def post(self, request): """ Create a group Permission checking: 1. Admin user; """ # argument check group_name = request.data.get('group_name', '') if not group_name: error_msg = 'group_name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _( u'Group name can only contain letters, numbers, blank, hyphen, dot, single quote or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_owner = request.data.get('group_owner', '') if group_owner: try: User.objects.get(email=group_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % group_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) username = request.user.username new_owner = group_owner or username # create group. try: group_id = ccnet_api.create_group(group_name, new_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": group_id, "name": group_name, "owner": new_owner, } admin_operation.send(sender=None, admin_name=username, operation=GROUP_CREATE, detail=admin_op_detail) # get info of new group group_info = get_group_info(group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """Add a group in address book. parent_group: -1 - no parent group; > 0 - have parent group. group_owner: default to system admin group_staff: default to system admin """ group_name = request.data.get('group_name', '').strip() if not group_name: error_msg = 'name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _('Name can only contain letters, numbers, blank, hyphen or underscore.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. pattern_matched_groups = ccnet_api.search_groups(group_name, -1, -1) for group in pattern_matched_groups: if group.group_name == group_name: error_msg = _('There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Group owner is 'system admin' group_owner = request.data.get('group_owner', '') try: parent_group = int(request.data.get('parent_group', -1)) except ValueError: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if parent_group < 0 and parent_group != -1: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # TODO: check parent group exists try: if is_org_context(request): # request called by org admin org_id = request.user.org.org_id group_id = ccnet_api.create_org_group( org_id, group_name, group_owner, parent_group_id=parent_group) else: group_id = ccnet_api.create_group(group_name, group_owner, parent_group_id=parent_group) seafile_api.set_group_quota(group_id, -2) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = address_book_group_to_dict(group_id) return Response(group_info, status=status.HTTP_200_OK)
def clean_group_name(self): group_name = self.cleaned_data['group_name'] if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers or underscore') raise forms.ValidationError(error_msg) else: return group_name
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = _(u'You do not have permission to create group.') return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: group_id = seaserv.ccnet_threaded_rpc.create_group(group_name, username) except SearpcError as e: logger.error(e) error_msg = _(u'Failed') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id, GROUP_AVATAR_DEFAULT_SIZE) return Response(group_info, status=status.HTTP_201_CREATED)
def rename_group_with_new_name(request, group_id, new_group_name): """Rename a group with new name. Arguments: - `request`: - `group_id`: - `new_group_name`: Raises: BadGroupNameError: New group name format is not valid. ConflictGroupNameError: New group name confilicts with existing name. """ if not validate_group_name(new_group_name): raise BadGroupNameError # Check whether group name is duplicated. username = request.user.username org_id = -1 if is_org_context(request): org_id = request.user.org.org_id checked_groups = seaserv.get_org_groups_by_user(org_id, username) else: if request.cloud_mode: checked_groups = seaserv.get_personal_groups_by_user(username) else: checked_groups = get_all_groups(-1, -1) for g in checked_groups: if g.group_name == new_group_name: raise ConflictGroupNameError ccnet_threaded_rpc.set_group_name(group_id, new_group_name)
def clean_group_name(self): group_name = self.cleaned_data['group_name'] group_name = group_name.strip() if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') raise forms.ValidationError(error_msg) else: return group_name
def post(self, request): """Add a group in address book. parent_group: -1 - no parent group; > 0 - have parent group. group_owner: default to system admin group_staff: default to system admin """ group_name = request.data.get('group_name', '').strip() if not group_name: error_msg = 'name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Name can only contain letters, numbers, blank, hyphen or underscore.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'The name already exists.