def post(self, request, file_id, format=None):
token = request.GET.get('access_token', None)
request_user, repo_id, file_path = get_file_info_by_token(token=token)
try:
file_obj = request.read()
# get file update url
token = seafile_api.get_fileserver_access_token(
repo_id, 'dummy', 'update', request_user)
if not token:
return HttpResponse(json.dumps({}),
status=500,
content_type=json_content_type)
update_url = gen_inner_file_upload_url('update-api', token)
# update file
files = {
'file': file_obj,
'file_name': os.path.basename(file_path),
'target_file': file_path,
}
requests.post(update_url, files=files)
except Exception as e:
logger.error(e)
return HttpResponse(json.dumps({}),
status=500,
content_type=json_content_type)
return HttpResponse(json.dumps({}),
status=200,
content_type=json_content_type)
def post(self, request):
""" Save file.
"""
# 在默认情况下,所有的编辑参与者退出编辑5分钟之后,毕升Office会触发回存逻辑;
# 或者在所以用户退出编辑之后,如果有用户再打开预览,也会触发回存。
# {u'action': u'saveBack',
# u'data': {u'changesUrl': u'2bd816895cb7a72dffa4810d2ba5c474/changes.zip',
# u'delta': 10,
# u'docId': u'2bd816895cb7a72dffa4810d2ba5c474',
# u'docURL': u'/s3/draft/...',
# u'modifyBy': [{u'avatar': u'http://192.168.1.113:8000/media/avatars/default.png',
# u'nickName': u'lian',
# u'oid': u'*****@*****.**',
# u'privilege': None,
# u'uid': u'*****@*****.**'}],
# u'unchanged': False},
# u'docId': u'2bd816895cb7a72dffa4810d2ba5c474'}
post_data = json.loads(request.body)
# check action from bisheng server
action = post_data.get('action')
if action != 'saveBack':
return Response()
# ger file basic info
doc_id = post_data.get('docId')
file_info = cache.get('BISHENG_OFFICE_' + doc_id)
username = file_info.get('username')
repo_id = file_info.get('repo_id')
file_path = file_info.get('file_path')
# get content of new editted file
data = post_data.get('data')
file_url = urllib.parse.urljoin(BISHENG_OFFICE_HOST_DOMAIN,
data.get('docURL'))
files = {
'file': requests.get(file_url).content,
'file_name': os.path.basename(file_path),
'target_file': file_path,
}
# prepare update token for seafhttp
fake_obj_id = {
'online_office_update': True,
}
update_token = seafile_api.get_fileserver_access_token(
repo_id, json.dumps(fake_obj_id), 'update', username)
# update file
update_url = gen_inner_file_upload_url('update-api', update_token)
requests.post(update_url, files=files)
return Response()
def post(self, request):
""" Save file.
"""
# 在默认情况下,所有的编辑参与者退出编辑5分钟之后,毕升Office会触发回存逻辑;
# 或者在所以用户退出编辑之后,如果有用户再打开预览,也会触发回存。
# {u'action': u'saveBack',
# u'data': {u'changesUrl': u'2bd816895cb7a72dffa4810d2ba5c474/changes.zip',
# u'delta': 10,
# u'docId': u'2bd816895cb7a72dffa4810d2ba5c474',
# u'docURL': u'/s3/draft/...',
# u'modifyBy': [{u'avatar': u'http://192.168.1.113:8000/media/avatars/default.png',
# u'nickName': u'lian',
# u'oid': u'*****@*****.**',
# u'privilege': None,
# u'uid': u'*****@*****.**'}],
# u'unchanged': False},
# u'docId': u'2bd816895cb7a72dffa4810d2ba5c474'}
post_data = json.loads(request.body)
# check action from bisheng server
action = post_data.get('action')
if action != 'saveBack':
return Response()
# ger file basic info
doc_id = post_data.get('docId')
file_info = cache.get('BISHENG_OFFICE_' + doc_id)
username = file_info.get('username')
repo_id = file_info.get('repo_id')
file_path = file_info.get('file_path')
# get content of new editted file
data = post_data.get('data')
file_url = urlparse.urljoin(BISHENG_OFFICE_HOST_DOMAIN, data.get('docURL'))
files = {
'file': requests.get(file_url).content,
'file_name': os.path.basename(file_path),
'target_file': file_path,
}
# prepare update token for seafhttp
fake_obj_id = {'online_office_update': True,}
