def share_dir_to_user(repo, path, owner, share_from, share_to, permission, org_id=None): # Share repo or subdir to user with permission(r, rw, admin). extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if is_valid_org_id(org_id): if path == '/': seaserv.seafserv_threaded_rpc.org_add_share(org_id, repo.repo_id, owner, share_to, permission) else: seafile_api.org_share_subdir_to_user(org_id, repo.repo_id, path, owner, share_to, permission) else: if path == '/': seafile_api.share_repo(repo.repo_id, owner, share_to, permission) else: seafile_api.share_subdir_to_user(repo.repo_id, path, owner, share_to, permission) if path == '/' and extra_share_permission == PERMISSION_ADMIN: ExtraSharePermission.objects.create_share_permission(repo.repo_id, share_to, extra_share_permission)
def update_group_dir_permission(repo_id, path, owner, gid, permission, org_id=None): # Update the group's permission(r, rw, admin) in the repo or subdir. extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if is_valid_org_id(org_id): if path == '/': seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, repo_id, permission) else: seafile_api.org_update_share_subdir_perm_for_group( org_id, repo_id, path, owner, gid, permission) else: if path == '/': seafile_api.set_group_repo_permission(gid, repo_id, permission) else: seafile_api.update_share_subdir_perm_for_group( repo_id, path, owner, gid, permission) # update extra share permission if updated is repo if path == '/': ExtraGroupsSharePermission.objects.update_share_permission(repo_id, gid, extra_share_permission)
def share_dir_to_group(repo, path, owner, share_from, gid, permission, org_id=None): # Share repo or subdir to group with permission(r, rw, admin). extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if is_valid_org_id(org_id): if path == '/': seafile_api.add_org_group_repo(repo.repo_id, org_id, gid, owner, permission) else: seafile_api.org_share_subdir_to_group(org_id, repo.repo_id, path, owner, gid, permission) else: if path == '/': seafile_api.set_group_repo(repo.repo_id, gid, owner, permission) else: seafile_api.share_subdir_to_group(repo.repo_id, path, owner, gid, permission) # add share permission if between is admin and is extra permission. if path == '/' and extra_share_permission == PERMISSION_ADMIN: ExtraGroupsSharePermission.objects.create_share_permission(repo.repo_id, gid, extra_share_permission)
def _add_file_share(self, username, repo_id, path, s_type, password=None, expire_date=None, permission='view_download', org_id=None): if password is not None: password_enc = make_password(password) else: password_enc = None token = gen_token(max_length=config.SHARE_LINK_TOKEN_LENGTH) fs = super(FileShareManager, self).create(username=username, repo_id=repo_id, path=path, token=token, s_type=s_type, password=password_enc, expire_date=expire_date, permission=permission) fs.save() if is_valid_org_id(org_id): OrgFileShare.objects.set_org_file_share(org_id, fs) return fs
def update_user_dir_permission(repo_id, path, owner, share_to, permission, org_id=None): # Update the user's permission(r, rw, admin) in the repo or subdir. extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if is_valid_org_id(org_id): if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, owner, share_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, owner, share_to, permission) else: if path == '/': seafile_api.set_share_permission( repo_id, owner, share_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, owner, share_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission(repo_id, share_to, extra_share_permission)
def add_group_owned_repo(self, group_id, repo_name, password, permission, storage_id=None, org_id=None): if is_valid_org_id(org_id): return seafile_api.org_add_group_owned_repo( org_id, group_id, repo_name, password, permission) else: return seafile_api.add_group_owned_repo( group_id, repo_name, password, permission, storage_id=storage_id)