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Group owner is 'system admin' group_owner = request.data.get('group_owner', '') try: parent_group = int(request.data.get('parent_group', -1)) except ValueError: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if parent_group < 0 and parent_group != -1: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # TODO: check parent group exists try: if is_org_context(request): # request called by org admin org_id = request.user.org.org_id group_id = ccnet_api.create_org_group( org_id, group_name, group_owner, parent_group_id=parent_group) else: group_id = ccnet_api.create_group(group_name, group_owner, parent_group_id=parent_group) seafile_api.set_group_quota(group_id, -2) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = address_book_group_to_dict(group_id) return Response(group_info, status=status.HTTP_200_OK)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _( 'Group name can only contain letters, numbers, blank, hyphen, dot, single quote or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _('There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: if is_org_context(request): org_id = request.user.org.org_id group_id = seaserv.ccnet_threaded_rpc.create_org_group( org_id, group_name, username) else: group_id = seaserv.ccnet_threaded_rpc.create_group( group_name, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # if the group has no workspace, create a workspace owner = '%s@seafile_group' % group_id workspace = Workspaces.objects.get_workspace_by_owner(owner) if not workspace: try: org_id = -1 if is_org_context(request): org_id = request.user.org.org_id create_repo_and_workspace(owner, org_id) except Exception as e: logger.error(e) error_msg = 'Internal Server Error.' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group Permission checking: 1. Admin user; """ # argument check group_name = request.data.get('group_name', '') if not group_name: error_msg = 'group_name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen, single quote or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_owner = request.data.get('group_owner', '') if group_owner: try: User.objects.get(email=group_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % group_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) username = request.user.username new_owner = group_owner or username # create group. try: group_id = ccnet_api.create_group(group_name, new_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": group_id, "name": group_name, "owner": new_owner, } admin_operation.send(sender=None, admin_name=username, operation=GROUP_CREATE, detail=admin_op_detail) # get info of new group group_info = get_group_info(group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def clean_group_name(self): group_name = self.cleaned_data['group_name'] group_name = group_name.strip() if not validate_group_name(group_name): error_msg = _( 'Name can only contain letters, numbers, spaces, hyphen, dot, single quote, brackets or underscore.' ) raise forms.ValidationError(error_msg) else: return group_name
def put(self, request, group_id): """ Rename, transfer a specific group """ group = seaserv.get_group(group_id) username = request.user.username new_group_name = request.data.get('name', None) if new_group_name: # rename a group # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_creator= request.data.get('creator', None) if new_creator: # transfer a group if not is_valid_username(new_creator): error_msg = _('Creator %s is not valid.') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if new_creator == group.creator_name: error_msg = _('%s is already group owner') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: if not seaserv.is_group_user(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_add_member(group_id, username, new_creator) if not seaserv.check_group_staff(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_set_admin(group_id, new_creator) seaserv.ccnet_threaded_rpc.set_group_creator(group_id, new_creator) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get new info of this group group_info = get_group_info(request, group_id, GROUP_AVATAR_DEFAULT_SIZE) return Response(group_info)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = _(u'You do not have permission to create group.') return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('group_name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Group name is valid, create that group. try: group_id = seaserv.ccnet_threaded_rpc.create_group(group_name, username) except SearpcError as e: logger.error(e) error_msg = _(u'Failed') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) try: size = int(request.data.get('avatar_size', GROUP_AVATAR_DEFAULT_SIZE)) except ValueError: size = GROUP_AVATAR_DEFAULT_SIZE g = seaserv.get_group(group_id) try: avatar_url, is_default, date_uploaded = api_grp_avatar_url(g.id, size) except Exception as e: logger.error(e) avatar_url = get_default_group_avatar_url() val = utc_to_local(dt(g.timestamp)) new_group = { "id": g.id, "name": g.group_name, "creator": g.creator_name, "created_at": val.strftime("%Y-%m-%dT%H:%M:%S") + DateFormat(val).format('O'), "avatar_url": request.build_absolute_uri(avatar_url), "admins": self._get_group_admins(g.id), } return Response(new_group, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _( u'Group name can only contain letters, numbers, blank, hyphen or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: if is_org_context(request): org_id = request.user.org.org_id group_id = seaserv.ccnet_threaded_rpc.create_org_group( org_id, group_name, username) else: group_id = seaserv.ccnet_threaded_rpc.create_group( group_name, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen, single quote or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: if is_org_context(request): org_id = request.user.org.org_id group_id = seaserv.ccnet_threaded_rpc.create_org_group(org_id, group_name, username) else: group_id = seaserv.ccnet_threaded_rpc.create_group(group_name, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """import department from work weixin permission: IsProVersion """ if not request.user.admin_permissions.can_manage_user(): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') # argument check department_id = request.data.get('work_weixin_department_id') try: department_id = int(department_id) except Exception as e: logger.error(e) error_msg = 'work_weixin_department_ids invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # is pro version and work weixin check if not IsProVersion or not admin_work_weixin_departments_check(): error_msg = 'Feature is not enabled.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) access_token = get_work_weixin_access_token() if not access_token: logger.error('can not get work weixin access_token') error_msg = '获取企业微信组织架构失败' return api_error(status.HTTP_404_NOT_FOUND, error_msg) # list departments from work weixin api_department_list = self._list_departments_from_work_weixin( access_token, department_id) if api_department_list is None: error_msg = '获取企业微信组织架构失败' return api_error(status.HTTP_404_NOT_FOUND, error_msg) # list department members from work weixin api_user_list = self._list_department_members_from_work_weixin( access_token, department_id) if api_user_list is None: error_msg = '获取企业微信组织架构成员失败' return api_error(status.HTTP_404_NOT_FOUND, error_msg) # main success = list() failed = list() department_map_to_group_dict = dict() for index, department_obj in enumerate(api_department_list): # check department argument new_group_name = department_obj.get('name') department_obj_id = department_obj.get('id') if department_obj_id is None or not new_group_name or not validate_group_name( new_group_name): failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '部门参数错误') failed.append(failed_msg) continue # check parent group if index == 0: parent_group_id = -1 else: parent_department_id = department_obj.get('parentid') parent_group_id = department_map_to_group_dict.get( parent_department_id) if parent_group_id is None: failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '父级部门不存在') failed.append(failed_msg) continue # check department exist by group name exist, exist_group = self._admin_check_group_name_conflict( new_group_name) if exist: department_map_to_group_dict[ department_obj_id] = exist_group.id failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '部门已存在') failed.append(failed_msg) continue # import department try: group_id = ccnet_api.create_group( new_group_name, DEPARTMENT_OWNER, parent_group_id=parent_group_id) seafile_api.set_group_quota(group_id, -2) department_map_to_group_dict[department_obj_id] = group_id success_msg = self._api_department_success_msg( department_obj_id, new_group_name, group_id) success.append(success_msg) except Exception as e: logger.error(e) failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '部门导入失败') failed.append(failed_msg) # todo filter ccnet User database social_auth_queryset = SocialAuthUser.objects.filter( provider=WORK_WEIXIN_PROVIDER, uid__contains=WORK_WEIXIN_UID_PREFIX) # import api_user for api_user in api_user_list: uid = WORK_WEIXIN_UID_PREFIX + api_user.get('userid', '') api_user['contact_email'] = api_user['email'] api_user_name = api_user.get('name') # determine the user exists if social_auth_queryset.filter(uid=uid).exists(): email = social_auth_queryset.get(uid=uid).username else: # create user email = gen_user_virtual_id() create_user_success = _import_user_from_work_weixin( email, api_user) if not create_user_success: failed_msg = self._api_user_failed_msg( '', api_user_name, department_id, '导入用户失败') failed.append(failed_msg) continue # bind user to department api_user_department_list = api_user.get('department') for department_obj_id in api_user_department_list: group_id = department_map_to_group_dict.get(department_obj_id) if group_id is None: # the api_user also exist in the brother department which not import continue if ccnet_api.is_group_user(group_id, email): failed_msg = self._api_user_failed_msg( email, api_user_name, department_obj_id, '部门成员已存在') failed.append(failed_msg) continue try: ccnet_api.group_add_member(group_id, DEPARTMENT_OWNER, email) success_msg = self._api_user_success_msg( email, api_user_name, department_obj_id, group_id) success.append(success_msg) except Exception as e: logger.error(e) failed_msg = self._api_user_failed_msg( email, api_user_name, department_id, '导入部门成员失败') failed.append(failed_msg) return Response({ 'success': success, 'failed': failed, })
