def list_user_shared_items(self, request, repo_id, path): if is_org_context(request): # when calling seafile API to share authority related functions, change the uesrname to repo owner. repo_owner = seafile_api.get_org_repo_owner(repo_id) org_id = request.user.org.org_id if path == '/': share_items = seafile_api.list_org_repo_shared_to(org_id, repo_owner, repo_id) else: share_items = seafile_api.get_org_shared_users_for_subdir(org_id, repo_id, path, repo_owner) else: repo_owner = seafile_api.get_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id) else: share_items = seafile_api.get_shared_users_for_subdir(repo_id, path, repo_owner) # change is_admin to True if user is repo admin. admin_users = ExtraSharePermission.objects.get_admin_users_by_repo(repo_id) ret = [] for item in share_items: ret.append({ "share_type": "user", "user_info": { "name": item.user, "nickname": email2nickname(item.user), }, "permission": item.perm, "is_admin": item.user in admin_users }) return ret
def get_related_users_by_repo(repo_id, org_id=None): """ Return all users who can view this library. 1. repo owner 2. users repo has been shared to 3. members of groups repo has been shared to """ users = [] if org_id: repo_owner = seafile_api.get_org_repo_owner(repo_id) user_shared_to = seafile_api.list_org_repo_shared_to(org_id, repo_owner, repo_id) else: repo_owner = seafile_api.get_repo_owner(repo_id) user_shared_to = seafile_api.list_repo_shared_to( repo_owner, repo_id) # 1. repo owner users.append(repo_owner) # 2. users repo has been shared to for user in user_shared_to: users.append(user.user) # 3. members of groups repo has been shared to groups = get_shared_groups_by_repo(repo_id, org_id) for group in groups: members = ccnet_api.get_group_members(group.id) for member in members: if member.user_name not in users: users.append(member.user_name) return users
def test_share_repo_to_user(repo, permission): assert api.check_permission(repo.id, USER) == 'rw' assert api.check_permission(repo.id, USER2) is None assert api.repo_has_been_shared(repo.id) == False api.share_repo(repo.id, USER, USER2, permission) assert api.check_permission(repo.id, USER2) == permission assert api.repo_has_been_shared(repo.id) repos = api.get_share_in_repo_list(USER2, 0, 1) assert_repo_with_permission(repo, repos, permission) repos = api.get_share_out_repo_list(USER, 0, 1) assert_repo_with_permission(repo, repos, permission) users = api.list_repo_shared_to(USER, repo.id) assert len(users) == 1 assert users[0].repo_id == repo.id assert users[0].user == USER2 assert users[0].perm == permission api.remove_share(repo.id, USER, USER2) assert api.check_permission(repo.id, USER2) is None
def list_user_shared_items(self, request, repo_id, path): username = request.user.username if is_org_context(request): org_id = request.user.org.org_id if path == '/': share_items = seafile_api.list_org_repo_shared_to(org_id, username, repo_id) else: share_items = seafile_api.get_org_shared_users_for_subdir(org_id, repo_id, path, username) else: if path == '/': share_items = seafile_api.list_repo_shared_to(username, repo_id) else: share_items = seafile_api.get_shared_users_for_subdir(repo_id, path, username) ret = [] for item in share_items: ret.append({ "share_type": "user", "user_info": { "name": item.user, "nickname": email2nickname(item.user), }, "permission": item.perm, }) return ret
def get_repo_shared_users(repo_id, repo_owner, include_groups=True): """Return a list contains users and group users. Repo owner is ommited. """ ret = [] users = seafile_api.list_repo_shared_to(repo_owner, repo_id) ret += [x.user for x in users] if include_groups: for e in seafile_api.list_repo_shared_group_by_user(repo_owner, repo_id): g_members = seaserv.get_group_members(e.group_id) ret += [x.user_name for x in g_members if x.user_name != repo_owner] return list(set(ret))
def get_repo_shared_to_users(self, request, repo_id): username = request.user.username if is_org_context(request): org_id = request.user.org.org_id share_items = seafile_api.list_org_repo_shared_to(org_id, username, repo_id) else: share_items = seafile_api.list_repo_shared_to(username, repo_id) ret = [] for item in share_items: ret.append(item.user) return ret
