def update_user_dir_permission(repo_id, path, owner, share_to, permission, org_id=None): # Update the user's permission(r, rw, admin) in the repo or subdir. extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if org_id: if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, owner, share_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, owner, share_to, permission) else: if path == '/': seafile_api.set_share_permission( repo_id, owner, share_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, owner, share_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission(repo_id, share_to, extra_share_permission)
def update_user_dir_permission(repo_id, path, owner, share_to, permission, org_id=None): # Update the user's permission(r, rw, admin) in the repo or subdir. extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if is_valid_org_id(org_id): if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, owner, share_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, owner, share_to, permission) else: if path == '/': seafile_api.set_share_permission( repo_id, owner, share_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, owner, share_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission(repo_id, share_to, extra_share_permission)
def share_permission_admin(request): """Change repo share permission in ShareAdmin. """ share_type = request.GET.get('share_type', '') content_type = 'application/json; charset=utf-8' form = RepoShareForm(request.POST) form.is_valid() email_or_group = form.cleaned_data['email_or_group'] repo_id = form.cleaned_data['repo_id'] permission = form.cleaned_data['permission'] from_email = request.user.username if share_type == 'personal': if not is_valid_username(email_or_group): return HttpResponse(json.dumps({'success': False}), status=400, content_type=content_type) try: seafile_api.set_share_permission(repo_id, from_email, email_or_group, permission) except SearpcError: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) return HttpResponse(json.dumps({'success': True}), content_type=content_type) elif share_type == 'group': try: seafile_api.set_group_repo_permission(int(email_or_group), repo_id, permission) except SearpcError: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) return HttpResponse(json.dumps({'success': True}), content_type=content_type) elif share_type == 'public': try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_inner_pub_repo( org_id, repo_id, permission) else: seafile_api.add_inner_pub_repo(repo_id, permission) except SearpcError: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) return HttpResponse(json.dumps({'success': True}), content_type=content_type) else: return HttpResponse(json.dumps({'success': False}), status=400, content_type=content_type)
def test_set_share_permission(repo, permission_to_share, permission_to_set): assert api.check_permission(repo.id, USER2) == None api.share_repo(repo.id, USER, USER2, permission_to_share) assert api.check_permission(repo.id, USER2) == permission_to_share api.set_share_permission(repo.id, USER, USER2, permission_to_set) assert api.check_permission(repo.id, USER2) == permission_to_set api.remove_share(repo.id, USER, USER2)
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) permission = request.data.get('permission', 'r') if permission not in ['r', 'rw']: return api_error(status.HTTP_400_BAD_REQUEST, 'permission invalid.') path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: # unlikely to happen return api_error(status.HTTP_404_NOT_FOUND, 'Failed to get sub repo') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Internal Server Error') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_set_share_permission( org_id, shared_repo.id, username, shared_to, permission) else: seafile_api.set_share_permission(shared_repo.id, username, shared_to, permission) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get('group_id') try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid.' % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_404_NOT_FOUND, 'Group %s not found.' % gid) if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, shared_repo.id, permission) else: seafile_api.set_group_repo_permission(gid, shared_repo.id, permission) send_perm_audit_msg('modify-repo-perm', username, gid, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def share_permission_admin(request): """Change repo share permission in ShareAdmin. """ share_type = request.GET.get('share_type', '') content_type = 'application/json; charset=utf-8' form = RepoShareForm(request.POST) form.is_valid() email_or_group = form.cleaned_data['email_or_group'] repo_id = form.cleaned_data['repo_id'] permission = form.cleaned_data['permission'] from_email = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return render_error(request, _(u'Library does not exist')) origin_repo_id, origin_path = get_origin_repo_info(repo.id) if origin_repo_id is not None: perm_repo_id = origin_repo_id perm_path = origin_path else: perm_repo_id = repo.id perm_path = '/' if share_type == 'personal': if not is_valid_username(email_or_group): return HttpResponse(json.dumps({'success': False}), status=400, content_type=content_type) try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_set_share_permission( org_id, repo_id, from_email, email_or_group, permission) else: seafile_api.set_share_permission(repo_id, from_email, email_or_group, permission) send_perm_audit_msg('modify-repo-perm', from_email, \ email_or_group, perm_repo_id, perm_path, permission) except SearpcError: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) return HttpResponse(json.dumps({'success': True}), content_type=content_type) elif share_type == 'group': try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, int(email_or_group), repo_id, permission) else: group_id = int(email_or_group) seafile_api.set_group_repo_permission(group_id, repo_id, permission) send_perm_audit_msg('modify-repo-perm', from_email, \ group_id, perm_repo_id, perm_path, permission) except SearpcError: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) return HttpResponse(json.dumps({'success': True}), content_type=content_type) elif share_type == 'public': try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_inner_pub_repo( org_id, repo_id, permission) else: seafile_api.add_inner_pub_repo(repo_id, permission) send_perm_audit_msg('modify-repo-perm', from_email, 'all', \ perm_repo_id, perm_path, permission) except SearpcError: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) return HttpResponse(json.dumps({'success': True}), content_type=content_type) else: return HttpResponse(json.dumps({'success': False}), status=400, content_type=content_type)
