def delete(self, request, group_id):
""" Dismiss a specific group
"""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
group_owner = group.creator_name
group_name = group.group_name
try:
ccnet_api.remove_group(group_id)
seafile_api.remove_group_repos(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=GROUP_DELETE, detail=admin_op_detail)
return Response({'success': True})
def post(self, request):
""" Create a group
Permission checking:
1. Admin user;
"""
# argument check
group_name = request.data.get('group_name', '')
if not group_name:
error_msg = 'group_name %s invalid.' % group_name
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group_name = group_name.strip()
# Check whether group name is validate.
if not validate_group_name(group_name):
error_msg = _(
u'Group name can only contain letters, numbers, blank, hyphen, dot, single quote or underscore'
)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# Check whether group name is duplicated.
if check_group_name_conflict(request, group_name):
error_msg = _(u'There is already a group with that name.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group_owner = request.data.get('group_owner', '')
if group_owner:
try:
User.objects.get(email=group_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % group_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
username = request.user.username
new_owner = group_owner or username
# create group.
try:
group_id = ccnet_api.create_group(group_name, new_owner)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": new_owner,
}
admin_operation.send(sender=None,
admin_name=username,
operation=GROUP_CREATE,
detail=admin_op_detail)
# get info of new group
group_info = get_group_info(group_id)
return Response(group_info, status=status.HTTP_201_CREATED)
def delete(self, request, email):
if not request.user.admin_permissions.can_manage_user():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
try:
User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# delete user
try:
User.objects.get(email=email).delete()
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=USER_DELETE,
detail=admin_op_detail)
return Response({'success': True})
def delete(self, request, group_id):
""" Dismiss a specific group
"""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
group_owner = group.creator_name
group_name = group.group_name
try:
ccnet_api.remove_group(group_id)
seafile_api.remove_group_repos(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=GROUP_DELETE, detail=admin_op_detail)
return Response({'success': True})
def delete(self, request, repo_id, format=None):
""" delete a library
Permission checking:
1. only admin can perform this action.
"""
if get_system_default_repo_id() == repo_id:
error_msg = _('System library can not be deleted.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
# for case of `seafile-data` has been damaged
# no `repo object` will be returned from seafile api
# delete the database record anyway
try:
seafile_api.remove_repo(repo_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
return Response({'success': True})
repo_name = repo.name
repo_owner = seafile_api.get_repo_owner(repo_id)
if not repo_owner:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
try:
related_usernames = seaserv.get_related_users_by_repo(repo_id)
seafile_api.remove_repo(repo_id)
# send signal for seafevents
repo_deleted.send(sender=None,
org_id=-1,
operator=request.user.username,
usernames=related_usernames,
repo_owner=repo_owner,
repo_id=repo_id,
repo_name=repo.name)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo_name,
"owner": repo_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=REPO_DELETE,
detail=admin_op_detail)
return Response({'success': True})
def put(self, request, group_id):
""" Admin transfer a group
Permission checking:
1. Admin user;
"""
# argument check
new_owner = request.data.get('new_owner', None)
if not new_owner or not is_valid_username(new_owner):
error_msg = 'new_owner %s invalid.' % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# recourse check
group_id = int(group_id) # Checked by URL Conf
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check if new_owner exists,
# NOT need to check old_owner for old_owner may has been deleted.
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
old_owner = group.creator_name
if new_owner == old_owner:
error_msg = _(u'User %s is already group owner.') % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# transfer a group
try:
if not is_group_member(group_id, new_owner):
ccnet_api.group_add_member(group_id, old_owner, new_owner)
if not is_group_admin(group_id, new_owner):
ccnet_api.group_set_admin(group_id, new_owner)
ccnet_api.set_group_creator(group_id, new_owner)
ccnet_api.group_unset_admin(group_id, old_owner)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group.group_name,
"from": old_owner,
"to": new_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=GROUP_TRANSFER, detail=admin_op_detail)
group_info = get_group_info(group_id)
return Response(group_info)
def user_remove(request, email):
"""Remove user"""
referer = request.META.get('HTTP_REFERER', None)
next_page = reverse('sys_info') if referer is None else referer
try:
user = User.objects.get(email=email)
org = ccnet_api.get_orgs_by_user(user.email)
if org:
if org[0].creator == user.email:
messages.error(
request,
_('Failed to delete: the user is an organization creator'))
return HttpResponseRedirect(next_page)
user.delete()
messages.success(request, _('Successfully deleted %s') % user.username)
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=USER_DELETE,
detail=admin_op_detail)
except User.DoesNotExist:
messages.error(request, _('Failed to delete: the user does not exist'))
return HttpResponseRedirect(next_page)
def delete(self, request, group_id):
""" Delete an address book group.