def get_repo_shared_to_users(self, request, repo_id): username = request.user.username if is_org_context(request): org_id = request.user.org.org_id share_items = seafile_api.list_org_repo_shared_to( org_id, username, repo_id) else: share_items = seafile_api.list_repo_shared_to(username, repo_id) ret = [] for item in share_items: ret.append(item.user) return ret
def has_shared_to_user(repo_id, path, username, org_id=None): if is_valid_org_id(org_id): # when calling seafile API to share authority related functions, change the uesrname to repo owner. repo_owner = seafile_api.get_org_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_org_repo_shared_to( org_id, repo_owner, repo_id) else: share_items = seafile_api.get_org_shared_users_for_subdir( org_id, repo_id, path, repo_owner) else: repo_owner = seafile_api.get_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id) else: share_items = seafile_api.get_shared_users_for_subdir( repo_id, path, repo_owner) return username in [item.user for item in share_items]
def get_shared_users_by_repo_path(self, repo_id, repo_owner, path='/', org_id=None): """ Get user list this repo/folder is shared to. Return: a list of SharedUser objects (lib/repo.vala) """ if is_valid_org_id(org_id): if path == '/': return seafile_api.list_org_repo_shared_to( org_id, repo_owner, repo_id) else: return seafile_api.get_org_shared_users_for_subdir( org_id, repo_id, path, repo_owner) else: if path == '/': return seafile_api.list_repo_shared_to(repo_owner, repo_id) else: return seafile_api.get_shared_users_for_subdir( repo_id, path, repo_owner)
def show_share_info(user, show_groupmembers=False): shared_repos = seafile_api.get_share_out_repo_list(user, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(user) shown_repos = set() if show_groupmembers: groups = {} for repo in shared_repos: if repo.repo_id in shown_repos: continue shown_repos.add(repo.repo_id) if repo.is_virtual: print("Folder %s of Repo %s, shared to:" % (repo.origin_path, repo.origin_repo_id)) else: print("Repo %s (%s), shared to:" % (repo.repo_id, repo.name)) sgroups = seafile_api.list_repo_shared_group(user, repo.repo_id) print("groups:") for sgroup in sgroups: print("%s (%d), %s" % (ccnet_api.get_group( sgroup.group_id).group_name, sgroup.group_id, sgroup.perm)) if show_groupmembers: groups[sgroup.group_id] = sgroup susers = seafile_api.list_repo_shared_to(user, repo.repo_id) print("users:") for suser in susers: print("%s, %s" % (suser.user, suser.perm)) print("\n") if show_groupmembers: print("\ngroup memberships:") for group in groups.values(): print("group %s (%d):" % (ccnet_api.get_group( group.group_id).group_name, group.group_id)) gusers = ccnet_api.get_group_members(group.group_id) for guser in gusers: print("%s" % (guser.user_name)) print("")
def list_user_shared_items(self, request, repo_id, path): repo_owner = seafile_api.get_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id) else: share_items = seafile_api.get_shared_users_for_subdir(repo_id, path, repo_owner) ret = [] for item in share_items: email = item.user ret.append({ "user_email": email, "user_name": email2nickname(email), "user_contact_email": email2contact_email(email), "permission": item.perm }) return ret
def has_shared_to_user(repo_id, path, username, org_id=None): if is_valid_org_id(org_id): # when calling seafile API to share authority related functions, change the uesrname to repo owner. repo_owner = seafile_api.get_org_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_org_repo_shared_to(org_id, repo_owner, repo_id) else: share_items = seafile_api.get_org_shared_users_for_subdir(org_id, repo_id, path, repo_owner) else: repo_owner = seafile_api.get_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id) else: share_items = seafile_api.get_shared_users_for_subdir(repo_id, path, repo_owner) return username in [item.user for item in share_items]
def get(self, request, repo_id): """ Return repo share info Permission checking: 1. all authenticated user can perform this action. """ # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check permission = check_folder_permission(request, repo_id, '/') if not permission: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if is_org_context(request): org_id = request.user.org.org_id repo_owner = seafile_api.get_org_repo_owner(org_id, repo_id) shared_users = seafile_api.list_org_repo_shared_to( repo_owner, repo_id) shared_groups = seafile_api.list_org_repo_shared_group( org_id, repo_owner, repo_id) else: repo_owner = seafile_api.get_repo_owner(repo_id) shared_users = seafile_api.list_repo_shared_to(repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) result = { "shared_user_emails": [item.user for item in shared_users], "shared_group_ids": [item.group_id for item in shared_groups], } return Response(result)
