def delete(self, request, repo, path, share_type):
""" Delete user/group share permission.
Permission checking:
1. admin user.
"""
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
username = request.user.username
share_to = request.data.get('share_to', None)
if share_type == 'user':
email = share_to
if not email or not is_valid_username(email):
error_msg = 'email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not has_shared_to_user(repo.repo_id, path, email):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
permission = check_user_share_out_permission(
repo.repo_id, path, email)
if path == '/':
seafile_api.remove_share(repo.repo_id, repo_owner, email)
else:
seafile_api.unshare_subdir_for_user(
repo.repo_id, path, repo_owner, email)
if path == '/':
ExtraSharePermission.objects.delete_share_permission(
repo.repo_id, email)
send_perm_audit_msg('delete-repo-perm', username, email,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
if share_type == 'group':
group_id = share_to
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not has_shared_to_group(repo.repo_id, path, group_id):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
permission = check_group_share_out_permission(
repo.repo_id, path, group_id)
if path == '/':
seafile_api.unset_group_repo(repo.repo_id, group_id,
repo_owner)
else:
seafile_api.unshare_subdir_for_group(
repo.repo_id, path, repo_owner, group_id)
if path == '/':
ExtraGroupsSharePermission.objects.delete_share_permission(
repo.repo_id, group_id)
send_perm_audit_msg('delete-repo-perm', username, group_id,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
return Response({'success': True})
def put(self, request, repo, path, share_type):
""" Update user/group share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in get_available_repo_perms():
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
share_info = {}
share_info['repo_id'] = repo.repo_id
share_info['path'] = path
share_info['share_type'] = share_type
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
username = request.user.username
share_to = request.data.get('share_to', None)
if share_type == 'user':
email = share_to
if not email or not is_valid_username(email):
error_msg = 'email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not has_shared_to_user(repo.repo_id, path, email):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_user_dir_permission(repo.repo_id, path, repo_owner,
email, permission)
send_perm_audit_msg('modify-repo-perm', username, email,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
share_info['user_email'] = email
share_info['user_name'] = email2nickname(email)
share_info[
'permission'] = PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission
share_info['is_admin'] = permission == PERMISSION_ADMIN
if share_type == 'group':
group_id = share_to
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid.' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %s not found' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not has_shared_to_group(repo.repo_id, path, group_id):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_group_dir_permission(repo.repo_id, path, repo_owner,
group_id, permission)
send_perm_audit_msg('modify-repo-perm', username, group_id,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
share_info['group_id'] = group_id
share_info['group_name'] = group.group_name
share_info[
'permission'] = PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission
share_info['is_admin'] = permission == PERMISSION_ADMIN
return Response(share_info)
def post(self, request, repo, path, share_type):
""" Admin share a library to user/group.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in get_available_repo_perms():
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
share_to = request.data.getlist('share_to')
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
username = request.user.username
if share_type == 'user':
for email in share_to:
if repo_owner == email:
result['failed'].append({
'user_email':
email,
'error_msg':
_('User %s is already library owner.') % email
})
continue
if not is_valid_username(email):
result['failed'].append({
'user_email':
email,
'error_msg':
_('Email %s invalid.') % email
})
continue
try:
User.objects.get(email=email)
except User.DoesNotExist:
result['failed'].append({
'user_email':
email,
'error_msg':
'User %s not found.' % email
})
continue
if has_shared_to_user(repo.repo_id, path, email):
result['failed'].append({
'email':
email,
'error_msg':
_('This item has been shared to %s.') % email
})
continue
try:
share_dir_to_user(repo, path, repo_owner, username, email,
permission)
share_repo_to_user_successful.send(sender=None,
from_user=username,
to_user=email,
repo=repo,
path=path,
org_id=None)
send_perm_audit_msg('add-repo-perm', username, email,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
'user_email':
email,
'error_msg':
'Internal Server Error'
})
continue
result['success'].append({
"repo_id":
repo.repo_id,
"path":
path,
"share_type":
share_type,
"user_email":
email,
"user_name":
email2nickname(email),
"permission":
PERMISSION_READ_WRITE
if permission == PERMISSION_ADMIN else permission,
"is_admin":
permission == PERMISSION_ADMIN
})
if share_type == 'group':
for group_id in share_to:
try:
group_id = int(group_id)
except ValueError as e:
logger.error(e)
result['failed'].append({
'group_id':
group_id,
'error_msg':
'group_id %s invalid.' % group_id
})
continue
group = ccnet_api.get_group(group_id)
if not group:
result['failed'].append({
'group_id':
group_id,
'error_msg':
'Group %s not found' % group_id
})
continue
if has_shared_to_group(repo.repo_id, path, group_id):
result['failed'].append({
'group_name':
group.group_name,
'error_msg':
_('This item has been shared to %s.') %
group.group_name
})
continue
try:
share_dir_to_group(repo, path, repo_owner, username,
group_id, permission)
share_repo_to_group_successful.send(sender=None,
from_user=username,
group_id=group_id,
repo=repo,
path=path,
org_id=None)
send_perm_audit_msg('add-repo-perm', username, group_id,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
"group_id":
group_id,
'error_msg':
'Internal Server Error'
})
continue
result['success'].append({
"repo_id":
repo.repo_id,
"path":
path,
"share_type":
share_type,
"group_id":
group_id,
"group_name":
group.group_name,
"permission":
PERMISSION_READ_WRITE
if permission == PERMISSION_ADMIN else permission,
"is_admin":
permission == PERMISSION_ADMIN
})
return Response(result)
def delete(self, request, repo, path, share_type):
""" Delete user/group share permission.