"""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
org_id = None
if is_org_context(request):
# request called by org admin
org_id = request.user.org.org_id
try:
if org_id:
has_repo = seafile_api.org_if_group_has_group_owned_repo(
org_id, group_id)
else:
has_repo = seafile_api.if_group_has_group_owned_repo(group_id)
child_groups = ccnet_api.get_child_groups(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if has_repo:
error_msg = _('There are libraries in this department.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if len(child_groups) > 0:
error_msg = _('There are sub-departments in this department.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
ret_code = ccnet_api.remove_group(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if ret_code == -1:
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
group_owner = group.creator_name
group_name = group.group_name
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=GROUP_DELETE,
detail=admin_op_detail)
return Response({'success': True})
def delete(self, request, group_id):
""" Delete an address book group.
"""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
try:
has_repo = seafile_api.if_group_has_group_owned_repo(group_id)
child_groups = ccnet_api.get_child_groups(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if has_repo:
error_msg = _('There are libraries in this department.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if len(child_groups) > 0:
error_msg = _('There are sub-departments in this department.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
owner = '%s@seafile_group' % group_id
workspace = Workspaces.objects.get_workspace_by_owner(owner)
if workspace:
try:
seafile_api.remove_repo(workspace.repo_id)
workspace.delete()
except Exception as e:
logger.error(e)
error_msg = _('Internal Server Error')
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
try:
ret_code = ccnet_api.remove_group(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if ret_code == -1:
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
group_owner = group.creator_name
group_name = group.group_name
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=GROUP_DELETE, detail=admin_op_detail)
return Response({'success': True})
def post(self, request):
""" Create a group
Permission checking:
1. Admin user;
"""
# argument check
group_name = request.data.get('group_name', '')
if not group_name:
error_msg = 'group_name %s invalid.' % group_name
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group_name = group_name.strip()
# Check whether group name is validate.
if not validate_group_name(group_name):
error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen, single quote or underscore')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# Check whether group name is duplicated.
if check_group_name_conflict(request, group_name):
error_msg = _(u'There is already a group with that name.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group_owner = request.data.get('group_owner', '')
if group_owner:
try:
User.objects.get(email=group_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % group_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
username = request.user.username
new_owner = group_owner or username
# create group.
try:
group_id = ccnet_api.create_group(group_name, new_owner)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": new_owner,
}
admin_operation.send(sender=None, admin_name=username,
operation=GROUP_CREATE, detail=admin_op_detail)
# get info of new group
group_info = get_group_info(group_id)
return Response(group_info, status=status.HTTP_201_CREATED)
def delete(self, request, group_id):
""" Delete an address book group.
"""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
try:
has_repo = seafile_api.if_group_has_group_owned_repo(group_id)
child_groups = ccnet_api.get_child_groups(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if has_repo:
error_msg = _(u'There are libraries in this department.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if len(child_groups) > 0:
error_msg = _(u'There are sub-departments in this department.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
ret_code = ccnet_api.remove_group(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if ret_code == -1:
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
group_owner = group.creator_name
group_name = group.group_name
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=GROUP_DELETE, detail=admin_op_detail)
return Response({'success': True})
def post(self, request):
""" Admin create library
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.can_manage_library():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
repo_name = request.data.get('name', None)
if not repo_name:
error_msg = 'name invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
username = request.user.username
repo_owner = request.data.get('owner', None)
if repo_owner:
try:
User.objects.get(email=repo_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % repo_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
else:
repo_owner = username
try:
repo_id = seafile_api.create_repo(repo_name, '', repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo_name,
"owner": repo_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=REPO_CREATE,
detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def post(self, request):
""" Admin create library
Permission checking:
1. only admin can perform this action.
