From 0db5c79107bf45e46d6ca016b6d3f765f71178d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?John=20Molakvo=C3=A6=20=28skjnldsv=29?=
 <skjnldsv@protonmail.com>
Date: Tue, 20 Mar 2018 19:06:08 +0100
Subject: [PATCH] Api, return users details by groups
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
---
 apps/provisioning_api/appinfo/routes.php      |  1 +
 .../lib/Controller/UsersController.php        | 43 +++++++++++++++++++
 2 files changed, 44 insertions(+)

diff --git a/apps/provisioning_api/appinfo/routes.php b/apps/provisioning_api/appinfo/routes.php
index 791267a97a1db..c2cc4417a94f4 100644
--- a/apps/provisioning_api/appinfo/routes.php
+++ b/apps/provisioning_api/appinfo/routes.php
@@ -42,6 +42,7 @@
 		// Users
 		['root' => '/cloud', 'name' => 'Users#getUsers', 'url' => '/users', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getUsersDetails', 'url' => '/users/details', 'verb' => 'GET'],
+		['root' => '/cloud', 'name' => 'Users#getUsersGroupDetails', 'url' => '/users/{groupId}/details', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#addUser', 'url' => '/users', 'verb' => 'POST'],
 		['root' => '/cloud', 'name' => 'Users#getUser', 'url' => '/users/{userId}', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getCurrentUser', 'url' => '/user', 'verb' => 'GET'],
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index c09f1617f40da..d2a19ca5041af 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -193,6 +193,49 @@ public function getUsersDetails(string $search = '', $limit = null, $offset = 0)
 		]);
 	}
 
+	/**
+	 * @NoAdminRequired
+	 *
+	 * returns a list of users and their data based on their groupid
+	 */
+	public function getUsersGroupDetails(string $groupId, int $limit = null, int $offset = 0): DataResponse {
+		$user = $this->userSession->getUser();
+
+		$isSubadminOfGroup = false;
+		$group = $this->groupManager->get($groupId);
+		if ($group !== null) {
+			$isSubadminOfGroup = $this->groupManager->getSubAdmin()->isSubAdminofGroup($user, $group);
+		} else {
+			throw new OCSException('The requested group could not be found', \OCP\API::RESPOND_NOT_FOUND);
+		}
+
+		// Check subadmin has access to this group
+		if($this->groupManager->isAdmin($user->getUID())
+		   || $isSubadminOfGroup) {
+			$users = $this->groupManager->get($groupId)->getUsers();
+			$users =  array_map(function($user) {
+				/** @var IUser $user */
+				return $user->getUID();
+			}, $users);
+			$users = array_slice(array_values($users), $offset, $limit);
+		} else {
+			throw new OCSException('User does not have access to specified group', \OCP\API::RESPOND_UNAUTHORISED);
+		}
+		$usersDetails = [];
+		foreach ($users as $key => $userId) {
+			$userData = $this->getUserData($userId);
+			// Do not insert empty entry
+			if(!empty($userData)) {
+				$usersDetails[$userId] = $userData;
+			}
+		}
+
+		return new DataResponse([
+			'users' => $usersDetails
+		]);
+
+	}
+
 	/**
 	 * @PasswordConfirmationRequired
 	 * @NoAdminRequired