def get(self, request, org_id):
""" Get base info of a organization
Permission checking:
1. only admin can perform this action.
"""
if not (CLOUD_MODE and MULTI_TENANCY):
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
org_info = get_org_detailed_info(org)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response(org_info)
def get(self, request, org_id):
""" Get all groups in an org.
Permission checking:
1. only admin can perform this action.
"""
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
groups = ccnet_api.get_org_groups(org_id, -1, -1)
except Exception as e:
logger.error(e)
error_msg = "Internal Server Error"
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
groups_info = []
for group in groups:
groups_info.append(get_org_group_info(group))
return Response({'group_list': groups_info})
def get(self, request, org_id):
""" Get all users in an org.
Permission checking:
1. only admin can perform this action.
"""
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
result = []
org_users = ccnet_api.get_org_emailusers(org.url_prefix, -1, -1)
for org_user in org_users:
user_info = get_org_user_info(org_id, org_user.email)
user_info['active'] = org_user.is_active
result.append(user_info)
return Response({'users': result})
def get(self, request, org_id, email):
"""Get org user info
"""
# argument check
avatar_size = request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE)
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
err_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# permission check
if not ccnet_api.org_user_exists(org_id, email):
err_msg = _('User %s not found in organization.') % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# get user info
user_info = get_user_info(email, org_id)
avatar_url, is_default, date_uploaded = api_avatar_url(
email, avatar_size)
user_info['avatar_url'] = avatar_url
return Response(user_info)
def get_group_info(group_id, show_size=False):
group = ccnet_api.get_group(group_id)
isoformat_timestr = timestamp_to_isoformat_timestr(group.timestamp)
group_info = {
"id": group.id,
"name": group.group_name,
"owner": group.creator_name,
"owner_name": email2nickname(group.creator_name),
"created_at": isoformat_timestr,
"quota":
seafile_api.get_group_quota(group_id) if is_pro_version() else 0,
"parent_group_id": group.parent_group_id if is_pro_version() else 0
}
if ccnet_api.is_org_group(group_id):
org_id = ccnet_api.get_org_id_by_group(group_id)
group_info['org_id'] = org_id
if org_id:
org = ccnet_api.get_org_by_id(org_id)
if org:
group_info['org_name'] = org.org_name
if show_size:
owner = '%s@seafile_group' % group_id
workspace = Workspaces.objects.get_workspace_by_owner(owner)
if workspace:
repo = seafile_api.get_repo(workspace.repo_id)
group_info['size'] = repo.size
return group_info
def _check_org(org_id):
org_id = int(org_id)
org = ccnet_api.get_org_by_id(org_id) # todo: wrong
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg), None
return None, org
def get(self, request, org_id, email):
""" get base info of a org user
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.other_permission():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user_obj = User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
user_info = get_org_user_info(org_id, user_obj)
user_info['active'] = user_obj.is_active
return Response(user_info)
def get(self, request, org_id, group_id):
"""get org group info
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
group_id = int(group_id)
if get_org_id_by_group(group_id) != org_id:
error_msg = 'Group %s not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# main
group = ccnet_api.get_group(group_id)
group_info = {
"id": group.id,
"group_name": group.group_name,
"ctime": timestamp_to_isoformat_timestr(group.timestamp),
"creator_email": group.creator_name,
"creator_name": email2nickname(group.creator_name),
'creator_contact_email': email2contact_email(group.creator_name),
}
return Response(group_info)
def get(self, request, org_id):
""" Get base info of a organization
Permission checking:
1. only admin can perform this action.
"""
if not (CLOUD_MODE and MULTI_TENANCY):
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
org_info = get_org_info(org)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response(org_info)
def delete(self, request, org_id, email):
"""Remove an organization user
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
err_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# permission check
org = request.user.org
if not org_user_exists(org.org_id, user.username):
err_msg = 'User %s does not exist in the organization.' % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
user.delete()
unset_org_user(org.org_id, user.username)
return Response({'success': True})
def get(self, request, org_id, email):
""" get base info of a org user
Permission checking:
1. only admin can perform this action.
"""
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user_obj = User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
user_info = get_org_user_info(org_id, email)
user_info['active'] = user_obj.is_active
return Response(user_info)
def _decorated(view, request, org_id, email):
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
org = ccnet_api.get_org_by_id(org_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# resource check
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not is_org_user(email, org_id):
error_msg = 'User %s is not member of organization %s.' \
% (email, org.org_name)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
return func(view, request, org_id, email)
def delete(self, request, org_id, repo_id):
"""Remove an organization library
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not is_org_repo(org_id, repo_id):
error_msg = 'Library %s not in org %s.' % (repo_id, org_id)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
usernames = seaserv.get_related_users_by_org_repo(org_id, repo_id)
repo_owner = seafile_api.get_org_repo_owner(repo_id)
seafile_api.remove_repo(repo_id)
repo_deleted.send(sender=None,
operator=request.user.username,
org_id=org_id,
usernames=usernames,
repo_owner=repo_owner,
repo_id=repo_id,
repo_name=repo.name)
return Response({'success': True})
def org_associate(request, token):
"""Associate user with coresponding org.