"""
repo_name = request.data.get('name', None)
if not repo_name:
error_msg = 'name invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
username = request.user.username
repo_owner = request.data.get('owner', None)
if repo_owner:
try:
User.objects.get(email=repo_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % repo_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
else:
repo_owner = username
try:
repo_id = seafile_api.create_repo(repo_name, '', repo_owner, None)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo_name,
"owner": repo_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=REPO_CREATE, detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def delete(self, request, group_id):
""" Dismiss a specific group
"""
if not request.user.admin_permissions.can_manage_group():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
group_owner = group.creator_name
group_name = group.group_name
try:
org_id = ccnet_api.get_org_id_by_group(group_id)
if org_id >= 0:
ccnet_api.remove_org_group(org_id, group_id)
else:
ccnet_api.remove_group(group_id)
seafile_api.remove_group_repos(group_id)
ExtraGroupsSharePermission.objects.filter(
group_id=group_id).delete()
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=GROUP_DELETE,
detail=admin_op_detail)
return Response({'success': True})
def put(self, request, group_id):
""" Admin update a group
1. transfer a group.
2. set group quota
Permission checking:
1. Admin user;
"""
# recourse check
group_id = int(group_id) # Checked by URL Conf
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_owner = request.data.get('new_owner', '')
if new_owner:
if not is_valid_username(new_owner):
error_msg = 'new_owner %s invalid.' % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# check if new_owner exists,
# NOT need to check old_owner for old_owner may has been deleted.
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
old_owner = group.creator_name
if new_owner == old_owner:
error_msg = _(u'User %s is already group owner.') % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# transfer a group
try:
if not is_group_member(group_id, new_owner):
ccnet_api.group_add_member(group_id, old_owner, new_owner)
if not is_group_admin(group_id, new_owner):
ccnet_api.group_set_admin(group_id, new_owner)
ccnet_api.set_group_creator(group_id, new_owner)
ccnet_api.group_unset_admin(group_id, old_owner)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group.group_name,
"from": old_owner,
"to": new_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=GROUP_TRANSFER, detail=admin_op_detail)
# set group quota
group_quota = request.data.get('quota', '')
if group_quota:
try:
group_quota = int(group_quota)
except ValueError:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not (group_quota > 0 or group_quota == -2):
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.set_group_quota(group_id, group_quota)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_info = get_group_info(group_id)
return Response(group_info)
def put(self, request, group_id):
""" Admin update a group
1. transfer a group.
2. set group quota.
3. rename group.
Permission checking:
1. Admin user;
"""
if not request.user.admin_permissions.can_manage_group():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
# recourse check
group_id = int(group_id) # Checked by URL Conf
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_owner = request.data.get('new_owner', '')
if new_owner:
if not is_valid_username(new_owner):
error_msg = 'new_owner %s invalid.' % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# check if new_owner exists,
# NOT need to check old_owner for old_owner may has been deleted.
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
old_owner = group.creator_name
if new_owner == old_owner:
error_msg = _('User %s is already group owner.') % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# transfer a group
try:
if not is_group_member(group_id, new_owner):
ccnet_api.group_add_member(group_id, old_owner, new_owner)
if not is_group_admin(group_id, new_owner):
ccnet_api.group_set_admin(group_id, new_owner)
ccnet_api.set_group_creator(group_id, new_owner)
ccnet_api.group_unset_admin(group_id, old_owner)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group.group_name,
"from": old_owner,
"to": new_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=GROUP_TRANSFER,
detail=admin_op_detail)
# set group quota
group_quota = request.data.get('quota', '')
if group_quota:
try:
group_quota = int(group_quota)
except ValueError:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not (group_quota > 0 or group_quota == -2):
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.set_group_quota(group_id, group_quota)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
new_name = request.data.get('name', '')
if new_name:
if not validate_group_name(new_name):
error_msg = _(
'Name can only contain letters, numbers, spaces, hyphen, dot, single quote, brackets or underscore.'
