Ejemplo n.º 1
0
def org_user_remove(request, user_id):
    """Remove an organization user"""
    referer = request.META.get('HTTP_REFERER', None)
    next = reverse('org_user_admin') if referer is None else referer

    try:
        user = User.objects.get(id=int(user_id))
    except User.DoesNotExist:
        messages.error(request,
                       _(u'Failed to delete: the user does not exist'))
        return HttpResponseRedirect(next)

    org = request.user.org
    if not org_user_exists(org.org_id, user.username):
        messages.error(
            request,
            'Failed to delete: the user does not belong to the organization.')
        return HttpResponseRedirect(next)

    if org.creator == user.username:
        messages.error(
            request, 'Failed to delete: the user is an organization creator')
        return HttpResponseRedirect(next)

    org_repos = seafile_api.get_org_owned_repo_list(org.org_id, user.username)
    for repo in org_repos:
        seafile_api.remove_repo(repo.id)

    user.delete()
    unset_org_user(org.org_id, user.username)

    messages.success(request, _('Successfully deleted %s') % user.name)
    return HttpResponseRedirect(next)
Ejemplo n.º 2
0
    def delete(self, request, repo_id, format=None):
        """ delete a library

        Permission checking:
        1. only admin can perform this action.
        """
        if get_system_default_repo_id() == repo_id:
            error_msg = _('System library can not be deleted.')
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            return api_error(status.HTTP_404_NOT_FOUND,
                             'Library %s not found.' % repo_id)

        repo_owner = seafile_api.get_repo_owner(repo_id)
        if not repo_owner:
            repo_owner = seafile_api.get_org_repo_owner(repo_id)
        related_usernames = seaserv.get_related_users_by_repo(repo_id)

        try:
            seafile_api.remove_repo(repo_id)
            repo_deleted.send(sender=None,
                              org_id=-1,
                              usernames=related_usernames,
                              repo_owner=repo_owner,
                              repo_id=repo_id,
                              repo_name=repo.name)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        return Response({'success': True})
Ejemplo n.º 3
0
    def delete(self):
        """
        When delete user, we should also delete group relationships.
        """
        if self.source == "DB":
            source = "DB"
        else:
            source = "LDAP"

        username = self.username

        orgs = []
        if is_pro_version():
            orgs = ccnet_api.get_orgs_by_user(username)

        # remove owned repos
        owned_repos = []
        if orgs:
            for org in orgs:
                owned_repos += seafile_api.get_org_owned_repo_list(
                    org.org_id, username)
        else:
            owned_repos += seafile_api.get_owned_repo_list(username)

        for r in owned_repos:
            seafile_api.remove_repo(r.id)

        # remove shared in repos
        shared_in_repos = []
        if orgs:
            for org in orgs:
                org_id = org.org_id
                shared_in_repos = seafile_api.get_org_share_in_repo_list(
                    org_id, username, -1, -1)

                for r in shared_in_repos:
                    seafile_api.org_remove_share(org_id, r.repo_id, r.user,
                                                 username)
        else:
            shared_in_repos = seafile_api.get_share_in_repo_list(
                username, -1, -1)
            for r in shared_in_repos:
                seafile_api.remove_share(r.repo_id, r.user, username)
        ExtraSharePermission.objects.filter(share_to=username).delete()

        # clear web api and repo sync token
        # when delete user
        try:
            clear_token(self.username)
        except Exception as e:
            logger.error(e)

        # remove current user from joined groups
        ccnet_api.remove_group_user(username)
        ccnet_api.remove_emailuser(source, username)
        Profile.objects.delete_profile_by_user(username)

        if settings.ENABLE_TERMS_AND_CONDITIONS:
            from termsandconditions.models import UserTermsAndConditions
            UserTermsAndConditions.objects.filter(username=username).delete()
Ejemplo n.º 4
0
    def delete(self, request, repo_id):

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            error_msg = 'Library %s not found.' % repo_id
            return api_error(status.HTTP_404_NOT_FOUND, error_msg)

        # check permission
        username = request.user.username
        repo_owner = get_repo_owner(request, repo_id)
        if username != repo_owner:
            error_msg = 'Permission denied.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        # check repo status
        repo_status = repo.status
        if repo_status != 0:
            error_msg = 'Permission denied.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        org_id = None
        if is_org_context(request):
            org_id = request.user.org.org_id

        # remove repo
        seafile_api.remove_repo(repo_id)

        repo_deleted.send(sender=None,
                          org_id=org_id,
                          operator=username,
                          repo_owner=repo_owner,
                          repo_id=repo_id,
                          repo_name=repo.name)

        return Response('success', status=status.HTTP_200_OK)
Ejemplo n.º 5
0
def sys_repo_delete(request, repo_id):
    """Delete a repo.
    """
    next_page = request.META.get('HTTP_REFERER', None)
    if not next_page:
        next_page = HASH_URLS['SYS_REPO_ADMIN']

    if get_system_default_repo_id() == repo_id:
        messages.error(request, _('System library can not be deleted.'))
        return HttpResponseRedirect(next_page)

    repo = seafile_api.get_repo(repo_id)
    if repo:                    # Handle the case that repo is `None`.
        repo_name = repo.name
    else:
        repo_name = ''

    repo_owner = get_repo_owner(request, repo_id)
    try:
        org_id = seafile_api.get_org_id_by_repo_id(repo_id)
        usernames = get_related_users_by_repo(repo_id,
                org_id if org_id and org_id > 0 else None)
    except Exception as e:
        logger.error(e)
        org_id = -1
        usernames = []

    seafile_api.remove_repo(repo_id)
    repo_deleted.send(sender=None, org_id=org_id, operator=request.user.username,
            usernames=usernames, repo_owner=repo_owner, repo_id=repo_id,
            repo_name=repo_name)

    messages.success(request, _('Successfully deleted.'))
    return HttpResponseRedirect(next_page)
Ejemplo n.º 6
0
    def delete(self, request, repo_id, format=None):
        """ delete a library

