nextcloud · cushdog · May 29, 2025 · May 29, 2025 · nickvergessen · May 26, 2025
@@ -27,6 +27,7 @@
 		// Users
 		['root' => '/cloud', 'name' => 'Users#getUsers', 'url' => '/users', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getUsersDetails', 'url' => '/users/details', 'verb' => 'GET'],
+		['root' => '/cloud', 'name' => 'Users#searchAllUsers', 'url' => '/users/search', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getDisabledUsersDetails', 'url' => '/users/disabled', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#getLastLoggedInUsers', 'url' => '/users/recent', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'Users#searchByPhoneNumbers', 'url' => '/users/search/by-phone', 'verb' => 'POST'],

@@ -339,6 +339,45 @@ public function getLastLoggedInUsers(string $search = '',
 	}
 
 
+	/**
+	* Search all users by id or display name
+	*
+	* Allows subadmins to look up existing users that are not yet part of
+	* their groups so they can add them.
+	*
+	* @param string $search Text to search for
+	* @param ?int $limit Limit the amount of users returned
+	* @param int $offset Offset for searching for users
+	* @return DataResponse<Http::STATUS_OK, array{users: array<string, string>}, array{}>
+	*
+	* 200: Users returned
+	*/
+	#[NoAdminRequired]
+	public function searchAllUsers(string $search = '', ?int $limit = null, int $offset = 0): DataResponse {
+			$currentUser = $this->userSession->getUser();
+
+			$uid = $currentUser->getUID();
+			$subAdminManager = $this->groupManager->getSubAdmin();
+			$isAdmin = $this->groupManager->isAdmin($uid);
+			$isDelegatedAdmin = $this->groupManager->isDelegatedAdmin($uid);
+
+			if ($isAdmin || $isDelegatedAdmin || $subAdminManager->isSubAdmin($currentUser)) {
+					$users = $this->userManager->searchDisplayName($search, $limit, $offset);
+					$result = [];
+					foreach ($users as $user) {
+							/** @var IUser $user */
+							$result[$user->getUID()] = $user->getDisplayName();
+					}
+
+					return new DataResponse([
+							'users' => $result,
+					]);
+			}
+
+			throw new OCSForbiddenException();
+	}
+
+
 
 	/**
 	 * @NoSubAdminRequired

@@ -2,15 +2,18 @@
   - SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
   - SPDX-License-Identifier: AGPL-3.0-or-later
 -->
-
 <template>
 	<Fragment>
+
 		<NewUserDialog v-if="showConfig.showNewUserForm"
-			:loading="loading"
-			:new-user="newUser"
-			:quota-options="quotaOptions"
-			@reset="resetForm"
-			@closing="closeDialog" />
+                        :loading="loading"
+                        :new-user="newUser"
+                        :quota-options="quotaOptions"
+                        @reset="resetForm"
+                        @closing="closeDialog" />
+		<AddExistingUserDialog v-if="showConfig.showAddExistingUserForm"
+				:group="currentGroup"
+				@closing="closeAddExistingDialog" />
 
 		<NcEmptyContent v-if="filteredUsers.length === 0"
 			class="empty"
@@ -70,6 +73,7 @@
 
 import VirtualList from './Users/VirtualList.vue'
 import NewUserDialog from './Users/NewUserDialog.vue'
+import AddExistingUserDialog from './Users/AddExistingUserDialog.vue'
 import UserListFooter from './Users/UserListFooter.vue'
 import UserListHeader from './Users/UserListHeader.vue'
 import UserRow from './Users/UserRow.vue'
@@ -101,6 +105,7 @@
 		NcIconSvgWrapper,
 		NcLoadingIcon,
 		NewUserDialog,
+		AddExistingUserDialog,
 		UserListFooter,
 		UserListHeader,
 		VirtualList,
@@ -171,8 +176,16 @@
 		},
 
 		groups() {
-			return this.$store.getters.getSortedGroups
-				.filter(group => group.id !== '__nc_internal_recent' && group.id !== 'disabled')
+                        return this.$store.getters.getSortedGroups
+                                .filter(group => group.id !== '__nc_internal_recent' && group.id !== 'disabled')
+		},
+
+		currentGroup() {
+				const gid = this.selectedGroup
+				if (!gid) {
+						return null
+				}
+				return this.groups.find(g => g.id === gid) || null
 		},
 