)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if check_group_name_conflict(request, new_name):
error_msg = _('There is already a group with that name.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
ccnet_api.set_group_name(group_id, new_name)
set_group_name_cache(group_id, new_name)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
group_info = get_group_info(group_id)
return Response(group_info)
def post(self, request):
if not request.user.admin_permissions.can_manage_user():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
if user_number_over_limit():
error_msg = _("The number of users exceeds the limit.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
email = request.data.get('email', None)
if not email or not is_valid_email(email):
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# basic user info check
is_staff = request.data.get("is_staff", 'False')
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", 'True')
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = ''
if is_pro_version():
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
contact_email = request.data.get('contact_email', None)
if contact_email and not is_valid_email(contact_email):
error_msg = 'contact_email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
user_exist = True
except User.DoesNotExist:
user_exist = False
if user_exist:
error_msg = "User %s already exists." % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
password = request.data.get('password', None)
if not password:
error_msg = 'password required.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# create user
try:
user_obj = User.objects.create_user(email, password, is_staff,
is_active)
create_user_info(request,
email=user_obj.username,
role=role,
nickname=name,
contact_email=contact_email,
quota_total_mb=quota_total_mb)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
add_user_tip = _('Successfully added user %(user)s.') % {'user': email}
if IS_EMAIL_CONFIGURED and SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
c = {
'user': request.user.username,
'email': email,
'password': password
}
try:
send_html_email(
_('You are invited to join %s') % get_site_name(),
'sysadmin/user_add_email.html', c, None,
[email2contact_email(email)])
add_user_tip = _(
'Successfully added user %(user)s. An email notification has been sent.'
) % {
'user': email
}
except Exception as e:
logger.error(str(e))
add_user_tip = _(
'Successfully added user %(user)s. But email notification can not be sent, because Email service is not properly configured.'
) % {
'user': email
}
user_info = get_user_info(email)
user_info['add_user_tip'] = add_user_tip
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=USER_ADD,
detail=admin_op_detail)
return Response(user_info)
def put(self, request, repo_id, format=None):
""" transfer a library
Permission checking:
1. only admin can perform this action.
"""
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_owner = request.data.get('owner', None)
if not new_owner:
error_msg = 'owner invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
new_owner_obj = User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not new_owner_obj.permissions.can_add_repo():
error_msg = 'Transfer failed: role of %s is %s, can not add library.' % \
(new_owner, new_owner_obj.role)
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if MULTI_TENANCY:
try:
if seafserv_threaded_rpc.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner, shared_username,
shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not ccnet_api.is_group_user(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id, new_owner,
shared_group.perm)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo.name,
"from": repo_owner,
"to": new_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=REPO_TRANSFER,
detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def post(self, request):
""" Set user quota, set user institution, delete users, in batch.
Permission checking:
1. admin user.
"""
# argument check
emails = request.POST.getlist('email', None)
if not emails:
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
operation = request.POST.get('operation', None)
if operation not in ('set-quota', 'delete-user', 'set-institution'):
error_msg = "operation can only be 'set-quota', 'delete-user', or 'set-institution'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
existed_users = []
for email in emails:
try:
user = User.objects.get(email=email)
existed_users.append(user)
except User.DoesNotExist:
result['failed'].append({
'email': email,
'error_msg': 'User %s not found.' % email
})
continue
if operation == 'set-quota':
quota_total_mb = request.POST.get('quota_total', None)
if not quota_total_mb:
error_msg = 'quota_total invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = _('must be an integer that is greater than or equal to 0.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = _('Space quota is too low (minimum value is 0)')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_byte = quota_total_mb * get_file_size_unit('MB')
for user in existed_users:
email = user.email
try:
seafile_api.set_user_quota(email, quota_total_byte)
except Exception as e:
logger.error(e)
result['failed'].append({
'email': email,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
'email': email,
'quota_total': seafile_api.get_user_quota(email),
})
if operation == 'delete-user':
for user in existed_users:
email = user.email
try:
user.delete()
except Exception as e:
logger.error(e)
result['failed'].append({
'email': email,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
'email': email,
})
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=USER_DELETE, detail=admin_op_detail)
if operation == 'set-institution':
institution = request.POST.get('institution', None)
if institution is None:
error_msg = 'Institution can not be blank.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if institution != '':
try:
obj_insti = Institution.objects.get(name=institution)
except Institution.DoesNotExist:
error_msg = 'Institution %s does not exist' % institution
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
for user in existed_users:
email = user.email
profile = Profile.objects.get_profile_by_user(email)
if profile is None:
profile = Profile(user=email)
profile.institution = institution
profile.save()
result['success'].append({
'email': email,
'institution': institution
})
return Response(result)
def put(self, request, repo_id, format=None):
""" update a library status, transfer a library, rename a library
Permission checking:
1. only admin can perform this action.