def test_user_management(repo): email1 = '%s@%s.com' % (randstring(6), randstring(6)) email2 = '%s@%s.com' % (randstring(6), randstring(6)) passwd1 = 'randstring(6)' passwd2 = 'randstring(6)' ccnet_api.add_emailuser(email1, passwd1, 1, 1) ccnet_api.add_emailuser(email2, passwd2, 0, 0) ccnet_email1 = ccnet_api.get_emailuser(email1) ccnet_email2 = ccnet_api.get_emailuser(email2) assert ccnet_email1.is_active == True assert ccnet_email1.is_staff == True assert ccnet_email2.is_active == False assert ccnet_email2.is_staff == False assert ccnet_api.validate_emailuser(email1, passwd1) == 0 assert ccnet_api.validate_emailuser(email2, passwd2) == 0 users = ccnet_api.search_emailusers('DB', email1, -1, -1) assert len(users) == 1 user_ccnet = users[0] assert user_ccnet.email == email1 user_counts = ccnet_api.count_emailusers('DB') user_numbers = ccnet_api.get_emailusers('DB', -1, -1) ccnet_api.update_emailuser('DB', ccnet_email2.id, passwd2, 1, 1) email2_new = ccnet_api.get_emailuser(email2) assert email2_new.is_active == True assert email2_new.is_staff == True #test group when update user id id1 = ccnet_api.create_group('group1', email1, parent_group_id=-1) assert id1 != -1 group1 = ccnet_api.get_group(id1) assert group1.parent_group_id == -1 # test shared repo when update user id api.share_repo(repo.id, USER, email1, "rw") assert api.repo_has_been_shared(repo.id) new_email1 = '%s@%s.com' % (randstring(6), randstring(6)) assert ccnet_api.update_emailuser_id(email1, new_email1) == 0 shared_users = api.list_repo_shared_to(USER, repo.id) assert len(shared_users) == 1 assert shared_users[0].repo_id == repo.id assert shared_users[0].user == new_email1 assert shared_users[0].perm == "rw" api.remove_share(repo.id, USER, new_email1) email1_groups = ccnet_api.get_groups(new_email1) assert len(email1_groups) == 1 assert email1_groups[0].id == id1 rm1 = ccnet_api.remove_group(id1) assert rm1 == 0 ccnet_api.remove_emailuser('DB', new_email1) ccnet_api.remove_emailuser('DB', email2)
def put(self, request, repo_id, format=None): """ transfer a library Permission checking: 1. only admin can perform this action. """ repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) new_owner = request.data.get('owner', None) if not new_owner: error_msg = 'owner invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if MULTI_TENANCY: try: if seafserv_threaded_rpc.get_org_id_by_repo_id(repo_id) > 0: error_msg = 'Can not transfer organization library.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if ccnet_api.get_orgs_by_user(new_owner): error_msg = 'Can not transfer library to organization user %s' % new_owner return api_error(status.HTTP_403_FORBIDDEN, error_msg) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) repo_owner = seafile_api.get_repo_owner(repo_id) # get repo shared to user/group list shared_users = seafile_api.list_repo_shared_to( repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) # get all pub repos pub_repos = [] if not request.cloud_mode: pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) # transfer repo seafile_api.set_repo_owner(repo_id, new_owner) # reshare repo to user for shared_user in shared_users: shared_username = shared_user.user if new_owner == shared_username: continue seafile_api.share_repo(repo_id, new_owner, shared_username, shared_user.perm) # reshare repo to group for shared_group in shared_groups: shared_group_id = shared_group.group_id if not ccnet_api.is_group_user(shared_group_id, new_owner): continue seafile_api.set_group_repo(repo_id, shared_group_id, new_owner, shared_group.perm) # check if current repo is pub-repo # if YES, reshare current repo to public for pub_repo in pub_repos: if repo_id != pub_repo.id: continue seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission) break repo = seafile_api.get_repo(repo_id) repo_info = get_repo_info(repo) return Response(repo_info)
