def get_group_info(group_id, show_size=False):
group = ccnet_api.get_group(group_id)
isoformat_timestr = timestamp_to_isoformat_timestr(group.timestamp)
group_info = {
"id": group.id,
"name": group.group_name,
"owner": group.creator_name,
"owner_name": email2nickname(group.creator_name),
"created_at": isoformat_timestr,
"quota":
seafile_api.get_group_quota(group_id) if is_pro_version() else 0,
"parent_group_id": group.parent_group_id if is_pro_version() else 0
}
if ccnet_api.is_org_group(group_id):
org_id = ccnet_api.get_org_id_by_group(group_id)
group_info['org_id'] = org_id
if org_id:
org = ccnet_api.get_org_by_id(org_id)
if org:
group_info['org_name'] = org.org_name
if show_size:
owner = '%s@seafile_group' % group_id
workspace = Workspaces.objects.get_workspace_by_owner(owner)
if workspace:
repo = seafile_api.get_repo(workspace.repo_id)
group_info['size'] = repo.size
return group_info
def delete(self, request, group_id, repo_id):
""" Delete a group library.
Permission checking:
1. is group admin;
1. is repo owner;
1. repo is shared to group with `admin` permission;
"""
group_id = int(group_id)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
is_org = False
if is_org_context(request):
is_org = True
group_repo = seafile_api.get_group_shared_repo_by_path(
repo_id, None, group_id, is_org)
if not group_repo:
error_msg = 'Group library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# only group admin or repo owner can delete group repo.
username = request.user.username
repo_owner = get_repo_owner(request, repo_id)
if not is_group_admin(group_id, username) and \
repo_owner != username and \
not is_repo_admin(username, repo_id):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
permission = check_group_share_in_permission(repo_id, group_id, is_org)
if is_org:
org_id = ccnet_api.get_org_id_by_group(group_id)
seafile_api.del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, username)
origin_repo_id = group_repo.origin_repo_id or repo_id
origin_path = group_repo.origin_path or '/'
send_perm_audit_msg('delete-repo-perm', username, group_id,
origin_repo_id, origin_path, permission)
# delete extra share permission
ExtraGroupsSharePermission.objects.delete_share_permission(
repo_id, group_id)
return Response({'success': True})
def delete(self, request, group_id, repo_id):
""" Delete a group library.
Permission checking:
1. is repo owner;
2. is repo admin;
3. is group admin;
"""
group_id = int(group_id)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
is_org = False
if is_org_context(request):
is_org = True
group_repo = seafile_api.get_group_shared_repo_by_path(repo_id,
None, group_id, is_org)
if not group_repo:
error_msg = 'Group library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# only group admin or repo owner can delete group repo.
username = request.user.username
repo_owner = get_repo_owner(request, repo_id)
if not is_group_admin(group_id, username) and \
repo_owner != username and \
not is_repo_admin(username, repo_id):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
permission = check_group_share_in_permission(repo_id, group_id, is_org)
if is_org:
org_id = ccnet_api.get_org_id_by_group(group_id)
seafile_api.del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, username)
origin_repo_id = group_repo.origin_repo_id or repo_id
origin_path = group_repo.origin_path or '/'
send_perm_audit_msg('delete-repo-perm', username, group_id,
origin_repo_id, origin_path, permission)
# delete extra share permission
ExtraGroupsSharePermission.objects.delete_share_permission(repo_id, group_id)
return Response({'success': True})
def address_book_group_to_dict(group):
if isinstance(group, int):
group = ccnet_api.get_group(group)
return {
"org_id": ccnet_api.get_org_id_by_group(group.id),
"id": group.id,
"name": group.group_name,
"owner": group.creator_name,
"created_at": timestamp_to_isoformat_timestr(group.timestamp),
"parent_group_id": group.parent_group_id,
"quota": seafile_api.get_group_quota(group.id),
}
def delete(self, request, group_id):
""" Dismiss a specific group
"""
if not request.user.admin_permissions.can_manage_group():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
return Response({'success': True})
group_owner = group.creator_name
group_name = group.group_name
try:
org_id = ccnet_api.get_org_id_by_group(group_id)
if org_id >= 0:
ccnet_api.remove_org_group(org_id, group_id)
else:
ccnet_api.remove_group(group_id)
seafile_api.remove_group_repos(group_id)
ExtraGroupsSharePermission.objects.filter(
group_id=group_id).delete()
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# send admin operation log signal
admin_op_detail = {
"id": group_id,
"name": group_name,
"owner": group_owner,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=GROUP_DELETE,
detail=admin_op_detail)
return Response({'success': True})
def get(self, request, group_id, format=None):
""" List all group repos
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.can_manage_group():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
repos = seafile_api.get_org_group_repos(org_id, group_id)
else:
org_id = ccnet_api.get_org_id_by_group(group_id)
if org_id != -1:
repos = seafile_api.get_org_group_repos(org_id, group_id)
else:
repos = seafile_api.get_repos_by_group(group_id)
group_repos_info = []
for repo in repos:
repo_info = get_group_repo_info(repo)
group_repos_info.append(repo_info)
group_libraries = {
'group_id': group_id,
'group_name': group.group_name,
'libraries': group_repos_info
}
return Response(group_libraries)
def get_org_id_by_group(group_id):
return ccnet_api.get_org_id_by_group(group_id)
def post(self, request, workspace_id, name):
# arguments check
permission = request.data.get('permission')
if not permission or permission not in (PERMISSION_READ,
PERMISSION_READ_WRITE):
error_msg = 'permission is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group_id = request.data.get('group_id')
if not group_id:
error_msg = 'group_id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
user = request.user
# org check
if is_org_context(request):
org_id = request.user.org.org_id
org_name = request.user.org.org_name
if ccnet_api.get_org_id_by_group(int(group_id)) != org_id:
error_msg = 'Group %s is not an organization %s group.' % (
group_id, org_name)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
if not Workspaces.objects.get_workspace_by_owner('%s@seafile_group' %
(group_id, )):
error_msg = 'Group %s workspace not found.' % (group_id, )
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
workspace = Workspaces.objects.get_workspace_by_id(workspace_id)
if not workspace:
error_msg = 'Workspace %s not found.' % (workspace_id, )
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
dtable = DTables.objects.get_dtable(workspace, name)
if not dtable:
error_msg = 'Table %s not found.' % (name, )
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if '@seafile_group' in workspace.owner and group_id == workspace.owner.split(
'@')[0]:
error_msg = 'Disable to share table to the group which table belongs to.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# permission check
if not check_dtable_admin_permission(user.username, workspace.owner):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
if DTableGroupShare.objects.filter(dtable=dtable,
group_id=group_id).exists():
error_msg = 'table %s already shared to the group.' % (
dtable.name, )
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
dgs = DTableGroupShare.objects.create(dtable=dtable,
group_id=group_id,
permission=permission,
created_by=user.username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error.'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response(
{'dtable_group_share': _get_dtable_group_share_info(dgs)})