Mainly used for new WeChat user on doc.seafile.com.
"""
username = request.user.username
# validate token
org_id = cache.get('org_associate_%s' % token, -1)
if org_id <= 0:
return render_error(request, _('Invalid token.'))
# get org info
org = ccnet_api.get_org_by_id(org_id)
if not org:
return render_error(request, 'Invalid org id')
# Log user in if he/she already belongs to any orgs.
orgs = ccnet_api.get_orgs_by_user(username)
if orgs:
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
# check org member quota
if ORG_MEMBER_QUOTA_ENABLED:
from seahub.organizations.models import OrgMemberQuota
org_members = len(
ccnet_api.get_org_users_by_url_prefix(org.url_prefix, -1, -1))
org_members_quota = OrgMemberQuota.objects.get_quota(org_id)
if org_members_quota is not None and org_members >= org_members_quota:
return render_error(request, 'Above quota')
set_org_user(org_id, username)
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL)
def _decorated(view, request, org_id, email):
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
org = ccnet_api.get_org_by_id(org_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# resource check
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not is_org_user(email, org_id):
error_msg = 'User %s is not member of organization %s.' \
% (email, org.org_name)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
return func(view, request, org_id, email)
def get(self, request, org_id):
""" Get all users in an org.
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.other_permission():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
result = []
org_users = ccnet_api.get_org_emailusers(org.url_prefix, -1, -1)
for org_user in org_users:
user_info = get_org_user_info(org_id, org_user)
user_info['active'] = org_user.is_active
result.append(user_info)
return Response({'users': result})
def get(self, request):
if not request.user.admin_permissions.can_view_statistic():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
month = request.GET.get("month", "")
if not month:
error_msg = "month invalid."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
month_obj = datetime.datetime.strptime(month, "%Y%m")
except Exception as e:
logger.error(e)
error_msg = "month %s invalid" % month
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '25'))
except ValueError:
page = 1
per_page = 25
start = (page - 1) * per_page
# get one more item than per_page, to judge has_next_page
try:
traffics = seafevents_api.get_all_orgs_traffic_by_month(month_obj, start, start + per_page + 1)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if len(traffics) == per_page + 1:
has_next_page = True
traffics = traffics[:per_page]
else:
has_next_page = False
org_monthly_traffic_list = []
for traffic in traffics:
info = {}
info['org_id'] = traffic['org_id']
org = ccnet_api.get_org_by_id(traffic['org_id'])
info['org_name'] = org.org_name if org else ''
info['sync_file_upload'] = traffic['sync_file_upload']
info['sync_file_download'] = traffic['sync_file_download']
info['web_file_upload'] = traffic['web_file_upload']
info['web_file_download'] = traffic['web_file_download']
info['link_file_upload'] = traffic['link_file_upload']
info['link_file_download'] = traffic['link_file_download']
org_monthly_traffic_list.append(info)
return Response({
'org_monthly_traffic_list': org_monthly_traffic_list,
'has_next_page': has_next_page,
})
def get(self, request, org_id, email):
"""Org admin list repos by shared to user
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
err_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# permission check
if not ccnet_api.org_user_exists(org_id, email):
err_msg = _('User %s not found in organization.') % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# list beshared repos
repo_info_list = list()
beshared_repos = seafile_api.get_org_share_in_repo_list(
org_id, email, -1, -1)
for r in beshared_repos:
owner_email = r.user
group_name = ''
is_group_owned_repo = False
if '@seafile_group' in owner_email:
is_group_owned_repo = True
group_id = get_group_id_by_repo_owner(owner_email)
group_name = group_id_to_name(group_id)
owner_name = group_name if is_group_owned_repo else \
email2nickname(owner_email)
owner_contact_email = '' if is_group_owned_repo else \
email2contact_email(owner_email)
repo_info = {
"repo_id": r.repo_id,
"repo_name": r.repo_name,
"last_modified": timestamp_to_isoformat_timestr(r.last_modify),
"modifier_email": r.last_modifier,
"owner_email": owner_email,
"owner_name": owner_name,
"owner_contact_email": owner_contact_email,
"size": r.size,
"encrypted": r.encrypted,
"permission": r.permission,
"status": normalize_repo_status_code(r.status),
}
repo_info_list.append(repo_info)
return Response({'repo_list': repo_info_list})
def get_dtable_info(dtable, include_deleted=False):
dtable_info = dtable.to_dict(include_deleted=include_deleted)
dtable_info['org_id'] = dtable.workspace.org_id
if dtable.workspace.org_id != -1:
org = ccnet_api.get_org_by_id(dtable.workspace.org_id)
if org:
dtable_info.update({
'org_name': org.org_name,
})
return dtable_info
def setUp(self):
org_name = randstring(6)
org_url_prefix = randstring(6)
tmp_user = self.create_user(email='%s@%s.com' %
(randstring(6), randstring(6)))
org_creator = tmp_user.username
org_id = ccnet_api.create_org(org_name, org_url_prefix, org_creator)
self.org = ccnet_api.get_org_by_id(org_id)
self.url = reverse('api-v2.1-admin-organization',
args=[self.org.org_id])
self.login_as(self.admin)
def get(self, request, org_id):
""" Get all groups in an org.
