def unsetinnerpub(request, repo_id):
"""Unshare repos in organization or in share admin page.
Only system admin, organization admin or repo owner can perform this op.
"""
repo = get_repo(repo_id)
perm = request.GET.get('permission', None)
if perm is None:
return render_error(request, _(u'Argument is not valid'))
if not repo:
messages.error(
request, _('Failed to unshare the library, as it does not exist.'))
return HttpResponseRedirect(reverse('share_admin'))
# permission check
username = request.user.username
if is_org_context(request):
org_id = request.user.org.org_id
repo_owner = seafile_api.get_org_repo_owner(repo.id)
is_repo_owner = True if repo_owner == username else False
if not (request.user.org.is_staff or is_repo_owner):
raise Http404
else:
repo_owner = seafile_api.get_repo_owner(repo.id)
is_repo_owner = True if repo_owner == username else False
if not (request.user.is_staff or is_repo_owner):
raise Http404
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(
org_id, repo.id)
else:
seaserv.unset_inner_pub_repo(repo.id)
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
send_perm_audit_msg('delete-repo-perm', username, 'all',
perm_repo_id, perm_path, perm)
messages.success(request, _('Unshare "%s" successfully.') % repo.name)
except SearpcError:
messages.error(request, _('Failed to unshare "%s".') % repo.name)
referer = request.META.get('HTTP_REFERER', None)
next = settings.SITE_ROOT if referer is None else referer
return HttpResponseRedirect(next)
def unsetinnerpub(request, repo_id):
"""Unshare repos in organization or in share admin page.
Only system admin, organization admin or repo owner can perform this op.
"""
repo = get_repo(repo_id)
perm = request.GET.get('permission', None)
if perm is None:
return render_error(request, _(u'Argument is not valid'))
if not repo:
messages.error(request, _('Failed to unshare the library, as it does not exist.'))
return HttpResponseRedirect(reverse('share_admin'))
# permission check
username = request.user.username
if is_org_context(request):
org_id = request.user.org.org_id
repo_owner = seafile_api.get_org_repo_owner(repo.id)
is_repo_owner = True if repo_owner == username else False
if not (request.user.org.is_staff or is_repo_owner):
raise Http404
else:
repo_owner = seafile_api.get_repo_owner(repo.id)
is_repo_owner = True if repo_owner == username else False
if not (request.user.is_staff or is_repo_owner):
raise Http404
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(org_id,
repo.id)
else:
seaserv.unset_inner_pub_repo(repo.id)
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
send_perm_audit_msg('delete-repo-perm', username, 'all',
perm_repo_id, perm_path, perm)
messages.success(request, _('Unshare "%s" successfully.') % repo.name)
except SearpcError:
messages.error(request, _('Failed to unshare "%s".') % repo.name)
referer = request.META.get('HTTP_REFERER', None)
next = settings.SITE_ROOT if referer is None else referer
return HttpResponseRedirect(next)
def share_permission_admin(request):
"""Change repo share permission in ShareAdmin.
"""
share_type = request.GET.get('share_type', '')
content_type = 'application/json; charset=utf-8'
form = RepoShareForm(request.POST)
form.is_valid()
email_or_group = form.cleaned_data['email_or_group']
repo_id = form.cleaned_data['repo_id']
permission = form.cleaned_data['permission']
from_email = request.user.username
repo = seafile_api.get_repo(repo_id)
if not repo:
return render_error(request, _(u'Library does not exist'))
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
if share_type == 'personal':
if not is_valid_username(email_or_group):
return HttpResponse(json.dumps({'success': False}),
status=400,
content_type=content_type)
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.org_set_share_permission(
org_id, repo_id, from_email, email_or_group, permission)
else:
seafile_api.set_share_permission(repo_id, from_email,
email_or_group, permission)
send_perm_audit_msg('modify-repo-perm', from_email, \
email_or_group, perm_repo_id, perm_path, permission)
except SearpcError:
return HttpResponse(json.dumps({'success': False}),
status=500,
content_type=content_type)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
elif share_type == 'group':
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.set_org_group_repo_permission(
org_id, int(email_or_group), repo_id, permission)
else:
group_id = int(email_or_group)
seafile_api.set_group_repo_permission(group_id, repo_id,
permission)
send_perm_audit_msg('modify-repo-perm', from_email, \
group_id, perm_repo_id, perm_path, permission)
except SearpcError:
return HttpResponse(json.dumps({'success': False}),
status=500,
content_type=content_type)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
elif share_type == 'public':
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.set_org_inner_pub_repo(
org_id, repo_id, permission)
else:
seafile_api.add_inner_pub_repo(repo_id, permission)
send_perm_audit_msg('modify-repo-perm', from_email, 'all', \
perm_repo_id, perm_path, permission)
except SearpcError:
return HttpResponse(json.dumps({'success': False}),
status=500,
content_type=content_type)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
else:
return HttpResponse(json.dumps({'success': False}),
status=400,
content_type=content_type)
def repo_remove_share(request):
"""
If repo is shared from one person to another person, only these two person
can remove share.