"""
# argument check
new_status = request.data.get('status', None)
if new_status:
if new_status not in ('normal', 'read-only'):
error_msg = 'status invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_repo_name = request.data.get('name', None)
if new_repo_name:
if not is_valid_dirent_name(new_repo_name):
error_msg = 'name invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_owner = request.data.get('owner', None)
if new_owner:
if not is_valid_email(new_owner):
error_msg = 'owner invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_status:
try:
seafile_api.set_repo_status(repo_id, normalize_repo_status_str(new_status))
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if new_repo_name:
try:
res = seafile_api.edit_repo(repo_id, new_repo_name, '', None)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if res == -1:
e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \
repo_id
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if new_owner:
try:
new_owner_obj = User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not new_owner_obj.permissions.can_add_repo():
error_msg = _('Transfer failed: role of %s is %s, can not add library.') % \
(new_owner, new_owner_obj.role)
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if MULTI_TENANCY:
try:
if seafile_api.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
if new_owner == repo_owner:
error_msg = _("Library can not be transferred to owner.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner,
shared_username, shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not is_group_member(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id,
new_owner, shared_group.perm)
# reshare repo to links
try:
UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo.name,
"from": repo_owner,
"to": new_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=REPO_TRANSFER, detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def delete(self, request, repo_id, format=None):
""" delete a library
Permission checking:
1. only admin can perform this action.
"""
if get_system_default_repo_id() == repo_id:
error_msg = _('System library can not be deleted.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
# for case of `seafile-data` has been damaged
# no `repo object` will be returned from seafile api
# delete the database record anyway
try:
seafile_api.remove_repo(repo_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
repo_name = repo.name
repo_owner = seafile_api.get_repo_owner(repo_id)
if not repo_owner:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
try:
seafile_api.remove_repo(repo_id)
try:
org_id = seafile_api.get_org_id_by_repo_id(repo_id)
related_usernames = get_related_users_by_repo(repo_id,
org_id if org_id > 0 else None)
except Exception as e:
logger.error(e)
org_id = -1
related_usernames = []
# send signal for seafevents
repo_deleted.send(sender=None, org_id=-1, operator=request.user.username,
usernames=related_usernames, repo_owner=repo_owner,
repo_id=repo_id, repo_name=repo.name)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo_name,
"owner": repo_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=REPO_DELETE, detail=admin_op_detail)
return Response({'success': True})
def user_add(request):
"""Add a user"""
if not request.user.is_staff or request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
post_values = request.POST.copy()
post_email = request.POST.get('email', '')
post_role = request.POST.get('role', DEFAULT_USER)
post_values.update({
'email': post_email.lower(),
'role': post_role,
})
form = AddUserForm(post_values)
if form.is_valid():
email = form.cleaned_data['email']
name = form.cleaned_data['name']
department = form.cleaned_data['department']
role = form.cleaned_data['role']
password = form.cleaned_data['password1']
try:
user = User.objects.create_user(email,
password,
is_staff=False,
is_active=True)
except User.DoesNotExist as e:
logger.error(e)
err_msg = _('Fail to add user %s.') % email
return HttpResponse(json.dumps({'error': err_msg}),
status=403,
content_type=content_type)
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=USER_ADD,
detail=admin_op_detail)
if user:
User.objects.update_role(email, role)
if config.FORCE_PASSWORD_CHANGE:
UserOptions.objects.set_force_passwd_change(email)
if name:
Profile.objects.add_or_update(email, name, '')
if department:
DetailedProfile.objects.add_or_update(email, department, '')
if request.user.org:
org_id = request.user.org.org_id
ccnet_threaded_rpc.add_org_user(org_id, email, 0)
if IS_EMAIL_CONFIGURED:
try:
send_user_add_mail(request, email, password)
messages.success(
request,
_('Successfully added user %s. An email notification has been sent.'