        Permission checking:
        1. only admin can perform this action.
        """
        if get_system_default_repo_id() == repo_id:
            error_msg = _('System library can not be deleted.')
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            # for case of `seafile-data` has been damaged
            # no `repo object` will be returned from seafile api
            # delete the database record anyway
            try:
                seafile_api.remove_repo(repo_id)
            except Exception as e:
                logger.error(e)
                error_msg = 'Internal Server Error'
                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
                                 error_msg)

            return Response({'success': True})

        repo_name = repo.name
        repo_owner = seafile_api.get_repo_owner(repo_id)
        if not repo_owner:
            repo_owner = seafile_api.get_org_repo_owner(repo_id)

        try:
            related_usernames = seaserv.get_related_users_by_repo(repo_id)
            seafile_api.remove_repo(repo_id)

            # send signal for seafevents
            repo_deleted.send(sender=None,
                              org_id=-1,
                              operator=request.user.username,
                              usernames=related_usernames,
                              repo_owner=repo_owner,
                              repo_id=repo_id,
                              repo_name=repo.name)

        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        # send admin operation log signal
        admin_op_detail = {
            "id": repo_id,
            "name": repo_name,
            "owner": repo_owner,
        }
        admin_operation.send(sender=None,
                             admin_name=request.user.username,
                             operation=REPO_DELETE,
                             detail=admin_op_detail)

        return Response({'success': True})
Ejemplo n.º 7
0
    def delete(self, request, org_id, repo_id):
        """Remove an organization library
        """
        # resource check

        org_id = int(org_id)
        if not ccnet_api.get_org_by_id(org_id):
            error_msg = 'Organization %s not found.' % org_id
            return api_error(status.HTTP_404_NOT_FOUND, error_msg)

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            error_msg = 'Library %s not found.' % repo_id
            return api_error(status.HTTP_404_NOT_FOUND, error_msg)

        if not is_org_repo(org_id, repo_id):
            error_msg = 'Library %s not in org %s.' % (repo_id, org_id)
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        usernames = seaserv.get_related_users_by_org_repo(org_id, repo_id)
        repo_owner = seafile_api.get_org_repo_owner(repo_id)

        seafile_api.remove_repo(repo_id)

        repo_deleted.send(sender=None,
                          operator=request.user.username,
                          org_id=org_id,
                          usernames=usernames,
                          repo_owner=repo_owner,
                          repo_id=repo_id,
                          repo_name=repo.name)

        return Response({'success': True})
Ejemplo n.º 8
0
    def delete(self):
        """
        When delete user, we should also delete group relationships.
        """
        if self.source == "DB":
            source = "DB"
        else:
            source = "LDAP"

        owned_repos = []
        orgs = ccnet_threaded_rpc.get_orgs_by_user(self.username)
        if orgs:
            for org in orgs:
                owned_repos += seafile_api.get_org_owned_repo_list(org.org_id,
                                                                   self.username)
        else:
            owned_repos += seafile_api.get_owned_repo_list(self.username)

        for r in owned_repos:
            seafile_api.remove_repo(r.id)

        clear_token(self.username)
        # remove current user from joined groups
        ccnet_api.remove_group_user(self.username)
        ccnet_api.remove_emailuser(source, self.username)
        Profile.objects.delete_profile_by_user(self.username)
Ejemplo n.º 9
0
def test_file_operation():
    t_repo_version = 1
    t_repo_id1 = api.create_repo('test_file_operation1', '', USER, passwd=None)

    create_the_file()

    assert api.post_file(t_repo_id1, file_path, '/', file_name, USER) == 0
    assert api.post_dir(t_repo_id1, '/', dir_name, USER) == 0

    #test search files
    file_list = api.search_files(t_repo_id1, "test")
    assert len(file_list) == 2
    assert file_list[0].path == "/test.txt"
    assert file_list[0].is_dir == False
    assert file_list[1].path == "/test_dir"
    assert file_list[1].is_dir == True

    file_list = api.search_files(t_repo_id1, "dir")
    assert len(file_list) == 1
    assert file_list[0].path == "/test_dir"
    assert file_list[0].is_dir == True

    file_list = api.search_files(t_repo_id1, "DiR")
    assert len(file_list) == 1
    assert file_list[0].path == "/test_dir"
    assert file_list[0].is_dir == True

    api.remove_repo(t_repo_id1)
Ejemplo n.º 10
0
def repo_remove(request, repo_id):
    if not request.is_ajax():
        raise Http404

    content_type = 'application/json; charset=utf-8'
    result = {}

    repo = get_repo(repo_id)
    if not repo:
        result['error'] = _(u'Library does not exist')
        return HttpResponse(json.dumps(result),
                            status=400,
                            content_type=content_type)