def get(self, request, repo, path, share_type): """ List user/group shares Permission checking: 1. admin user. """ result = [] # current `request.user.username` is admin user, # so need to identify the repo owner specifically. repo_owner = seafile_api.get_repo_owner(repo.repo_id) if share_type == 'user': try: if path == '/': share_items = seafile_api.list_repo_shared_to( repo_owner, repo.repo_id) else: share_items = seafile_api.get_shared_users_for_subdir( repo.repo_id, path, repo_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) admin_users = ExtraSharePermission.objects.get_admin_users_by_repo( repo.repo_id) for share_item in share_items: user_email = share_item.user user_name = email2nickname(user_email) if user_email else '--' share_info = {} share_info['repo_id'] = repo.repo_id share_info['path'] = path share_info['share_type'] = share_type share_info['user_email'] = user_email share_info['user_name'] = user_name share_info['permission'] = share_item.perm share_info['is_admin'] = user_email in admin_users result.append(share_info) if share_type == 'group': try: if path == '/': share_items = seafile_api.list_repo_shared_group_by_user( repo_owner, repo.repo_id) else: share_items = seafile_api.get_shared_groups_for_subdir( repo.repo_id, path, repo_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) admin_groups = ExtraGroupsSharePermission.objects.get_admin_groups_by_repo( repo.repo_id) for share_item in share_items: group_id = share_item.group_id group = ccnet_api.get_group(group_id) group_name = group.group_name if group else '--' share_info = {} share_info['repo_id'] = repo.repo_id share_info['path'] = path share_info['share_type'] = share_type share_info['group_id'] = group_id share_info['group_name'] = group_name share_info['permission'] = share_item.perm share_info['is_admin'] = group_id in admin_groups result.append(share_info) return Response(result)
def put(self, request, repo_id, format=None): """ update a library status, transfer a library, rename a library Permission checking: 1. only admin can perform this action. """ # argument check new_status = request.data.get('status', None) if new_status: if new_status not in ('normal', 'read-only'): error_msg = 'status invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) new_repo_name = request.data.get('name', None) if new_repo_name: if not is_valid_dirent_name(new_repo_name): error_msg = 'name invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) new_owner = request.data.get('owner', None) if new_owner: if not is_valid_email(new_owner): error_msg = 'owner invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) if new_status: try: seafile_api.set_repo_status(repo_id, normalize_repo_status_str(new_status)) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if new_repo_name: try: res = seafile_api.edit_repo(repo_id, new_repo_name, '', None) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if res == -1: e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \ repo_id logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if new_owner: try: new_owner_obj = User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if not new_owner_obj.permissions.can_add_repo(): error_msg = _('Transfer failed: role of %s is %s, can not add library.') % \ (new_owner, new_owner_obj.role) return api_error(status.HTTP_403_FORBIDDEN, error_msg) if MULTI_TENANCY: try: if seafile_api.get_org_id_by_repo_id(repo_id) > 0: error_msg = 'Can not transfer organization library.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if ccnet_api.get_orgs_by_user(new_owner): error_msg = 'Can not transfer library to organization user %s' % new_owner return api_error(status.HTTP_403_FORBIDDEN, error_msg) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) repo_owner = seafile_api.get_repo_owner(repo_id) if new_owner == repo_owner: error_msg = _("Library can not be transferred to owner.") return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # get repo shared to user/group list shared_users = seafile_api.list_repo_shared_to( repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) # get all pub repos pub_repos = [] if not request.cloud_mode: pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) # transfer repo seafile_api.set_repo_owner(repo_id, new_owner) # reshare repo to user for shared_user