def list_user_shared_items(self, request, repo_id, path):
if is_org_context(request):
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
repo_owner = seafile_api.get_org_repo_owner(repo_id)
org_id = request.user.org.org_id
if path == '/':
share_items = seafile_api.list_org_repo_shared_to(org_id,
repo_owner, repo_id)
else:
share_items = seafile_api.get_org_shared_users_for_subdir(org_id,
repo_id, path, repo_owner)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
if path == '/':
share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(repo_id,
path, repo_owner)
# change is_admin to True if user is repo admin.
admin_users = ExtraSharePermission.objects.get_admin_users_by_repo(repo_id)
ret = []
for item in share_items:
ret.append({
"share_type": "user",
"user_info": {
"name": item.user,
"nickname": email2nickname(item.user),
},
"permission": item.perm,
"is_admin": item.user in admin_users
})
return ret
def get_related_users_by_repo(repo_id, org_id=None):
""" Return all users who can view this library.
1. repo owner
2. users repo has been shared to
3. members of groups repo has been shared to
"""
users = []
if org_id:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
user_shared_to = seafile_api.list_org_repo_shared_to(org_id,
repo_owner, repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
user_shared_to = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
# 1. repo owner
users.append(repo_owner)
# 2. users repo has been shared to
for user in user_shared_to:
users.append(user.user)
# 3. members of groups repo has been shared to
groups = get_shared_groups_by_repo(repo_id, org_id)
for group in groups:
members = ccnet_api.get_group_members(group.id)
for member in members:
if member.user_name not in users:
users.append(member.user_name)
return users
def test_share_repo_to_user(repo, permission):
assert api.check_permission(repo.id, USER) == 'rw'
assert api.check_permission(repo.id, USER2) is None
assert api.repo_has_been_shared(repo.id) == False
api.share_repo(repo.id, USER, USER2, permission)
assert api.check_permission(repo.id, USER2) == permission
assert api.repo_has_been_shared(repo.id)
repos = api.get_share_in_repo_list(USER2, 0, 1)
assert_repo_with_permission(repo, repos, permission)
repos = api.get_share_out_repo_list(USER, 0, 1)
assert_repo_with_permission(repo, repos, permission)
users = api.list_repo_shared_to(USER, repo.id)
assert len(users) == 1
assert users[0].repo_id == repo.id
assert users[0].user == USER2
assert users[0].perm == permission
api.remove_share(repo.id, USER, USER2)
assert api.check_permission(repo.id, USER2) is None
def get_related_users_by_repo(repo_id, org_id=None):
""" Return all users who can view this library.
1. repo owner
2. users repo has been shared to
3. members of groups repo has been shared to
"""
users = []
if org_id:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
user_shared_to = seafile_api.list_org_repo_shared_to(org_id,
repo_owner, repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
user_shared_to = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
# 1. repo owner
users.append(repo_owner)
# 2. users repo has been shared to
for user in user_shared_to:
users.append(user.user)
# 3. members of groups repo has been shared to
groups = get_shared_groups_by_repo(repo_id, org_id)
for group in groups:
members = ccnet_api.get_group_members(group.id)
for member in members:
if member.user_name not in users:
users.append(member.user_name)
return users
def list_user_shared_items(self, request, repo_id, path):
username = request.user.username
if is_org_context(request):
org_id = request.user.org.org_id
if path == '/':
share_items = seafile_api.list_org_repo_shared_to(org_id,
username, repo_id)
else:
share_items = seafile_api.get_org_shared_users_for_subdir(org_id,
repo_id, path, username)
else:
if path == '/':
share_items = seafile_api.list_repo_shared_to(username, repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(repo_id,
path, username)
ret = []
for item in share_items:
ret.append({
"share_type": "user",
"user_info": {
"name": item.user,
"nickname": email2nickname(item.user),
},
"permission": item.perm,
})
return ret
def get_repo_shared_users(repo_id, repo_owner, include_groups=True):
"""Return a list contains users and group users. Repo owner is ommited.
