Api, return users details by groups

skjnldsv · skjnldsv · commit e92f640a23da · 2018-03-22T15:52:12.000+01:00
Signed-off-by: John Molakvoæ (skjnldsv) &lt;skjnldsv@protonmail.com&gt;
diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php
@@ -42,6 +42,7 @@
 		// Users
 		['root' => '/cloud', 'name' => 'Users#getUsers', 'url' => '/users', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getUsersDetails', 'url' => '/users/details', 'verb' => 'GET'],
+		['root' => '/cloud', 'name' => 'Users#getUsersGroupDetails', 'url' => '/users/{groupId}/details', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#addUser', 'url' => '/users', 'verb' => 'POST'],
 		['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getCurrentUser', 'url' => '/user', 'verb' => 'GET'],
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -193,6 +193,49 @@ public function getUsersDetails(string $search = '', $limit = null, $offset = 0)
 		]);
 	}
 
+	/**
+	 * @NoAdminRequired
+	 *
+	 * returns a list of users and their data based on their groupid
+	 */
+	public function getUsersGroupDetails(string $groupId, int $limit = null, int $offset = 0): DataResponse {
+		$user = $this->userSession->getUser();
+
+		$isSubadminOfGroup = false;
+		$group = $this->groupManager->get($groupId);
+		if ($group !== null) {
+			$isSubadminOfGroup = $this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $group);
+		} else {
+			throw new OCSException('The requested group could not be found', \OCP\API::RESPOND_NOT_FOUND);
+		}
+
+		// Check subadmin has access to this group
+		if($this->groupManager->isAdmin($user->getUID())
+		   || $isSubadminOfGroup) {
+			$users = $group->getUsers();
+			$users =  array_map(function($user) {
+				/** @var IUser $user */
+				return $user->getUID();
+			}, $users);
+			$users = array_slice(array_values($users), $offset, $limit);
+		} else {
+			throw new OCSException('User does not have access to specified group', \OCP\API::RESPOND_UNAUTHORISED);
+		}
+		$usersDetails = [];
+		foreach ($users as $key => $userId) {
+			$userData = $this->getUserData($userId);
+			// Do not insert empty entry
+			if(!empty($userData)) {
+				$usersDetails[$userId] = $userData;
+			}
+		}
+
+		return new DataResponse([
+			'users' => $usersDetails
+		]);
+
+	}
+
 	/**
 	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired
