diff --git a/apps/user_ldap/lib/Controller/WizardController.php b/apps/user_ldap/lib/Controller/WizardController.php index afc59098399..63791b0588b 100644 --- a/apps/user_ldap/lib/Controller/WizardController.php +++ b/apps/user_ldap/lib/Controller/WizardController.php @@ -11,6 +11,8 @@ namespace OCA\User_LDAP\Controller; use OCA\User_LDAP\Configuration; use OCA\User_LDAP\ConnectionFactory; +use OCA\User_LDAP\Mapping\GroupMapping; +use OCA\User_LDAP\Mapping\UserMapping; use OCA\User_LDAP\Settings\Admin; use OCA\User_LDAP\WizardFactory; use OCP\AppFramework\Http; @@ -19,8 +21,13 @@ use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCSController; +use OCP\EventDispatcher\IEventDispatcher; use OCP\IL10N; use OCP\IRequest; +use OCP\IUserManager; +use OCP\Server; +use OCP\User\Events\BeforeUserIdUnassignedEvent; +use OCP\User\Events\UserIdUnassignedEvent; use Psr\Log\LoggerInterface; class WizardController extends OCSController { @@ -31,6 +38,7 @@ class WizardController extends OCSController { private ConnectionFactory $connectionFactory, private IL10N $l, private WizardFactory $wizardFactory, + private IEventDispatcher $eventDispatcher, ) { parent::__construct($appName, $request); } @@ -103,7 +111,54 @@ class WizardController extends OCSController { throw $e; } catch (\Exception $e) { $this->logger->error($e->getMessage(), ['exception' => $e]); - throw new OCSException('An issue occurred when creating the new config.'); + throw new OCSException('An issue occurred.'); + } + } + + /** + * Clear user or group mappings + * + * @param 'user'|'group' $subject Whether to clear group or user mappings + * @return DataResponse, array{}> + * @throws OCSException + * + * 200: Clearing was done successfuly + */ + #[AuthorizedAdminSetting(settings: Admin::class)] + #[ApiRoute(verb: 'POST', url: '/api/v1/wizard/clearMappings')] + public function clearMappings( + string $subject, + ) { + $mapping = null; + try { + if ($subject === 'user') { + $mapping = Server::get(UserMapping::class); + $result = $mapping->clearCb( + function (string $uid): void { + $this->eventDispatcher->dispatchTyped(new BeforeUserIdUnassignedEvent($uid)); + /** @psalm-suppress UndefinedInterfaceMethod For now we have to emit, will be removed when all hooks are removed */ + Server::get(IUserManager::class)->emit('\OC\User', 'preUnassignedUserId', [$uid]); + }, + function (string $uid): void { + $this->eventDispatcher->dispatchTyped(new UserIdUnassignedEvent($uid)); + /** @psalm-suppress UndefinedInterfaceMethod For now we have to emit, will be removed when all hooks are removed */ + Server::get(IUserManager::class)->emit('\OC\User', 'postUnassignedUserId', [$uid]); + } + ); + } elseif ($subject === 'group') { + $mapping = Server::get(GroupMapping::class); + $result = $mapping->clear(); + } else { + throw new OCSException($this->l->t('Unsupported subject ' . $subject)); + } + + if (!$result) { + throw new OCSException($this->l->t('Failed to clear the mappings.')); + } + return new DataResponse(); + } catch (\Exception $e) { + $this->logger->error($e->getMessage(), ['exception' => $e]); + throw new OCSException('An issue occurred.'); } } } diff --git a/apps/user_ldap/openapi.json b/apps/user_ldap/openapi.json index d3e890137da..08e1f34dc0e 100644 --- a/apps/user_ldap/openapi.json +++ b/apps/user_ldap/openapi.json @@ -1221,6 +1221,145 @@ } } } + }, + "/ocs/v2.php/apps/user_ldap/api/v1/wizard/clearMappings": { + "post": { + "operationId": "wizard-clear-mappings", + "summary": "Clear user or group mappings", + "description": "This endpoint requires admin access", + "tags": [ + "wizard" + ], + "security": [ + { + "bearer_auth": [] + }, + { + "basic_auth": [] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "subject" + ], + "properties": { + "subject": { + "type": "string", + "enum": [ + "user", + "group" + ], + "description": "Whether to clear group or user mappings" + } + } + } + } + } + }, + "parameters": [ + { + "name": "OCS-APIRequest", + "in": "header", + "description": "Required to be true for the API request to pass", + "required": true, + "schema": { + "type": "boolean", + "default": true + } + } + ], + "responses": { + "200": { + "description": "Clearing was done successfuly", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + }, + "401": { + "description": "Current user is not logged in", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + }, + "403": { + "description": "Logged in account must be an admin", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + } + } + } } }, "tags": [] diff --git a/openapi.json b/openapi.json index 2f20c16788e..4307c29839e 100644 --- a/openapi.json +++ b/openapi.json @@ -35907,6 +35907,145 @@ } } }, + "/ocs/v2.php/apps/user_ldap/api/v1/wizard/clearMappings": { + "post": { + "operationId": "user_ldap-wizard-clear-mappings", + "summary": "Clear user or group mappings", + "description": "This endpoint requires admin access", + "tags": [ + "user_ldap/wizard" + ], + "security": [ + { + "bearer_auth": [] + }, + { + "basic_auth": [] + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "subject" + ], + "properties": { + "subject": { + "type": "string", + "enum": [ + "user", + "group" + ], + "description": "Whether to clear group or user mappings" + } + } + } + } + } + }, + "parameters": [ + { + "name": "OCS-APIRequest", + "in": "header", + "description": "Required to be true for the API request to pass", + "required": true, + "schema": { + "type": "boolean", + "default": true + } + } + ], + "responses": { + "200": { + "description": "Clearing was done successfuly", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + }, + "401": { + "description": "Current user is not logged in", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + }, + "403": { + "description": "Logged in account must be an admin", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + } + } + } + }, "/ocs/v2.php/apps/user_status/api/v1/heartbeat": { "put": { "operationId": "user_status-heartbeat-heartbeat",