"""
ret = []
users = seafile_api.list_repo_shared_to(repo_owner, repo_id)
ret += [x.user for x in users]
if include_groups:
for e in seafile_api.list_repo_shared_group_by_user(repo_owner, repo_id):
g_members = seaserv.get_group_members(e.group_id)
ret += [x.user_name for x in g_members if x.user_name != repo_owner]
return list(set(ret))
def get_repo_shared_users(repo_id, repo_owner, include_groups=True):
"""Return a list contains users and group users. Repo owner is ommited.
"""
ret = []
users = seafile_api.list_repo_shared_to(repo_owner, repo_id)
ret += [x.user for x in users]
if include_groups:
for e in seafile_api.list_repo_shared_group_by_user(repo_owner, repo_id):
g_members = seaserv.get_group_members(e.group_id)
ret += [x.user_name for x in g_members if x.user_name != repo_owner]
return list(set(ret))
def get_repo_shared_to_users(self, request, repo_id):
username = request.user.username
if is_org_context(request):
org_id = request.user.org.org_id
share_items = seafile_api.list_org_repo_shared_to(org_id, username, repo_id)
else:
share_items = seafile_api.list_repo_shared_to(username, repo_id)
ret = []
for item in share_items:
ret.append(item.user)
return ret
def get_repo_shared_to_users(self, request, repo_id):
username = request.user.username
if is_org_context(request):
org_id = request.user.org.org_id
share_items = seafile_api.list_org_repo_shared_to(
org_id, username, repo_id)
else:
share_items = seafile_api.list_repo_shared_to(username, repo_id)
ret = []
for item in share_items:
ret.append(item.user)
return ret
def has_shared_to_user(repo_id, path, username, org_id=None):
if is_valid_org_id(org_id):
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
repo_owner = seafile_api.get_org_repo_owner(repo_id)
if path == '/':
share_items = seafile_api.list_org_repo_shared_to(
org_id, repo_owner, repo_id)
else:
share_items = seafile_api.get_org_shared_users_for_subdir(
org_id, repo_id, path, repo_owner)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
if path == '/':
share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(
repo_id, path, repo_owner)
return username in [item.user for item in share_items]
def get_shared_users_by_repo_path(self, repo_id, repo_owner, path='/',
org_id=None):
"""
Get user list this repo/folder is shared to.
Return: a list of SharedUser objects (lib/repo.vala)
"""
if is_valid_org_id(org_id):
if path == '/':
return seafile_api.list_org_repo_shared_to(
org_id, repo_owner, repo_id)
else:
return seafile_api.get_org_shared_users_for_subdir(
org_id, repo_id, path, repo_owner)
else:
if path == '/':
return seafile_api.list_repo_shared_to(repo_owner, repo_id)
else:
return seafile_api.get_shared_users_for_subdir(
repo_id, path, repo_owner)
def show_share_info(user, show_groupmembers=False):
shared_repos = seafile_api.get_share_out_repo_list(user, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(user)
shown_repos = set()
if show_groupmembers:
groups = {}
for repo in shared_repos:
if repo.repo_id in shown_repos:
continue
shown_repos.add(repo.repo_id)
if repo.is_virtual:
print("Folder %s of Repo %s, shared to:" %
(repo.origin_path, repo.origin_repo_id))
else:
print("Repo %s (%s), shared to:" % (repo.repo_id, repo.name))
sgroups = seafile_api.list_repo_shared_group(user, repo.repo_id)
print("groups:")
for sgroup in sgroups:
print("%s (%d), %s" % (ccnet_api.get_group(
sgroup.group_id).group_name, sgroup.group_id, sgroup.perm))
if show_groupmembers:
groups[sgroup.group_id] = sgroup
susers = seafile_api.list_repo_shared_to(user, repo.repo_id)
print("users:")
for suser in susers:
print("%s, %s" % (suser.user, suser.perm))
print("\n")
if show_groupmembers:
print("\ngroup memberships:")
for group in groups.values():
print("group %s (%d):" % (ccnet_api.get_group(
group.group_id).group_name, group.group_id))
gusers = ccnet_api.get_group_members(group.group_id)
for guser in gusers:
print("%s" % (guser.user_name))
print("")
def list_user_shared_items(self, request, repo_id, path):
repo_owner = seafile_api.get_repo_owner(repo_id)
if path == '/':
share_items = seafile_api.list_repo_shared_to(repo_owner,
repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(repo_id,
path, repo_owner)
ret = []
for item in share_items:
email = item.user
ret.append({
"user_email": email,
"user_name": email2nickname(email),
"user_contact_email": email2contact_email(email),
"permission": item.perm
})
return ret
def has_shared_to_user(repo_id, path, username, org_id=None):
if is_valid_org_id(org_id):
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
repo_owner = seafile_api.get_org_repo_owner(repo_id)
if path == '/':
share_items = seafile_api.list_org_repo_shared_to(org_id,
repo_owner,
repo_id)
else:
share_items = seafile_api.get_org_shared_users_for_subdir(org_id,
repo_id,
path,
repo_owner)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
if path == '/':
share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(repo_id,
path, repo_owner)
return username in [item.user for item in share_items]
def get_shared_users_by_repo_path(self,
repo_id,
repo_owner,
path='/',
org_id=None):
"""
Get user list this repo/folder is shared to.