    user = request.user.username
    org, base_template = check_and_get_org_by_repo(repo_id, user)
    if org:
        # Remove repo in org context, only repo owner or org staff can
        # perform this operation.
        if request.user.is_staff or org.is_staff or \
                is_org_repo_owner(org.org_id, repo_id, user):
            # Must get related useres before remove the repo
            usernames = get_related_users_by_org_repo(org.org_id, repo_id)
            seafile_api.remove_repo(repo_id)
            repo_deleted.send(
                sender=None,
                org_id=org.org_id,
                usernames=usernames,
                repo_owner=user,
                repo_id=repo_id,
                repo_name=repo.name,
            )
            result['success'] = True
            return HttpResponse(json.dumps(result), content_type=content_type)
        else:
            result['error'] = _(u'Permission denied.')
            return HttpResponse(json.dumps(result),
                                status=400,
                                content_type=content_type)
    else:
        # Remove repo in personal context, only repo owner or site staff can
        # perform this operation.
        if validate_owner(request, repo_id) or request.user.is_staff:
            usernames = get_related_users_by_repo(repo_id)
            seafile_api.remove_repo(repo_id)
            repo_deleted.send(
                sender=None,
                org_id=-1,
                usernames=usernames,
                repo_owner=user,
                repo_id=repo_id,
                repo_name=repo.name,
            )
            result['success'] = True
            return HttpResponse(json.dumps(result), content_type=content_type)
        else:
            result['error'] = _(u'Permission denied.')
            return HttpResponse(json.dumps(result),
                                status=400,
                                content_type=content_type)
Ejemplo n.º 11
0
def user_remove(request, user_id):
    """Remove user"""
    referer = request.META.get('HTTP_REFERER', None)
    next = reverse('sys_useradmin') if referer is None else referer

    try:
        user = User.objects.get(id=int(user_id))
        org = ccnet_threaded_rpc.get_orgs_by_user(user.email)
        if org:
            if org[0].creator == user.email:
                messages.error(
                    request,
                    _(u'Failed to delete: the user is an organization creator')
                )
                return HttpResponseRedirect(next)

            org_id = org[0].org_id
            org_repos = seafile_api.get_org_owned_repo_list(org_id, user.email)
            for repo in org_repos:
                seafile_api.remove_repo(repo.id)

        user.delete()
        messages.success(request,
                         _(u'Successfully deleted %s') % user.username)
    except User.DoesNotExist:
        messages.error(request,
                       _(u'Failed to delete: the user does not exist'))

    return HttpResponseRedirect(next)
Ejemplo n.º 12
0
    def delete(self):
        """
        When delete user, we should also delete group relationships.
        """
        if self.source == "DB":
            source = "DB"
        else:
            source = "LDAP"

        owned_repos = []
        orgs = ccnet_threaded_rpc.get_orgs_by_user(self.username)
        if orgs:
            for org in orgs:
                owned_repos += seafile_api.get_org_owned_repo_list(
                    org.org_id, self.username)
        else:
            owned_repos += seafile_api.get_owned_repo_list(self.username)

        for r in owned_repos:
            seafile_api.remove_repo(r.id)

        clear_token(self.username)
        # remove current user from joined groups
        ccnet_api.remove_group_user(self.username)
        ccnet_api.remove_emailuser(source, self.username)
        Profile.objects.delete_profile_by_user(self.username)
Ejemplo n.º 13
0
def org_repo_delete(request, repo_id):
    """Delete a repo.
    """
    if request.method != 'POST':
        raise Http404

    next = request.META.get('HTTP_REFERER', None)
    if not next:
        next = reverse("org_repo_admin")

    repo = seafile_api.get_repo(repo_id)
    if not repo:
        raise Http404
    repo_name = repo.name

    org_id = request.user.org.org_id
    if not is_org_repo(org_id, repo_id):
        messages.error(request, 'Failed to delete, library does not exist.')
        return HttpResponseRedirect(next)

    usernames = seaserv.get_related_users_by_org_repo(org_id, repo_id)
    repo_owner = seafile_api.get_org_repo_owner(repo_id)

    seafile_api.remove_repo(repo_id)
    repo_deleted.send(sender=None,
                      org_id=org_id,
                      usernames=usernames,
                      repo_owner=repo_owner,
                      repo_id=repo_id,
                      repo_name=repo_name)

    messages.success(request, _(u'Successfully deleted.'))
    return HttpResponseRedirect(next)
Ejemplo n.º 14
0
    def delete(self, request, group_id):
        """ Delete an address book group.
        """
        group_id = int(group_id)
        group = ccnet_api.get_group(group_id)
        if not group:
            return Response({'success': True})

        try:
            has_repo = seafile_api.if_group_has_group_owned_repo(group_id)
            child_groups = ccnet_api.get_child_groups(group_id)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        if has_repo:
            error_msg = _('There are libraries in this department.')
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        if len(child_groups) > 0:
            error_msg = _('There are sub-departments in this department.')
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        owner = '%s@seafile_group' % group_id
        workspace = Workspaces.objects.get_workspace_by_owner(owner)
        if workspace:
            try:
                seafile_api.remove_repo(workspace.repo_id)
                workspace.delete()
            except Exception as e:
                logger.error(e)
                error_msg = _('Internal Server Error')
                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        try:
            ret_code = ccnet_api.remove_group(group_id)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        if ret_code == -1:
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        # send admin operation log signal
        group_owner = group.creator_name
        group_name = group.group_name
        admin_op_detail = {
            "id": group_id,
            "name": group_name,
            "owner": group_owner,
        }
        admin_operation.send(sender=None, admin_name=request.user.username,
                operation=GROUP_DELETE, detail=admin_op_detail)

        return Response({'success': True})
Ejemplo n.º 15
0
    def test_to_dict(self):
        wiki = Wiki.objects.add('new wiki', self.user.username)

        d = wiki.to_dict()
        assert 'published/new-wiki/' in d['link']
        assert 'new-wiki' == d['slug']
        assert 'T' in d['created_at']
        assert 'T' in d['updated_at']
        seafile_api.remove_repo(wiki.repo_id)
Ejemplo n.º 16
0
def repo_remove(request, repo_id):
    if not request.is_ajax():
        raise Http404

    content_type = 'application/json; charset=utf-8'
    result = {}  

    if get_system_default_repo_id() == repo_id:
        result['error'] = _(u'System library can not be deleted.')
        return HttpResponse(json.dumps(result), status=403, content_type=content_type)
        
    repo = get_repo(repo_id)
    if not repo:
        result['error'] = _(u'Library does not exist')
        return HttpResponse(json.dumps(result), status=400, content_type=content_type)
      