If repo is shared from one person to a group, then only the one share the
repo and group staff can remove share.
"""
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid', '')
from_email = request.GET.get('from', '')
perm = request.GET.get('permission', None)
if not is_valid_username(from_email) or perm is None:
return render_error(request, _(u'Argument is not valid'))
username = request.user.username
repo = seafile_api.get_repo(repo_id)
if not repo:
return render_error(request, _(u'Library does not exist'))
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
to_email = request.GET.get('to', '')
if not is_valid_username(to_email):
return render_error(request, _(u'Argument is not valid'))
if username != from_email and username != to_email:
return render_permission_error(request,
_(u'Failed to remove share'))
if is_org_context(request):
org_id = request.user.org.org_id
org_remove_share(org_id, repo_id, from_email, to_email)
else:
seaserv.remove_share(repo_id, from_email, to_email)
send_perm_audit_msg('delete-repo-perm', from_email, to_email, \
perm_repo_id, perm_path, perm)
else:
try:
group_id = int(group_id)
except:
return render_error(request, _(u'group id is not valid'))
group = seaserv.get_group(group_id)
if not group:
return render_error(
request, _(u"Failed to unshare: the group doesn't exist."))
if not seaserv.check_group_staff(group_id, username) \
and username != from_email:
return render_permission_error(request,
_(u'Failed to remove share'))
if is_org_group(group_id):
org_id = get_org_id_by_group(group_id)
del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
send_perm_audit_msg('delete-repo-perm', from_email, group_id, \
perm_repo_id, perm_path, perm)
messages.success(request, _('Successfully removed share'))
next = request.META.get('HTTP_REFERER', SITE_ROOT)
return HttpResponseRedirect(next)
def share_repo(request):
"""
Handle POST method to share a repo to public/groups/users based on form
data. Return to ``myhome`` page and notify user whether success or failure.
"""
next = request.META.get('HTTP_REFERER', None)
if not next:
next = SITE_ROOT
form = RepoShareForm(request.POST)
if not form.is_valid():
# TODO: may display error msg on form
raise Http404
email_or_group = form.cleaned_data['email_or_group']
repo_id = form.cleaned_data['repo_id']
permission = form.cleaned_data['permission']
repo = seafile_api.get_repo(repo_id)
if not repo:
raise Http404
# Test whether user is the repo owner.
username = request.user.username
if not seafile_api.is_repo_owner(username, repo_id) and \
not is_org_repo_owner(username, repo_id):
msg = _(u'Only the owner of the library has permission to share it.')
messages.error(request, msg)
return HttpResponseRedirect(next)
# Parsing input values.
share_to_all, share_to_groups, share_to_users = False, [], []
user_groups = request.user.joined_groups
share_to_list = string2list(email_or_group)
for share_to in share_to_list:
if share_to == 'all':
share_to_all = True
elif share_to.find('@') == -1:
for user_group in user_groups:
if user_group.group_name == share_to:
share_to_groups.append(user_group)
else:
share_to = share_to.lower()
if is_valid_username(share_to):
share_to_users.append(share_to)
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
if share_to_all:
share_to_public(request, repo, permission)
send_perm_audit_msg('add-repo-perm', username, 'all', \
perm_repo_id, perm_path, permission)
for group in share_to_groups:
if share_to_group(request, repo, group, permission):
send_perm_audit_msg('add-repo-perm', username, group.id, \
perm_repo_id, perm_path, permission)
for email in share_to_users:
# Add email to contacts.
mail_sended.send(sender=None, user=request.user.username, email=email)
if share_to_user(request, repo, email, permission):
send_perm_audit_msg('add-repo-perm', username, email, \
perm_repo_id, perm_path, permission)
return HttpResponseRedirect(next)
def share_permission_admin(request):
"""Change repo share permission in ShareAdmin.
"""
share_type = request.GET.get('share_type', '')
content_type = 'application/json; charset=utf-8'
form = RepoShareForm(request.POST)
form.is_valid()
email_or_group = form.cleaned_data['email_or_group']
repo_id = form.cleaned_data['repo_id']
permission = form.cleaned_data['permission']
from_email = request.user.username
repo = seafile_api.get_repo(repo_id)
if not repo:
return render_error(request, _(u'Library does not exist'))
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
if share_type == 'personal':
if not is_valid_username(email_or_group):
return HttpResponse(json.dumps({'success': False}), status=400,
content_type=content_type)
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.org_set_share_permission(
org_id, repo_id, from_email, email_or_group, permission)
else:
seafile_api.set_share_permission(repo_id, from_email,
email_or_group, permission)
send_perm_audit_msg('modify-repo-perm', from_email, \
email_or_group, perm_repo_id, perm_path, permission)
except SearpcError:
return HttpResponse(json.dumps({'success': False}), status=500,
content_type=content_type)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
elif share_type == 'group':
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.set_org_group_repo_permission(
org_id, int(email_or_group), repo_id, permission)
else:
group_id = int(email_or_group)
seafile_api.set_group_repo_permission(group_id,
repo_id,
permission)
send_perm_audit_msg('modify-repo-perm', from_email, \
group_id, perm_repo_id, perm_path, permission)
except SearpcError:
return HttpResponse(json.dumps({'success': False}), status=500,
content_type=content_type)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
elif share_type == 'public':
try:
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.set_org_inner_pub_repo(
org_id, repo_id, permission)
else:
seafile_api.add_inner_pub_repo(repo_id, permission)
send_perm_audit_msg('modify-repo-perm', from_email, 'all', \
perm_repo_id, perm_path, permission)
except SearpcError:
return HttpResponse(json.dumps({'success': False}), status=500,
content_type=content_type)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
else:
return HttpResponse(json.dumps({'success': False}), status=400,
content_type=content_type)
def repo_remove_share(request):
"""
If repo is shared from one person to another person, only these two person
can remove share.