Return: a list of SharedUser objects (lib/repo.vala)
"""
if is_valid_org_id(org_id):
if path == '/':
return seafile_api.list_org_repo_shared_to(
org_id, repo_owner, repo_id)
else:
return seafile_api.get_org_shared_users_for_subdir(
org_id, repo_id, path, repo_owner)
else:
if path == '/':
return seafile_api.list_repo_shared_to(repo_owner, repo_id)
else:
return seafile_api.get_shared_users_for_subdir(
repo_id, path, repo_owner)
def get(self, request, repo_id):
""" Return repo share info
Permission checking:
1. all authenticated user can perform this action.
"""
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
permission = check_folder_permission(request, repo_id, '/')
if not permission:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
repo_owner = seafile_api.get_org_repo_owner(org_id, repo_id)
shared_users = seafile_api.list_org_repo_shared_to(
repo_owner, repo_id)
shared_groups = seafile_api.list_org_repo_shared_group(
org_id, repo_owner, repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
shared_users = seafile_api.list_repo_shared_to(repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
result = {
"shared_user_emails": [item.user for item in shared_users],
"shared_group_ids": [item.group_id for item in shared_groups],
}
return Response(result)
def test_user_management(repo):
email1 = '%s@%s.com' % (randstring(6), randstring(6))
email2 = '%s@%s.com' % (randstring(6), randstring(6))
passwd1 = 'randstring(6)'
passwd2 = 'randstring(6)'
ccnet_api.add_emailuser(email1, passwd1, 1, 1)
ccnet_api.add_emailuser(email2, passwd2, 0, 0)
ccnet_email1 = ccnet_api.get_emailuser(email1)
ccnet_email2 = ccnet_api.get_emailuser(email2)
assert ccnet_email1.is_active == True
assert ccnet_email1.is_staff == True
assert ccnet_email2.is_active == False
assert ccnet_email2.is_staff == False
assert ccnet_api.validate_emailuser(email1, passwd1) == 0
assert ccnet_api.validate_emailuser(email2, passwd2) == 0
users = ccnet_api.search_emailusers('DB', email1, -1, -1)
assert len(users) == 1
user_ccnet = users[0]
assert user_ccnet.email == email1
user_counts = ccnet_api.count_emailusers('DB')
user_numbers = ccnet_api.get_emailusers('DB', -1, -1)
ccnet_api.update_emailuser('DB', ccnet_email2.id, passwd2, 1, 1)
email2_new = ccnet_api.get_emailuser(email2)
assert email2_new.is_active == True
assert email2_new.is_staff == True
#test group when update user id
id1 = ccnet_api.create_group('group1', email1, parent_group_id=-1)
assert id1 != -1
group1 = ccnet_api.get_group(id1)
assert group1.parent_group_id == -1
# test shared repo when update user id
api.share_repo(repo.id, USER, email1, "rw")
assert api.repo_has_been_shared(repo.id)
new_email1 = '%s@%s.com' % (randstring(6), randstring(6))
assert ccnet_api.update_emailuser_id(email1, new_email1) == 0
shared_users = api.list_repo_shared_to(USER, repo.id)
assert len(shared_users) == 1
assert shared_users[0].repo_id == repo.id
assert shared_users[0].user == new_email1
assert shared_users[0].perm == "rw"
api.remove_share(repo.id, USER, new_email1)
email1_groups = ccnet_api.get_groups(new_email1)
assert len(email1_groups) == 1
assert email1_groups[0].id == id1
rm1 = ccnet_api.remove_group(id1)
assert rm1 == 0
ccnet_api.remove_emailuser('DB', new_email1)
ccnet_api.remove_emailuser('DB', email2)
def put(self, request, repo_id, format=None):
""" transfer a library
Permission checking:
1. only admin can perform this action.