    user = request.user.username
    org, base_template = check_and_get_org_by_repo(repo_id, user)
    if org: 
        # Remove repo in org context, only repo owner or org staff can
        # perform this operation.
        if request.user.is_staff or org.is_staff or \
                is_org_repo_owner(org.org_id, repo_id, user):
            # Must get related useres before remove the repo
            usernames = get_related_users_by_org_repo(org.org_id, repo_id)
            seafile_api.remove_repo(repo_id)
            repo_deleted.send(sender=None,
                              org_id=org.org_id,
                              usernames=usernames,
                              repo_owner=user,
                              repo_id=repo_id,
                              repo_name=repo.name,
                          )    
            result['success'] = True
            return HttpResponse(json.dumps(result), content_type=content_type)
        else:
            result['error'] = _(u'Permission denied.')
            return HttpResponse(json.dumps(result), status=400, content_type=content_type)
    else:
        # Remove repo in personal context, only repo owner or site staff can
        # perform this operation.
        if validate_owner(request, repo_id) or request.user.is_staff:
            usernames = get_related_users_by_repo(repo_id)
            seafile_api.remove_repo(repo_id)
            repo_deleted.send(sender=None,
                              org_id=-1,
                              usernames=usernames,
                              repo_owner=user,
                              repo_id=repo_id,
                              repo_name=repo.name,
                          )
            result['success'] = True
            return HttpResponse(json.dumps(result), content_type=content_type)
        else:
            result['error'] = _(u'Permission denied.')
            return HttpResponse(json.dumps(result), status=400, content_type=content_type)
Ejemplo n.º 17
0
 def test_get_all_tag_when_repo_deleted(self):
     resp = self.client.post(self.url_create, {
         "tag_names": self.tag_name,
         "repo_id": self.repo.id,
         "commit_id": ""
     })
     assert resp.status_code in [200, 201]
     seafile_api.remove_repo(self.repo.id)
     resp = self.client.get(self.url)
     assert resp.status_code in [200, 201]
Ejemplo n.º 18
0
def repo():
    repo = create_and_get_repo(
        'testrepo测试-{}'.format(randstring(10)), '', USER, passwd=None
    )
    try:
        yield repo
    finally:
        if seafile_api.get_repo(repo.id):
            # The repo may be deleted in the test case
            seafile_api.remove_repo(repo.id)
Ejemplo n.º 19
0
def repo():
    repo = create_and_get_repo(
        'test_repo_{}'.format(randstring(10)), '', USER, passwd=None
    )
    try:
        seafile_api.post_dir(repo.id, '/', 'dir1', USER)
        seafile_api.post_dir(repo.id, '/', 'dir2', USER)
        yield repo
    finally:
        if seafile_api.get_repo(repo.id):
            # The repo may be deleted in the test case
            seafile_api.remove_repo(repo.id)
Ejemplo n.º 20
0
    def delete(self, request, repo_id, format=None):
        username = request.user.username
        repo = seafile_api.get_repo(repo_id)
        if not repo:
            return api_error(status.HTTP_400_BAD_REQUEST, \
                    'Library does not exist.')

        if not seafile_api.is_repo_owner(username, repo_id):
            return api_error(status.HTTP_403_FORBIDDEN, \
                    'Only library owner can perform this operation.')

        seafile_api.remove_repo(repo_id)
        return Response('success', status=status.HTTP_200_OK)
Ejemplo n.º 21
0
    def delete(self, request, repo_id, format=None):
        username = request.user.username
        repo = seafile_api.get_repo(repo_id)
        if not repo:
            return api_error(status.HTTP_400_BAD_REQUEST, \
                    'Library does not exist.')

        if not seafile_api.is_repo_owner(username, repo_id):
            return api_error(status.HTTP_403_FORBIDDEN, \
                    'Only library owner can perform this operation.')

        seafile_api.remove_repo(repo_id)
        return Response('success', status=status.HTTP_200_OK)
Ejemplo n.º 22
0
    def tearDown(self):

        # remove common user's repo and group
        self.remove_group()
        self.remove_repo()

        # remove admin user's group
        ccnet_threaded_rpc.remove_group(self.admin_group_1_id, self.admin.email)

        # remove admin user's another group
        ccnet_threaded_rpc.remove_group(self.admin_group_2_id, self.admin.email)

        # remove amdin user's repo
        seafile_api.remove_repo(self.admin_repo_id)
Ejemplo n.º 23
0
    def tearDown(self):

        # remove common user's repo and group
        self.remove_group()
        self.remove_repo()

        # remove admin user's group
        ccnet_threaded_rpc.remove_group(self.admin_group_1_id,
                                        self.admin.email)

        # remove admin user's another group
        ccnet_threaded_rpc.remove_group(self.admin_group_2_id,
                                        self.admin.email)

        # remove amdin user's repo
        seafile_api.remove_repo(self.admin_repo_id)
Ejemplo n.º 24
0
def create_tmp_repo(create_tmp_user):
    """Create new random library"""
    REPO_NAME = "TEST_TMP_REPO-" + uuid4().hex
    repo_id = seafile_api.create_repo(REPO_NAME,
                                      "Tmp description",
                                      create_tmp_user,
                                      passwd=None)
    repo = seafile_api.get_repo(repo_id)
    yield repo
    # teardown code
    print("remove repo: " + repo_id)
    if repo and repo.id:
        seafile_api.remove_repo(repo.id)
        # clean up Catalog table, repo_deleted_cb is not called for tests!!!
        CDC.objects.delete_by_repo_id(repo.id)
        Catalog.objects.delete_by_repo_id(repo.id)
Ejemplo n.º 25
0
    def delete(self):
        """
        When delete user, we should also delete group relationships.
        """
        if self.source == "DB":
            source = "DB"
        else:
            source = "LDAP"

        username = self.username
        orgs = ccnet_threaded_rpc.get_orgs_by_user(username)

        # remove owned repos
        owned_repos = []
        if orgs:
            for org in orgs:
                owned_repos += seafile_api.get_org_owned_repo_list(
                    org.org_id, username)
        else:
            owned_repos += seafile_api.get_owned_repo_list(username)

        for r in owned_repos:
            seafile_api.remove_repo(r.id)

        # remove shared in repos
        shared_in_repos = []
        if orgs:
            for org in orgs:
                org_id = org.org_id
                shared_in_repos = seafile_api.get_org_share_in_repo_list(
                    org_id, username, -1, -1)

                for r in shared_in_repos:
                    seafile_api.org_remove_share(org_id, r.repo_id, r.user,
                                                 username)
        else:
            shared_in_repos = seafile_api.get_share_in_repo_list(
                username, -1, -1)
            for r in shared_in_repos:
                seafile_api.remove_share(r.repo_id, r.user, username)

        clear_token(username)
        # remove current user from joined groups
        ccnet_api.remove_group_user(username)
        ccnet_api.remove_emailuser(source, username)
        Profile.objects.delete_profile_by_user(username)
Ejemplo n.º 26
0
def test_encrypted_repo(rpc, enc_version):
    test_repo_name = 'test_enc_repo'
    test_repo_desc = 'test_enc_repo'
    test_repo_passwd = 'test_enc_repo'
    if rpc == 'create_repo':
        repo_id = api.create_repo(test_repo_name, test_repo_desc, USER,
                                  test_repo_passwd, enc_version)
        assert repo_id
    else:
        if enc_version == 2:
            repo_id = 'd17bf8ca-3019-40ee-8fdb-0258c89fb762'
        elif enc_version == 3:
            repo_id = 'd17bf8ca-3019-40ee-8fdb-0258c89fb763'
        else:
            repo_id = 'd17bf8ca-3019-40ee-8fdb-0258c89fb764'
        enc_info = api.generate_magic_and_random_key(enc_version, repo_id,
                                                     test_repo_passwd)
        assert enc_info
        ret_repo_id = api.create_enc_repo(repo_id, test_repo_name,
                                          test_repo_desc, USER, enc_info.magic,
                                          enc_info.random_key, enc_info.salt,
                                          enc_version)
        assert ret_repo_id == repo_id

    repo = api.get_repo(repo_id)
    assert repo
    assert repo.enc_version == enc_version
    assert len(repo.magic) == 64
    assert len(repo.random_key) == 96
    if enc_version == 3 or enc_version == 4:
        assert len(repo.salt) == 64

    new_passwd = 'new password'

    assert api.set_passwd(repo.id, USER, test_repo_passwd) == 0
    assert api.get_decrypt_key(repo.id, USER)
    api.change_repo_passwd(repo.repo_id, test_repo_passwd, new_passwd,
                           USER) == 0
    assert api.set_passwd(repo.id, USER, new_passwd) == 0

    assert api.is_password_set(repo.id, USER)
    assert api.unset_passwd(repo.id, USER) == 0
    assert api.is_password_set(repo.id, USER) == 0

    api.remove_repo(repo_id)
Ejemplo n.º 27
0
    def delete(self, request, repo_id):

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            # for case of `seafile-data` has been damaged
            # no `repo object` will be returned from seafile api
            # delete the database record anyway
            try:
                seafile_api.remove_repo(repo_id)
            except Exception as e:
                logger.error(e)
                error_msg = 'Internal Server Error'
                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
                                 error_msg)

            return Response({'success': True})

        # check permission
        username = request.user.username
        repo_owner = get_repo_owner(request, repo_id)
        if username != repo_owner:
            error_msg = 'Permission denied.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        # check repo status
        repo_status = repo.status
        if repo_status != 0:
            error_msg = 'Permission denied.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        org_id = None
        if is_org_context(request):
            org_id = request.user.org.org_id

        # remove repo
        seafile_api.remove_repo(repo_id)

        repo_deleted.send(sender=None,
                          org_id=org_id,
                          operator=username,
                          repo_owner=repo_owner,
                          repo_id=repo_id,
                          repo_name=repo.name)

        return Response('success', status=status.HTTP_200_OK)
Ejemplo n.º 28
0
    def delete(self, request, repo_id, format=None):
        """ delete a library

        Permission checking:
        1. only admin can perform this action.
        """
        if get_system_default_repo_id() == repo_id:
            error_msg = _('System library can not be deleted.')
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        try:
            seafile_api.remove_repo(repo_id)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        return Response({'success': True})
Ejemplo n.º 29
0
    def delete(self, request, group_id):
        """ Dismiss a specific group
        """

        group_id = int(group_id)
        group = ccnet_api.get_group(group_id)
        if not group:
            return Response({'success': True})

        group_owner = group.creator_name
        group_name = group.group_name

        owner = '%s@seafile_group' % group_id
        workspace = Workspaces.objects.get_workspace_by_owner(owner)
        if workspace:
            try:
                seafile_api.remove_repo(workspace.repo_id)
                workspace.delete()
            except Exception as e:
                logger.error(e)
                error_msg = _('Internal Server Error')
                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
                                 error_msg)

        try:
            ccnet_api.remove_group(group_id)
            seafile_api.remove_group_repos(group_id)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        # send admin operation log signal
        admin_op_detail = {
            "id": group_id,
            "name": group_name,
            "owner": group_owner,
        }
        admin_operation.send(sender=None,
                             admin_name=request.user.username,
                             operation=GROUP_DELETE,
                             detail=admin_op_detail)

        return Response({'success': True})
Ejemplo n.º 30
0
def user_remove(request, user_id):
    """Remove user, also remove group relationship."""
    try:
        user = User.objects.get(id=int(user_id))
        org = ccnet_threaded_rpc.get_orgs_by_user(user.email)
        if org:
            org_id = org[0].org_id
            org_repos = seafile_api.get_org_owned_repo_list(org_id, user.email)
            for repo in org_repos:
                seafile_api.remove_repo(repo.id)
        user.delete()
        messages.success(request, _(u'Successfully deleted %s') % user.username)
    except User.DoesNotExist:
        messages.error(request, _(u'Failed to delete: the user does not exist'))

    referer = request.META.get('HTTP_REFERER', None)
    next = reverse('sys_useradmin') if referer is None else referer

    return HttpResponseRedirect(next)
Ejemplo n.º 31
0
    def delete(self, request, repo_id, format=None):
        """ delete a library

        Permission checking:
        1. only admin can perform this action.
        """
        repo = seafile_api.get_repo(repo_id)
        if not repo:
            return Response({'success': True})

        if get_system_default_repo_id() == repo_id:
            error_msg = _('System library can not be deleted.')
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        try:
            seafile_api.remove_repo(repo_id)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        return Response({'success': True})
Ejemplo n.º 32
0
    def delete(self, request, group_id):
        """ Dismiss a specific group

        Permission:
        1. group owner
        """
        org_id = None
        if is_org_context(request):
            org_id = request.user.org.org_id

        username = request.user.username

        try:
            # only group owner can dismiss a group
            if not is_group_owner(group_id, username):
                error_msg = 'Permission denied.'
                return api_error(status.HTTP_403_FORBIDDEN, error_msg)
        except SearpcError as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        # if there are dtables in this group, prohibit deletion of groups
        owner = '%s@seafile_group' % group_id
        workspace = Workspaces.objects.get_workspace_by_owner(owner)
        if DTables.objects.filter(workspace=workspace, deleted=False).exists():
            error_msg = 'Disable group deletion before deleting table(s).'
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        try:
            seafile_api.remove_repo(workspace.repo_id)
            workspace.delete()
            remove_group_common(group_id, username, org_id=org_id)
        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        return Response({'success': True})
Ejemplo n.º 33
0
    def delete(self, request, repo_id):

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            error_msg = 'Library %s not found.' % repo_id
            return api_error(status.HTTP_404_NOT_FOUND, error_msg)

        # check permission
        username = request.user.username
        repo_owner = get_repo_owner(request, repo_id)
        if username != repo_owner:
            error_msg = 'Permission denied.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        org_id = None
        if is_org_context(request):
            org_id = request.user.org.org_id

        try:
            related_users = get_related_users_by_repo(repo_id, org_id)
        except Exception as e:
            logger.error(e)
            related_users = []

        # remove repo
        seafile_api.remove_repo(repo_id)

        repo_deleted.send(sender=None,
                          org_id=org_id,
                          operator=username,
                          usernames=related_users,
                          repo_owner=repo_owner,
                          repo_id=repo_id,
                          repo_name=repo.name)

        return Response('success', status=status.HTTP_200_OK)
def test_file_operation():
    t_repo_version = 1
    t_repo_id1 = api.create_repo('test_file_operation1', '', USER, passwd=None)

    create_the_file()

    # test post_file
    assert api.post_file(t_repo_id1, file_path, '/', file_name, USER) == 0
    t_file_id = api.get_file_id_by_path(t_repo_id1, '/' + file_name)
    t_file_size = len(file_content)
    assert t_file_size == api.get_file_size(t_repo_id1, t_repo_version,
                                            t_file_id)

    # test post_dir
    assert api.post_dir(t_repo_id1, '/', dir_name, USER) == 0

    # test copy_file (synchronize)
    t_copy_file_result1 = api.copy_file(t_repo_id1, '/', file_name, t_repo_id1,
                                        '/', new_file_name, USER, 0, 1)
    assert t_copy_file_result1
    assert t_copy_file_result1.task_id is None
    assert not t_copy_file_result1.background
    t_file_id = api.get_file_id_by_path(t_repo_id1, '/' + new_file_name)
    assert t_file_size == api.get_file_size(t_repo_id1, t_repo_version,
                                            t_file_id)

    # test copy_file (asynchronous)
    t_repo_id2 = api.create_repo('test_file_operation2', '', USER, passwd=None)
    usage = api.get_user_self_usage(USER)
    api.set_user_quota(USER, usage + 1)
    t_copy_file_result2 = api.copy_file(t_repo_id1, '/', file_name, t_repo_id2,
                                        '/', file_name, USER, 1, 0)
    assert t_copy_file_result2
    assert t_copy_file_result2.background
    while True:
        time.sleep(0.1)
        t_copy_task = api.get_copy_task(t_copy_file_result2.task_id)
        assert t_copy_task.failed
        assert t_copy_task.failed_reason == 'Quota is full'
        if t_copy_task.failed:
            break

    api.set_user_quota(USER, -1)
    t_copy_file_result2 = api.copy_file(t_repo_id1, '/', file_name, t_repo_id2,
                                        '/', file_name, USER, 1, 0)
    assert t_copy_file_result2
    assert t_copy_file_result2.task_id
    assert t_copy_file_result2.background
    while True:
        time.sleep(0.1)
        t_copy_task = api.get_copy_task(t_copy_file_result2.task_id)
        if t_copy_task.successful:
            break
    t_file_id = api.get_file_id_by_path(t_repo_id2, '/' + file_name)
    assert t_file_size == api.get_file_size(t_repo_id2, t_repo_version,
                                            t_file_id)