Permission checking:
1. only admin can perform this action.
"""
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
groups = ccnet_api.get_org_groups(org_id, -1, -1)
except Exception as e:
logger.error(e)
error_msg = "Internal Server Error"
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# Use dict to reduce memcache fetch cost in large for-loop.
nickname_dict = {}
contact_email_dict = {}
creator_name_set = set([g.creator_name for g in groups])
for e in creator_name_set:
if e not in nickname_dict:
nickname_dict[e] = email2nickname(e)
if e not in contact_email_dict:
contact_email_dict[e] = email2contact_email(e)
groups_info = []
for group in groups:
group_info = {}
group_info['group_name'] = group.group_name
group_info['creator_email'] = group.creator_name
group_info['creator_name'] = nickname_dict.get(
group.creator_name, '')
group_info['creator_contact_email'] = contact_email_dict.get(
group.creator_name, '')
group_info['created_at'] = timestamp_to_isoformat_timestr(
group.timestamp)
group_info[
'parent_group_id'] = group.parent_group_id if is_pro_version(
) else 0
group_info['group_id'] = group.id
groups_info.append(group_info)
return Response({'group_list': groups_info})
def get(self, request, org_id):
""" Get all repos in an org.
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.other_permission():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
repos = seafile_api.get_org_repo_list(org_id, -1, -1)
except Exception as e:
logger.error(e)
error_msg = "Internal Server Error"
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# Use dict to reduce memcache fetch cost in large for-loop.
repo_id_2_email_dict = {repo.id: seafile_api.get_org_repo_owner(repo.id) for repo in repos}
owner_email_set = set(repo_id_2_email_dict.values())
nickname_dict = {}
contact_email_dict = {}
for e in owner_email_set:
if e not in nickname_dict:
nickname_dict[e] = email2nickname(e)
if e not in contact_email_dict:
contact_email_dict[e] = email2contact_email(e)
repos_info = []
for repo in repos:
repo_info = {}
repo_info['repo_name'] = repo.repo_name
owner_email = repo_id_2_email_dict.get(repo.id, '')
repo_info['owner_email'] = owner_email
repo_info['owner_name'] = nickname_dict.get(owner_email, '')
repo_info['owner_contact_email'] = contact_email_dict.get(owner_email, '')
repo_info['repo_id'] = repo.id
repo_info['encrypted'] = repo.encrypted
repos_info.append(repo_info)
return Response({'repo_list': repos_info})
def get(self, request, org_id, group_id):
"""List child groups and members in an org address book group."""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
group_id = int(group_id)
if get_org_id_by_group(group_id) != org_id:
error_msg = 'Group %s not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
return SysAdminAddressBookGroup().get(request, group_id)
def delete(self, request, org_id, group_id, repo_id):
""" Delete a group owned library.
