keep initial api controller for backward compatibility

Signed-off-by: Julien Veyssier <[email protected]>
nextcloud · Oct 14, 2024 · 8d90ffa · 8d90ffa
1 parent 9f9382d
commit 8d90ffa
Show file tree

Hide file tree

Showing 3 changed files with 113 additions and 5 deletions.
diff --git a/appinfo/routes.php b/appinfo/routes.php
@@ -34,6 +34,9 @@
 		['name' => 'login#singleLogoutService', 'url' => '/sls', 'verb' => 'GET'],
 		['name' => 'login#backChannelLogout', 'url' => '/backchannel-logout/{providerIdentifier}', 'verb' => 'POST'],
 
+		['name' => 'api#createUser', 'url' => '/user', 'verb' => 'POST'],
+		['name' => 'api#deleteUser', 'url' => '/user/{userId}', 'verb' => 'DELETE'],
+
 		['name' => 'id4me#showLogin', 'url' => '/id4me', 'verb' => 'GET'],
 		['name' => 'id4me#login', 'url' => '/id4me', 'verb' => 'POST'],
 		['name' => 'id4me#code', 'url' => '/id4me/code', 'verb' => 'GET'],
@@ -46,7 +49,7 @@
 		['name' => 'Timezone#setTimezone', 'url' => '/config/timezone', 'verb' => 'POST'],
 	],
 	'ocs' => [
-		['name' => 'api#createUser', 'url' => '/api/{apiVersion}/user', 'verb' => 'POST', 'requirements' => $requirements],
-		['name' => 'api#deleteUser', 'url' => '/api/{apiVersion}/user/{userId}', 'verb' => 'DELETE', 'requirements' => $requirements],
+		['name' => 'ocsApi#createUser', 'url' => '/api/{apiVersion}/user', 'verb' => 'POST', 'requirements' => $requirements],
+		['name' => 'ocsApi#deleteUser', 'url' => '/api/{apiVersion}/user/{userId}', 'verb' => 'DELETE', 'requirements' => $requirements],
 	],
 ];
diff --git a/lib/Controller/ApiController.php b/lib/Controller/ApiController.php
@@ -27,26 +27,28 @@
 
 use OCA\UserOIDC\AppInfo\Application;
 use OCA\UserOIDC\Db\UserMapper;
+use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
-use OCP\AppFramework\OCSController;
 use OCP\Files\IRootFolder;
 use OCP\Files\NotPermittedException;
 use OCP\IRequest;
 use OCP\IUserManager;
 
-class ApiController extends OCSController {
+class ApiController extends Controller {
 
 	public function __construct(
 		IRequest $request,
 		private IRootFolder $root,
 		private UserMapper $userMapper,
-		private IUserManager $userManager,
+		private IUserManager $userManager
 	) {
 		parent::__construct(Application::APP_ID, $request);
 	}
 
 	/**
+	 * @NoCSRFRequired
+	 *
 	 * @param int $providerId
 	 * @param string $userId
 	 * @param string|null $displayName
@@ -86,6 +88,8 @@ public function createUser(int $providerId, string $userId, ?string $displayName
 	}
 
 	/**
+	 * @NoCSRFRequired
+	 *
 	 * @param string $userId
 	 * @return DataResponse
 	 */

diff --git a/lib/Controller/OcsApiController.php b/lib/Controller/OcsApiController.php
@@ -0,0 +1,101 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2022, Julien Veyssier <[email protected]>
+ *
+ * @author Julien Veyssier <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\UserOIDC\Controller;
+
+use OCA\UserOIDC\AppInfo\Application;
+use OCA\UserOIDC\Db\UserMapper;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\AppFramework\OCSController;
+use OCP\Files\IRootFolder;
+use OCP\Files\NotPermittedException;
+use OCP\IRequest;
+use OCP\IUserManager;
+
+class OcsApiController extends OCSController {
+
+	public function __construct(
+		IRequest $request,
+		private IRootFolder $root,
+		private UserMapper $userMapper,
+		private IUserManager $userManager,
+	) {
+		parent::__construct(Application::APP_ID, $request);
+	}
+
+	/**
+	 * @param int $providerId
+	 * @param string $userId
+	 * @param string|null $displayName
+	 * @param string|null $email
+	 * @param string|null $quota
+	 * @return DataResponse
+	 */
+	public function createUser(int $providerId, string $userId, ?string $displayName = null,
+		?string $email = null, ?string $quota = null): DataResponse {
+		$backendUser = $this->userMapper->getOrCreate($providerId, $userId);
+		$user = $this->userManager->get($backendUser->getUserId());
+
+		if ($displayName) {
+			if ($displayName !== $backendUser->getDisplayName()) {
+				$backendUser->setDisplayName($displayName);
+				$this->userMapper->update($backendUser);
+			}
+		}
+
+		if ($email) {
+			$user->setSystemEMailAddress($email);
+		}
+
+		if ($quota) {
+			$user->setQuota($quota);
+		}
+
+		$userFolder = $this->root->getUserFolder($user->getUID());
+		try {
+			// copy skeleton
+			\OC_Util::copySkeleton($user->getUID(), $userFolder);
+		} catch (NotPermittedException $ex) {
+			// read only uses
+		}
+
+		return new DataResponse(['user_id' => $user->getUID()]);
+	}
+
+	/**
+	 * @param string $userId
+	 * @return DataResponse
+	 */
+	public function deleteUser(string $userId): DataResponse {
+		$user = $this->userManager->get($userId);
+		if (is_null($user) || $user->getBackendClassName() !== 'user_oidc') {
+			return new DataResponse(['message' => 'User not found'], Http::STATUS_NOT_FOUND);
+		}
+
+		$user->delete();
+		return new DataResponse(['user_id' => $userId], Http::STATUS_OK);
+	}
+}