userSession->getUser(); if ($this->guestManager->isGuest($currentUser)) { return new DataResponse( [ 'errorMessages' => ['Guests are not allowed to create guests'], ], Http::STATUS_FORBIDDEN ); } if (!$this->config->canCreateGuests()) { return new DataResponse( [ 'errorMessages' => ['You are not allowed to create guests'], ], Http::STATUS_FORBIDDEN ); } if ($this->config->isSharingRestrictedToGroup() && count($groups) < 1) { return new DataResponse( [ 'errorMessages' => ['Guest user must be added to at least one group'], ], Http::STATUS_FORBIDDEN ); } $groupObjects = []; foreach ($groups as $groupId) { $group = $this->groupManager->get($groupId); if (!$group) { return new DataResponse( [ 'errorMessages' => ["Group $groupId not found"], ], Http::STATUS_BAD_REQUEST ); } if (!($this->subAdmin->isSubAdminOfGroup($currentUser, $group) || $this->groupManager->isAdmin($currentUser->getUID()))) { return new DataResponse( [ 'errorMessages' => ["You are not allowed to add users to group $groupId"], ], Http::STATUS_FORBIDDEN ); } $groupObjects[] = $group; } if (empty($email) || !$this->mailer->validateMailAddress($email)) { $errorMessages['email'] = $this->l10n->t( 'Invalid mail address' ); } $username = $email; $existingUsers = $this->userManager->getByEmail($email); if (count($existingUsers) > 0) { $errorMessages['email'] = $this->l10n->t( 'A user with that email already exists.' ); } elseif ($this->userManager->userExists($username)) { $errorMessages['username'] = $this->l10n->t( 'A user with that name already exists.' ); } if (!empty($errorMessages)) { return new DataResponse( [ 'errorMessages' => $errorMessages, ], Http::STATUS_UNPROCESSABLE_ENTITY ); } try { $this->guestManager->createGuest($this->userSession->getUser(), $username, $email, $displayName, $language); $guestUser = $this->userManager->get($username); if ($this->userManager instanceof PublicEmitter) { $this->userManager->emit('\OC\User', 'assignedUserId', [$username]); } foreach ($groupObjects as $group) { $group->addUser($guestUser); } } catch (\Exception $e) { return new DataResponse( [ 'errorMessages' => ['email' => $e->getMessage()], ], Http::STATUS_UNPROCESSABLE_ENTITY ); } if ($sendInvite) { $this->inviteService->sendInvite($currentUser->getUID(), $username); } return new DataResponse( [ 'message' => $this->l10n->t( 'User successfully created' ), ], Http::STATUS_CREATED ); } public function list(): DataResponse { $guests = $this->guestManager->getGuestsInfo(); return new DataResponse($guests); } public function get(string $userId): DataResponse { $guests = $this->guestManager->getGuestInfo($userId); return new DataResponse($guests); } /** * Transfer guest to a full account */ public function transfer(string $guestUserId, string $targetUserId): DataResponse { $author = $this->userSession->getUser(); if (!($author instanceof IUser)) { return new DataResponse([ 'message' => $this->l10n->t('Failed to authorize') ], Http::STATUS_UNAUTHORIZED); } $sourceUser = $this->userManager->get($guestUserId); if (!($sourceUser instanceof IUser)) { return new DataResponse([ 'message' => $this->l10n->t('Guest does not exist') ], Http::STATUS_NOT_FOUND); } if ($this->userManager->userExists($targetUserId)) { return new DataResponse([ 'message' => $this->l10n->t('User already exists') ], Http::STATUS_CONFLICT); } if (!$this->guestManager->isGuest($sourceUser)) { return new DataResponse([ 'message' => $this->l10n->t('User is not a guest'), ], Http::STATUS_CONFLICT); } try { $transfer = $this->transferMapper->getBySource($sourceUser->getUID()); } catch (DoesNotExistException $e) { // Allow as this just means there is no pending transfer } try { $transfer = $this->transferMapper->getByTarget($targetUserId); } catch (DoesNotExistException $e) { // Allow as this just means there is no pending transfer } if (!empty($transfer)) { return new DataResponse([ 'status' => $transfer->getStatus(), 'source' => $transfer->getSource(), 'target' => $transfer->getTarget(), ], Http::STATUS_ACCEPTED); } $this->transferService->addTransferJob($author, $sourceUser, $targetUserId); return new DataResponse([], Http::STATUS_CREATED); } }