update_token = seafile_api.get_fileserver_access_token(
repo_id, json.dumps(fake_obj_id), 'update', username)
# update file
update_url = gen_inner_file_upload_url('update-api', update_token)
requests.post(update_url, files=files)
return Response()
def onlyoffice_editor_callback(request):
#request.body:
# {"key":"Khirz6zTPdfd7","status":1,
# "users":["uid-1488351242769"],
# "actions":[{"type":1,"userid":"uid-1488351242769"}]}
# "key":"Khirz6zTPdfd8","status":2,"url":"https://13.113.111.2/cache/files/Khirz6zTPdfd8_6379/output.docx/output.docx?md5=5oL0qGUqXw72D85f28JaFg==&expires=1488956681&disposition=attachment&ooname=output.docx","changesurl":"https://13.113.111.2/cache/files/Khirz6zTPdfd8_6379/changes.zip/changes.zip?md5=vx3VYwaPEOxtZDA_3yuVrg==&expires=1488956681&disposition=attachment&ooname=output.zip","history":{"serverVersion":"4.2.10","changes":[{"created":"2017-03-01 07:03:11","user":{"id":"uid-1488351774447","name":"Anonymous"}}]},"users":["uid-1488351774447"],"actions":[{"type":0,"userid":"uid-1488351774447"}]}
logger.debug(request.body)
if request.method != 'POST':
return HttpResponse('{"error": 0}')
post_data = json.loads(request.body)
status = int(post_data.get('status', -1))
if status == 2: # document is ready for saving
# the link to the edited document to be saved with the document storage
# service. The link is present when the status value is equal to 2 or 3 only.
url = post_data.get('url')
context = None
if VERIFY_ONLYOFFICE_CERTIFICATE is False:
import ssl
context = ssl._create_unverified_context()
try:
file_content = urllib2.urlopen(url, context=context).read()
except urllib2.URLError as e:
logger.error(e)
else:
# update file
doc_key = post_data.get('key')
doc_info = json.loads(cache.get("ONLYOFFICE_%s" % doc_key))
repo_id = doc_info['repo_id']
file_path = doc_info['file_path']
username = doc_info['username']
update_token = seafile_api.get_fileserver_access_token(
repo_id, 'dummy', 'update', username)
if not update_token:
return HttpResponse('{"error": 0}')
update_url = gen_inner_file_upload_url('update-api', update_token)
files = {
'file': file_content,
'file_name': os.path.basename(file_path),
'target_file': file_path,
}
requests.post(update_url, files=files)
logger.info('%s updated by %s' % (repo_id + file_path, username))
return HttpResponse('{"error": 0}')
def post(self, request, file_id, format=None):
token = request.GET.get('access_token', None)
info_dict = get_file_info_by_token(token)
request_user = info_dict['request_user']
repo_id = info_dict['repo_id']
file_path = info_dict['file_path']
try:
file_obj = request.read()
# get file update url
fake_obj_id = {'online_office_update': True}
token = seafile_api.get_fileserver_access_token(repo_id,
json.dumps(fake_obj_id),
'update',
request_user)
if not token:
return HttpResponse(json.dumps({}), status=500,
content_type=json_content_type)
update_url = gen_inner_file_upload_url('update-api', token)
# update file
files = {'file': (os.path.basename(file_path), file_obj)}
data = {'target_file': file_path}
resp = requests.post(update_url, files=files, data=data)
if resp.status_code != 200:
logger.error('update_url: {}'.format(update_url))
logger.error('parameter file: {}'.format(files['file'][:100]))
logger.error('parameter file_name: {}'.format(files['file_name']))
logger.error('parameter target_file: {}'.format(files['target_file']))
logger.error('response: {}'.format(resp.__dict__))
except Exception as e:
logger.error(e)
return HttpResponse(json.dumps({}), status=500,
content_type=json_content_type)
return HttpResponse(json.dumps({}), status=200,
content_type=json_content_type)
def onlyoffice_editor_callback(request):
""" Callback func of OnlyOffice.
