reschke's avatar
Lukas Reschke committed
217
218
219
			return true;
		}

Roeland Jago Douma's avatar
Roeland Jago Douma committed
220
221
222
223
224
225
		$qb = $this->dbConn->getQueryBuilder();

		$result = $qb->select('gid')
			->from('group_admin')
			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->setMaxResults(1)
226
227
228
229
230
231
			->execute();

		$isSubAdmin = $result->fetch();
		$result->closeCursor();

		$result = $isSubAdmin === false ? false : true;
Roeland Jago Douma's avatar
Roeland Jago Douma committed
232

233
		return $result;
Georg Ehrke's avatar
Georg Ehrke committed
234
	}
Bart Visscher's avatar
Bart Visscher committed
235

236
	/**
237
	 * checks if a user is a accessible by a subadmin
Roeland Jago Douma's avatar
Roeland Jago Douma committed
238
239
	 * @param IUser $subadmin
	 * @param IUser $user
240
241
	 * @return bool
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
242
243
	public function isUserAccessible($subadmin, $user) {
		if(!$this->isSubAdmin($subadmin)) {
244
245
			return false;
		}
Roeland Jago Douma's avatar
Roeland Jago Douma committed
246
		if($this->groupManager->isAdmin($user->getUID())) {
247
248
			return false;
		}
249
250
251
		$accessibleGroups = $this->getSubAdminsGroups($subadmin);
		foreach($accessibleGroups as $accessibleGroup) {
			if($accessibleGroup->inGroup($user)) {
252
253
254
255
256
				return true;
			}
		}
		return false;
	}
Bart Visscher's avatar
Bart Visscher committed
257

Georg Ehrke's avatar
Georg Ehrke committed
258
	/**
Roeland Jago Douma's avatar
Roeland Jago Douma committed
259
260
	 * delete all SubAdmins by $user
	 * @param IUser $user
Georg Ehrke's avatar
Georg Ehrke committed
261
262
	 * @return boolean
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
263
264
265
	private function post_deleteUser($user) {
		$qb = $this->dbConn->getQueryBuilder();

266
		$qb->delete('group_admin')
Roeland Jago Douma's avatar
Roeland Jago Douma committed
267
268
269
			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
			->execute();

Georg Ehrke's avatar
Georg Ehrke committed
270
271
272
273
		return true;
	}

	/**
Roeland Jago Douma's avatar
Roeland Jago Douma committed
274
275
	 * delete all SubAdmins by $group
	 * @param IGroup $group
Georg Ehrke's avatar
Georg Ehrke committed
276
277
	 * @return boolean
	 */
Roeland Jago Douma's avatar
Roeland Jago Douma committed
278
279
280
	private function post_deleteGroup($group) {
		$qb = $this->dbConn->getQueryBuilder();

281
		$qb->delete('group_admin')
Roeland Jago Douma's avatar
Roeland Jago Douma committed
282
283
284
			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
			->execute();

Georg Ehrke's avatar
Georg Ehrke committed
285
286
		return true;
	}
Georg Ehrke's avatar
Georg Ehrke committed
287
}