 		quotaOptions() {
@@ -309,10 +322,17 @@
 		},
 
 		closeDialog() {
-			this.$store.commit('setShowConfig', {
-				key: 'showNewUserForm',
-				value: false,
-			})
+                       this.$store.commit('setShowConfig', {
+                               key: 'showNewUserForm',
+                               value: false,
+                       })
+		},
+
+		closeAddExistingDialog() {
+				this.$store.commit('setShowConfig', {
+						key: 'showAddExistingUserForm',
+						value: false,
+				})
 		},
 
 		async search({ query }) {

@@ -0,0 +1,178 @@
+<!--
+  - SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+  - SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+<template>
+    <NcDialog
+      class="dialog"
+      size="small"
+      :name="t('settings', 'Add existing account')"
+      out-transition
+      v-on="$listeners"
+    >
+      <form
+        id="add-existing-user-form"
+        class="dialog__form"
+        @submit.prevent="submit"
+      >
+        <NcSelect
+          v-model="selectedUser"
+          class="dialog__select"
+          :options="possibleUsers"
+          :placeholder="t('settings', 'Search accounts')"
+          :user-select="true"
+          :dropdown-should-open="dropdownShouldOpen"
+          label="displayname"
+          @search="searchUsers"
+        />
+        <NcSelect
+          v-model="selectedGroup"
+          class="dialog__select"
+          :options="availableGroups"
+          :placeholder="t('settings', 'Select group')"
+          label="name"
+          :disabled="preselectedGroup"
+          :clearable="false"
+        />
+      </form>
+      <template #actions>
+        <NcButton
+          class="dialog__submit"
+          form="add-existing-user-form"
+          type="primary"
+          native-type="submit"
+        >
+          {{ t('settings', 'Add to group') }}
+        </NcButton>
+      </template>
+    </NcDialog>
+  </template>
+
+  <script>
+  import { t } from '@nextcloud/l10n'
+  import NcDialog from '@nextcloud/vue/components/NcDialog'
+  import NcSelect from '@nextcloud/vue/components/NcSelect'
+  import NcButton from '@nextcloud/vue/components/NcButton'
+  import { showError } from '@nextcloud/dialogs'
+  import { confirmPassword } from '@nextcloud/password-confirmation'
+  import logger from '../../logger.ts'
+
+  export default {
+    name: 'AddExistingUserDialog',
+    components: { NcDialog, NcSelect, NcButton },
+    props: {
+      group: {
+        type: Object,
+        default: null,
+      },
+    },
+    data() {
+      return {
+        possibleUsers: [],
+        selectedUser: null,
+        availableGroups: [],
+        selectedGroup: null,
+        preselectedGroup: false,
+        promise: null,
+      }
+    },
+    mounted() {
+      // only subadmins see a filtered list
+      this.availableGroups = this.$store.getters.getSubAdminGroups
+      if (this.group) {
+        this.selectedGroup = this.group
+        this.preselectedGroup = true
+      }
+    },
+    methods: {
+      t,
+      async searchUsers(query) {
+        if (this.promise) {
+          this.promise.cancel?.()
+        }
+        try {
+          this.promise = this.$store.dispatch('searchUsers', {
+            offset: 0,
+            limit: 10,
+            search: query,
+          })
+          const resp = await this.promise
+          this.possibleUsers = resp?.data
+            ? Object.values(resp.data.ocs.data.users)
+            : []
+        } catch (error) {
+          logger.error(t('settings', 'Failed to search accounts'), { error })
+        } finally {
+          this.promise = null
+        }
+      },
+        /**
+         * Only open the dropdown once there's some text in the search-box.
+         * @param {object} vm  the vue-select instance
+         * @returns {boolean}
+         */
+        dropdownShouldOpen(vm) {
+            return vm.search && vm.search.length > 0;
+        },
+      async submit() {
+        if (!this.selectedUser || !this.selectedGroup) {
