diff options
author | Baptiste Fotia <fotia.baptiste@hotmail.com> | 2022-10-05 13:20:30 +0300 |
---|---|---|
committer | Baptiste Fotia <fotia.baptiste@hotmail.com> | 2022-10-05 13:20:30 +0300 |
commit | d93b39039bc8c6db5c702ab35b15be29a7a1f668 (patch) | |
tree | 9c9ab7934100304c2eca7b4e86945210a34c4916 /lib | |
parent | eff31f617f237ac85923975ccb945ef29838c172 (diff) |
fix(Service): Check users by class name delegation
Check if a user is in the group of the class name of admin delegation
and not by appconfig with the delegated-admins key.
Signed-off-by: Baptiste Fotia <fotia.baptiste@hotmail.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Service/DelegationService.php | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/lib/Service/DelegationService.php b/lib/Service/DelegationService.php index f83a701f..c5b00bb0 100644 --- a/lib/Service/DelegationService.php +++ b/lib/Service/DelegationService.php @@ -21,20 +21,25 @@ namespace OCA\GroupFolders\Service; +use OCA\GroupFolders\AppInfo\Application; +use OCA\Settings\Service\AuthorizedGroupService; use OCP\IConfig; use OCP\IGroupManager; use OCP\IUserSession; class DelegationService { + private AuthorizedGroupService $authorizedGroupService; private IConfig $config; private IGroupManager $groupManager; private IUserSession $userSession; public function __construct( + AuthorizedGroupService $authorizedGroupService, IConfig $config, IGroupManager $groupManager, IUserSession $userSession ) { + $this->authorizedGroupService = $authorizedGroupService; $this->config = $config; $this->groupManager = $groupManager; $this->userSession = $userSession; @@ -54,10 +59,17 @@ class DelegationService { * @return bool */ public function isAdmin(): bool { - $allowedGroups = json_decode($this->config->getAppValue('groupfolders', 'delegated-admins', '[]')); + + $authorizedGroups = $this->authorizedGroupService->findExistingGroupsForClass(Application::CLASS_NAME_ADMIN_DELEGATION); + $userGroups = $this->groupManager->getUserGroups($this->userSession->getUser()); + + $groups = array_map(function ($group) { + return $group->getGroupId(); + }, $authorizedGroups); + foreach ($userGroups as $userGroup) { - if (in_array($userGroup->getGID(), $allowedGroups)) { + if (in_array($userGroup->getGID(), $groups)) { return true; } } |