def test_get_with_invalid_repo_permission(self):
user_shared_repos = \
seafile_api.get_share_out_repo_list(self.admin_name, -1, -1)
for repo in user_shared_repos:
seafile_api.remove_share(repo.repo_id, self.admin_name, repo.user)
group_shared_repos = seafile_api.get_group_repos_by_owner(
self.admin_name)
for repo in group_shared_repos:
seafile_api.unset_group_repo(repo.repo_id, repo.group_id,
self.admin_name)
public_shared_repos = seafile_api.list_inner_pub_repos_by_owner(
self.admin_name)
for repo in public_shared_repos:
seafile_api.remove_inner_pub_repo(repo.repo_id)
self.share_repo_to_user()
self.share_repo_to_group()
self.share_repo_to_public()
# login with admin, then get user's share repo info
self.login_as(self.admin)
resp = self.client.get(self.url)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert len(json_resp) == 0
def get(self, request, format=None):
""" List all shared out folders.
Permission checking:
1. all authenticated user can perform this action.
"""
shared_repos = []
username = request.user.username
try:
if is_org_context(request):
org_id = request.user.org.org_id
shared_repos += seafile_api.get_org_share_out_repo_list(org_id, username, -1, -1)
shared_repos += seaserv.seafserv_threaded_rpc.get_org_group_repos_by_owner(org_id, username)
else:
shared_repos += seafile_api.get_share_out_repo_list(username, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
returned_result = []
shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name))
for repo in shared_repos:
if not repo.is_virtual:
continue
result = {}
result['repo_id'] = repo.origin_repo_id
result['repo_name'] = repo.origin_repo_name
result['path'] = repo.origin_path
result['folder_name'] = repo.name
result['share_type'] = repo.share_type
result['share_permission'] = repo.permission
if repo.share_type == 'personal':
result['user_name'] = email2nickname(repo.user)
result['user_email'] = repo.user
result['contact_email'] = Profile.objects.get_contact_email_by_user(repo.user)
if repo.share_type == 'group':
group = ccnet_api.get_group(repo.group_id)
if not group:
if is_org_context(request):
seafile_api.org_unshare_subdir_for_group(org_id,
repo.repo_id, repo.origin_path, username, repo.group_id)
else:
seafile_api.unshare_subdir_for_group(
repo.repo_id, repo.origin_path, username, repo.group_id)
continue
result['group_id'] = repo.group_id
result['group_name'] = group.group_name
returned_result.append(result)
return Response(returned_result)
def test_can_update_group_share_perm(self):
self.share_repo_to_group()
# print seafile_api.get_folder_group_perm(self.repo_id, '/', int(self.group_id))
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
url = reverse('api-v2.1-shared-repo', args=[self.repo_id])
data = 'permission=r&share_type=group&group_id=%s' % self.group_id
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert repos[0].permission == 'r'
def test_delete_group_share(self):
self.share_repo_to_group()
# repo in group
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
args = '?share_type=group&group_id=%s' % self.group_id
url = reverse('api-v2.1-shared-repo', args=[self.repo_id]) + args
resp = self.client.delete(url, {}, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
# repo NOT in group
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert len(repos) == 0
def test_can_update_group_share_perm(self):
self.share_repo_to_group()
# print seafile_api.get_folder_group_perm(self.repo_id, '/', int(self.group_id))
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
url = reverse('api-v2.1-shared-repo', args=[self.repo_id])
data = 'permission=r&share_type=group&group_id=%s' % self.group_id
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert repos[0].permission == 'r'
def test_delete_group_share(self):
self.share_repo_to_group()
# repo in group
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert repos[0].permission == 'rw'
self.login_as(self.user)
args = '?share_type=group&group_id=%s' % self.group_id
url = reverse('api-v2.1-shared-repo', args=[self.repo_id]) + args
resp = self.client.delete(url, {}, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
# repo NOT in group
repos = seafile_api.get_group_repos_by_owner(self.user_name)
assert len(repos) == 0
def get(self, request, format=None):
""" List all shared out repos.
Permission checking:
1. all authenticated user can perform this action.