The document editing service informs the document storage service about status of the document editing using the callbackUrl from JavaScript API. The document editing service use the POST request with the information in body.
https://api.onlyoffice.com/editors/callback
"""
if request.method != 'POST':
logger.error('Request method if not POST.')
# The document storage service must return the following response.
# otherwise the document editor will display an error message.
return HttpResponse('{"error": 0}')
# body info of POST rquest when open file on browser
# {u'actions': [{u'type': 1, u'userid': u'uid-1527736776860'}],
# u'key': u'8062bdccf9b4cf809ae3',
# u'status': 1,
# u'users': [u'uid-1527736776860']}
# body info of POST rquest when close file's web page (save file)
# {u'actions': [{u'type': 0, u'userid': u'uid-1527736951523'}],
# u'changesurl': u'...',
# u'history': {u'changes': [{u'created': u'2018-05-31 03:17:17',
# u'user': {u'id': u'uid-1527736577058',
# u'name': u'lian'}},
# {u'created': u'2018-05-31 03:23:55',
# u'user': {u'id': u'uid-1527736951523',
# u'name': u'lian'}}],
# u'serverVersion': u'5.1.4'},
# u'key': u'61484dec693009f3d506',
# u'lastsave': u'2018-05-31T03:23:55.767Z',
# u'notmodified': False,
# u'status': 2,
# u'url': u'...',
# u'users': [u'uid-1527736951523']}
# Defines the status of the document. Can have the following values:
# 0 - no document with the key identifier could be found,
# 1 - document is being edited,
# 2 - document is ready for saving,
# 3 - document saving error has occurred,
# 4 - document is closed with no changes,
# 6 - document is being edited, but the current document state is saved,
# 7 - error has occurred while force saving the document.
# Status 1 is received every user connection to or disconnection from document co-editing.
#
# Status 2 (3) is received 10 seconds after the document is closed for editing with the identifier of the user who was the last to send the changes to the document editing service.
#
# Status 4 is received after the document is closed for editing with no changes by the last user.
#
# Status 6 (7) is received when the force saving request is performed.
post_data = json.loads(request.body)
status = int(post_data.get('status', -1))
if status not in (1, 2, 4, 6):
logger.error('onlyoffice status invalid: {}'.format(status))
return HttpResponse('{"error": 0}')
# get file basic info
doc_key = post_data.get('key')
doc_info = json.loads(cache.get("ONLYOFFICE_%s" % doc_key))
repo_id = doc_info['repo_id']
file_path = doc_info['file_path']
username = doc_info['username']
cache_key = generate_onlyoffice_cache_key(repo_id, file_path)
# save file
if status in (2, 6):
# Defines the link to the edited document to be saved with the document storage service.
# The link is present when the status value is equal to 2 or 3 only.
url = post_data.get('url')
onlyoffice_resp = requests.get(url,
verify=VERIFY_ONLYOFFICE_CERTIFICATE)
if not onlyoffice_resp:
logger.error('[OnlyOffice] No response from file content url.')
return HttpResponse('{"error": 0}')
fake_obj_id = {'online_office_update': True}
update_token = seafile_api.get_fileserver_access_token(
repo_id, json.dumps(fake_obj_id), 'update', username)
if not update_token:
logger.error('[OnlyOffice] No fileserver access token.')