If repo is shared from one person to a group, then only the one share the
repo and group staff can remove share.
"""
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid', '')
from_email = request.GET.get('from', '')
perm = request.GET.get('permission', None)
if not is_valid_username(from_email) or perm is None:
return render_error(request, _(u'Argument is not valid'))
username = request.user.username
repo = seafile_api.get_repo(repo_id)
if not repo:
return render_error(request, _(u'Library does not exist'))
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
to_email = request.GET.get('to', '')
if not is_valid_username(to_email):
return render_error(request, _(u'Argument is not valid'))
if username != from_email and username != to_email:
return render_permission_error(request, _(u'Failed to remove share'))
if is_org_context(request):
org_id = request.user.org.org_id
org_remove_share(org_id, repo_id, from_email, to_email)
else:
seaserv.remove_share(repo_id, from_email, to_email)
send_perm_audit_msg('delete-repo-perm', from_email, to_email, \
perm_repo_id, perm_path, perm)
else:
try:
group_id = int(group_id)
except:
return render_error(request, _(u'group id is not valid'))
group = seaserv.get_group(group_id)
if not group:
return render_error(request, _(u"Failed to unshare: the group doesn't exist."))
if not seaserv.check_group_staff(group_id, username) \
and username != from_email:
return render_permission_error(request, _(u'Failed to remove share'))
if is_org_group(group_id):
org_id = get_org_id_by_group(group_id)
del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
send_perm_audit_msg('delete-repo-perm', from_email, group_id, \
perm_repo_id, perm_path, perm)
messages.success(request, _('Successfully removed share'))
next = request.META.get('HTTP_REFERER', SITE_ROOT)
return HttpResponseRedirect(next)
def share_repo(request):
"""
Handle POST method to share a repo to public/groups/users based on form
data. Return to ``myhome`` page and notify user whether success or failure.
"""
next = request.META.get('HTTP_REFERER', None)
if not next:
next = SITE_ROOT
form = RepoShareForm(request.POST)
if not form.is_valid():
# TODO: may display error msg on form
raise Http404
email_or_group = form.cleaned_data['email_or_group']
repo_id = form.cleaned_data['repo_id']
permission = form.cleaned_data['permission']
repo = seafile_api.get_repo(repo_id)
if not repo:
raise Http404
# Test whether user is the repo owner.
username = request.user.username
if not seafile_api.is_repo_owner(username, repo_id) and \
not is_org_repo_owner(username, repo_id):
msg = _(u'Only the owner of the library has permission to share it.')
messages.error(request, msg)
return HttpResponseRedirect(next)
# Parsing input values.
share_to_all, share_to_groups, share_to_users = False, [], []
user_groups = request.user.joined_groups
share_to_list = string2list(email_or_group)
for share_to in share_to_list:
if share_to == 'all':
share_to_all = True
elif share_to.find('@') == -1:
for user_group in user_groups:
if user_group.group_name == share_to:
share_to_groups.append(user_group)
else:
share_to = share_to.lower()
if is_valid_username(share_to):
share_to_users.append(share_to)
origin_repo_id, origin_path = get_origin_repo_info(repo.id)
if origin_repo_id is not None:
perm_repo_id = origin_repo_id
perm_path = origin_path
else:
perm_repo_id = repo.id
perm_path = '/'
if share_to_all:
share_to_public(request, repo, permission)
send_perm_audit_msg('add-repo-perm', username, 'all', \
perm_repo_id, perm_path, permission)
for group in share_to_groups:
if share_to_group(request, repo, group, permission):
send_perm_audit_msg('add-repo-perm', username, group.id, \
perm_repo_id, perm_path, permission)
for email in share_to_users:
# Add email to contacts.
mail_sended.send(sender=None, user=request.user.username, email=email)
if share_to_user(request, repo, email, permission):
send_perm_audit_msg('add-repo-perm', username, email, \
perm_repo_id, perm_path, permission)
return HttpResponseRedirect(next)