in shared_users: shared_username = shared_user.user if new_owner == shared_username: continue seafile_api.share_repo(repo_id, new_owner, shared_username, shared_user.perm) # reshare repo to group for shared_group in shared_groups: shared_group_id = shared_group.group_id if not is_group_member(shared_group_id, new_owner): continue seafile_api.set_group_repo(repo_id, shared_group_id, new_owner, shared_group.perm) # reshare repo to links try: UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # check if current repo is pub-repo # if YES, reshare current repo to public for pub_repo in pub_repos: if repo_id != pub_repo.id: continue seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission) break # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo.name, "from": repo_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_TRANSFER, detail=admin_op_detail) repo = seafile_api.get_repo(repo_id) repo_info = get_repo_info(repo) return Response(repo_info)
def put(self, request, repo_id, format=None): """ transfer a library Permission checking: 1. only admin can perform this action. """ repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) new_owner = request.data.get('owner', None) if not new_owner: error_msg = 'owner invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: new_owner_obj = User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if not new_owner_obj.permissions.can_add_repo(): error_msg = 'Transfer failed: role of %s is %s, can not add library.' % \ (new_owner, new_owner_obj.role) return api_error(status.HTTP_403_FORBIDDEN, error_msg) if MULTI_TENANCY: try: if seafserv_threaded_rpc.get_org_id_by_repo_id(repo_id) > 0: error_msg = 'Can not transfer organization library.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if ccnet_api.get_orgs_by_user(new_owner): error_msg = 'Can not transfer library to organization user %s' % new_owner return api_error(status.HTTP_403_FORBIDDEN, error_msg) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) repo_owner = seafile_api.get_repo_owner(repo_id) # get repo shared to user/group list shared_users = seafile_api.list_repo_shared_to(repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) # get all pub repos pub_repos = [] if not request.cloud_mode: pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) # transfer repo seafile_api.set_repo_owner(repo_id, new_owner) # reshare repo to user for shared_user in shared_users: shared_username = shared_user.user if new_owner == shared_username: continue seafile_api.share_repo(repo_id, new_owner, shared_username, shared_user.perm) # reshare repo to group for shared_group in shared_groups: shared_group_id = shared_group.group_id if not ccnet_api.is_group_user(shared_group_id, new_owner): continue seafile_api.set_group_repo(repo_id, shared_group_id, new_owner, shared_group.perm) # check if current repo is pub-repo # if YES, reshare current repo to public for pub_repo in pub_repos: if repo_id != pub_repo.id: continue seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission) break # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo.name, "from": repo_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_TRANSFER, detail=admin_op_detail) repo = seafile_api.get_repo(repo_id) repo_info = get_repo_info(repo) return Response(repo_info)
def put(self, request, repo_id, format=None): """ transfer a library, rename a library Permission checking: 1. only admin can perform this action. """ repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) new_repo_name = request.data.get('name', None) if new_repo_name: try: res = seafile_api.edit_repo(repo_id, new_repo_name, '', None) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if res == -1: e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \ repo_id logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_owner = request.data.get('owner', None) if new_owner: try: new_owner_obj = User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if not new_owner_obj.permissions.can_add_repo(): error_msg = _(u'Transfer failed: role of %s is %s, can not add library.') % \ (new_owner, new_owner_obj.role) return api_error(status.HTTP_403_FORBIDDEN, error_msg) if MULTI_TENANCY: try: if seafile_api.get_org_id_by_repo_id(repo_id) > 0: error_msg = 'Can not transfer organization library.