def put(self, request, group_id, email): """ Set/unset a specific group member as admin. """ username = request.user.username is_admin = request.data.get('is_admin', '') try: # only group owner can set/unset a specific group member as admin if not is_group_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if not is_group_member(group_id, email): error_msg = 'Email %s invalid.' % email return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # set/unset a specific group member as admin if is_admin.lower() == 'true': seaserv.ccnet_threaded_rpc.group_set_admin(group_id, email) elif is_admin.lower() == 'false': seaserv.ccnet_threaded_rpc.group_unset_admin(group_id, email) else: error_msg = 'is_admin invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) member_info = get_group_member_info(request, group_id, email) return Response(member_info)
def delete(self, request, group_id, email): """ User leave group or group owner/admin delete a group member. """ try: if not is_group_member(group_id, email): error_msg = 'Email %s invalid.' % email return api_error(status.HTTP_400_BAD_REQUEST, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) username = request.user.username # user leave group if username == email: try: seaserv.ccnet_threaded_rpc.quit_group(group_id, username) # remove repo-group share info of all 'email' owned repos seafile_api.remove_group_repos_by_owner(group_id, email) return Response({'success': True}) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # group owner/admin delete a group member try: if is_group_owner(group_id, username): # group owner can delete all group member seaserv.ccnet_threaded_rpc.group_remove_member( group_id, username, email) seafile_api.remove_group_repos_by_owner(group_id, email) return Response({'success': True}) elif is_group_admin(group_id, username): # group admin can NOT delete group owner/admin if not is_group_admin_or_owner(group_id, email): seaserv.ccnet_threaded_rpc.group_remove_member( group_id, username, email) seafile_api.remove_group_repos_by_owner(group_id, email) return Response({'success': True}) else: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) else: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
def delete(self, request, group_id, email): """ User leave group or group owner/admin delete a group member. """ try: if not is_group_member(group_id, email): error_msg = 'Email %s invalid.' % email return api_error(status.HTTP_400_BAD_REQUEST, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) username = request.user.username # user leave group if username == email: try: seaserv.ccnet_threaded_rpc.quit_group(group_id, username) # remove repo-group share info of all 'email' owned repos seafile_api.remove_group_repos_by_owner(group_id, email) return Response({'success': True}) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # group owner/admin delete a group member try: if is_group_owner(group_id, username): # group owner can delete all group member seaserv.ccnet_threaded_rpc.group_remove_member(group_id, username, email) seafile_api.remove_group_repos_by_owner(group_id, email) return Response({'success': True}) elif is_group_admin(group_id, username): # group admin can NOT delete group owner/admin if not is_group_admin_or_owner(group_id, email): seaserv.ccnet_threaded_rpc.group_remove_member(group_id, username, email) seafile_api.remove_group_repos_by_owner(group_id, email) return Response({'success': True}) else: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) else: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
def delete(self, request, group_id): """ Dismiss a specific group Permission: 1. group owner """ org_id = None if is_org_context(request): org_id = request.user.org.org_id username = request.user.username try: # only group owner can dismiss a group if not is_group_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # if there are dtables in this group, prohibit deletion of groups owner = '%s@seafile_group' % group_id workspace = Workspaces.objects.get_workspace_by_owner(owner) if DTables.objects.filter(workspace=workspace, deleted=False).exists(): error_msg = 'Disable group deletion before deleting table(s).' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seafile_api.remove_repo(workspace.repo_id) workspace.delete() remove_group_common(group_id, username, org_id=org_id) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) return Response({'success': True})
def delete(self, request, group_id): """ Dismiss a specific group """ org_id = None if is_org_context(request): org_id = request.user.org.org_id username = request.user.username try: # only group owner can dismiss a group if not is_group_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) remove_group_common(group_id, username, org_id=org_id) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) return Response({'success': True})
def put(self, request, group_id): """ Rename, transfer a specific group """ username = request.user.username new_group_name = request.data.get('name', None) # rename a group if new_group_name: try: # only group owner/admin can rename a group if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_owner = request.data.get('owner', None) # transfer a group if new_owner: try: # only group owner can transfer a group if not is_group_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # augument check if not is_valid_username(new_owner): error_msg = 'Email %s invalid.' % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if is_group_owner(group_id, new_owner): error_msg = _(u'User %s is already group owner.') % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # transfer a group if not is_group_member(group_id, new_owner): ccnet_api.group_add_member(group_id, username, new_owner) if not is_group_admin(group_id, new_owner): ccnet_api.group_set_admin(group_id, new_owner) ccnet_api.set_group_creator(group_id, new_owner) ccnet_api.group_unset_admin(group_id, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) wiki_enabled = request.data.get('wiki_enabled', None) # turn on/off group wiki if wiki_enabled: try: # only group owner/admin can turn on a group wiki if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # augument check if wiki_enabled != 'true' and wiki_enabled != 'false': error_msg = 'wiki_enabled invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # turn on/off group wiki if wiki_enabled == 'true': enable_mod_for_group(group_id, MOD_GROUP_WIKI) else: disable_mod_for_group(group_id, MOD_GROUP_WIKI) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) group_info = get_group_info(request, group_id) return Response(group_info)
def put(self, request, group_id): """ Admin transfer a group Permission checking: 1. Admin user; """ # argument check new_owner = request.data.get('new_owner', None) if not new_owner or not is_valid_username(new_owner): error_msg = 'new_owner %s invalid.' % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) old_owner = request.data.get('old_owner', None) if not old_owner or not is_valid_username(old_owner): error_msg = 'old_owner %s invalid.' % old_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # recourse check group_id = int(group_id) # Checked by URL Conf group = ccnet_api.get_group(group_id) if not group: error_msg = 'Group %d not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # check if new_owner exists, # NOT need to check old_owner for old_owner may has been deleted. try: User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if new_owner == old_owner: error_msg = 'new_owner %s is the same as old_owner %s.' % \ (new_owner, old_owner) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if not is_group_owner(group_id, old_owner): error_msg = _(u'User %s is not group owner.') % old_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if is_group_owner(group_id, new_owner): error_msg = _(u'User %s is already group owner.') % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # transfer a group try: if not is_group_member(group_id, new_owner): ccnet_api.group_add_member(group_id, old_owner, new_owner) if not is_group_admin(group_id, new_owner): ccnet_api.group_set_admin(group_id, new_owner) ccnet_api.set_group_creator(group_id, new_owner) ccnet_api.group_unset_admin(group_id, old_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) group_info = get_group_info(group_id) return Response(group_info)