return HttpResponse('{"error": 0}')
# get file content
files = {
'file': onlyoffice_resp.content,
'file_name': os.path.basename(file_path),
'target_file': file_path,
}
# update file
update_url = gen_inner_file_upload_url('update-api', update_token)
requests.post(update_url, files=files)
# 2 - document is ready for saving,
if status == 2:
cache.delete(cache_key)
cache.delete("ONLYOFFICE_%s" % doc_key)
if is_pro_version() and if_locked_by_online_office(
repo_id, file_path):
seafile_api.unlock_file(repo_id, file_path)
# 6 - document is being edited, but the current document state is saved,
if status == 6:
# cache document key when forcesave
cache.set(cache_key, doc_key)
# 4 - document is closed with no changes,
if status == 4:
cache.delete(cache_key)
cache.delete("ONLYOFFICE_%s" % doc_key)
if is_pro_version() and if_locked_by_online_office(repo_id, file_path):
seafile_api.unlock_file(repo_id, file_path)
return HttpResponse('{"error": 0}')
def post(self, request, repo_id, format=None):
""" Create, rename, move, copy, revert file
Permission checking:
1. create: user with 'rw' permission for current parent dir;
2. rename: user with 'rw' permission for current file;
3. move : user with 'rw' permission for current file, 'rw' permission for dst parent dir;
4. copy : user with 'r' permission for current file, 'rw' permission for dst parent dir;
4. revert: user with 'rw' permission for current file's parent dir;
"""
# argument check
path = request.GET.get('p', None)
if not path:
error_msg = 'p invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
path = normalize_file_path(path)
operation = request.data.get('operation', None)
if not operation:
error_msg = 'operation invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
operation = operation.lower()
if operation not in ('create', 'rename', 'move', 'copy', 'revert'):
error_msg = "operation can only be 'create', 'rename', 'move', 'copy' or 'revert'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
username = request.user.username
parent_dir = os.path.dirname(path)
if operation == 'create':
# resource check
try:
parent_dir_id = seafile_api.get_dir_id_by_path(repo_id, parent_dir)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not parent_dir_id:
error_msg = 'Folder %s not found.' % parent_dir
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if check_folder_permission(request, repo_id, parent_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# create new empty file
new_file_name = os.path.basename(path)
if not is_valid_dirent_name(new_file_name):
return api_error(status.HTTP_400_BAD_REQUEST,
'name invalid.')
new_file_name = check_filename_with_rename(repo_id, parent_dir, new_file_name)
try:
seafile_api.post_empty_file(repo_id, parent_dir, new_file_name, username)
except SearpcError, e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# update office file by template
if new_file_name.endswith('.xlsx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.xlsx')
elif new_file_name.endswith('.pptx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.pptx')
elif new_file_name.endswith('.docx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.docx')
else:
empty_file_path = ''
if empty_file_path:
# get file server update url
update_token = seafile_api.get_fileserver_access_token(
repo_id, 'dummy', 'update', username)
if not update_token:
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
update_url = gen_inner_file_upload_url('update-api', update_token)
# update file
new_file_path = posixpath.join(parent_dir, new_file_name)
try:
requests.post(
update_url,
data={'filename': new_file_name, 'target_file': new_file_path},
files={'file': open(empty_file_path, 'rb')}
)
except Exception as e:
logger.error(e)
new_file_path = posixpath.join(parent_dir, new_file_name)
file_info = self.get_file_info(username, repo_id, new_file_path)
return Response(file_info)
def post(self, request, repo_id, format=None):
""" Create, rename, move, copy, revert file
Permission checking:
1. create: user with 'rw' permission for current parent dir;
2. rename: user with 'rw' permission for current file;
3. move : user with 'rw' permission for current file, 'rw' permission for dst parent dir;
4. copy : user with 'r' permission for current file, 'rw' permission for dst parent dir;
4. revert: user with 'rw' permission for current file's parent dir;
"""
# argument check
path = request.GET.get('p', None)
if not path:
error_msg = 'p invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
path = normalize_file_path(path)
operation = request.data.get('operation', None)
if not operation:
error_msg = 'operation invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
operation = operation.lower()
if operation not in ('create', 'rename', 'move', 'copy', 'revert'):
error_msg = "operation can only be 'create', 'rename', 'move', 'copy' or 'revert'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
username = request.user.username
parent_dir = os.path.dirname(path)
is_draft = request.POST.get('is_draft', '')
if operation == 'create':
# resource check
try:
parent_dir_id = seafile_api.get_dir_id_by_path(repo_id, parent_dir)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not parent_dir_id:
error_msg = 'Folder %s not found.' % parent_dir
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if check_folder_permission(request, repo_id, parent_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if is_draft.lower() == 'true':
file_name = os.path.basename(path)
file_dir = os.path.dirname(path)
draft_type = os.path.splitext(file_name)[0][-7:]
file_type = os.path.splitext(file_name)[-1]
if draft_type != '(draft)':
f = os.path.splitext(file_name)[0]
path = file_dir + '/' + f + '(draft)' + file_type
# create new empty file
new_file_name = os.path.basename(path)
if not is_valid_dirent_name(new_file_name):
return api_error(status.HTTP_400_BAD_REQUEST,
'name invalid.')