+          return
+        }
+
+        // require the admin to re-enter their password
+        try {
+          await confirmPassword()
+        } catch {
+          showError(t('settings', 'Password confirmation is required'))
+          return
+        }
+
+        try {
+          // now that we've confirmed, call the action (it will include the
+          // proper header automatically)
+          await this.$store.dispatch('addUserGroup', {
+            userid: this.selectedUser.id,
+            gid: this.selectedGroup.id,
+          })
+          // if this user wasn’t in the list yet, fetch their details
+          if (
+            !this.$store.getters
+              .getUsers.find((u) => u.id === this.selectedUser.id)
+          ) {
+            const resp = await this.$store.dispatch(
+              'getUser',
+              this.selectedUser.id
+            )
+            if (resp) {
+              this.$store.commit('addUserData', resp)
+            }
+          }
+          this.$emit('closing')
+        } catch (error) {
+          logger.error(t('settings', 'Failed to add user to group'), { error })
+          showError(t('settings', 'Failed to add user to group'))
+        }
+      },
+    },
+  }
+  </script>
+
+  <style scoped lang="scss">
+  .dialog {
+    &__form {
+      display: flex;
+      flex-direction: column;
+      align-items: center;
+      padding: 0 8px;
+      gap: 4px 0;
+    }
+    &__select {
+      width: 100%;
+    }
+    &__submit {
+      margin-top: 4px;
+      margin-bottom: 8px;
+    }
+  }
+  </style>
+
@@ -2,7 +2,6 @@
  * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
-
 import { getBuilder } from '@nextcloud/browser-storage'
 import { getCapabilities } from '@nextcloud/capabilities'
 import { parseFileSize } from '@nextcloud/files'
@@ -53,6 +52,7 @@ const state = {
 		showFirstLogin: localStorage.getItem('account_settings__showFirstLogin') === 'true',
 		showLastLogin: localStorage.getItem('account_settings__showLastLogin') === 'true',
 		showNewUserForm: localStorage.getItem('account_settings__showNewUserForm') === 'true',
+		showAddExistingUserForm: localStorage.getItem('account_settings__showAddExistingUserForm') === 'true',
 		showLanguages: localStorage.getItem('account_settings__showLanguages') === 'true',
 	},
 }
@@ -106,6 +106,13 @@ const mutations = {
 	addUserGroup(state, { userid, gid }) {
 		const group = state.groups.find(groupSearch => groupSearch.id === gid)
 		const user = state.users.find(user => user.id === userid)
+
+		// Safety check: ensure user exists
+		if (!user) {
+			console.warn(`Cannot add user ${userid} to group ${gid}: user not found in store`)
+			return
+		}
+
 		// increase count if user is enabled
 		if (group && user.enabled && state.userCount > 0) {
 			group.usercount++
@@ -331,13 +338,32 @@ const actions = {
 	searchUsers(context, { offset, limit, search }) {
 		search = typeof search === 'string' ? search : ''
 
-		return api.get(generateOcsUrl('cloud/users/details?offset={offset}&limit={limit}&search={search}', { offset, limit, search })).catch((error) => {
-			if (!axios.isCancel(error)) {
-				context.commit('API_FAILURE', error)
-			}
-		})
+		const isAdmin = usersSettings.isAdmin || usersSettings.isDelegatedAdmin
+		const endpoint = isAdmin ? 'cloud/users/details' : 'cloud/users/search'
+
+		return api.get(generateOcsUrl(`${endpoint}?offset={offset}&limit={limit}&search={search}`, { offset, limit, search }))
+				.then((response) => {
+						if (!isAdmin) {
+								const normalized = {}
+								const users = response.data.ocs.data.users
+								Object.keys(users).forEach((id) => {
+										normalized[id] = {
+												id,
+												displayname: users[id],
+										}
+								})
+								response.data.ocs.data.users = normalized
+						}
+						return response
+				})
+				.catch((error) => {
+						if (!axios.isCancel(error)) {
+								context.commit('API_FAILURE', error)
+						}
+				})
 	},
 
+
 	/**
 	 * Get user details
 	 *