def put(self, request, group_id): """ Rename, transfer a specific group """ username = request.user.username new_group_name = request.data.get('name', None) # rename a group if new_group_name: try: # only group owner/admin can rename a group if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_owner = request.data.get('owner', None) # transfer a group if new_owner: try: # only group owner can transfer a group if not is_group_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # augument check if not is_valid_username(new_owner): error_msg = 'Email %s invalid.' % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if is_group_owner(group_id, new_owner): error_msg = _(u'User %s is already group owner.') % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # transfer a group if not is_group_member(group_id, new_owner): ccnet_api.group_add_member(group_id, username, new_owner) if not is_group_admin(group_id, new_owner): ccnet_api.group_set_admin(group_id, new_owner) ccnet_api.set_group_creator(group_id, new_owner) ccnet_api.group_unset_admin(group_id, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) wiki_enabled = request.data.get('wiki_enabled', None) # turn on/off group wiki if wiki_enabled: try: # only group owner/admin can turn on a group wiki if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # augument check if wiki_enabled != 'true' and wiki_enabled != 'false': error_msg = 'wiki_enabled invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # turn on/off group wiki if wiki_enabled == 'true': enable_mod_for_group(group_id, MOD_GROUP_WIKI) else: disable_mod_for_group(group_id, MOD_GROUP_WIKI) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) group_info = get_group_info(request, group_id) return Response(group_info)
def put(self, request, group_id): """ Admin update a group 1. transfer a group. 2. set group quota. 3. rename group. Permission checking: 1. Admin user; """ if not request.user.admin_permissions.can_manage_group(): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') # recourse check group_id = int(group_id) # Checked by URL Conf group = ccnet_api.get_group(group_id) if not group: error_msg = 'Group %d not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) new_owner = request.data.get('new_owner', '') if new_owner: if not is_valid_username(new_owner): error_msg = 'new_owner %s invalid.' % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # check if new_owner exists, # NOT need to check old_owner for old_owner may has been deleted. try: User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) old_owner = group.creator_name if new_owner == old_owner: error_msg = _('User %s is already group owner.') % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # transfer a group try: if not is_group_member(group_id, new_owner): ccnet_api.group_add_member(group_id, old_owner, new_owner) if not is_group_admin(group_id, new_owner): ccnet_api.group_set_admin(group_id, new_owner) ccnet_api.set_group_creator(group_id, new_owner) ccnet_api.group_unset_admin(group_id, old_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": group_id, "name": group.group_name, "from": old_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=GROUP_TRANSFER, detail=admin_op_detail) # set group quota group_quota = request.data.get('quota', '') if group_quota: try: group_quota = int(group_quota) except ValueError: error_msg = 'quota invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if not (group_quota > 0 or group_quota == -2): error_msg = 'quota invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seafile_api.set_group_quota(group_id, group_quota) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_name = request.data.get('name', '') if new_name: if not validate_group_name(new_name): error_msg = _( 'Name can only contain letters, numbers, spaces, hyphen, dot, single quote, brackets or underscore.' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if check_group_name_conflict(request, new_name): error_msg = _('There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: ccnet_api.set_group_name(group_id, new_name) set_group_name_cache(group_id, new_name) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) group_info = get_group_info(group_id) return Response(group_info)
def put(self, request, group_id): """ Rename, transfer a specific group """ group = seaserv.get_group(group_id) username = request.user.username new_group_name = request.data.get('name', None) if new_group_name: # rename a group # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _( u'Group name can only contain letters, numbers, blank, hyphen or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seaserv.ccnet_threaded_rpc.set_group_name( group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_creator = request.data.get('creator', None) if new_creator: # transfer a group if not is_valid_username(new_creator): error_msg = _('Creator %s is not valid.') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if new_creator == group.creator_name: error_msg = _('%s is already group owner') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: if not seaserv.is_group_user(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_add_member( group_id, username, new_creator) if not seaserv.check_group_staff(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_set_admin( group_id, new_creator) seaserv.ccnet_threaded_rpc.set_group_creator( group_id, new_creator) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get new info of this group group_info = get_group_info(request, group_id, GROUP_AVATAR_DEFAULT_SIZE) return Response(group_info)