new_file_name = check_filename_with_rename(repo_id, parent_dir, new_file_name)
try:
seafile_api.post_empty_file(repo_id, parent_dir, new_file_name, username)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if is_draft.lower() == 'true':
Draft.objects.add(username, repo, path, file_exist=False)
# update office file by template
if new_file_name.endswith('.xlsx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.xlsx')
elif new_file_name.endswith('.pptx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.pptx')
elif new_file_name.endswith('.docx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.docx')
else:
empty_file_path = ''
if empty_file_path:
# get file server update url
update_token = seafile_api.get_fileserver_access_token(
repo_id, 'dummy', 'update', username)
if not update_token:
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
update_url = gen_inner_file_upload_url('update-api', update_token)
# update file
new_file_path = posixpath.join(parent_dir, new_file_name)
try:
requests.post(
update_url,
data={'filename': new_file_name, 'target_file': new_file_path},
files={'file': open(empty_file_path, 'rb')}
)
except Exception as e:
logger.error(e)
new_file_path = posixpath.join(parent_dir, new_file_name)
file_info = self.get_file_info(username, repo_id, new_file_path)
return Response(file_info)
if operation == 'rename':
# argument check
new_file_name = request.data.get('newname', None)
if not new_file_name:
error_msg = 'newname invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not is_valid_dirent_name(new_file_name):
return api_error(status.HTTP_400_BAD_REQUEST,
'name invalid.')
if len(new_file_name) > MAX_UPLOAD_FILE_NAME_LEN:
error_msg = 'newname is too long.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
oldname = os.path.basename(path)
if oldname == new_file_name:
error_msg = 'The new name is the same to the old'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
try:
file_id = seafile_api.get_file_id_by_path(repo_id, path)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not file_id:
error_msg = 'File %s not found.' % path
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if check_folder_permission(request, repo_id, parent_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# check file lock
try:
is_locked, locked_by_me = check_file_lock(repo_id, path, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if is_locked and not locked_by_me:
error_msg = _("File is locked")
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# rename file
new_file_name = check_filename_with_rename(repo_id, parent_dir,
new_file_name)
try:
seafile_api.rename_file(repo_id, parent_dir, oldname,
new_file_name, username)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_file_path = posixpath.join(parent_dir, new_file_name)
# rename draft file
filetype, fileext = get_file_type_and_ext(new_file_name)
if filetype == MARKDOWN or filetype == TEXT:
is_draft = is_draft_file(repo.id, path)
review = get_file_draft(repo.id, path, is_draft)
draft_id = review['draft_id']
if is_draft:
try:
draft = Draft.objects.get(pk=draft_id)
draft.draft_file_path = new_file_path
draft.save()
except Draft.DoesNotExist:
pass
file_info = self.get_file_info(username, repo_id, new_file_path)
return Response(file_info)
if operation == 'move':
# argument check
dst_repo_id = request.data.get('dst_repo', None)
dst_dir = request.data.get('dst_dir', None)
if not dst_repo_id:
error_msg = 'dst_repo invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not dst_dir:
error_msg = 'dst_dir invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
dst_dir = normalize_dir_path(dst_dir)
# resource check for source file
try:
file_id = seafile_api.get_file_id_by_path(repo_id, path)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not file_id:
error_msg = 'File %s not found.' % path
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# resource check for dst repo and dir
dst_repo = seafile_api.get_repo(dst_repo_id)
if not dst_repo:
error_msg = 'Library %s not found.' % dst_repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
dst_dir_id = seafile_api.get_dir_id_by_path(dst_repo_id, dst_dir)
if not dst_dir_id:
error_msg = 'Folder %s not found.' % dst_dir
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check for source file
src_repo_id = repo_id
src_dir = os.path.dirname(path)
if check_folder_permission(request, src_repo_id, src_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# permission check for dst dir
if check_folder_permission(request, dst_repo_id, dst_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# check file lock
try:
is_locked, locked_by_me = check_file_lock(repo_id, path, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if is_locked and not locked_by_me:
error_msg = _("File is locked")
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# move file
if src_repo_id == dst_repo_id and src_dir == dst_dir:
file_info = self.get_file_info(username, repo_id, path)
return Response(file_info)
filename = os.path.basename(path)