"""
shared_repos = []
username = request.user.username
try:
if is_org_context(request):
org_id = request.user.org.org_id
shared_repos += seafile_api.get_org_share_out_repo_list(org_id, username, -1, -1)
shared_repos += seaserv.seafserv_threaded_rpc.get_org_group_repos_by_owner(org_id, username)
shared_repos += seaserv.seafserv_threaded_rpc.list_org_inner_pub_repos_by_owner(org_id, username)
else:
shared_repos += seafile_api.get_share_out_repo_list(username, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(username)
if not request.cloud_mode:
shared_repos += seaserv.list_inner_pub_repos_by_owner(username)
except Exception as e:
logger.error(e)
error_msg = "Internal Server Error"
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
returned_result = []
shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name))
for repo in shared_repos:
if repo.is_virtual:
continue
result = {}
result["repo_id"] = repo.repo_id
result["repo_name"] = repo.repo_name
result["share_type"] = repo.share_type
result["share_permission"] = repo.permission
if repo.share_type == "personal":
result["user_name"] = email2nickname(repo.user)
result["user_email"] = repo.user
if repo.share_type == "group":
group = ccnet_api.get_group(repo.group_id)
result["group_id"] = repo.group_id
result["group_name"] = group.group_name
returned_result.append(result)
return Response(returned_result)
def setUp(self):
self.repo_id = self.repo.id
self.group_id = self.group.id
self.user_name = self.user.username
self.admin_name = self.admin.username
self.url = reverse('api-v2.1-shared-repos')
# make sure this user has not sharing any repos
for x in seafile_api.get_share_out_repo_list(self.user_name, -1, -1):
seafile_api.remove_share(x.repo_id, self.user_name, x.user)
assert len(seafile_api.get_share_out_repo_list(self.user_name, -1, -1)) == 0
for x in seafile_api.get_group_repos_by_owner(self.user_name):
seafile_api.unset_group_repo(x.repo_id, x.group_id, self.user_name)
assert len(seafile_api.get_group_repos_by_user(self.user_name)) == 0
def show_share_info(user, show_groupmembers=False):
shared_repos = seafile_api.get_share_out_repo_list(user, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(user)
shown_repos = set()
if show_groupmembers:
groups = {}
for repo in shared_repos:
if repo.repo_id in shown_repos:
continue
shown_repos.add(repo.repo_id)
if repo.is_virtual:
print("Folder %s of Repo %s, shared to:" %
(repo.origin_path, repo.origin_repo_id))
else:
print("Repo %s (%s), shared to:" % (repo.repo_id, repo.name))
sgroups = seafile_api.list_repo_shared_group(user, repo.repo_id)
print("groups:")
for sgroup in sgroups:
print("%s (%d), %s" % (ccnet_api.get_group(
sgroup.group_id).group_name, sgroup.group_id, sgroup.perm))
if show_groupmembers:
groups[sgroup.group_id] = sgroup
susers = seafile_api.list_repo_shared_to(user, repo.repo_id)
print("users:")
for suser in susers:
print("%s, %s" % (suser.user, suser.perm))
print("\n")
if show_groupmembers:
print("\ngroup memberships:")
for group in groups.values():
print("group %s (%d):" % (ccnet_api.get_group(
group.group_id).group_name, group.group_id))
gusers = ccnet_api.get_group_members(group.group_id)
for guser in gusers:
print("%s" % (guser.user_name))
print("")
def test_get_group_repos(repo, group):
repo = api.get_repo(repo.id)
api.group_share_repo(repo.id, group.id, USER, 'rw')
repos = api.get_repos_by_group(group.id)
assert_group_repos_attr(repo, repos[0])
repos = api.get_group_repos_by_owner(USER)
assert_group_repos_attr(repo, repos[0])
v_repo_id = api.share_subdir_to_group(repo.id, '/dir1', USER, group.id, 'rw')
v_repo = api.get_repo(v_repo_id)
v_repo_to_test = api.get_group_shared_repo_by_path(repo.id, '/dir1', group.id)
assert_group_repos_attr(v_repo, v_repo_to_test)
api.unshare_subdir_for_group(repo.id, '/dir1', USER, group.id)
repos = api.get_group_repos_by_user(USER)
assert_group_repos_attr(repo, repos[0])
assert api.group_unshare_repo(repo.id, group.id, USER) == 0
def get(self, request, format=None):
""" List all shared out repos.
Permission checking:
1. all authenticated user can perform this action.