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
group_id = int(group_id)
if get_org_id_by_group(group_id) != org_id:
error_msg = 'Group %s not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
return SysAdminGroupOwnedLibrary().delete(request, group_id, repo_id)
def delete(self, request, token):
org_id = request.user.org.org_id
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
fs = FileShare.objects.get(token=token)
except FileShare.DoesNotExist:
error_msg = 'File share %s not found.' % token
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if len(OrgFileShare.objects.filter(org_id=org_id, file_share=fs)) > 0:
fs.delete()
return Response({'success': True})
def get(self, request, org_id, email):
"""Org admin list user owned repos
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
err_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# permission check
if not ccnet_api.org_user_exists(org_id, email):
err_msg = _('User %s not found in organization.') % email
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# list repos
repo_info_list = list()
owned_repos = seafile_api.get_org_owned_repo_list(org_id, email)
for r in owned_repos:
# do not return virtual repos
if r.is_virtual:
continue
repo_info = {
"repo_id": r.id,
"repo_name": r.name,
"owner_email": email,
"owner_name": email2nickname(email),
"owner_contact_email": email2contact_email(email),
"last_modified": timestamp_to_isoformat_timestr(r.last_modify),
"modifier_email": r.last_modifier,
"size": r.size,
"encrypted": r.encrypted,
"permission":
'rw', # Always have read-write permission to owned repo
"status": normalize_repo_status_code(r.status),
}
repo_info_list.append(repo_info)
return Response({'repo_list': repo_info_list})
def delete(self, request, org_id):
""" Delete an organization
Permission checking:
1. only admin can perform this action.
"""
if not MULTI_TENANCY:
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not request.user.admin_permissions.other_permission():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
# remove org users
users = ccnet_api.get_org_emailusers(org.url_prefix, -1, -1)
for u in users:
ccnet_api.remove_org_user(org_id, u.email)
User.objects.get(email=u.email).delete()
# remove org groups
groups = ccnet_api.get_org_groups(org_id, -1, -1)
for g in groups:
ccnet_api.remove_org_group(org_id, g.gid)
# remove org repos
seafile_api.remove_org_repo_by_org_id(org_id)
# remove org
ccnet_api.remove_org(org_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def remove_org(org_id):
org_id = int(org_id)
org = ccnet_api.get_org_by_id(org_id)
if org:
users = ccnet_api.get_org_emailusers(org.url_prefix, -1, -1)
for u in users:
ccnet_api.remove_org_user(org_id, u.email)
groups = ccnet_api.get_org_groups(org.org_id, -1, -1)
for g in groups:
ccnet_api.remove_org_group(org_id, g.gid)
# remove org repos
seafserv_threaded_rpc.remove_org_repo_by_org_id(org_id)
# remove org
ccnet_api.remove_org(org_id)
def get(self, request, org_id):
"""List organization group
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# Make sure page request is an int. If not, deliver first page.
try:
current_page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '25'))
except ValueError:
current_page = 1
per_page = 25
groups_plus_one = get_org_groups(org_id, per_page * (current_page - 1),
per_page + 1)
groups = groups_plus_one[:per_page]
groups_list = []
for i in groups:
group = {}
group['id'] = i.id
group['group_name'] = i.group_name
group['ctime'] = timestamp_to_isoformat_timestr(i.timestamp)
group['creator_name'] = email2nickname(i.creator_name)
group['creator_email'] = i.creator_name
group['creator_contact_email'] = email2contact_email(i.creator_name)
groups_list.append(group)
if len(groups_plus_one) == per_page + 1:
page_next = True
else:
page_next = False
return Response({
'groups': groups_list,
'page': current_page,
'per_page': per_page,
'page_next': page_next,
})
def delete(self, request, org_id):
""" Delete an organization
Permission checking:
1. only admin can perform this action.
"""
if not (CLOUD_MODE and MULTI_TENANCY):
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
# remove org users
users = ccnet_api.get_org_emailusers(org.url_prefix, -1, -1)
for u in users:
ccnet_api.remove_org_user(org_id, u.email)
# remove org groups
groups = ccnet_api.get_org_groups(org_id, -1, -1)
for g in groups:
ccnet_api.remove_org_group(org_id, g.gid)
# remove org repos
seafile_api.remove_org_repo_by_org_id(org_id)
# remove org
ccnet_api.remove_org(org_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def get(self, request, org_id, group_id, format=None):
""" List all group repos in an org group.
Permission checking:
1. only admin can perform this action.
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
group_id = int(group_id)
if get_org_id_by_group(group_id) != org_id:
error_msg = 'Group %s not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
return SysAdminGroupLibraries().get(request, group_id, format)
def put(self, request, org_id, group_id, email, format=None):
""" update role of a group member
Permission checking:
1. only admin can perform this action.
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
group_id = int(group_id)
if get_org_id_by_group(group_id) != org_id:
error_msg = 'Group %s not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
return SysAdminGroupMember().put(request, group_id, email, format)
def put(self, request, org_id, email):
""" Reset an organization user's password.