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if ccnet_api.get_orgs_by_user(new_owner): error_msg = 'Can not transfer library to organization user %s' % new_owner return api_error(status.HTTP_403_FORBIDDEN, error_msg) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) repo_owner = seafile_api.get_repo_owner(repo_id) if new_owner == repo_owner: error_msg = _(u"Library can not be transferred to owner.") return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # get repo shared to user/group list shared_users = seafile_api.list_repo_shared_to( repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) # get all pub repos pub_repos = [] if not request.cloud_mode: pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) # transfer repo seafile_api.set_repo_owner(repo_id, new_owner) # reshare repo to user for shared_user in shared_users: shared_username = shared_user.user if new_owner == shared_username: continue seafile_api.share_repo(repo_id, new_owner, shared_username, shared_user.perm) # reshare repo to group for shared_group in shared_groups: shared_group_id = shared_group.group_id if not is_group_member(shared_group_id, new_owner): continue seafile_api.set_group_repo(repo_id, shared_group_id, new_owner, shared_group.perm) # reshare repo to links try: UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # check if current repo is pub-repo # if YES, reshare current repo to public for pub_repo in pub_repos: if repo_id != pub_repo.id: continue seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission) break # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo.name, "from": repo_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_TRANSFER, detail=admin_op_detail) repo = seafile_api.get_repo(repo_id) repo_info = get_repo_info(repo) return Response(repo_info)
def list_lib_dir(request, repo_id): ''' New ajax API for list library directory ''' content_type = 'application/json; charset=utf-8' result = {} repo = get_repo(repo_id) if not repo: err_msg = _(u'Library does not exist.') return HttpResponse(json.dumps({'error': err_msg}), status=400, content_type=content_type) username = request.user.username path = request.GET.get('p', '/') if path[-1] != '/': path = path + '/' # perm for current dir user_perm = check_folder_permission(request, repo.id, path) if user_perm is None: err_msg = _(u'Permission denied.') return HttpResponse(json.dumps({'error': err_msg}), status=403, content_type=content_type) if repo.encrypted \ and not seafile_api.is_password_set(repo.id, username): err_msg = _(u'Library is encrypted.') return HttpResponse(json.dumps({'error': err_msg, 'lib_need_decrypt': True}), status=403, content_type=content_type) head_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id) if not head_commit: err_msg = _(u'Error: no head commit id') return HttpResponse(json.dumps({'error': err_msg}), status=500, content_type=content_type) dir_list = [] file_list = [] try: dir_id = seafile_api.get_dir_id_by_path(repo.id, path) except SearpcError as e: logger.error(e) err_msg = 'Internal Server Error' return HttpResponse(json.dumps({'error': err_msg}), status=500, content_type=content_type) if not dir_id: err_msg = 'Folder not found.' return HttpResponse(json.dumps({'error': err_msg}), status=404, content_type=content_type) dirs = seafserv_threaded_rpc.list_dir_with_perm(repo_id, path, dir_id, username, -1, -1) starred_files = get_dir_starred_files(username, repo_id, path) for dirent in dirs: dirent.last_modified = dirent.mtime if stat.S_ISDIR(dirent.mode): dpath = posixpath.join(path, dirent.obj_name) if dpath[-1] != '/': dpath += '/' dir_list.append(dirent) else: if repo.version == 0: file_size = seafile_api.get_file_size(repo.store_id, repo.version, dirent.obj_id) else: file_size = dirent.size dirent.file_size = file_size if file_size else 0 dirent.starred = False fpath = posixpath.join(path, dirent.obj_name) if fpath in starred_files: dirent.starred = True file_list.append(dirent) if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo.id) else: repo_owner = seafile_api.get_repo_owner(repo.id) result["is_repo_owner"] = False result["has_been_shared_out"] = False if repo_owner == username: result["is_repo_owner"] = True try: if is_org_context(request): org_id = request.user.org.org_id is_inner_org_pub_repo = False # check if current