def test_get_with_invalid_repo_permission(self):
user_shared_repos = \
seafile_api.get_share_out_repo_list(self.admin_name, -1, -1)
for repo in user_shared_repos:
seafile_api.remove_share(repo.repo_id, self.admin_name, repo.user)
group_shared_repos = seafile_api.get_group_repos_by_owner(
self.admin_name)
for repo in group_shared_repos:
seafile_api.unset_group_repo(repo.repo_id, repo.group_id,
self.admin_name)
public_shared_repos = seafile_api.list_inner_pub_repos_by_owner(
self.admin_name)
for repo in public_shared_repos:
seafile_api.remove_inner_pub_repo(repo.repo_id)
self.share_repo_to_user()
self.share_repo_to_group()
self.share_repo_to_public()
# login with admin, then get user's share repo info
self.login_as(self.admin)
resp = self.client.get(self.url)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert len(json_resp) == 0
def tearDown(self):
seafile_api.remove_share(self.repo_id, self.user_name, self.admin_user)
seafile_api.unset_group_repo(self.repo_id, self.group_id,
self.user_name)
seafile_api.remove_inner_pub_repo(self.repo_id)
self.remove_repo()
def test_can_update_public_share_perm(self):
for r in seaserv.seafserv_threaded_rpc.list_inner_pub_repos():
seafile_api.remove_inner_pub_repo(r.repo_id)
self.share_repo_to_public()
repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
url = reverse('api-v2.1-shared-repo', args=[self.repo_id])
data = 'permission=r&share_type=public'
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
assert repos[0].permission == 'r'
def test_get_inner_pub_repos(repo):
repo = api.get_repo(repo.id)
api.add_inner_pub_repo(repo.id, 'rw')
repos = api.get_inner_pub_repo_list()
assert_public_repos_attr(repo, repos[0])
repos = api.list_inner_pub_repos_by_owner(USER)
assert_public_repos_attr(repo, repos[0])
assert api.remove_inner_pub_repo(repo.id) == 0
def test_can_update_public_share_perm(self):
for r in seaserv.seafserv_threaded_rpc.list_inner_pub_repos():
seafile_api.remove_inner_pub_repo(r.repo_id)
self.share_repo_to_public()
repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
url = reverse('api-v2.1-shared-repo', args=[self.repo_id])
data = 'permission=r&share_type=public'
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
assert repos[0].permission == 'r'
def test_delete_public_share(self):
for r in seaserv.seafserv_threaded_rpc.list_inner_pub_repos():
seafile_api.remove_inner_pub_repo(r.repo_id)
self.share_repo_to_public()
# repo in public
repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
args = '?share_type=public'
url = reverse('api-v2.1-shared-repo', args=[self.repo_id]) + args
resp = self.client.delete(url, {}, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
# repo NOT in public
repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
assert len(repos) == 0
def test_delete_public_share(self):
for r in seaserv.seafserv_threaded_rpc.list_inner_pub_repos():
seafile_api.remove_inner_pub_repo(r.repo_id)
self.share_repo_to_public()
# repo in public
repos = seafile_api.list_inner_pub_repos_by_owner(
self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
args = '?share_type=public'
url = reverse('api-v2.1-shared-repo', args=[self.repo_id]) + args
resp = self.client.delete(url, {}, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
# repo NOT in public
repos = seafile_api.list_inner_pub_repos_by_owner(
self.user_name)
assert len(repos) == 0
def delete(self, request, repo_id, format=None):
""" Unshare a repo.