def put(self, request, repo_id, format=None): """ Update permission of a shared repo. Permission checking: 1. Only repo owner can update. """ # argument check permission = request.data.get('permission', None) if permission not in ['r', 'rw']: error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) share_type = request.data.get('share_type', None) if not share_type: error_msg = 'share_type invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if share_type not in ('personal', 'group', 'public'): error_msg = "share_type can only be 'personal' or 'group' or 'public'." return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # recourse check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check username = request.user.username if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo_id) else: repo_owner = seafile_api.get_repo_owner(repo_id) if username != repo_owner: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # update share permission if share_type == 'personal': shared_to = request.data.get('user', None) if not shared_to or not is_valid_username(shared_to): error_msg = 'user invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_set_share_permission( org_id, repo_id, username, shared_to, permission) else: seafile_api.set_share_permission(repo_id, username, shared_to, permission) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, '/', permission) if share_type == 'group': group_id = request.data.get('group_id', None) if not group_id: error_msg = 'group_id invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: group_id = int(group_id) except ValueError: error_msg = 'group_id must be integer.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group = ccnet_api.get_group(group_id) if not group: error_msg = 'Group %s not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, group_id, repo_id, permission) else: seafile_api.set_group_repo_permission( group_id, repo_id, permission) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) send_perm_audit_msg('modify-repo-perm', username, group_id, repo_id, '/', permission) if share_type == 'public': try: if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_inner_pub_repo( org_id, repo_id, permission) else: seafile_api.add_inner_pub_repo(repo_id, permission) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) send_perm_audit_msg('modify-repo-perm', username, 'all', repo_id, '/', permission) return Response({'success': True})
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) permission = request.data.get('permission', PERMISSION_READ) if permission not in [ PERMISSION_READ, PERMISSION_READ_WRITE, PERMISSION_ADMIN ]: return api_error(status.HTTP_400_BAD_REQUEST, 'permission invalid.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) if username != self.get_repo_owner(request, repo_id) and \ ExtraSharePermission.objects.get_user_permission(repo_id, username) != PERMISSION_ADMIN: return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') else: if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') if shared_to_user: try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered') extra_share_permission = "" if permission not in [PERMISSION_READ, PERMISSION_READ_WRITE]: extra_share_permission = permission permission = PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else PERMISSION_READ if is_org_context(request): username = seafile_api.get_org_repo_owner(repo_id) org_id = request.user.org.org_id if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, username, shared_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, username, shared_to, permission) else: username = seafile_api.get_repo_owner(repo_id) if path == '/': seafile_api.set_share_permission(repo_id, username, shared_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, username, shared_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission( repo_id, shared_to, extra_share_permission) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get('group_id') try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid.' % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_404_NOT_FOUND, 'Group %s not found.' % gid) if is_org_context(request): org_id = request.user.org.org_id if path == '/': seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, repo.id, permission) else: seafile_api.org_update_share_subdir_perm_for_group( org_id, repo_id, path, username, gid, permission) else: if path == '/': seafile_api.set_group_repo_permission( gid, repo.id, permission) else: seafile_api.update_share_subdir_perm_for_group( repo_id, path, username, gid, permission) send_perm_audit_msg('modify-repo-perm', username, gid, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def put(self, request, repo_id, path, share_type): """ Update user/group share permission. Permission checking: 1. admin user. """ # argument check permission = request.data.get('permission', None) if not permission or permission not in ('r', 'rw'): error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) share_info = {} share_info['repo_id'] = repo_id share_info['path'] = path share_info['share_type'] = share_type # current `request.user.username` is admin user, # so need to identify the repo owner specifically. repo_owner = seafile_api.get_repo_owner(repo_id) share_to = request.data.get('share_to', None) if share_type == 'user': email = share_to if not email or not is_valid_username(email): error_msg = 'email %s invalid.' % email return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: User.objects.get(email=email) except User.DoesNotExist: error_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: if path == '/': seafile_api.set_share_permission(repo_id, repo_owner, email, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, repo_owner, email, permission) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_perm = seafile_api.check_permission_by_path( repo_id, path, email) share_info['user_email'] = email share_info['user_name'] = email2nickname(email) share_info['permission'] = new_perm if share_type == 'group': group_id = share_to try: group_id = int(group_id) except ValueError: error_msg = 'group_id %s invalid.' % group_id return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group = ccnet_api.get_group(group_id) if not group: error_msg = 'Group %s not found' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: if path == '/': seafile_api.set_group_repo_permission( group_id, repo_id, permission) else: seafile_api.update_share_subdir_perm_for_group( repo_id, path, repo_owner, group_id, permission) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) share_info['group_id'] = group_id share_info['group_name'] = group.group_name share_info['permission'] = permission return Response(share_info)
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) permission = request.data.get('permission', 'r') if permission not in ['r', 'rw']: return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission') path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Bad username.') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_set_share_permission( org_id, shared_repo.id, username, shared_to, permission) else: seafile_api.set_share_permission(shared_repo.id, username, shared_to, permission) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get('group_id') try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id: %s' % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_400_BAD_REQUEST, 'Group not found: %s' % gid) if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, shared_repo.id, permission) else: seafile_api.set_group_repo_permission(gid, shared_repo.id, permission) send_perm_audit_msg('modify-repo-perm', username, gid, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) permission = request.DATA.get('permission', 'r') if permission not in ['r', 'rw']: return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission') path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Bad username.') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_set_share_permission( org_id, shared_repo.id, username, shared_to, permission) else: seafile_api.set_share_permission(shared_repo.id, username, shared_to, permission) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get('group_id') try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id: %s' % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_400_BAD_REQUEST, 'Group not found: %s' % gid) if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, shared_repo.id, permission) else: seafile_api.set_group_repo_permission(gid, shared_repo.id, permission) send_perm_audit_msg('modify-repo-perm', username, gid, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, "Library %s not found." % repo_id) path = request.GET.get("p", "/") if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, "Directory not found.") if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, "Permission denied.") shared_to_user, shared_to_group = self.handle_shared_to_args(request) permission = request.data.get("permission", "r") if permission not in ["r", "rw"]: return api_error(status.HTTP_400_BAD_REQUEST, "permission invalid.") path = request.GET.get("p", "/") if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, "Folder %s not found." % path) if shared_to_user: shared_to = request.GET.get("username") if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, "Email %s invalid." % shared_to) try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, "Invalid user, should be registered") if is_org_context(request): org_id = request.user.org.org_id if path == "/": seafile_api.org_set_share_permission(org_id, repo_id, username, shared_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, username, shared_to, permission ) else: if path == "/": seafile_api.set_share_permission(repo_id, username, shared_to, permission) else: seafile_api.update_share_subdir_perm_for_user(repo_id, path, username, shared_to, permission) send_perm_audit_msg("modify-repo-perm", username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get("group_id") try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, "group_id %s invalid." % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_404_NOT_FOUND, "Group %s not found." % gid) if is_org_context(request): org_id = request.user.org.org_id if path == "/": seaserv.seafserv_threaded_rpc.set_org_group_repo_permission(org_id, gid, repo.id, permission) else: seafile_api.org_update_share_subdir_perm_for_group(org_id, repo_id, path, username, gid, permission) else: if path == "/": seafile_api.set_group_repo_permission(gid, repo.id, permission) else: seafile_api.update_share_subdir_perm_for_group(repo_id, path, username, gid, permission) send_perm_audit_msg("modify-repo-perm", username, gid, repo_id, path, permission) return HttpResponse(json.dumps({"success": True}), status=200, content_type=json_content_type)