repo is pub-repo org_pub_repos = seafile_api.list_org_inner_pub_repos_by_owner( org_id, username) for org_pub_repo in org_pub_repos: if repo_id == org_pub_repo.id: is_inner_org_pub_repo = True break if seafile_api.list_org_repo_shared_group(org_id, username, repo_id) or \ seafile_api.list_org_repo_shared_to(org_id, username, repo_id) or \ is_inner_org_pub_repo: result["has_been_shared_out"] = True else: if seafile_api.list_repo_shared_to(username, repo_id) or \ seafile_api.list_repo_shared_group_by_user(username, repo_id) or \ (not request.cloud_mode and seafile_api.is_inner_pub_repo(repo_id)): result["has_been_shared_out"] = True except Exception as e: logger.error(e) result["is_virtual"] = repo.is_virtual result["repo_name"] = repo.name result["user_perm"] = user_perm # check quota for fileupload result["no_quota"] = True if seaserv.check_quota(repo.id) < 0 else False result["encrypted"] = repo.encrypted dirent_list = [] for d in dir_list: d_ = {} d_['is_dir'] = True d_['obj_name'] = d.obj_name d_['last_modified'] = d.last_modified d_['last_update'] = translate_seahub_time(d.last_modified) d_['p_dpath'] = posixpath.join(path, d.obj_name) d_['perm'] = d.permission # perm for sub dir in current dir dirent_list.append(d_) size = int(request.GET.get('thumbnail_size', THUMBNAIL_DEFAULT_SIZE)) for f in file_list: f_ = {} f_['is_file'] = True f_['file_icon'] = file_icon_filter(f.obj_name) f_['obj_name'] = f.obj_name f_['last_modified'] = f.last_modified f_['last_update'] = translate_seahub_time(f.last_modified) f_['starred'] = f.starred f_['file_size'] = filesizeformat(f.file_size) f_['obj_id'] = f.obj_id f_['perm'] = f.permission # perm for file in current dir file_type, file_ext = get_file_type_and_ext(f.obj_name) if file_type == IMAGE: f_['is_img'] = True if not repo.encrypted and ENABLE_THUMBNAIL and \ os.path.exists(os.path.join(THUMBNAIL_ROOT, str(size), f.obj_id)): file_path = posixpath.join(path, f.obj_name) src = get_thumbnail_src(repo_id, size, file_path) f_['encoded_thumbnail_src'] = urlquote(src) if is_pro_version(): f_['is_locked'] = True if f.is_locked else False f_['lock_owner'] = f.lock_owner f_['lock_owner_name'] = email2nickname(f.lock_owner) if username == f.lock_owner: f_['locked_by_me'] = True else: f_['locked_by_me'] = False dirent_list.append(f_) result["dirent_list"] = dirent_list return HttpResponse(json.dumps(result), content_type=content_type)
def get(self, request, repo, path, share_type): """ List user/group shares Permission checking: 1. admin user. """ result = [] # current `request.user.username` is admin user, # so need to identify the repo owner specifically. repo_owner = seafile_api.get_repo_owner(repo.repo_id) if share_type == 'user': try: if path == '/': share_items = seafile_api.list_repo_shared_to( repo_owner, repo.repo_id) else: share_items = seafile_api.get_shared_users_for_subdir( repo.repo_id, path, repo_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) admin_users = ExtraSharePermission.objects.get_admin_users_by_repo(repo.repo_id) for share_item in share_items: user_email = share_item.user user_name = email2nickname(user_email) if user_email else '--' share_info = {} share_info['repo_id'] = repo.repo_id share_info['path'] = path share_info['share_type'] = share_type share_info['user_email'] = user_email share_info['user_name'] = user_name share_info['permission'] = share_item.perm share_info['is_admin'] = user_email in admin_users result.append(share_info) if share_type == 'group': try: if path == '/': share_items = seafile_api.list_repo_shared_group_by_user( repo_owner, repo.repo_id) else: share_items = seafile_api.get_shared_groups_for_subdir( repo.repo_id, path, repo_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) admin_groups = ExtraGroupsSharePermission.objects.get_admin_groups_by_repo(repo.repo_id) for share_item in share_items: group_id = share_item.group_id group = ccnet_api.get_group(group_id) group_name = group.group_name if group else '--' share_info = {} share_info['repo_id'] = repo.repo_id share_info['path'] = path share_info['share_type'] = share_type share_info['group_id'] = group_id share_info['group_name'] = group_name share_info['permission'] = share_item.perm share_info['is_admin'] = group_id in admin_groups result.append(share_info) return Response(result)