new_file_name = check_filename_with_rename(dst_repo_id, dst_dir, filename)
try:
seafile_api.move_file(src_repo_id, src_dir, filename,
dst_repo_id, dst_dir, new_file_name, replace=False,
username=username, need_progress=0, synchronous=1)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
dst_file_path = posixpath.join(dst_dir, new_file_name)
dst_file_info = self.get_file_info(username, dst_repo_id, dst_file_path)
return Response(dst_file_info)
if operation == 'copy':
# argument check
dst_repo_id = request.data.get('dst_repo', None)
dst_dir = request.data.get('dst_dir', None)
if not dst_repo_id:
error_msg = 'dst_repo_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not dst_dir:
error_msg = 'dst_dir invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
dst_dir = normalize_dir_path(dst_dir)
# resource check for source file
try:
file_id = seafile_api.get_file_id_by_path(repo_id, path)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not file_id:
error_msg = 'File %s not found.' % path
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# resource check for dst repo and dir
dst_repo = seafile_api.get_repo(dst_repo_id)
if not dst_repo:
error_msg = 'Library %s not found.' % dst_repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
dst_dir_id = seafile_api.get_dir_id_by_path(dst_repo_id, dst_dir)
if not dst_dir_id:
error_msg = 'Folder %s not found.' % dst_dir
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check for source file
src_repo_id = repo_id
src_dir = os.path.dirname(path)
if parse_repo_perm(check_folder_permission(
request, src_repo_id, src_dir)).can_copy is False:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# permission check for dst dir
if check_folder_permission(request, dst_repo_id, dst_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
filename = os.path.basename(path)
new_file_name = check_filename_with_rename(dst_repo_id, dst_dir, filename)
try:
seafile_api.copy_file(src_repo_id, src_dir, filename, dst_repo_id,
dst_dir, new_file_name, username, 0, synchronous=1)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
dst_file_path = posixpath.join(dst_dir, new_file_name)
dst_file_info = self.get_file_info(username, dst_repo_id, dst_file_path)
return Response(dst_file_info)
if operation == 'revert':
commit_id = request.data.get('commit_id', None)
if not commit_id:
error_msg = 'commit_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if seafile_api.get_file_id_by_path(repo_id, path):
# file exists in repo
if check_folder_permission(request, repo_id, parent_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# check file lock
try:
is_locked, locked_by_me = check_file_lock(repo_id, path, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if is_locked and not locked_by_me:
error_msg = _("File is locked")
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
# file NOT exists in repo
if check_folder_permission(request, repo_id, '/') != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
seafile_api.revert_file(repo_id, commit_id, path, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def post(self, request, repo_id, format=None):
""" Create, rename, move, copy, revert file
Permission checking:
1. create: user with 'rw' permission for current parent dir;
2. rename: user with 'rw' permission for current file;
3. move : user with 'rw' permission for current file, 'rw' permission for dst parent dir;
4. copy : user with 'r' permission for current file, 'rw' permission for dst parent dir;
4. revert: user with 'rw' permission for current file's parent dir;
"""
# argument check
path = request.GET.get('p', None)
if not path:
error_msg = 'p invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
path = normalize_file_path(path)
operation = request.data.get('operation', None)
if not operation:
error_msg = 'operation invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
operation = operation.lower()
if operation not in ('create', 'rename', 'move', 'copy', 'revert'):
error_msg = "operation can only be 'create', 'rename', 'move', 'copy' or 'revert'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
username = request.user.username
parent_dir = os.path.dirname(path)
is_draft = request.POST.get('is_draft', '')
if operation == 'create':
# resource check
try:
parent_dir_id = seafile_api.get_dir_id_by_path(repo_id, parent_dir)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not parent_dir_id:
error_msg = 'Folder %s not found.' % parent_dir
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if check_folder_permission(request, repo_id, parent_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if is_draft.lower() == 'true':
file_name = os.path.basename(path)
file_dir = os.path.dirname(path)
draft_type = os.path.splitext(file_name)[0][-7:]
file_type = os.path.splitext(file_name)[-1]
if draft_type != '(draft)':
f = os.path.splitext(file_name)[0]
path = file_dir + '/' + f + '(draft)' + file_type
# create new empty file
new_file_name = os.path.basename(path)
if not is_valid_dirent_name(new_file_name):
return api_error(status.HTTP_400_BAD_REQUEST,
'name invalid.')