def delete_shared_group_by_repo_path(self, repo_id, repo_owner, group_id, path='/', org_id=None): if is_valid_org_id(org_id): if path == '/': seafile_api.del_org_group_repo(repo_id, org_id, group_id) else: seafile_api.org_unshare_subdir_for_group( org_id, repo_id, path, repo_owner, group_id) else: if path == '/': seafile_api.unset_group_repo(repo_id, group_id, repo_owner) else: seafile_api.unshare_subdir_for_group( repo_id, path, repo_owner, group_id)
def get_shared_groups_by_repo_path(self, repo_id, repo_owner, path='/', org_id=None): if is_valid_org_id(org_id): if path == '/': return seafile_api.list_org_repo_shared_group( org_id, repo_owner, repo_id) else: return seafile_api.get_org_shared_groups_for_subdir( org_id, repo_id, path, repo_owner) else: if path == '/': return seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) else: return seafile_api.get_shared_groups_for_subdir( repo_id, path, repo_owner)
def add_group_owned_repo(self, group_id, repo_name, password, permission, storage_id=None, org_id=None): if is_valid_org_id(org_id): return seafile_api.org_add_group_owned_repo( org_id, group_id, repo_name, permission, password) else: return seafile_api.add_group_owned_repo(group_id, repo_name, permission, password, storage_id=storage_id)
def delete_shared_user_by_repo_path(self, repo_id, repo_owner, to_user, path='/', org_id=None): """ """ if is_valid_org_id(org_id): if path == '/': return seafile_api.org_remove_share(org_id, repo_id, repo_owner, to_user) else: return seafile_api.org_unshare_subdir_for_user( org_id, repo_id, path, repo_owner, to_user) else: if path == '/': return seafile_api.remove_share(repo_id, repo_owner, to_user) else: return seafile_api.unshare_subdir_for_user( repo_id, path, repo_owner, to_user)
def delete_shared_group_by_repo_path(self, repo_id, repo_owner, group_id, path='/', org_id=None): if is_valid_org_id(org_id): if path == '/': seafile_api.del_org_group_repo(repo_id, org_id, group_id) else: seafile_api.org_unshare_subdir_for_group( org_id, repo_id, path, repo_owner, group_id) else: if path == '/': seafile_api.unset_group_repo(repo_id, group_id, repo_owner) else: seafile_api.unshare_subdir_for_group(repo_id, path, repo_owner, group_id)
def has_shared_to_user(repo_id, path, username, org_id=None): if is_valid_org_id(org_id): # when calling seafile API to share authority related functions, change the uesrname to repo owner. repo_owner = seafile_api.get_org_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_org_repo_shared_to( org_id, repo_owner, repo_id) else: share_items = seafile_api.get_org_shared_users_for_subdir( org_id, repo_id, path, repo_owner) else: repo_owner = seafile_api.get_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id) else: share_items = seafile_api.get_shared_users_for_subdir( repo_id, path, repo_owner) return username in [item.user for item in share_items]
def add_group_owned_repo(self, group_id, repo_name, password, permission, storage_id=None, org_id=None): if is_valid_org_id(org_id): return seafile_api.org_add_group_owned_repo( org_id, group_id, repo_name, permission, password, ENCRYPTED_LIBRARY_VERSION) else: return seafile_api.add_group_owned_repo( group_id, repo_name, permission, password, enc_version=ENCRYPTED_LIBRARY_VERSION, storage_id=storage_id)
def has_shared_to_group(repo_id, path, gid, org_id=None): if is_valid_org_id(org_id): # when calling seafile API to share authority related functions, change the uesrname to repo owner. repo_owner = seafile_api.get_org_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_org_repo_shared_group(org_id, repo_owner, repo_id) else: share_items = seafile_api.get_org_shared_groups_for_subdir(org_id, repo_id, path, repo_owner) else: repo_owner = seafile_api.get_repo_owner(repo_id) if path == '/': share_items = seafile_api.list_repo_shared_group_by_user(repo_owner, repo_id) else: share_items = seafile_api.get_shared_groups_for_subdir(repo_id, path, repo_owner) return gid in [item.group_id for item in share_items]