"""
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_owner = request.data.get('owner', None)
if not new_owner:
error_msg = 'owner invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if MULTI_TENANCY:
try:
if seafserv_threaded_rpc.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner,
shared_username, shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not ccnet_api.is_group_user(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id,
new_owner, shared_group.perm)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def get(self, request, repo, path, share_type):
""" List user/group shares
Permission checking:
1. admin user.
"""
result = []
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
if share_type == 'user':
try:
if path == '/':
share_items = seafile_api.list_repo_shared_to(
repo_owner, repo.repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(
repo.repo_id, path, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
admin_users = ExtraSharePermission.objects.get_admin_users_by_repo(
repo.repo_id)
for share_item in share_items:
user_email = share_item.user
user_name = email2nickname(user_email) if user_email else '--'
share_info = {}
share_info['repo_id'] = repo.repo_id
share_info['path'] = path
share_info['share_type'] = share_type
share_info['user_email'] = user_email
share_info['user_name'] = user_name
share_info['permission'] = share_item.perm
share_info['is_admin'] = user_email in admin_users
result.append(share_info)
if share_type == 'group':
try:
if path == '/':
share_items = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo.repo_id)
else:
share_items = seafile_api.get_shared_groups_for_subdir(
repo.repo_id, path, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
admin_groups = ExtraGroupsSharePermission.objects.get_admin_groups_by_repo(
repo.repo_id)
for share_item in share_items:
group_id = share_item.group_id
group = ccnet_api.get_group(group_id)
group_name = group.group_name if group else '--'
share_info = {}
share_info['repo_id'] = repo.repo_id
share_info['path'] = path
share_info['share_type'] = share_type
share_info['group_id'] = group_id
share_info['group_name'] = group_name
share_info['permission'] = share_item.perm
share_info['is_admin'] = group_id in admin_groups
result.append(share_info)
return Response(result)
def put(self, request, repo_id, format=None):
""" update a library status, transfer a library, rename a library
Permission checking:
1. only admin can perform this action.
"""
# argument check
new_status = request.data.get('status', None)
if new_status:
if new_status not in ('normal', 'read-only'):
error_msg = 'status invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_repo_name = request.data.get('name', None)
if new_repo_name:
if not is_valid_dirent_name(new_repo_name):
error_msg = 'name invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_owner = request.data.get('owner', None)
if new_owner:
if not is_valid_email(new_owner):
error_msg = 'owner invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_status:
try:
seafile_api.set_repo_status(repo_id, normalize_repo_status_str(new_status))
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if new_repo_name:
try:
res = seafile_api.edit_repo(repo_id, new_repo_name, '', None)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if res == -1:
e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \
repo_id
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if new_owner:
try:
new_owner_obj = User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not new_owner_obj.permissions.can_add_repo():
error_msg = _('Transfer failed: role of %s is %s, can not add library.') % \
(new_owner, new_owner_obj.role)
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if MULTI_TENANCY:
try:
if seafile_api.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
if new_owner == repo_owner:
error_msg = _("Library can not be transferred to owner.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner,
shared_username, shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not is_group_member(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id,
new_owner, shared_group.perm)
# reshare repo to links
try:
UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo.name,
"from": repo_owner,
"to": new_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=REPO_TRANSFER, detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def put(self, request, repo_id, format=None):
""" transfer a library
Permission checking:
1. only admin can perform this action.
"""
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_owner = request.data.get('owner', None)
if not new_owner:
error_msg = 'owner invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
new_owner_obj = User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not new_owner_obj.permissions.can_add_repo():
error_msg = 'Transfer failed: role of %s is %s, can not add library.' % \
(new_owner, new_owner_obj.role)
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if MULTI_TENANCY:
try:
if seafserv_threaded_rpc.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner, shared_username,
shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not ccnet_api.is_group_user(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id, new_owner,
shared_group.perm)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo.name,
"from": repo_owner,
"to": new_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=REPO_TRANSFER,
detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def put(self, request, repo_id, format=None):
""" transfer a library, rename a library
Permission checking:
1. only admin can perform this action.