new_file_name = check_filename_with_rename(repo_id, parent_dir, new_file_name)
try:
seafile_api.post_empty_file(repo_id, parent_dir, new_file_name, username)
except SearpcError, e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if is_draft.lower() == 'true':
Draft.objects.add(username, repo, path, file_exist=False)
# update office file by template
if new_file_name.endswith('.xlsx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.xlsx')
elif new_file_name.endswith('.pptx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.pptx')
elif new_file_name.endswith('.docx'):
empty_file_path = os.path.join(OFFICE_TEMPLATE_ROOT, 'empty.docx')
else:
empty_file_path = ''
if empty_file_path:
# get file server update url
update_token = seafile_api.get_fileserver_access_token(
repo_id, 'dummy', 'update', username)
if not update_token:
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
update_url = gen_inner_file_upload_url('update-api', update_token)
# update file
new_file_path = posixpath.join(parent_dir, new_file_name)
try:
requests.post(
update_url,
data={'filename': new_file_name, 'target_file': new_file_path},
files={'file': open(empty_file_path, 'rb')}
)
except Exception as e:
logger.error(e)
new_file_path = posixpath.join(parent_dir, new_file_name)
file_info = self.get_file_info(username, repo_id, new_file_path)
return Response(file_info)
def onlyoffice_editor_callback(request):
""" Callback func of OnlyOffice.
The document editing service informs the document storage service about status of the document editing using the callbackUrl from JavaScript API. The document editing service use the POST request with the information in body.
https://api.onlyoffice.com/editors/callback
"""
if request.method != 'POST':
logger.error('Request method if not POST.')
# The document storage service must return the following response.
# otherwise the document editor will display an error message.
return HttpResponse('{"error": 0}')
#### body info of POST rquest when open file on browser
# {u'actions': [{u'type': 1, u'userid': u'uid-1527736776860'}],
# u'key': u'8062bdccf9b4cf809ae3',
# u'status': 1,
# u'users': [u'uid-1527736776860']}
#### body info of POST rquest when close file's web page (save file)
# {u'actions': [{u'type': 0, u'userid': u'uid-1527736951523'}],
# u'changesurl': u'...',
# u'history': {u'changes': [{u'created': u'2018-05-31 03:17:17',
# u'user': {u'id': u'uid-1527736577058',
# u'name': u'lian'}},
# {u'created': u'2018-05-31 03:23:55',
# u'user': {u'id': u'uid-1527736951523',
# u'name': u'lian'}}],
# u'serverVersion': u'5.1.4'},
# u'key': u'61484dec693009f3d506',
# u'lastsave': u'2018-05-31T03:23:55.767Z',
# u'notmodified': False,
# u'status': 2,
# u'url': u'...',
# u'users': [u'uid-1527736951523']}
# Defines the status of the document. Can have the following values:
# 0 - no document with the key identifier could be found,
# 1 - document is being edited,
# 2 - document is ready for saving,
# 3 - document saving error has occurred,
# 4 - document is closed with no changes,
# 6 - document is being edited, but the current document state is saved,
# 7 - error has occurred while force saving the document.
# Status 1 is received every user connection to or disconnection from document co-editing.
#
# Status 2 (3) is received 10 seconds after the document is closed for editing with the identifier of the user who was the last to send the changes to the document editing service.