def post(self, request): """import department from dingtalk """ if not ENABLE_DINGTALK: error_msg = 'Feature is not enabled.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if not request.user.admin_permissions.can_manage_user(): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') # argument check department_id = request.data.get('department_id') try: department_id = int(department_id) except Exception as e: logger.error(e) error_msg = 'department_id invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) access_token = dingtalk_get_access_token() if not access_token: error_msg = '获取钉钉组织架构失败' return api_error(status.HTTP_404_NOT_FOUND, error_msg) # get department list # https://developers.dingtalk.com/document/app/obtain-the-department-list data = {'access_token': access_token, 'id': department_id} current_department_resp_json = requests.get(DINGTALK_DEPARTMENT_GET_DEPARTMENT_URL, params=data).json() current_department_list = [current_department_resp_json] sub_department_resp_json = requests.get(DINGTALK_DEPARTMENT_LIST_DEPARTMENT_URL, params=data).json() sub_department_list = sub_department_resp_json.get('department', []) department_list = current_department_list + sub_department_list department_list = sorted(department_list, key=lambda x:x['id']) # get department user list data = { 'access_token': access_token, 'department_id': department_id, 'offset': 0, 'size': DINGTALK_DEPARTMENT_USER_SIZE, } user_resp_json = requests.get(DINGTALK_DEPARTMENT_GET_DEPARTMENT_USER_LIST_URL, params=data).json() api_user_list = user_resp_json.get('userlist', []) # main success = list() failed = list() department_map_to_group_dict = dict() for index, department_obj in enumerate(department_list): # check department argument new_group_name = department_obj.get('name') department_obj_id = department_obj.get('id') parent_department_id = department_obj.get('parentid', 0) if department_obj_id is None or not new_group_name or not validate_group_name(new_group_name): failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '部门参数错误') failed.append(failed_msg) continue # check parent group if index == 0: parent_group_id = -1 else: parent_group_id = department_map_to_group_dict.get(parent_department_id) if parent_group_id is None: failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '父级部门不存在') failed.append(failed_msg) continue # check department exist exist_department = ExternalDepartment.objects.get_by_provider_and_outer_id( DINGTALK_PROVIDER, department_obj_id) if exist_department: department_map_to_group_dict[department_obj_id] = exist_department.group_id failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '部门已存在') failed.append(failed_msg) continue # import department try: group_id = ccnet_api.create_group( new_group_name, DEPARTMENT_OWNER, parent_group_id=parent_group_id) seafile_api.set_group_quota(group_id, -2) ExternalDepartment.objects.create( group_id=group_id, provider=DINGTALK_PROVIDER, outer_id=department_obj_id, ) department_map_to_group_dict[department_obj_id] = group_id success_msg = self._api_department_success_msg( department_obj_id, new_group_name, group_id) success.append(success_msg) except Exception as e: logger.error(e) failed_msg = self._api_department_failed_msg( department_obj_id, new_group_name, '部门导入失败') failed.append(failed_msg) # todo filter ccnet User database social_auth_queryset = SocialAuthUser.objects.filter(provider='dingtalk') # import api_user for api_user in api_user_list: uid = api_user.get('unionid', '') api_user['contact_email'] = api_user['email'] api_user_name = api_user.get('name') # determine the user exists if social_auth_queryset.filter(uid=uid).exists(): email = social_auth_queryset.get(uid=uid).username else: # create user email = gen_user_virtual_id() try: User.objects.create_user(email) SocialAuthUser.objects.add(email, 'dingtalk', uid) except Exception as e: logger.error(e) failed_msg = self._api_user_failed_msg( '', api_user_name, department_id, '导入用户失败') failed.append(failed_msg) continue # bind user to department api_user_department_list = api_user.get('department') for department_obj_id in api_user_department_list: group_id = department_map_to_group_dict.get(department_obj_id) if group_id is None: # the api_user also exist in the brother department which not import continue if ccnet_api.is_group_user(group_id, email, in_structure=False): failed_msg = self._api_user_failed_msg( email, api_user_name, department_obj_id, '部门成员已存在') failed.append(failed_msg) continue try: ccnet_api.group_add_member(group_id, DEPARTMENT_OWNER, email) success_msg = self._api_user_success_msg( email, api_user_name, department_obj_id, group_id) success.append(success_msg) except Exception as e: logger.error(e) failed_msg = self._api_user_failed_msg( email, api_user_name, department_id, '导入部门成员失败') failed.append(failed_msg) try: update_dingtalk_user_info(email, api_user.get('name'), api_user.get('contact_email'), api_user.get('avatar')) except Exception as e: logger.error(e) return Response({ 'success': success, 'failed': failed, })