Checkbox for automatic nextcloud groupfolder in group settings (portal)

#61
Jean28518 · Apr 26, 2024 · deac526 · deac526
1 parent 52b89ef
commit deac526
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 1 deletion.
diff --git a/src/lac/idm/forms.py b/src/lac/idm/forms.py
@@ -37,7 +37,9 @@ class GroupCreateForm(forms.Form):
     cn = forms.CharField(label="Gruppenname", max_length=100)
     description = forms.CharField(label="Beschreibung", max_length=100, required=False)
     defaultGroup = forms.BooleanField(label="Standardgruppe (Von nun an werden neu erstellte Nutzer dieser Gruppe hinzugefügt)", required=False, widget=forms.CheckboxInput)
+    nextcloud_groupfolder = forms.BooleanField(label="Nextcloud-Gruppenordner", required=False, widget=forms.CheckboxInput)
 
 class GroupEditForm(forms.Form):
     description = forms.CharField(label="Beschreibung", max_length=100, required=False)
     defaultGroup = forms.BooleanField(label="Standardgruppe (Von nun an werden neu erstellte Nutzer dieser Gruppe hinzugefügt)", required=False, widget=forms.CheckboxInput)
+    nextcloud_groupfolder = forms.BooleanField(label="Nextcloud-Gruppenordner", required=False, widget=forms.CheckboxInput)
diff --git a/src/lac/idm/views.py b/src/lac/idm/views.py
@@ -12,6 +12,7 @@
 from django.contrib.admin.views.decorators import staff_member_required
 from django.conf import settings
 import idm.challenges
+import unix.unix_scripts.unix as unix
 
 
 def signal_handler(context, user, request, exception, **kwargs):
@@ -200,6 +201,8 @@ def create_group(request):
         if form.is_valid():
             group_information = form.cleaned_data
             message = ldap_create_group(group_information)
+            if form.cleaned_data.get("nextcloud_groupfolder", False):
+                message = unix.create_nextcloud_groupfolder(group_information["cn"])
             if message == None:
                 cn = group_information.get("cn", "")
                 message = f"Gruppe '{cn}' erfolgreich erstellt!"
@@ -224,13 +227,18 @@ def edit_group(request, cn):
         if form.is_valid():
             group_information = form.cleaned_data
             message = ldap_update_group(cn, group_information)
+            if form.cleaned_data.get("nextcloud_groupfolder", False) and not unix.nextcloud_groupfolder_exists(cn):
+                message = unix.create_nextcloud_groupfolder(cn)
+            if form.cleaned_data.get("nextcloud_groupfolder", False) == False and unix.nextcloud_groupfolder_exists(cn):
+                message = "Nextcloud-Gruppenordner wird nicht gelöscht (evtl. wichtige Daten enthalten), bitte manuell im Nextcloud-Admin-Interface löschen."
             if message == None:
                 message = f"Änderungen erfolgreich gespeichert!"
         else:
             message = form.errors
         form_data = form.cleaned_data
     form = GroupEditForm()
     if form_data != {}:
+        form_data["nextcloud_groupfolder"] = unix.nextcloud_groupfolder_exists(cn)
         form = GroupEditForm(form_data)
     return render(request, "idm/admin/edit_group.html", {"form": form, "message": message, "cn": cn})
 

diff --git a/src/lac/unix/unix_scripts/unix.py b/src/lac/unix/unix_scripts/unix.py
@@ -1000,4 +1000,43 @@ def is_libre_workspace_update_available():
     else:
         cached_libre_workspace_update_available = None
     cached_libre_workspace_update_available_time = time.time()
-    return cached_libre_workspace_update_available
+    return cached_libre_workspace_update_available
+
+
+# We implement no automatic delete function for the groupfolders,
+# because in them could be important data of the users.
+# The admin has to remove the groupfolders manually in the nextcloud web interface.
+def create_nextcloud_groupfolder(group):
+    # If we are not running as root, return
+    if os.getuid() != 0:
+        return "Error: You should run this function as root. In development mode this is okay for now."
+    # If nextcloud is not available, return
+    if not is_nextcloud_available():
+        return "Error: Nextcloud is not available. Please install Nextcloud first."
+
+    # Example for groupname test:
+    # sudo -u www-data php /var/www/nextcloud/occ groupfolder:create test -> returns 1 as groupfolder_id
+    # sudo -u www-data php /var/www/nextcloud/occ groupfolder:group 1 test read
+    # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test write
+    # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test create
+    # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test share
+    # sudo -u www-data php /var/www/nextcloud/occ groupfolders:group 1 test delte
+    groupfolder_id = subprocess.getoutput(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolder:create {group}").strip()
+    # if groupfolder_id is not numeric, then the groupfolder was not created
+    if not groupfolder_id.isnumeric():
+        return groupfolder_id
+    os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolder:group {groupfolder_id} {group} read")
+    os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} write")
+    os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} create")
+    os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} share")
+    os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolders:group {groupfolder_id} {group} delete")
+
+
+def nextcloud_groupfolder_exists(group):
+    # Check if the groupfolder exists
+    if not is_nextcloud_available():
+        return False
+    # If we are not running as root, return
+    if os.getuid() != 0:
+        return False
+    return os.system(f"sudo -u www-data php {settings.NEXTCLOUD_INSTALLATION_DIRECTORY}/occ groupfolder:list | grep -q {group}") == 0