From 3c74e02682fe2d24ad8b8aebfee66f9c9b87d7bd Mon Sep 17 00:00:00 2001
From: Christopher Ng <chrng8@gmail.com>
Date: Mon, 11 Mar 2024 17:53:33 -0700
Subject: [PATCH] fix: Return only administered groups of a user for subadmins

Signed-off-by: Christopher Ng <chrng8@gmail.com>
---
 apps/provisioning_api/lib/Controller/AUserData.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/apps/provisioning_api/lib/Controller/AUserData.php b/apps/provisioning_api/lib/Controller/AUserData.php
index 77d7f31c6daf5..6bba552a420b3 100644
--- a/apps/provisioning_api/lib/Controller/AUserData.php
+++ b/apps/provisioning_api/lib/Controller/AUserData.php
@@ -137,6 +137,9 @@ protected function getUserData(string $userId, bool $includeScopes = false): ?ar
 		$groups = $this->groupManager->getUserGroups($targetUserObject);
 		$gids = [];
 		foreach ($groups as $group) {
+			if (!$this->groupManager->getSubAdmin()->isSubAdminOfGroup($currentLoggedInUser, $group)) {
+				continue;
+			};
 			$gids[] = $group->getGID();
 		}