Permission checking:
1. admin user.
"""
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
username = request.user.username
share_to = request.data.get('share_to', None)
if share_type == 'user':
email = share_to
if not email or not is_valid_username(email):
error_msg = 'email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not has_shared_to_user(repo.repo_id, path, email):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
permission = check_user_share_out_permission(repo.repo_id, path, email)
if path == '/':
seafile_api.remove_share(repo.repo_id, repo_owner, email)
else:
seafile_api.unshare_subdir_for_user(
repo.repo_id, path, repo_owner, email)
if path == '/':
ExtraSharePermission.objects.delete_share_permission(repo.repo_id,
email)
send_perm_audit_msg('delete-repo-perm', username, email,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if share_type == 'group':
group_id = share_to
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not has_shared_to_group(repo.repo_id, path, group_id):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
permission = check_group_share_out_permission(repo.repo_id, path, group_id)
if path == '/':
seafile_api.unset_group_repo(repo.repo_id, group_id, repo_owner)
else:
seafile_api.unshare_subdir_for_group(
repo.repo_id, path, repo_owner, group_id)
if path == '/':
ExtraGroupsSharePermission.objects.delete_share_permission(repo.repo_id,
group_id)
send_perm_audit_msg('delete-repo-perm', username, group_id,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def put(self, request, repo, path, share_type):
""" Update user/group share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in get_available_repo_perms():
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
share_info = {}
share_info['repo_id'] = repo.repo_id
share_info['path'] = path
share_info['share_type'] = share_type
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
username = request.user.username
share_to = request.data.get('share_to', None)
if share_type == 'user':
email = share_to
if not email or not is_valid_username(email):
error_msg = 'email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not has_shared_to_user(repo.repo_id, path, email):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_user_dir_permission(repo.repo_id, path, repo_owner, email, permission)
send_perm_audit_msg('modify-repo-perm', username, email,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
share_info['user_email'] = email
share_info['user_name'] = email2nickname(email)
share_info['permission'] = PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission
share_info['is_admin'] = permission == PERMISSION_ADMIN
if share_type == 'group':
group_id = share_to
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid.' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %s not found' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not has_shared_to_group(repo.repo_id, path, group_id):
error_msg = 'Shared items not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_group_dir_permission(repo.repo_id, path, repo_owner, group_id, permission)
send_perm_audit_msg('modify-repo-perm', username, group_id,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
share_info['group_id'] = group_id
share_info['group_name'] = group.group_name
share_info['permission'] = PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission
share_info['is_admin'] = permission == PERMISSION_ADMIN
return Response(share_info)
def post(self, request, repo, path, share_type):
""" Admin share a library to user/group.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in get_available_repo_perms():
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
share_to = request.data.getlist('share_to')
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
username = request.user.username
if share_type == 'user':
for email in share_to:
if repo_owner == email:
result['failed'].append({
'user_email': email,
'error_msg': _(u'User %s is already library owner.') % email
})
continue
if not is_valid_username(email):
result['failed'].append({
'user_email': email,
'error_msg': _('Email %s invalid.') % email
})
continue
try:
User.objects.get(email=email)
except User.DoesNotExist:
result['failed'].append({
'user_email': email,
'error_msg': 'User %s not found.' % email
})
continue
if has_shared_to_user(repo.repo_id, path, email):
result['failed'].append({
'email': email,
'error_msg': _(u'This item has been shared to %s.') % email
})
continue
try:
share_dir_to_user(repo, path, repo_owner, username, email, permission)
share_repo_to_user_successful.send(sender=None, from_user=username,
to_user=email, repo=repo,
path=path, org_id=None)
send_perm_audit_msg('add-repo-perm', username, email,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
'user_email': email,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
"repo_id": repo.repo_id,
"path": path,
"share_type": share_type,
"user_email": email,
"user_name": email2nickname(email),
"permission": PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission,
"is_admin": permission == PERMISSION_ADMIN
})
if share_type == 'group':
for group_id in share_to:
try:
group_id = int(group_id)
except ValueError as e:
logger.error(e)
result['failed'].append({
'group_id': group_id,
'error_msg': 'group_id %s invalid.' % group_id
})
continue
group = ccnet_api.get_group(group_id)
if not group:
result['failed'].append({
'group_id': group_id,
'error_msg': 'Group %s not found' % group_id
})
continue
if has_shared_to_group(repo.repo_id, path, group_id):
result['failed'].append({
'group_name': group.group_name,
'error_msg': _(u'This item has been shared to %s.') % group.group_name
})
continue
try:
share_dir_to_group(repo, path, repo_owner, username, group_id, permission)
share_repo_to_group_successful.send(sender=None,
from_user=username,
group_id=group_id, repo=repo,
path=path, org_id=None)
send_perm_audit_msg('add-repo-perm', username, group_id,
repo.repo_id, path, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
"group_id": group_id,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
"repo_id": repo.repo_id,
"path": path,
"share_type": share_type,
"group_id": group_id,
"group_name": group.group_name,
"permission": PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission,
"is_admin": permission == PERMISSION_ADMIN
})
return Response(result)