def get_shared_users_by_repo_path(self, repo_id, repo_owner, path='/', org_id=None): """ Get user list this repo/folder is shared to. Return: a list of SharedUser objects (lib/repo.vala) """ if is_valid_org_id(org_id): if path == '/': return seafile_api.list_org_repo_shared_to( org_id, repo_owner, repo_id) else: return seafile_api.get_org_shared_users_for_subdir( org_id, repo_id, path, repo_owner) else: if path == '/': return seafile_api.list_repo_shared_to(repo_owner, repo_id) else: return seafile_api.get_shared_users_for_subdir( repo_id, path, repo_owner)
def _add_file_share(self, username, repo_id, path, s_type, password=None, expire_date=None, permission='view_download', org_id=None): if password is not None: password_enc = make_password(password) else: password_enc = None token = gen_token(max_length=config.SHARE_LINK_TOKEN_LENGTH) fs = super(FileShareManager, self).create( username=username, repo_id=repo_id, path=path, token=token, s_type=s_type, password=password_enc, expire_date=expire_date, permission=permission) fs.save() if is_valid_org_id(org_id): OrgFileShare.objects.set_org_file_share(org_id, fs) return fs
def post(self, request, repo_id, org_id): """ Share repo to users. Permission checking: 1. is group admin """ # parameter check permission = request.data.get('permission', PERMISSION_READ) if permission not in [PERMISSION_READ, PERMISSION_READ_WRITE]: error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) repo_owner = get_repo_owner(request, repo_id) group_id = get_group_id_by_repo_owner(repo_owner) if not ccnet_api.get_group(group_id): error_msg = 'Group %s not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) path = request.data.get('path', '/') if not seafile_api.get_dir_id_by_path(repo_id, path): error_msg = 'Folder %s not found.' % path return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check username = request.user.username if not is_group_admin(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # share repo to user result = {} result['failed'] = [] result['success'] = [] share_to_users = request.data.getlist('username') for to_user in share_to_users: to_user = to_user.strip() if not is_valid_username(to_user): result['failed'].append({ 'email': to_user, 'error_msg': _(u'username invalid.') }) continue try: User.objects.get(email=to_user) except User.DoesNotExist: result['failed'].append({ 'email': to_user, 'error_msg': _(u'User %s not found.') % to_user }) continue if self.has_shared_to_user(request, repo_id, path, to_user): result['failed'].append({ 'email': to_user, 'error_msg': _(u'This item has been shared to %s.') % to_user }) continue if is_valid_org_id(org_id): if not is_org_user(to_user, org_id): org_name = request.user.org.org_name error_msg = 'User %s is not member of organization %s.' \ % (to_user, org_name) result['failed'].append({ 'email': to_user, 'error_msg': error_msg }) continue else: if is_org_user(to_user): error_msg = 'User %s is a member of organization.' % to_user result['failed'].append({ 'email': to_user, 'error_msg': error_msg }) continue share_dir_to_user(repo, path, repo_owner, username, to_user, permission, org_id) result['success'].append({ "user_email": to_user, "user_name": email2nickname(to_user), "user_contact_email": email2contact_email(to_user), "permission": permission, }) # send a signal when sharing repo successful share_repo_to_user_successful.send(sender=None, from_user=username, to_user=to_user, repo=repo, path=path, org_id=org_id) send_perm_audit_msg('add-repo-perm', username, to_user, repo_id, path, permission) return Response(result)
def delete_group_owned_repo(self, group_id, repo_id, org_id=None): if is_valid_org_id(org_id): return seafile_api.org_delete_group_owned_repo(org_id, group_id, repo_id) else: return seafile_api.delete_group_owned_repo(group_id, repo_id)
def delete_group_owned_repo(self, group_id, repo_id, org_id=None): if is_valid_org_id(org_id): return seafile_api.org_delete_group_owned_repo( org_id, group_id, repo_id) else: return seafile_api.delete_group_owned_repo(group_id, repo_id)