    # test move_file (synchronize)
    t_move_file_info1 = api.get_dirent_by_path(t_repo_id1, '/' + new_file_name)
    t_move_file_result1 = api.move_file(t_repo_id1, '/', new_file_name,
                                        t_repo_id1, '/' + dir_name,
                                        new_file_name, 1, USER, 0, 1)
    assert t_move_file_result1
    t_move_file_info2 = api.get_dirent_by_path(
        t_repo_id1, '/' + dir_name + '/' + new_file_name)
    assert t_move_file_info1.mtime == t_move_file_info2.mtime
    t_file_id = api.get_file_id_by_path(t_repo_id1, '/' + new_file_name)
    assert t_file_id is None

    # test move_file (synchronize)
    t_move_file_result1 = api.move_file(t_repo_id1, '/' + dir_name,
                                        new_file_name, t_repo_id1, '/',
                                        new_file_name_2, 1, USER, 0, 1)
    assert t_move_file_result1
    t_file_id = api.get_file_id_by_path(t_repo_id1,
                                        '/' + dir_name + '/' + new_file_name)
    assert t_file_id is None

    # test move_file (asynchronous)
    usage = api.get_user_self_usage(USER)
    api.set_user_quota(USER, usage + 1)
    t_move_file_result2 = api.move_file(t_repo_id1, '/', file_name, t_repo_id2,
                                        '/', new_file_name, 1, USER, 1, 0)
    assert t_move_file_result2
    assert t_move_file_result2.task_id
    assert t_move_file_result2.background
    while True:
        time.sleep(0.1)
        t_move_task = api.get_copy_task(t_move_file_result2.task_id)
        assert t_move_task.failed
        assert t_move_task.failed_reason == 'Quota is full'
        if t_move_task.failed:
            break

    api.set_user_quota(USER, -1)
    t_move_file_result2 = api.move_file(t_repo_id1, '/', file_name, t_repo_id2,
                                        '/', new_file_name, 1, USER, 1, 0)
    assert t_move_file_result2
    assert t_move_file_result2.task_id
    assert t_move_file_result2.background
    while True:
        time.sleep(0.1)
        t_move_task = api.get_copy_task(t_move_file_result2.task_id)
        if t_move_task.successful:
            break
    t_file_id = api.get_file_id_by_path(t_repo_id2, '/' + new_file_name)
    assert t_file_size == api.get_file_size(t_repo_id2, t_repo_version,
                                            t_file_id)

    # test post_empty_file
    assert api.post_empty_file(t_repo_id1, '/' + dir_name, empty_file_name,
                               USER) == 0
    t_file_id = api.get_file_id_by_path(t_repo_id1,
                                        '/' + dir_name + '/' + empty_file_name)
    assert api.get_file_size(t_repo_id1, t_repo_version, t_file_id) == 0

    # test rename_file
    assert api.rename_file(t_repo_id1, '/' + dir_name, empty_file_name,
                           new_empty_file_name, USER) == 0

    #test put_file
    t_new_file_id = api.put_file(t_repo_id1, file_path, '/' + dir_name,
                                 new_empty_file_name, USER, None)
    assert t_new_file_id

    # test get_file_revisions
    t_commit_list = api.get_file_revisions(t_repo_id2, None, '/' + file_name,
                                           2)
    assert t_commit_list
    assert len(t_commit_list) == 2
    assert t_commit_list[0].creator_name == USER

    # test del_file
    assert api.del_file(t_repo_id2, '/', file_name, USER) == 0

    # test get_deleted
    t_deleted_file_list = api.get_deleted(t_repo_id2, 1)
    assert t_deleted_file_list
    assert len(t_deleted_file_list) == 2
    assert t_deleted_file_list[0].obj_name == file_name
    assert t_deleted_file_list[0].basedir == '/'

    # test del a non-exist file. should return 0.
    assert api.del_file(t_repo_id2, '/', file_name, USER) == 0

    assert api.del_file(t_repo_id1, '/' + dir_name, new_empty_file_name,
                        USER) == 0
    assert api.del_file(t_repo_id1, '/' + dir_name, new_file_name, USER) == 0
    assert api.del_file(t_repo_id2, '/', new_file_name, USER) == 0
    assert api.del_file(t_repo_id1, '/', new_file_name_2, USER) == 0

    time.sleep(1)
    api.remove_repo(t_repo_id1)
Ejemplo n.º 35
0
    def delete(self, request, repo_id, format=None):
        """ delete a library

        Permission checking:
        1. only admin can perform this action.
        """
        if get_system_default_repo_id() == repo_id:
            error_msg = _('System library can not be deleted.')
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)

        repo = seafile_api.get_repo(repo_id)
        if not repo:
            # for case of `seafile-data` has been damaged
            # no `repo object` will be returned from seafile api
            # delete the database record anyway
            try:
                seafile_api.remove_repo(repo_id)
            except Exception as e:
                logger.error(e)
                error_msg = 'Internal Server Error'
                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

            return Response({'success': True})

        repo_name = repo.name
        repo_owner = seafile_api.get_repo_owner(repo_id)
        if not repo_owner:
            repo_owner = seafile_api.get_org_repo_owner(repo_id)

        try:
            seafile_api.remove_repo(repo_id)

            try:
                org_id = seafile_api.get_org_id_by_repo_id(repo_id)
                related_usernames = get_related_users_by_repo(repo_id,
                        org_id if org_id > 0 else None)
            except Exception as e:
                logger.error(e)
                org_id = -1
                related_usernames = []

            # send signal for seafevents
            repo_deleted.send(sender=None, org_id=-1, operator=request.user.username,
                    usernames=related_usernames, repo_owner=repo_owner,
                    repo_id=repo_id, repo_name=repo.name)

        except Exception as e:
            logger.error(e)
            error_msg = 'Internal Server Error'
            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)

