def get_file_info(self, username, repo_id, file_path): repo = seafile_api.get_repo(repo_id) file_obj = seafile_api.get_dirent_by_path(repo_id, file_path) file_name = file_obj.obj_name file_size = file_obj.size can_preview, error_msg = can_preview_file(file_name, file_size, repo) can_edit, error_msg = can_edit_file(file_name, file_size, repo) try: is_locked, locked_by_me = check_file_lock(repo_id, file_path, username) except Exception as e: logger.error(e) is_locked = False file_info = { 'type': 'file', 'repo_id': repo_id, 'parent_dir': os.path.dirname(file_path), 'obj_name': file_name, 'obj_id': file_obj.obj_id, 'size': file_size, 'mtime': timestamp_to_isoformat_timestr(file_obj.mtime), 'is_locked': is_locked, 'can_preview': can_preview, 'can_edit': can_edit, } return file_info
def get_file_info(self, username, repo_id, file_path): repo = seafile_api.get_repo(repo_id) file_obj = seafile_api.get_dirent_by_path(repo_id, file_path) file_name = file_obj.obj_name file_size = file_obj.size can_preview, error_msg = can_preview_file(file_name, file_size, repo) can_edit, error_msg = can_edit_file(file_name, file_size, repo) try: is_locked, locked_by_me = check_file_lock(repo_id, file_path, username) except Exception as e: logger.error(e) is_locked = False file_info = { 'type': 'file', 'repo_id': repo_id, 'parent_dir': os.path.dirname(file_path), 'obj_name': file_name, 'obj_id': file_obj.obj_id, 'size': file_size, 'mtime': timestamp_to_isoformat_timestr(file_obj.mtime), 'is_locked': is_locked, 'can_preview': can_preview, 'can_edit': can_edit, } return file_info
def get_share_link_info(fileshare): data = {} token = fileshare.token repo_id = fileshare.repo_id try: repo = seafile_api.get_repo(repo_id) except Exception as e: logger.error(e) repo = None path = fileshare.path if path: obj_name = '/' if path == '/' else os.path.basename(path.rstrip('/')) else: obj_name = '' if fileshare.expire_date: expire_date = datetime_to_isoformat_timestr(fileshare.expire_date) else: expire_date = '' if fileshare.ctime: ctime = datetime_to_isoformat_timestr(fileshare.ctime) else: ctime = '' data['username'] = fileshare.username data['repo_id'] = repo_id data['repo_name'] = repo.repo_name if repo else '' data['path'] = path data['obj_name'] = obj_name data['is_dir'] = True if fileshare.s_type == 'd' else False data['token'] = token data['link'] = gen_shared_link(token, fileshare.s_type) data['view_cnt'] = fileshare.view_cnt data['ctime'] = ctime data['expire_date'] = expire_date data['is_expired'] = fileshare.is_expired() data['permissions'] = fileshare.get_permissions() data['can_edit'] = False if repo and path != '/' and not data['is_dir']: dirent = seafile_api.get_dirent_by_path(repo_id, path) if dirent: try: can_edit, error_msg = can_edit_file(obj_name, dirent.size, repo) data['can_edit'] = can_edit except Exception as e: logger.error(e) else: data['can_edit'] = False return data
def can_edit_in_normal_repo_exceeded_size(self, file_name): if file_name.endswith('.doc') or file_name.endswith('.docx'): file_size = self.exceeded_office_file_size else: file_size = self.exceeded_file_size can_edit, error_msg = can_edit_file(file_name, file_size, self.repo) return can_edit
def can_edit_in_encrypted_repo_normal_size(self, file_name): if file_name.endswith('.doc') or file_name.endswith('.docx'): file_size = self.office_file_size else: file_size = self.file_size can_edit, error_msg = can_edit_file(file_name, file_size, self.encrypted_repo) return can_edit
def put(self, request, token): """ Update share link, currently only available for permission. Permission checking: share link creater """ # argument check try: perm = check_permissions_arg(request) except Exception: error_msg = 'permissions invalud.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check try: fs = FileShare.objects.get(token=token) except FileShare.DoesNotExist: error_msg = 'token %s not found.' % token return api_error(status.HTTP_404_NOT_FOUND, error_msg) repo_id = fs.repo_id repo = seafile_api.get_repo(repo_id) if not repo_id: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) if fs.path != '/': dirent = seafile_api.get_dirent_by_path(repo_id, fs.path) if not dirent: error_msg = 'Dirent %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check username = request.user.username if not fs.is_owner(username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # get permission of origin repo/folder if fs.s_type == 'd': folder_path = normalize_dir_path(fs.path) else: file_path = normalize_file_path(fs.path) folder_path = os.path.dirname(file_path) username = request.user.username repo_folder_permission = seafile_api.check_permission_by_path(repo_id, folder_path, username) if not repo_folder_permission: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if repo_folder_permission in (PERMISSION_PREVIEW_EDIT, PERMISSION_PREVIEW) \ and perm != FileShare.PERM_VIEW_ONLY: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if repo_folder_permission in (PERMISSION_READ) \ and perm not in (FileShare.PERM_VIEW_DL, FileShare.PERM_VIEW_ONLY): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if fs.s_type == 'f': file_name = os.path.basename(fs.path.rstrip('/')) can_edit, error_msg = can_edit_file(file_name, dirent.size, repo) if not can_edit and perm in (FileShare.PERM_EDIT_DL, FileShare.PERM_EDIT_ONLY): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # update share link permission fs.permission = perm fs.save() link_info = get_share_link_info(fs) return Response(link_info)