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not org_user_exists(org_id, user.username):
err_msg = 'User %s does not exist in the organization.' % user.username
return api_error(status.HTTP_404_NOT_FOUND, err_msg)
# Reset an organization user's password.
if isinstance(INIT_PASSWD, FunctionType):
new_password = INIT_PASSWD()
else:
new_password = INIT_PASSWD
user.set_password(new_password)
user.save()
# send password reset email
if IS_EMAIL_CONFIGURED:
if SEND_EMAIL_ON_RESETTING_USER_PASSWD:
send_to = user.username
profile = Profile.objects.get_profile_by_user(user.username)
if profile and profile.contact_email:
send_to = profile.contact_email
try:
send_user_reset_email(request, send_to, new_password)
except Exception as e:
logger.error(str(e))
return Response({'new_password': new_password})
def delete(self, request, org_id, email):
""" Delete an user from org
Permission checking:
1. only admin can perform this action.
"""
org = ccnet_api.get_org_by_id(org_id)
if org.creator == email:
error_msg = 'Failed to delete: %s is an organization creator.' % email
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
ccnet_api.remove_org_user(org_id, email)
User.objects.get(email=email).delete()
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def delete(self, request, org_id, email):
""" Delete an user from org
Permission checking:
1. only admin can perform this action.
"""
org = ccnet_api.get_org_by_id(org_id)
if org.creator == email:
error_msg = 'Failed to delete: %s is an organization creator.' % email
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
ccnet_api.remove_org_user(org_id, email)
User.objects.get(email=email).delete()
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def put(self, request, org_id, group_id):
""" Admin update a group
1. transfer a group.
2. set group quota
Permission checking:
1. Admin user;
"""
# resource check
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
group_id = int(group_id)
if get_org_id_by_group(group_id) != org_id:
error_msg = 'Group %s not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
return SysAdminGroup().put(request, group_id)
def post(self, request, org_id):
""" Add new user to org.
Permission checking:
1. only admin can perform this action.
"""
# argument check
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %d not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
email = request.POST.get('email', None)
if not email or not is_valid_email(email):
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
password = request.POST.get('password', None)
if not password:
error_msg = 'password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
active = request.POST.get('active', 'true')
active = active.lower()
if active not in ('true', 'false'):
error_msg = 'active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = active == 'true'
try:
User.objects.get(email=email)
user_exists = True
except User.DoesNotExist:
user_exists = False
if user_exists:
error_msg = 'User %s already exists.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# check user number limit by license
if user_number_over_limit():
error_msg = 'The number of users exceeds the limit.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# check user number limit by org member quota
org_members = len(ccnet_api.get_org_emailusers(org.url_prefix, -1, -1))
if ORG_MEMBER_QUOTA_ENABLED:
from seahub_extra.organizations.models import OrgMemberQuota
org_members_quota = OrgMemberQuota.objects.get_quota(org_id)
if org_members_quota is not None and org_members >= org_members_quota:
error_msg = 'Failed. You can only invite %d members.' % org_members_quota
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# create user
try:
User.objects.create_user(email, password, is_staff=False,
is_active=is_active)
except User.DoesNotExist as e:
logger.error(e)
error_msg = 'Fail to add user %s.' % email
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# add user to org
# set `is_staff` parameter as `0`
try:
ccnet_api.add_org_user(org_id, email, 0)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
name = request.POST.get('name', None)
if name:
Profile.objects.add_or_update(email, name)
if config.FORCE_PASSWORD_CHANGE:
UserOptions.objects.set_force_passwd_change(email)
user_info = get_org_user_info(org_id, email)
user_info['active'] = is_active
return Response(user_info)
def put(self, request, org_id):
""" Update base info of a organization
Permission checking:
1. only admin can perform this action.
"""
if not (CLOUD_MODE and MULTI_TENANCY):
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# update org name
new_name = request.data.get('org_name', None)
if new_name:
try:
ccnet_api.set_org_name(org_id, new_name)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# update org max user number
max_user_number = request.data.get('max_user_number', None)
if max_user_number and ORG_MEMBER_QUOTA_ENABLED:
try:
max_user_number = int(max_user_number)
except ValueError:
error_msg = 'max_user_number invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if max_user_number <= 0:
error_msg = 'max_user_number invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
OrgMemberQuota.objects.set_quota(org_id, max_user_number)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
quota_mb = request.data.get('quota', None)
if quota_mb:
try:
quota_mb = int(quota_mb)
except ValueError:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_mb < 0:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota = quota_mb * get_file_size_unit('MB')
try:
seafile_api.set_org_quota(org_id, quota)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
role = request.data.get('role', None)
if role:
if role not in get_available_roles():
error_msg = 'Role %s invalid.' % role
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
OrgSettings.objects.add_or_update(org, role)
org = ccnet_api.get_org_by_id(org_id)
org_info = get_org_info(org)
return Response(org_info)