) % email)
except Exception as e:
logger.error(str(e))
messages.success(
request,
_('Successfully added user %s. An error accurs when sending email notification, please check your email configuration.'
) % email)
else:
messages.success(request,
_('Successfully added user %s.') % email)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
else:
if IS_EMAIL_CONFIGURED:
if SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
try:
send_user_add_mail(request, email, password)
messages.success(
request,
_('Successfully added user %s. An email notification has been sent.'
) % email)
except Exception as e:
logger.error(str(e))
messages.success(
request,
_('Successfully added user %s. An error accurs when sending email notification, please check your email configuration.'
) % email)
else:
messages.success(request,
_('Successfully added user %s.') % email)
else:
messages.success(
request,
_('Successfully added user %s. But email notification can not be sent, because Email service is not properly configured.'
) % email)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
else:
return HttpResponse(json.dumps(
{'error': str(list(form.errors.values())[0])}),
status=400,
content_type=content_type)
def put(self, request, repo_id, format=None):
""" transfer a library, rename a library
Permission checking:
1. only admin can perform this action.
"""
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
new_repo_name = request.data.get('name', None)
if new_repo_name:
try:
res = seafile_api.edit_repo(repo_id, new_repo_name, '', None)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if res == -1:
e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \
repo_id
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_owner = request.data.get('owner', None)
if new_owner:
try:
new_owner_obj = User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not new_owner_obj.permissions.can_add_repo():
error_msg = _(u'Transfer failed: role of %s is %s, can not add library.') % \
(new_owner, new_owner_obj.role)
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if MULTI_TENANCY:
try:
if seafile_api.get_org_id_by_repo_id(repo_id) > 0:
error_msg = 'Can not transfer organization library.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if ccnet_api.get_orgs_by_user(new_owner):
error_msg = 'Can not transfer library to organization user %s' % new_owner
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
repo_owner = seafile_api.get_repo_owner(repo_id)
if new_owner == repo_owner:
error_msg = _(u"Library can not be transferred to owner.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# get repo shared to user/group list
shared_users = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
shared_groups = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
# get all pub repos
pub_repos = []
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
seafile_api.set_repo_owner(repo_id, new_owner)
# reshare repo to user
for shared_user in shared_users:
shared_username = shared_user.user
if new_owner == shared_username:
continue
seafile_api.share_repo(repo_id, new_owner,
shared_username, shared_user.perm)
# reshare repo to group
for shared_group in shared_groups:
shared_group_id = shared_group.group_id
if not is_group_member(shared_group_id, new_owner):
continue
seafile_api.set_group_repo(repo_id, shared_group_id,
new_owner, shared_group.perm)
# reshare repo to links
try:
UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# check if current repo is pub-repo
# if YES, reshare current repo to public
for pub_repo in pub_repos:
if repo_id != pub_repo.id:
continue
seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission)
break
# send admin operation log signal
admin_op_detail = {
"id": repo_id,
"name": repo.name,
"from": repo_owner,
"to": new_owner,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=REPO_TRANSFER, detail=admin_op_detail)
repo = seafile_api.get_repo(repo_id)
repo_info = get_repo_info(repo)
return Response(repo_info)
def post(self, request):
""" Import users from xlsx file
Permission checking:
1. admin user.
"""
xlsx_file = request.FILES.get('file', None)
if not xlsx_file:
error_msg = 'file can not be found.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
file_type, ext = get_file_type_and_ext(xlsx_file.name)
if ext != 'xlsx':
error_msg = file_type_error_msg(ext, 'xlsx')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
content = xlsx_file.read()
try:
fs = BytesIO(content)
wb = load_workbook(filename=fs, read_only=True)
except Exception as e:
logger.error(e)
# example file is like:
# Email Password Name(Optional) Role(Optional) Space Quota(MB, Optional)
# [email protected] a a default 1024
# [email protected] b b default 2048
rows = wb.worksheets[0].rows
records = []
# skip first row(head field).
next(rows)
for row in rows:
records.append([col.value for col in row])
if user_number_over_limit(new_users=len(records)):
error_msg = 'The number of users exceeds the limit.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
for record in records:
if record[0]:
email = record[0].strip()
if not is_valid_username(email):
result['failed'].append({
'email': email,
'error_msg': 'email %s invalid.' % email
})
continue
else:
result['failed'].append({
'email': '',
'error_msg': 'email invalid.'