def post(self, request): """ Create share link. Permission checking: 1. default(NOT guest) user; """ # argument check repo_id = request.data.get('repo_id', None) if not repo_id: error_msg = 'repo_id invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) path = request.data.get('path', None) if not path: error_msg = 'path invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) password = request.data.get('password', None) if password and len(password) < config.SHARE_LINK_PASSWORD_MIN_LENGTH: error_msg = _('Password is too short.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) expire_days = request.data.get('expire_days', '') expiration_time = request.data.get('expiration_time', '') if expire_days and expiration_time: error_msg = 'Can not pass expire_days and expiration_time at the same time.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) expire_date = None if expire_days: try: expire_days = int(expire_days) except ValueError: error_msg = 'expire_days invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if expire_days <= 0: error_msg = 'expire_days invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if SHARE_LINK_EXPIRE_DAYS_MIN > 0: if expire_days < SHARE_LINK_EXPIRE_DAYS_MIN: error_msg = _('Expire days should be greater or equal to %s') % \ SHARE_LINK_EXPIRE_DAYS_MIN return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if SHARE_LINK_EXPIRE_DAYS_MAX > 0: if expire_days > SHARE_LINK_EXPIRE_DAYS_MAX: error_msg = _('Expire days should be less than or equal to %s') % \ SHARE_LINK_EXPIRE_DAYS_MAX return api_error(status.HTTP_400_BAD_REQUEST, error_msg) expire_date = timezone.now() + relativedelta(days=expire_days) elif expiration_time: try: expire_date = dateutil.parser.isoparse(expiration_time) except Exception as e: logger.error(e) error_msg = 'expiration_time invalid, should be iso format, for example: 2020-05-17T10:26:22+08:00' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) expire_date = expire_date.astimezone(get_current_timezone()).replace(tzinfo=None) if SHARE_LINK_EXPIRE_DAYS_MIN > 0: expire_date_min_limit = timezone.now() + relativedelta(days=SHARE_LINK_EXPIRE_DAYS_MIN) expire_date_min_limit = expire_date_min_limit.replace(hour=0).replace(minute=0).replace(second=0) if expire_date < expire_date_min_limit: error_msg = _('Expiration time should be later than %s.') % \ expire_date_min_limit.strftime("%Y-%m-%d %H:%M:%S") return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if SHARE_LINK_EXPIRE_DAYS_MAX > 0: expire_date_max_limit = timezone.now() + relativedelta(days=SHARE_LINK_EXPIRE_DAYS_MAX) expire_date_max_limit = expire_date_max_limit.replace(hour=23).replace(minute=59).replace(second=59) if expire_date > expire_date_max_limit: error_msg = _('Expiration time should be earlier than %s.') % \ expire_date_max_limit.strftime("%Y-%m-%d %H:%M:%S") return api_error(status.HTTP_400_BAD_REQUEST, error_msg) else: if SHARE_LINK_EXPIRE_DAYS_DEFAULT > 0: expire_date = timezone.now() + relativedelta(days=SHARE_LINK_EXPIRE_DAYS_DEFAULT) try: perm = check_permissions_arg(request) except Exception: error_msg = 'permissions invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) if path != '/': dirent = seafile_api.get_dirent_by_path(repo_id, path) if not dirent: error_msg = 'Dirent %s not found.' % path return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check if repo.encrypted: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username repo_folder_permission = seafile_api.check_permission_by_path(repo_id, path, username) if parse_repo_perm(repo_folder_permission).can_generate_share_link is False: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if repo_folder_permission in (PERMISSION_PREVIEW_EDIT, PERMISSION_PREVIEW) \ and perm != FileShare.PERM_VIEW_ONLY: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if repo_folder_permission in (PERMISSION_READ) \ and perm not in (FileShare.PERM_VIEW_DL, FileShare.PERM_VIEW_ONLY): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # can_upload requires rw repo permission if perm == FileShare.PERM_VIEW_DL_UPLOAD and \ repo_folder_permission != PERMISSION_READ_WRITE: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if path != '/': s_type = 'd' if stat.S_ISDIR(dirent.mode) else 'f' if s_type == 'f': file_name = os.path.basename(path.rstrip('/')) can_edit, error_msg = can_edit_file(file_name, dirent.size, repo) if not can_edit and perm in (FileShare.PERM_EDIT_DL, FileShare.PERM_EDIT_ONLY): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) else: s_type = 'd' # create share link org_id = request.user.org.org_id if is_org_context(request) else None if s_type == 'f': fs = FileShare.objects.get_file_link_by_path(username, repo_id, path) if fs: error_msg = _('Share link %s already exists.' % fs.token) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) fs = FileShare.objects.create_file_link(username, repo_id, path, password, expire_date, permission=perm, org_id=org_id) elif s_type == 'd': fs = FileShare.objects.get_dir_link_by_path(username, repo_id, path) if fs: error_msg = _('Share link %s already exists.' % fs.token) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) fs = FileShare.objects.create_dir_link(username, repo_id, path, password, expire_date, permission=perm, org_id=org_id) link_info = get_share_link_info(fs) return Response(link_info)
def post(self, request): """ Create share link. Permission checking: 1. default(NOT guest) user; """ # argument check repo_id = request.data.get('repo_id', None) if not repo_id: error_msg = 'repo_id invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) path = request.data.get('path', None) if not path: error_msg = 'path invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) password = request.data.get('password', None) if password and len(password) < config.SHARE_LINK_PASSWORD_MIN_LENGTH: error_msg = _('Password is too short.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: expire_days = int(request.data.get('expire_days', 0)) except ValueError: error_msg = 'expire_days invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if expire_days <= 0: if SHARE_LINK_EXPIRE_DAYS_DEFAULT > 0: expire_days = SHARE_LINK_EXPIRE_DAYS_DEFAULT if SHARE_LINK_EXPIRE_DAYS_MIN > 0: if expire_days < SHARE_LINK_EXPIRE_DAYS_MIN: error_msg = _('Expire days should be greater or equal to %s') % \ SHARE_LINK_EXPIRE_DAYS_MIN return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if SHARE_LINK_EXPIRE_DAYS_MAX > 0: if expire_days > SHARE_LINK_EXPIRE_DAYS_MAX: error_msg = _('Expire days should be less than or equal to %s') % \ SHARE_LINK_EXPIRE_DAYS_MAX return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if expire_days <= 0: expire_date = None else: expire_date = timezone.now() + relativedelta(days=expire_days) try: perm = check_permissions_arg(request) except Exception: error_msg = 'permissions invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) if path != '/': dirent = seafile_api.get_dirent_by_path(repo_id, path) if not dirent: error_msg = 'Dirent %s not found.' % path return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check if repo.encrypted: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username repo_folder_permission = seafile_api.check_permission_by_path( repo_id, path, username) if parse_repo_perm( repo_folder_permission).can_generate_share_link is False: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if repo_folder_permission in (PERMISSION_PREVIEW_EDIT, PERMISSION_PREVIEW) \ and perm != FileShare.PERM_VIEW_ONLY: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if repo_folder_permission in (PERMISSION_READ) \ and perm not in (FileShare.PERM_VIEW_DL, FileShare.PERM_VIEW_ONLY): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if path != '/': s_type = 'd' if stat.S_ISDIR(dirent.mode) else 'f' if s_type == 'f': file_name = os.path.basename(path.rstrip('/')) can_edit, error_msg = can_edit_file(file_name, dirent.size, repo) if not can_edit and perm in (FileShare.PERM_EDIT_DL, FileShare.PERM_EDIT_ONLY): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) else: s_type = 'd' # create share link org_id = request.user.org.org_id if is_org_context(request) else None if s_type == 'f': fs = FileShare.objects.get_file_link_by_path( username, repo_id, path) if fs: error_msg = _('Share link %s already exists.' % fs.token) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) fs = FileShare.objects.create_file_link(username, repo_id, path, password, expire_date, permission=perm, org_id=org_id) elif s_type == 'd': fs = FileShare.objects.get_dir_link_by_path( username, repo_id, path) if fs: error_msg = _('Share link %s already exists.' % fs.token) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) fs = FileShare.objects.create_dir_link(username, repo_id, path, password, expire_date, permission=perm, org_id=org_id) link_info = get_share_link_info(fs) return Response(link_info)