"""
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_repo_name = request.data.get('name', None)
if new_repo_name:
try:
res = seafile_api.edit_repo(repo_id, new_repo_name, '', None)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if res == -1:
e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \
repo_id
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_owner = request.data.get('owner', None)
if new_owner:
try:
new_owner_obj = User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not new_owner_obj.permissions.can_add_repo():
error_msg = _(u'Transfer failed: role of %s is %s, can not add library.') % \
(new_owner, new_owner_obj.role)
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if MULTI_TENANCY:
try:
if seafile_api.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
if new_owner == repo_owner:
error_msg = _(u"Library can not be transferred to owner.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner,
shared_username, shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not is_group_member(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id,
new_owner, shared_group.perm)
# reshare repo to links
try:
UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo.name,
"from": repo_owner,
"to": new_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=REPO_TRANSFER, detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def list_lib_dir(request, repo_id):
'''
New ajax API for list library directory
'''
content_type = 'application/json; charset=utf-8'
result = {}
repo = get_repo(repo_id)
if not repo:
err_msg = _(u'Library does not exist.')
return HttpResponse(json.dumps({'error': err_msg}),
status=400, content_type=content_type)
username = request.user.username
path = request.GET.get('p', '/')
if path[-1] != '/':
path = path + '/'
# perm for current dir
user_perm = check_folder_permission(request, repo.id, path)
if user_perm is None:
err_msg = _(u'Permission denied.')
return HttpResponse(json.dumps({'error': err_msg}),
status=403, content_type=content_type)
if repo.encrypted \
and not seafile_api.is_password_set(repo.id, username):
err_msg = _(u'Library is encrypted.')
return HttpResponse(json.dumps({'error': err_msg, 'lib_need_decrypt': True}),
status=403, content_type=content_type)
head_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id)
if not head_commit:
err_msg = _(u'Error: no head commit id')
return HttpResponse(json.dumps({'error': err_msg}),
status=500, content_type=content_type)
dir_list = []
file_list = []
try:
dir_id = seafile_api.get_dir_id_by_path(repo.id, path)
except SearpcError as e:
logger.error(e)
err_msg = 'Internal Server Error'
return HttpResponse(json.dumps({'error': err_msg}),
status=500, content_type=content_type)
if not dir_id:
err_msg = 'Folder not found.'
return HttpResponse(json.dumps({'error': err_msg}),
status=404, content_type=content_type)
dirs = seafserv_threaded_rpc.list_dir_with_perm(repo_id, path, dir_id,
username, -1, -1)
starred_files = get_dir_starred_files(username, repo_id, path)
for dirent in dirs:
dirent.last_modified = dirent.mtime
if stat.S_ISDIR(dirent.mode):
dpath = posixpath.join(path, dirent.obj_name)
if dpath[-1] != '/':
dpath += '/'
dir_list.append(dirent)
else:
if repo.version == 0:
file_size = seafile_api.get_file_size(repo.store_id, repo.version, dirent.obj_id)
else:
file_size = dirent.size
dirent.file_size = file_size if file_size else 0
dirent.starred = False
fpath = posixpath.join(path, dirent.obj_name)
if fpath in starred_files:
dirent.starred = True
file_list.append(dirent)
if is_org_context(request):
repo_owner = seafile_api.get_org_repo_owner(repo.id)
else:
repo_owner = seafile_api.get_repo_owner(repo.id)
result["is_repo_owner"] = False
result["has_been_shared_out"] = False
if repo_owner == username:
result["is_repo_owner"] = True
try:
if is_org_context(request):
org_id = request.user.org.org_id
is_inner_org_pub_repo = False
# check if current repo is pub-repo
org_pub_repos = seafile_api.list_org_inner_pub_repos_by_owner(
org_id, username)
for org_pub_repo in org_pub_repos:
if repo_id == org_pub_repo.id:
is_inner_org_pub_repo = True
break
if seafile_api.list_org_repo_shared_group(org_id, username, repo_id) or \
seafile_api.list_org_repo_shared_to(org_id, username, repo_id) or \
is_inner_org_pub_repo:
result["has_been_shared_out"] = True
else:
if seafile_api.list_repo_shared_to(username, repo_id) or \
seafile_api.list_repo_shared_group_by_user(username, repo_id) or \
(not request.cloud_mode and seafile_api.is_inner_pub_repo(repo_id)):
result["has_been_shared_out"] = True
except Exception as e:
logger.error(e)
result["is_virtual"] = repo.is_virtual
result["repo_name"] = repo.name
result["user_perm"] = user_perm
# check quota for fileupload
result["no_quota"] = True if seaserv.check_quota(repo.id) < 0 else False
result["encrypted"] = repo.encrypted
dirent_list = []
for d in dir_list:
d_ = {}
d_['is_dir'] = True
d_['obj_name'] = d.obj_name
d_['last_modified'] = d.last_modified
d_['last_update'] = translate_seahub_time(d.last_modified)
d_['p_dpath'] = posixpath.join(path, d.obj_name)
d_['perm'] = d.permission # perm for sub dir in current dir
dirent_list.append(d_)
size = int(request.GET.get('thumbnail_size', THUMBNAIL_DEFAULT_SIZE))
for f in file_list:
f_ = {}
f_['is_file'] = True
f_['file_icon'] = file_icon_filter(f.obj_name)
f_['obj_name'] = f.obj_name
f_['last_modified'] = f.last_modified
f_['last_update'] = translate_seahub_time(f.last_modified)
f_['starred'] = f.starred
f_['file_size'] = filesizeformat(f.file_size)
f_['obj_id'] = f.obj_id
f_['perm'] = f.permission # perm for file in current dir
file_type, file_ext = get_file_type_and_ext(f.obj_name)
if file_type == IMAGE:
f_['is_img'] = True
if not repo.encrypted and ENABLE_THUMBNAIL and \
os.path.exists(os.path.join(THUMBNAIL_ROOT, str(size), f.obj_id)):
file_path = posixpath.join(path, f.obj_name)
src = get_thumbnail_src(repo_id, size, file_path)
f_['encoded_thumbnail_src'] = urlquote(src)
if is_pro_version():
f_['is_locked'] = True if f.is_locked else False
f_['lock_owner'] = f.lock_owner
f_['lock_owner_name'] = email2nickname(f.lock_owner)
if username == f.lock_owner:
f_['locked_by_me'] = True
else:
f_['locked_by_me'] = False
dirent_list.append(f_)
result["dirent_list"] = dirent_list
return HttpResponse(json.dumps(result), content_type=content_type)
def get(self, request, repo, path, share_type):
""" List user/group shares
Permission checking:
1. admin user.
"""
result = []
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo.repo_id)
if share_type == 'user':
try:
if path == '/':
share_items = seafile_api.list_repo_shared_to(
repo_owner, repo.repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(
repo.repo_id, path, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
admin_users = ExtraSharePermission.objects.get_admin_users_by_repo(repo.repo_id)
for share_item in share_items:
user_email = share_item.user
user_name = email2nickname(user_email) if user_email else '--'
share_info = {}
share_info['repo_id'] = repo.repo_id
share_info['path'] = path
share_info['share_type'] = share_type
share_info['user_email'] = user_email
share_info['user_name'] = user_name
share_info['permission'] = share_item.perm
share_info['is_admin'] = user_email in admin_users
result.append(share_info)
if share_type == 'group':
try:
if path == '/':
share_items = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo.repo_id)
else:
share_items = seafile_api.get_shared_groups_for_subdir(
repo.repo_id, path, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
admin_groups = ExtraGroupsSharePermission.objects.get_admin_groups_by_repo(repo.repo_id)
for share_item in share_items:
group_id = share_item.group_id
group = ccnet_api.get_group(group_id)
group_name = group.group_name if group else '--'
share_info = {}
share_info['repo_id'] = repo.repo_id
share_info['path'] = path
share_info['share_type'] = share_type
share_info['group_id'] = group_id
share_info['group_name'] = group_name
share_info['permission'] = share_item.perm
share_info['is_admin'] = group_id in admin_groups
result.append(share_info)
return Response(result)