})
continue
if record[1]:
password = str(record[1]).strip()
if not password:
result['failed'].append({
'email': email,
'error_msg': 'password invalid.'
})
continue
else:
result['failed'].append({
'email': email,
'error_msg': 'password invalid.'
})
continue
vid = get_virtual_id_by_email(email)
try:
User.objects.get(email=vid)
result['failed'].append({
'email': email,
'error_msg': 'user %s exists.' % email
})
continue
except User.DoesNotExist:
pass
user = User.objects.create_user(email, password, is_staff=False, is_active=True)
virtual_id = get_virtual_id_by_email(email)
if config.FORCE_PASSWORD_CHANGE:
UserOptions.objects.set_force_passwd_change(virtual_id)
# update the user's optional info
# update nikename
nickname = email.split('@')[0]
try:
if record[2]:
input_nickname = str(record[2]).strip()
if len(input_nickname) <= 64 and '/' not in input_nickname:
nickname = input_nickname
Profile.objects.add_or_update(virtual_id, nickname, '')
except Exception as e:
logger.error(e)
# update role
if record[3]:
try:
role = record[3].strip()
if is_pro_version() and role in get_available_roles():
User.objects.update_role(virtual_id, role)
except Exception as e:
logger.error(e)
# update quota
if record[4]:
try:
space_quota_mb = int(record[4])
if space_quota_mb >= 0:
space_quota = int(space_quota_mb) * get_file_size_unit('MB')
seafile_api.set_user_quota(virtual_id, space_quota)
except Exception as e:
logger.error(e)
try:
send_html_email_with_dj_template(
email, dj_template='sysadmin/user_batch_add_email.html',
subject=_('You are invited to join %s') % get_site_name(),
context={
'user': email2nickname(request.user.username),
'email': email,
'password': password,
})
except Exception as e:
logger.error(e)
user_info = get_user_info(virtual_id)
result['success'].append(user_info)
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=USER_ADD, detail=admin_op_detail)
return Response(result)
def post(self, request):
""" Set user quota, set user institution, delete users, in batch.
Permission checking:
1. admin user.
"""
# argument check
emails = request.POST.getlist('email', None)
if not emails:
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
operation = request.POST.get('operation', None)
if operation not in ('set-quota', 'delete-user', 'set-institution'):
error_msg = "operation can only be 'set-quota', 'delete-user', or 'set-institution'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
existed_users = []
for email in emails:
try:
user = User.objects.get(email=email)
existed_users.append(user)
except User.DoesNotExist:
result['failed'].append({
'email': email,
'error_msg': 'User %s not found.' % email
})
continue
if operation == 'set-quota':
quota_total_mb = request.POST.get('quota_total', None)
if not quota_total_mb:
error_msg = 'quota_total invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = _('must be an integer that is greater than or equal to 0.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = _('Space quota is too low (minimum value is 0)')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_byte = quota_total_mb * get_file_size_unit('MB')
for user in existed_users:
email = user.email
try:
seafile_api.set_user_quota(email, quota_total_byte)
except Exception as e:
logger.error(e)
result['failed'].append({
'email': email,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
'email': email,
'quota_total': seafile_api.get_user_quota(email),
})
if operation == 'delete-user':
for user in existed_users:
email = user.email
try:
user.delete()
except Exception as e:
logger.error(e)
result['failed'].append({
'email': email,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
'email': email,
})
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=USER_DELETE, detail=admin_op_detail)
if operation == 'set-institution':
institution = request.POST.get('institution', None)
if institution is None:
error_msg = 'Institution can not be blank.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if institution != '':
try:
obj_insti = Institution.objects.get(name=institution)
except Institution.DoesNotExist:
error_msg = 'Institution %s does not exist' % institution
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
for user in existed_users:
email = user.email
profile = Profile.objects.get_profile_by_user(email)
if profile is None:
profile = Profile(user=email)
profile.institution = institution
profile.save()
result['success'].append({
'email': email,
'institution': institution
})
return Response(result)