        # send admin operation log signal
        admin_op_detail = {
            "id": repo_id,
            "name": repo_name,
            "owner": repo_owner,
        }
        admin_operation.send(sender=None, admin_name=request.user.username,
                operation=REPO_DELETE, detail=admin_op_detail)

        return Response({'success': True})
Ejemplo n.º 36
0
 def remove_repo(self, repo_id=None):
     if not repo_id:
         repo_id = self.repo.id
     return seafile_api.remove_repo(repo_id)
Ejemplo n.º 37
0
 def remove_repo(self, repo_id=None):
     if not repo_id:
         repo_id = self.repo.id
     return seafile_api.remove_repo(repo_id)
Ejemplo n.º 38
0
 def tearDown(self):
     CDC.objects.delete_by_repo_id(self.repo.id)
     Catalog.objects.delete_by_repo_id(self.repo.id)
     Profile.objects.delete_profile_by_user(self.user)
     seafile_api.remove_repo(self.repo.id)
Ejemplo n.º 39
0
 def remove_repo(self):
     return seafile_api.remove_repo(self.repo.id)
Ejemplo n.º 40
0
def test_zip_download():
    create_test_files()
    t_repo_id = api.create_repo('test_zip_download', '', USER)
    base_url = 'http://127.0.0.1:8082/'

    #test zip download dir
    dir_name = 'dir'
    api.post_dir(t_repo_id, '/', dir_name, USER)
    api.post_file(t_repo_id, file1_path, '/dir', file1_name, USER)
    api.post_file(t_repo_id, file2_path, '/dir', file2_name, USER)

    dir_id = api.get_dir_id_by_path(t_repo_id, '/dir')
    obj_id = {'obj_id': dir_id, 'dir_name': dir_name, 'is_windows': 0}
    obj_id_json_str = json.dumps(obj_id)
    token = api.get_fileserver_access_token(t_repo_id, obj_id_json_str,
                                            'download-dir', USER)

    time.sleep(1)
    download_url = base_url + 'zip/' + token
    response = requests.get(download_url)
    assert response.status_code == 200

    download_zipfile_path = download_dir_path + '/dir.zip'
    with open(download_zipfile_path, 'wb') as fp:
        fp.write(response.content)
    zipFile = zipfile.ZipFile(download_zipfile_path)
    for name in zipFile.namelist():
        zipFile.extract(name, download_dir_path)
    zipFile.close()
    assert os.path.exists(download_dir_path + '/dir.zip')
    assert os.path.exists(download_dir_path + '/dir')
    assert os.path.exists(download_dir_path + '/dir' + '/file1.txt')
    assert os.path.exists(download_dir_path + '/dir' + '/file2.txt')
    with open(download_dir_path + '/dir' + '/file1.txt', 'r') as fp1:
        line = fp1.read()
    assert line == file1_content
    with open(download_dir_path + '/dir' + '/file2.txt', 'r') as fp2:
        line = fp2.read()
    assert line == file2_content

    os.remove(download_dir_path + '/dir' + '/file1.txt')
    os.remove(download_dir_path + '/dir' + '/file2.txt')
    os.rmdir(download_dir_path + '/dir')
    os.remove(download_dir_path + '/dir.zip')

    #test zip download empty dir
    empty_dir_name = 'empty_dir'
    api.post_dir(t_repo_id, '/', empty_dir_name, USER)

    dir_id = api.get_dir_id_by_path(t_repo_id, '/empty_dir')
    obj_id = {'obj_id': dir_id, 'dir_name': empty_dir_name, 'is_windows': 0}
    obj_id_json_str = json.dumps(obj_id)
    token = api.get_fileserver_access_token(t_repo_id, obj_id_json_str,
                                            'download-dir', USER)
    time.sleep(1)
    download_url = base_url + 'zip/' + token
    response = requests.get(download_url)
    assert response.status_code == 200

    download_zipfile_path = download_dir_path + '/empty_dir.zip'
    with open(download_zipfile_path, 'wb') as fp:
        fp.write(response.content)
    zipFile = zipfile.ZipFile(download_zipfile_path)
    for name in zipFile.namelist():
        zipFile.extract(name, download_dir_path)
    zipFile.close()
    assert os.path.exists(download_dir_path + '/empty_dir')
    assert not os.listdir(download_dir_path + '/empty_dir')

    os.rmdir(download_dir_path + '/empty_dir')
    os.remove(download_dir_path + '/empty_dir.zip')

    #test zip download mutliple files
    api.post_file(t_repo_id, file1_path, '/', file1_name, USER)
    api.post_file(t_repo_id, file2_path, '/', file2_name, USER)
    obj_id = {
        'parent_dir': '/',
        'file_list': [file1_name, file2_name],
        'is_windows': 0
    }
    obj_id_json_str = json.dumps(obj_id)
    token = api.get_fileserver_access_token(t_repo_id, obj_id_json_str,
                                            'download-multi', USER)

    time.sleep(1)
    download_url = base_url + 'zip/' + token
    response = requests.get(download_url)
    assert response.status_code == 200

    download_zipfile_path = download_dir_path + '/multi_files.zip'
    with open(download_zipfile_path, 'wb') as fp:
        fp.write(response.content)
    zipFile = zipfile.ZipFile(download_zipfile_path)
    for name in zipFile.namelist():
        zipFile.extract(name, download_dir_path)
    zipFile.close()
    assert os.path.exists(download_dir_path + '/file1.txt')
    assert os.path.exists(download_dir_path + '/file2.txt')
    with open(download_dir_path + '/file1.txt', 'r') as fp1:
        line = fp1.read()
    assert line == file1_content
    with open(download_dir_path + '/file2.txt', 'r') as fp2:
        line = fp2.read()
    assert line == file2_content
    os.remove(download_dir_path + '/file1.txt')
    os.remove(download_dir_path + '/file2.txt')
    os.remove(download_dir_path + '/multi_files.zip')

    remove_test_files()
    api.remove_repo(t_repo_id)