'success']); } /** * Returns a list of users and groups that match the given pattern. * Used for user and group picker in the admin settings. * * @param string $pattern The search pattern * @param int|null $limit The maximum number of results to return * @param int|null $offset The offset from which to start returning results * @return JSONResponse */ public function getApplicableEntities(string $pattern = '', ?int $limit = null, ?int $offset = null): JSONResponse { $groups = []; foreach ($this->groupManager->search($pattern, $limit, $offset) as $group) { $groups[$group->getGID()] = $group->getDisplayName(); } $users = []; foreach ($this->userManager->searchDisplayName($pattern, $limit, $offset) as $user) { $users[$user->getUID()] = $user->getDisplayName(); } $results = ['groups' => $groups, 'users' => $users]; return new JSONResponse($results); } /** * @param int $keyLength * @return array */ private function generateSshKeys($keyLength) { $key = $this->rsaMechanism->createKey($keyLength); // Replace the placeholder label with a more meaningful one $key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']); return $key; } /** * Generates an SSH public/private key pair. * * @param int $keyLength */ #[NoAdminRequired] public function getSshKeys($keyLength = 1024) { $key = $this->generateSshKeys($keyLength); return new JSONResponse([ 'data' => [ 'private_key' => $key['privatekey'], 'public_key' => $key['publickey'] ], 'status' => 'success', ]); } /** * @param string $uid * @param string $user * @param string $password * @return JSONResponse */ #[NoAdminRequired] #[PasswordConfirmationRequired(strict: true)] public function saveGlobalCredentials($uid, $user, $password): JSONResponse { $currentUser = $this->userSession->getUser(); if ($currentUser === null) { return new JSONResponse([ 'status' => 'error', 'message' => $this->l10n->t('You are not logged in'), ], Http::STATUS_UNAUTHORIZED); } // Non-admins can only edit their own credentials // Admin can edit global credentials $allowedToEdit = $uid === '' ? $this->groupManager->isAdmin($currentUser->getUID()) : $currentUser->getUID() === $uid; if ($allowedToEdit) { $this->globalAuth->saveAuth($uid, $user, $password); return new JSONResponse([ 'status' => 'success', ]); } return new JSONResponse([ 'status' => 'success', 'message' => $this->l10n->t('Permission denied'), ], Http::STATUS_FORBIDDEN); } }