#
# Status 4 is received after the document is closed for editing with no changes by the last user.
#
# Status 6 (7) is received when the force saving request is performed.
post_data = json.loads(request.body)
status = int(post_data.get('status', -1))
if status in (2, 6):
# Defines the link to the edited document to be saved with the document storage service.
# The link is present when the status value is equal to 2 or 3 only.
url = post_data.get('url')
onlyoffice_resp = requests.get(url, verify=VERIFY_ONLYOFFICE_CERTIFICATE)
if not onlyoffice_resp:
logger.error('[OnlyOffice] No response from file content url.')
return HttpResponse('{"error": 0}')
# get file basic info
doc_key = post_data.get('key')
doc_info = json.loads(cache.get("ONLYOFFICE_%s" % doc_key))
repo_id = doc_info['repo_id']
file_path = doc_info['file_path']
username = doc_info['username']
fake_obj_id = {'online_office_update': True,}
update_token = seafile_api.get_fileserver_access_token(repo_id,
json.dumps(fake_obj_id), 'update', username)
if not update_token:
logger.error('[OnlyOffice] No fileserver access token.')
return HttpResponse('{"error": 0}')
# get file content
files = {
'file': onlyoffice_resp.content,
'file_name': os.path.basename(file_path),
'target_file': file_path,
}
# update file
update_url = gen_inner_file_upload_url('update-api', update_token)
requests.post(update_url, files=files)
return HttpResponse('{"error": 0}')
def post(self, request):
repo_id = request.data.get('repo_id')
if not repo_id:
error_msg = 'repo_id invalid.'
return api_error(400, error_msg)
file_path = request.data.get('file_path')
if not file_path:
error_msg = 'file_path invalid.'
return api_error(400, error_msg)
file_path = normalize_file_path(file_path)
parent_dir = os.path.dirname(file_path)
file_ext = get_file_ext(file_path)
file_type = get_file_type(file_path)
new_ext = get_internal_extension(file_type)
if not new_ext:
logger.error('[OnlyOffice] Could not generate internal extension.')
error_msg = 'Internal Server Error'
return api_error(500, error_msg)
username = request.user.username
doc_dic = get_onlyoffice_dict(request, username, repo_id, file_path)
new_uri = get_converter_uri(doc_dic["doc_url"], file_ext, new_ext,
doc_dic["doc_key"], False,
request.data.get('file_password'))
if not new_uri:
logger.error('[OnlyOffice] No response from file converter.')
error_msg = 'Internal Server Error'
return api_error(500, error_msg)
onlyoffice_resp = requests.get(new_uri,
verify=VERIFY_ONLYOFFICE_CERTIFICATE)
if not onlyoffice_resp:
logger.error('[OnlyOffice] No response from file content url.')
error_msg = 'Internal Server Error'
return api_error(500, error_msg)
fake_obj_id = {'parent_dir': parent_dir}
upload_token = seafile_api.get_fileserver_access_token(
repo_id, json.dumps(fake_obj_id), 'upload-link', username)
if not upload_token:
logger.error('[OnlyOffice] No fileserver access token.')
error_msg = 'Internal Server Error'
return api_error(500, error_msg)
file_name = get_file_name_without_ext(file_path) + new_ext
file_name = check_filename_with_rename(repo_id, parent_dir, file_name)
files = {'file': (file_name, onlyoffice_resp.content)}
data = {'parent_dir': parent_dir}
upload_url = gen_inner_file_upload_url('upload-api', upload_token)
try:
file_name.encode('ascii')
except UnicodeEncodeError:
def rewrite_request(prepared_request):
old_content = 'filename*=' + email.utils.encode_rfc2231(
file_name, 'utf-8')
old_content = old_content.encode()
# new_content = 'filename="{}"\r\n\r\n'.format(file_name)
new_content = 'filename="{}"'.format(file_name)
new_content = new_content.encode()
prepared_request.body = prepared_request.body.replace(
old_content, new_content)
return prepared_request
resp = requests.post(upload_url,
files=files,
data=data,
auth=rewrite_request)
else:
resp = requests.post(upload_url, files=files, data=data)
if resp.status_code != 200:
logger.error('upload_url: {}'.format(upload_url))
logger.error('parameter file: {}'.format(files['file'][:100]))
logger.error('parameter parent_dir: {}'.format(
files['parent_dir']))
logger.error('response: {}'.format(resp.__dict__))
result = {}
result['parent_dir'] = parent_dir
result['file_name'] = file_name
result['file_path'] = posixpath.join(parent_dir, file_name)
return Response(result)