Permission checking:
1. Only repo owner can unshare a library.
"""
# argument check
share_type = request.GET.get('share_type', None)
if not share_type:
error_msg = 'share_type invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if share_type not in ('personal', 'group', 'public'):
error_msg = "share_type can only be 'personal' or 'group' or 'public'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
return api_error(status.HTTP_404_NOT_FOUND,
'Library %s not found.' % repo_id)
# permission check
username = request.user.username
if is_org_context(request):
repo_owner = seafile_api.get_org_repo_owner(repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
if username != repo_owner:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# delete share
org_id = None
is_org = False
if is_org_context(request):
org_id = request.user.org.org_id
is_org = True
if share_type == 'personal':
user = request.GET.get('user', None)
if not user or not is_valid_username(user):
error_msg = 'user invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
permission = check_user_share_out_permission(
repo_id, '/', user, is_org)
try:
if org_id:
seafile_api.org_remove_share(org_id, repo_id, username,
user)
else:
seafile_api.remove_share(repo_id, username, user)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
send_perm_audit_msg('delete-repo-perm', username, user, repo_id,
'/', permission)
if share_type == 'group':
group_id = request.GET.get('group_id', None)
if not group_id:
error_msg = 'group_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id must be integer.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
permission = check_group_share_out_permission(
repo_id, '/', group_id, is_org)
try:
if is_org:
seaserv.del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
send_perm_audit_msg('delete-repo-perm', username, group_id,
repo_id, '/', permission)
if share_type == 'public':
pub_repos = []
if org_id:
pub_repos = seaserv.list_org_inner_pub_repos(org_id, username)
if not request.cloud_mode:
pub_repos = seaserv.list_inner_pub_repos(username)
try:
if org_id:
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(
org_id, repo_id)
else:
seafile_api.remove_inner_pub_repo(repo_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
permission = ''
for repo in pub_repos:
if repo.repo_id == repo_id:
permission = repo.permission
break
if permission:
send_perm_audit_msg('delete-repo-perm', username, 'all',
repo_id, '/', permission)
return Response({'success': True})
def delete(self, request, repo_id, format=None):
""" Unshare a repo.
Permission checking:
1. Only repo owner can unshare a library.
"""
# argument check
share_type = request.GET.get('share_type', None)
if not share_type:
error_msg = 'share_type invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if share_type not in ('personal', 'group', 'public'):
error_msg = "share_type can only be 'personal' or 'group' or 'public'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id)
# permission check
username = request.user.username
if is_org_context(request):
repo_owner = seafile_api.get_org_repo_owner(repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
if username != repo_owner:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# delete share
org_id = None
if is_org_context(request):
org_id = request.user.org.org_id
if share_type == 'personal':
user = request.GET.get('user', None)
if not user or not is_valid_username(user):
error_msg = 'user invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# if user not found, permission will be None
permission = seafile_api.check_permission_by_path(
repo_id, '/', user)
try:
if org_id:
seafile_api.org_remove_share(org_id, repo_id,
username, user)
else:
seafile_api.remove_share(repo_id, username, user)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
send_perm_audit_msg('delete-repo-perm', username, user,
repo_id, '/', permission)
if share_type == 'group':
group_id = request.GET.get('group_id', None)
if not group_id:
error_msg = 'group_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id must be integer.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# hacky way to get group repo permission
permission = ''
if org_id:
for e in seafile_api.list_org_repo_shared_group(
org_id, username, repo_id):
if e.group_id == group_id:
permission = e.perm
break
else:
for e in seafile_api.list_repo_shared_group_by_user(username, repo_id):
if e.group_id == group_id:
permission = e.perm
break
try:
if org_id:
seaserv.del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
send_perm_audit_msg('delete-repo-perm', username, group_id,
repo_id, '/', permission)
if share_type == 'public':
pub_repos = []
if org_id:
pub_repos = seaserv.list_org_inner_pub_repos(org_id, username)
if not request.cloud_mode:
pub_repos = seaserv.list_inner_pub_repos(username)
try:
if org_id:
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(org_id, repo_id)
else:
seafile_api.remove_inner_pub_repo(repo_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
permission = ''
for repo in pub_repos:
if repo.repo_id == repo_id:
permission = repo.permission
break
if permission:
send_perm_audit_msg('delete-repo-perm', username, 'all', repo_id, '/', permission)
return Response({'success': True})