"""
shared_repos = []
username = request.user.username
try:
if is_org_context(request):
org_id = request.user.org.org_id
shared_repos += seafile_api.get_org_share_out_repo_list(
org_id, username, -1, -1)
shared_repos += seafile_api.get_org_group_repos_by_owner(
org_id, username)
shared_repos += seafile_api.list_org_inner_pub_repos_by_owner(
org_id, username)
else:
shared_repos += seafile_api.get_share_out_repo_list(
username, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(username)
if not request.cloud_mode:
shared_repos += seafile_api.list_inner_pub_repos_by_owner(
username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
returned_result = []
shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name))
usernames = []
gids = []
for repo in shared_repos:
if repo.is_virtual:
continue
result = {}
result['repo_id'] = repo.repo_id
result['repo_name'] = repo.repo_name
result['encrypted'] = repo.encrypted
result['share_type'] = repo.share_type
result['share_permission'] = repo.permission
result['modifier_email'] = repo.last_modifier
result['modifier_name'] = email2nickname(repo.last_modifier)
result['modifier_contact_email'] = email2contact_email(
repo.last_modifier)
if repo.share_type == 'personal':
result['user_name'] = email2nickname(repo.user)
result['user_email'] = repo.user
result[
'contact_email'] = Profile.objects.get_contact_email_by_user(
repo.user)
usernames.append((repo.repo_id, repo.user))
if repo.share_type == 'group':
group = ccnet_api.get_group(repo.group_id)
result['group_id'] = repo.group_id
result['group_name'] = group.group_name if group else ''
gids.append(repo.group_id)
returned_result.append(result)
user_admins = ExtraSharePermission.objects.batch_is_admin(usernames)
group_admins = ExtraGroupsSharePermission.objects.batch_get_repos_with_admin_permission(
gids)
for result in returned_result:
if result['share_type'] == 'group':
result['is_admin'] = (result['repo_id'],
result['group_id']) in group_admins
elif result['share_type'] == 'personal':
result['is_admin'] = (result['repo_id'],
result['user_email']) in user_admins
return Response(returned_result)
def test_share_repo_to_group(repo, group, permission):
assert api.check_permission(repo.id, USER) == 'rw'
assert api.check_permission(repo.id, USER2) is None
repos = api.get_repos_by_group(group.id)
assert len(repos) == 0
group_list = ccnet_api.get_groups(USER)
assert len(group_list) == 1
group_list = ccnet_api.get_groups(USER2)
assert len(group_list) == 0
api.group_share_repo(repo.id, group.id, USER, permission)
repos = api.get_repos_by_group(group.id)
assert_repo_with_permission(repo, repos, permission)
group_ids = api.get_shared_group_ids_by_repo(repo.id)
assert group_ids[0] == str(group.id)
group_list = api.list_repo_shared_group_by_user(USER, repo.id)
assert len(group_list) == 1
group_list = api.list_repo_shared_group_by_user(USER2, repo.id)
assert len(group_list) == 0
repo_get = api.get_group_shared_repo_by_path(repo.id, None, group.id)
assert repo_get and repo_get.repo_id == repo.id
ccnet_api.group_add_member(group.id, USER, USER2)
group_list = ccnet_api.get_groups(USER2)
assert len(group_list) == 1
group = group_list[0]
assert group.id == group.id
repos2 = api.get_repos_by_group(group.id)
assert_repo_with_permission(repo, repos2, permission)
assert api.check_permission(repo.id, USER2) == permission
repos = api.get_group_repos_by_user(USER)
assert len(repos) == 1
repoids = api.get_group_repoids(group.id)
assert len(repoids) == 1
repos = api.get_group_repos_by_owner(USER)
assert len(repos) == 1
api.remove_group_repos_by_owner(group.id, USER)
repos = api.get_group_repos_by_owner(USER)
assert len(repos) == 0
api.set_group_repo(repo.id, group.id, USER, permission)
repos = api.get_repos_by_group(group.id)
assert len(repos) == 1
api.remove_group_repos(group.id)
repos = api.get_repos_by_group(group.id)
assert len(repos) == 0
api.group_unshare_repo(repo.id, group.id, USER)
repos = api.get_repos_by_group(group.id)
assert len(repos) == 0
assert api.check_permission(repo.id, USER2) is None
def get(self, request, format=None):
""" List all shared out repos.
Permission checking:
1. all authenticated user can perform this action.
"""
shared_repos = []
username = request.user.username
try:
if is_org_context(request):
org_id = request.user.org.org_id
shared_repos += seafile_api.get_org_share_out_repo_list(org_id, username, -1, -1)
shared_repos += seafile_api.get_org_group_repos_by_owner(org_id, username)
shared_repos += seafile_api.list_org_inner_pub_repos_by_owner(org_id, username)
else:
shared_repos += seafile_api.get_share_out_repo_list(username, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(username)
if not request.cloud_mode:
shared_repos += seafile_api.list_inner_pub_repos_by_owner(username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
returned_result = []
shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name))
usernames = []
gids = []
for repo in shared_repos:
if repo.is_virtual:
continue
result = {}
result['repo_id'] = repo.repo_id
result['repo_name'] = repo.repo_name
result['encrypted'] = repo.encrypted
result['share_type'] = repo.share_type
result['share_permission'] = repo.permission
result['modifier_email'] = repo.last_modifier
result['modifier_name'] = email2nickname(repo.last_modifier)
result['modifier_contact_email'] = email2contact_email(repo.last_modifier)
if repo.share_type == 'personal':
result['user_name'] = email2nickname(repo.user)
result['user_email'] = repo.user
result['contact_email'] = Profile.objects.get_contact_email_by_user(repo.user)
usernames.append((repo.repo_id, repo.user))
if repo.share_type == 'group':
group = ccnet_api.get_group(repo.group_id)
result['group_id'] = repo.group_id
result['group_name'] = group.group_name if group else ''
gids.append(repo.group_id)
returned_result.append(result)
user_admins = ExtraSharePermission.objects.batch_is_admin(usernames)
group_admins = ExtraGroupsSharePermission.objects.batch_get_repos_with_admin_permission(gids)
for result in returned_result:
if result['share_type'] == 'group':
result['is_admin'] = (result['repo_id'], result['group_id']) in group_admins
elif result['share_type'] == 'personal':
result['is_admin'] = (result['repo_id'], result['user_email']) in user_admins
return Response(returned_result)
